last executing test programs:

8.774268504s ago: executing program 3 (id=387):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mremap(&(0x7f00005fd000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f00000b1000/0x2000)=nil)
syz_usb_connect(0x2, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xcc, 0x2c, 0xdf, 0x40, 0x763, 0x2030, 0x7979, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x5f, 0x65, 0x60, 0x70, [{{0x9, 0x4, 0x1, 0x8, 0x0, 0xff, 0xa2, 0x7d, 0x9}}]}}]}}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
sched_setscheduler(0x0, 0x2, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdcf, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0xfffffbfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62, 0x8, 0xfffffde8, 0x0}}, 0x1f)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
syz_usb_connect$hid(0x5, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="12011801000000405804155000000000000109022d00010000000909040004010300000009210400040122070009058103"], 0x0)

8.667640376s ago: executing program 2 (id=390):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r3}, &(0x7f00000001c0), &(0x7f0000000240)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a8, 0x0, 0x111, 0x4b4, 0x0, 0x700, 0x2d8, 0x278, 0x278, 0x2d8, 0x278, 0x3, 0x0, {[{{@ipv6={@mcast2, @empty, [], [], 'vlan0\x00', 'team_slave_0\x00', {}, {}, 0x88}, 0x0, 0x128, 0x190, 0x0, {0x9001}, [@common=@inet=@multiport={{0x50}}, @common=@unspec=@connmark={{0x30}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1, [], [], 'geneve1\x00', 'erspan0\x00'}, 0x0, 0xe0, 0x148, 0x0, {}, [@common=@unspec=@statistic={{0x38}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x408)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)

8.247227182s ago: executing program 1 (id=394):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mremap(&(0x7f00005fd000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f00000b1000/0x2000)=nil)
syz_usb_connect(0x2, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xcc, 0x2c, 0xdf, 0x40, 0x763, 0x2030, 0x7979, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x5f, 0x65, 0x60, 0x70, [{{0x9, 0x4, 0x1, 0x8, 0x0, 0xff, 0xa2, 0x7d, 0x9}}]}}]}}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
sched_setscheduler(0x0, 0x2, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdcf, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0xfffffbfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62, 0x8, 0xfffffde8, 0x0}}, 0x1f)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
syz_usb_connect$hid(0x5, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="12011801000000405804155000000000000109022d00010000000909040004010300000009210400040122070009058103"], 0x0)

8.123131434s ago: executing program 2 (id=396):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b43706192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x10001, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x2}}}, 0x104)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108)
r2 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2a, &(0x7f0000000080)={0x20, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x108)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCXONC(r3, 0x4b3a, 0x4000000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=ANY=[@ANYBLOB="440100001a00ffff2abd700000000000ff02000000000000000000000000000100000000000000000000000000000001000000004e240000000020a000000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="fc010000000000000000000000000001000004d46c000000fc010000000000000000000000000000000000000100000000000000000000000000000000000000fdffffffffffffffff07000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a6000000000000", @ANYBLOB], 0x144}, 0x1, 0x0, 0x0, 0x41}, 0x0)
clock_gettime(0x0, &(0x7f00000071c0)={<r8=>0x0, <r9=>0x0})
recvmmsg(0xffffffffffffffff, &(0x7f0000006f40)=[{{&(0x7f00000004c0)=@in6={0xa, 0x0, 0x0, @mcast2}, 0x80, &(0x7f0000000580)=[{&(0x7f00000001c0)=""/59, 0x3b}, {&(0x7f0000000340)=""/31, 0x1f}, {&(0x7f0000000640)=""/243, 0xf3}, {&(0x7f0000000540)=""/60, 0x3c}, {&(0x7f0000000740)=""/157, 0x9d}, {&(0x7f0000000800)=""/163, 0xa3}, {&(0x7f00000008c0)=""/254, 0xfe}], 0x7}, 0x3}, {{&(0x7f00000009c0), 0x80, &(0x7f0000000d00)=[{&(0x7f0000000a40)=""/3, 0x3}, {&(0x7f0000000a80)=""/215, 0xd7}, {&(0x7f0000000b80)=""/75, 0x4b}, {&(0x7f0000000c00)=""/59, 0x3b}, {&(0x7f0000000c40)=""/82, 0x52}, {&(0x7f0000000cc0)=""/34, 0x22}], 0x6}, 0x800}, {{&(0x7f0000000d80)=@hci, 0x80, &(0x7f0000001280)=[{&(0x7f0000000e00)=""/160, 0xa0}, {&(0x7f0000000ec0)=""/104, 0x68}, {&(0x7f0000000f40)=""/84, 0x54}, {&(0x7f0000000fc0)=""/67, 0x43}, {&(0x7f0000001ac0)=""/4096, 0x1000}, {&(0x7f0000001040)=""/52, 0x34}, {&(0x7f0000001080)=""/227, 0xe3}, {&(0x7f0000001180)=""/167, 0xa7}, {&(0x7f0000001240)=""/61, 0x3d}], 0x9, &(0x7f0000001340)=""/250, 0xfa}, 0x6}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001440)=""/202, 0xca}, {&(0x7f0000001540)=""/4, 0x4}, {&(0x7f0000001580)=""/102, 0x66}, {&(0x7f0000001600)=""/94, 0x5e}, {&(0x7f0000001680)=""/30, 0x1e}, {&(0x7f00000016c0)=""/246, 0xf6}], 0x6, &(0x7f0000001840)}, 0xb}, {{&(0x7f0000001880)=@qipcrtr, 0x80, &(0x7f0000001a40)=[{&(0x7f0000001900)=""/219, 0xdb}, {&(0x7f0000001a00)=""/31, 0x1f}, {&(0x7f0000002ac0)=""/236, 0xec}], 0x3, &(0x7f0000002bc0)=""/126, 0x7e}, 0x3c3e}, {{0x0, 0x0, &(0x7f0000002c80)=[{&(0x7f0000002c40)=""/24, 0x18}], 0x1, &(0x7f0000002cc0)=""/4096, 0x1000}, 0x2}, {{&(0x7f0000003cc0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, 0x80, &(0x7f0000005240)=[{&(0x7f0000003d40)=""/209, 0xd1}, {&(0x7f0000003e40)=""/210, 0xd2}, {&(0x7f0000003f40)=""/1, 0x1}, {&(0x7f0000003f80)=""/196, 0xc4}, {&(0x7f0000004080)=""/174, 0xae}, {&(0x7f0000004140)=""/34, 0x22}, {&(0x7f0000004180)=""/4096, 0x1000}, {&(0x7f0000005180)=""/185, 0xb9}], 0x8, &(0x7f00000052c0)=""/133, 0x85}, 0x5}, {{&(0x7f0000005380)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x80, &(0x7f0000005740)=[{&(0x7f0000005400)=""/210, 0xd2}, {&(0x7f0000005500)=""/60, 0x3c}, {&(0x7f0000005540)=""/245, 0xf5}, {&(0x7f0000005640)=""/151, 0x97}, {&(0x7f0000005700)=""/7, 0x7}], 0x5, &(0x7f00000057c0)=""/44, 0x2c}, 0x8}, {{&(0x7f0000005800)=@un=@abs, 0x80, &(0x7f0000006cc0)=[{&(0x7f0000005880)=""/230, 0xe6}, {&(0x7f0000005980)=""/210, 0xd2}, {&(0x7f0000005a80)=""/250, 0xfa}, {&(0x7f0000005b80)=""/4096, 0x1000}, {&(0x7f0000006b80)=""/192, 0xc0}, {&(0x7f0000006c40)=""/123, 0x7b}], 0x6}, 0xc23}, {{&(0x7f0000006d40)=@nfc, 0x80, &(0x7f0000006e40)=[{&(0x7f0000006dc0)=""/108, 0x6c}], 0x1, &(0x7f0000006e80)=""/192, 0xc0}, 0x8}], 0xa, 0x40000000, &(0x7f0000007200)={r8, r9+60000000})
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYRES64=r0], 0x50)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r11}, 0x10)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
removexattr(&(0x7f0000000300)='./file0\x00', &(0x7f0000000600)=@known='user.incfs.size\x00')
ioctl$USBDEVFS_CLEAR_HALT(r0, 0xc0105502, &(0x7f0000000080)={0x1, 0x1})

7.171479119s ago: executing program 2 (id=399):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001100)={{r0}, &(0x7f0000001080), &(0x7f00000001c0)=r1}, 0x20)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)

7.170581399s ago: executing program 2 (id=400):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f00000002c0)='./bus\x00', 0x4010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000002480)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000000980)={'syz', 0x2, 0x11}, &(0x7f00000008c0)='R\br{st\xe3c*sgrVex:D0*E\xd7\xf4\xa3J\xf3\a\xa1\x87\x94\xae\xe6}c\xe5\x85\xec\xe0C\r\xc4s4\x0e\xe6\xb1S\x80\x1b\x86\xb9\xcc\xfc\x00\xb9\xec\x9c&\xb1s\xcb\x01\xfc\x7f\x92->]\x02\x03\xfd%\xb8v\x9d%|L\x8ez\xf1v\r\xd9\xf9\xc8\xad\xceX+c\xce=\xc9\xe9\a\xa1w\xa5Y\xe8s\x00'/114, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={0x0}, 0x18)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r4}, &(0x7f0000000800), &(0x7f0000000840)=r5}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r3}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r6}, 0x10)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000780)=ANY=[@ANYBLOB], 0x88}, 0x1, 0x7}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1c, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f00000000c0)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
r9 = openat(r8, &(0x7f0000000540)='mnt\x00', 0x101900, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r9, 0xc0506617, &(0x7f0000000580)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a})
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0)
mount$incfs(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)='mnt\x00', &(0x7f0000000840), 0x1826c00, &(0x7f0000000d80)={[{@readahead={'readahead', 0x3d, 0x689}}], [{@subj_role={'subj_role', 0x3d, 'ext4\x00'}}, {@obj_user={'obj_user', 0x3d, ')'}}, {@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@smackfsdef={'smackfsdef', 0x3d, '@.+#:{\xc6!(,\xf0]+}'}}, {@smackfsroot={'smackfsroot', 0x3d, 'ext4\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x2}}, {@obj_role}, {@fowner_lt}, {@hash}]})

6.926854033s ago: executing program 2 (id=401):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r1}, 0x18)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r4, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x30, r5, 0x400, 0x70bd28, 0x25dfdbfe, {{}, {}, {0x14, 0x19, {0xf, 0x2, 0x6}}}, ["", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x40005}, 0x44)
write$P9_RVERSION(r3, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r6 = dup(r3)
write$FUSE_BMAP(r6, &(0x7f0000000100)={0x18}, 0x18)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
write$FUSE_NOTIFY_RETRIEVE(r6, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
open$dir(&(0x7f0000000140)='./file0\x00', 0x500, 0x40)

6.845964174s ago: executing program 3 (id=404):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'wg0\x00', <r1=>0x0})
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
sendto$packet(r0, &(0x7f0000000180)="0b03feff4f00020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14)

6.767503255s ago: executing program 2 (id=405):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000002c0)='mm_page_alloc\x00', r2}, 0x63)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000012, &(0x7f0000000180), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")

6.767151905s ago: executing program 32 (id=405):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000002c0)='mm_page_alloc\x00', r2}, 0x63)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000012, &(0x7f0000000180), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")

6.707322486s ago: executing program 3 (id=407):
syz_usb_connect(0x5, 0xa4, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/dev\x00')
pread64(r2, &(0x7f0000019040)=""/102400, 0x19000, 0x400000000003)

6.358892661s ago: executing program 0 (id=410):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001100)={{r0}, &(0x7f0000001080), &(0x7f00000001c0)=r1}, 0x20)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)

6.344428982s ago: executing program 1 (id=411):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="050000000000000000000000000000009500000000000000a5d559189f80098431418353522033efdfdfd8c89d50cdf4b080373113e2f20a9fb27cab4ae04986717ed0373a5c6d92ebacf983e5bb2d705aa5bf0722e24ee0e3b7891d289e7d603b01de04bb58c1b8c89c88c6b23d63d46bde11c5670810a720cd6dc32fc23d3a3aacc192e59727f8714980be53206ee06151fd7b18ee"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x4e22, @multicast2}, 0x10, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1c00000000000000000000000700000001890b04"], 0x20}, 0x20001100)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000000)=ANY=[])
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
open$dir(0x0, 0x218082, 0x8)
ioctl$sock_FIOGETOWN(r2, 0x8903, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d)
r5 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='xprtrdma_reply\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18)
sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000080)={[{@nodelalloc}, {@nobarrier}, {@errors_remount}]}, 0x1, 0x57c, &(0x7f00000129c0)="$eJzs3c9rG8ceAPDvynZ+Oe/Fgbzw3jsUQw5NSSPHdn+k0EN6LG1ooL2nwlZMsBwFSw6xG2hyaC69lFAopYHSP6D3HkP/gf4VgTYQSjDtoReVlVeOYkmWfyiRGn0+sPbM7sgzo90Zz2i0bABDazL9kYv4X0R8lUQcazo2GtnByY10609uzaVbErXax78nkWT7GumT7Pd4FvlvRPz8RcSZXGu+ldW1xUKpVFzO4lPVpetTldW1s1eXCgvFheK1mdnZ82/Ozrzz9ls9q+trl/789qMH75//8tT6Nz8+On4viQtxNDvWXI99uN0cmYzJ7D0ZiwtbEk73ILNBkvS7AOzJSNbOxyLtA47FSNbqgZff5xFRA4ZUov3DkGqMAxpz+x7Ng/8xHr+3MQFqrX+y8dlIHKrPjY6sJ8/MjNL57kQP8k/z+Om3+/fSLXr3OQRAV7fvRMS50dHO/d/endtBmq156P/gxXmQjn9ebzf+yW2Of6LN+Ge8Tdvdi+7tP/eoB9l0lI7/3m07/t1ctJoYyWL/qo/5xpIrV0vFtG/7d0ScjrGDaXy79Zzz6w9rnY41j//SLc2/MRbMyvFo9OCzr5kvVAv7qXOzx3ci/t9l/Ju0Of/p+3Fph3mcLN5/pdOx7vV/vmo/RLza9vw/XdFKtl+fnKpfD1ONq6LVH3dP/tIp/13X/z/7qm6L9Pwf2b7+E0nzem1l93l8f+ivYqdjk0m2aLrL6/9A8kk9fCDbd7NQrS5PRxxIPmzdP/P0tY14I31a/9Ontu//2l3/hyPi0x3W/+6Jux2T7vn678XkMzv/87s6/7sPPPzgs+/2Xv/0/L9RD53O9uyk/9tpAffz3gEAAAAAAMCgyUXE0Uhy+c1wLpfPb3y/40QcyZXKleqZK+WVa/NRv1d2IsZyjZXu8abvQ0xnS5KN+MyW+GxEHI+Ir0cO1+P5uXJpvt+VBwAAAAAAAAAAAAAAAAAAgAEx3rj//+Dm/f+bj7H+daTfpQOeuy2P/B7rVzmAF6/rI/978aQnYCB1bf/AS2s06XcJgH7x/x+Gl/YPw0v7h+Gl/cPw0v5heGn/AAAAAAAAAAAAAAAAAAAAAAAAAAAA0FOXLl5Mt9r6k1tzaXz+xurKYvnG2fliZTG/tDKXnysvX88vlMsLpWJ+rrzU7e+VyuXr0zOxcnOqWqxUpyqra5eXyivXqpevLhUWipeLni0OAAAAAAAAAAAAAAAAAAAArSqra4uFUqm4LDCggUODUYyOgdHBKMYgBWojG42rNDoY5WkNjEVElzT97pkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Km/AwAA//9MAjET")
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

6.278680733s ago: executing program 0 (id=412):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
write(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r2, &(0x7f0000000140)="54000000010006", 0x7)

6.251331213s ago: executing program 0 (id=413):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{0x0}], 0x1}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r0, @ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file2\x00', 0x210000, &(0x7f0000000600)={[{@jqfmt_vfsv1}, {}, {@quota}, {@noauto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x5}}, {@orlov}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000000280)={0xa0, 0x0, 0x0, {{0x20, 0x1, 0x5, 0x6, 0x1000, 0x6, {0x1, 0x0, 0x65cd, 0x0, 0xffffffffffff15ef, 0x9, 0x1, 0x7fff, 0x7, 0x4000, 0xe, 0x0, 0x0, 0x4, 0x10000}}, {0x0, 0x1}}}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRESHEX, @ANYBLOB=',wfdno', @ANYRESHEX])
stat(0x0, &(0x7f0000000a00))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0xc)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="b8000000140001000000000000000000000000000000000000000000000000000000000000000000020a00"/62, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/111], 0xb8}}, 0x0)

6.163273984s ago: executing program 4 (id=414):
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000c80)=ANY=[@ANYBLOB="b702000003000000bfa3000000000000070300ffb0feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7f8fbc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c0301000000010000003d5d78c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6e70af07da5ceb01b7551ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cde7a6b73340cc2160a1fe3c184b751c51160fbce841dfebd31a08b32808b80200000000009dd27080e71113610e10d8fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000067d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c972780870014605c83d7d11c3c975d5aec84222fff0d7216fdb0d3a0ec4bfae563858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5cc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5b6154eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7ade8a5b859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ffea0000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a1bcd1e30280bc586e79a5dd80701018e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f0000000011d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589c95d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d4442d13d5a29179a00837918dd7854aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5d371c61f550e9d86aabda45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5ff070000000000000ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5f45c879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2ea86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c58684a1d2f624c3eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366aa660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e95921218149403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef3103ce10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d618cdaaf7e038879c5d177b3876fda4121e00000100000000003edd3d43cc64e0d26b46907b42e08d000000000000903350932d3eef7fdada20c19807066e2c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a74748b8cd994ed368695aa2c5986aa9200a1306ffa5a71ca69e89a6980612b35fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeaded2930376eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041894f60fbbcafa487ee96b368e8769da90b44190e569fe8b923c32c288baaca5c5558b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751e95999b7532603494d37a2bff35a9eec46dfc8a52433f605ebf151c837b4966b5f3628a406175a87e32c5e4268d3000933b580415b162e2946446b8f02554c8a1225217d69d049685dd06aa8528673a9673a723ac414af77f523ad730d00e8700c213f95c87a94f39f506b9e000000000000000000000000000000000000000000000000000090668ac41a1c2a4f7831e6c6a3e9c68ca2c449482bb70a994e71a7f24873848fbb128c820c1de19cc003dfa65a2b296caeb1253802080e08eeb724c4c7b7e052afa19b0f2cd7a13bda4b5a8f3b8fa3ca70bb756a3d529718d5c79d9bdb89e5d33793533211d76d00a45079eff797476106bf76f1fed952a7c9162b88911b5b00c3d26fd2fb4d7b29d1ce025e102d458efd5cca3f3835ce760359eaa01cb13cb28d60e8942fdc02b6824c00dac62f8a2d4c680ae284a82f09d6641921536814b444e4188d9b2e97eb3b108e7876f0f3f3863147ab694218c7cecc075d52d590dddbb57fc6fedf5ec69d7894a7b5c8109f303dab998815c80534b0bd34c49eea63997e56728a8185a8bb6988a7197b87f5548f5edfdfb3efc907fe561b33a6f7c707f7828c6adaf3b2a39929b4b65253e787d65c08aff5e4a9b2267bd8f803ea38f10a6e9c4a49bf23525e08c12d229211fe4d88cf1440f29accfa50f327ac1fb20d7f164100111bd21fca713b2475f1c997f3000000000080c426bcec79c6bc83ce4e6cbb17c01be69db342192d0a716cc24710d23321441f475ec485d642b61c6bd907071dbbe37c0b78f60fd2ad0d13ca62d9d9aafb01c3920b64cb5e023810e2de4327f90c389ce36d90ff9f3cb9d8cd2260d05a8126943a3df17157470595c68ac8df7fea6d42ecb2cdb65b4f2aef0db2b2de949a6d4ec37f2fd693ae44944041a64fe6336aba1c66b1b95d2edbc40364a049616ae962d75eae619548aa86bd5f0bad56e7ad7de2ee5e6f3b42e3a27094b6b5face99456d9af1926b21d37faf7612d9752cf58e6424decd530b5419e117ec08647566b1bdd75d6a9a1e600aaf0f42ce94b4725d4c2da80150dc34e5975d6904f061ed9a7608959f2d24ee6ec4f2395d16e02f53c746f74b12013f738d76456c3407188eff97f31ca36e5d79e1f1c7c3b688ee21d37ba5ebf4afc2a61f16"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x55}, 0x48)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7fffffff}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
getitimer(0x1, &(0x7f0000000280))
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000060000000500"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
socket(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r8, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe06, 0x1000000, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff430500001100630377fbac141414e000000162079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)

3.746695172s ago: executing program 4 (id=415):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r1}, 0x18)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r4, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x30, r5, 0x400, 0x70bd28, 0x25dfdbfe, {{}, {}, {0x14, 0x19, {0xf, 0x2, 0x6}}}, ["", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x40005}, 0x44)
write$P9_RVERSION(r3, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r6 = dup(r3)
write$FUSE_DIRENTPLUS(r6, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
write$FUSE_NOTIFY_RETRIEVE(r6, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
open$dir(&(0x7f0000000140)='./file0\x00', 0x500, 0x40)

3.706201973s ago: executing program 4 (id=416):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'wg0\x00', <r1=>0x0})
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
sendto$packet(r0, &(0x7f0000000180)="0b03feff4f00020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14)

3.670350533s ago: executing program 1 (id=417):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = eventfd2(0x0, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r0, 0x4018aebd, &(0x7f00000000c0)={0x1005, r1})
ioctl$KVM_HYPERV_EVENTFD(r0, 0x4018aebd, &(0x7f0000000040)={0x2, r1, 0x1})
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0xa000, 0x1da)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703"], 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd6000000000383a00fe880000000000000000000000000001ff02f27b4a087bb99d370000003f000001020090046981076e00073300ff02000000000000007f000000000001ff0100000000001600000000000000012c000768650000"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61122800000000006113500000000000bf200000000000001500000008ffffffbd0301000000000095000000000000006916320000001400bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d4301000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9755ba08554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c51231422bb8fab4d4d897db2c544c0ec50b8eac8c63d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564b8f8a621483fb2a5ff221e0d831d64759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c61449347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d8b570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91f0eb18e21dfdab3c84ec11377fbbfd1e00"/773], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
close_range(r2, 0xffffffffffffffff, 0x0)

3.646943164s ago: executing program 3 (id=418):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, 0x0, 0x10, &(0x7f0000000340)={0x100})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000000c0))
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, 0x0, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000001c0)={r3, 0x0}, 0x20)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
unshare(0x22020600)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000240)='asymmetric\x00', 0x0)
r5 = syz_usb_connect(0x0, 0x24, &(0x7f0000004200)=ANY=[@ANYBLOB="12010000e2793b10d105012000090102030109000009040000004d2f9c00000000000000"], 0x0)
syz_usb_control_io$cdc_ecm(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r5, 0x0, &(0x7f0000000400)={0x44, &(0x7f0000000180)={0x20, 0x0, 0x2, "d64b"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r5, 0x0, &(0x7f0000000940)={0x2c, &(0x7f0000000700)={0x0, 0x18, 0x2, '\be'}, 0x0, 0x0, 0x0, 0x0})

3.332760469s ago: executing program 4 (id=419):
syz_clone(0x88020400, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000400)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0xf, {[@global=@item_012={0x0, 0x1, 0x5}, @local=@item_4, @global=@item_012={0x0, 0x1, 0x9}, @global=@item_012={0x2, 0x1, 0x7, '\x00\x00'}, @global=@item_4={0x3, 0x1, 0x7, "3ccc4c7b"}]}}, 0x0}, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000340)={0x4, 0x0, [{0xd000, 0xec, &(0x7f00000000c0)=""/236}, {0x1, 0x5f, &(0x7f00000001c0)=""/95}, {0xdddd0000, 0x69, &(0x7f0000000240)=""/105}, {0x3000, 0x1f, &(0x7f0000000300)=""/31}]})

2.915052655s ago: executing program 1 (id=420):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
mount(0x0, 0x0, 0x0, 0x1000, 0x0)
syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./file0\x00', 0x3000050, &(0x7f0000000600)=ANY=[], 0x1, 0x14fe, &(0x7f0000002180)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000000))
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x20200c4, 0x0, 0x0, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x2, 0x0, 0x0)
rename(&(0x7f0000000000)='./bus/file0\x00', &(0x7f0000000080)='./file0\x00')
syz_emit_ethernet(0x46, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x4d8, 0x340, 0x11, 0x148, 0x0, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x0, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x21, 0x0, [{}, {}, {0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0xf}]}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x3}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x538)
socket$packet(0x11, 0x3, 0x300)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000000600)=@raw={'raw\x00', 0x2, 0x3, 0x2f8, 0x0, 0x0, 0x160, 0x160, 0x62020048, 0x260, 0x260, 0x260, 0x260, 0x260, 0x3, 0x0, {[{{@ip={@loopback=0x7f008e04, @local, 0x0, 0x0, 'vlan0\x00', 'geneve1\x00'}, 0xb003, 0x130, 0x160, 0x8, {0xf400000000000000}, [@common=@unspec=@string={{0xc0}, {0x2000, 0x0, 'bm\x00', "4bc74c01d6369df17d17ac76fa5f9b3bfa0c34430d864040bc25b2b73a59aa2acab6b1d2cc05060feb70b5bc8c2d4ba3a94a2d2393e3182f64695d7d05fb478c8f56627a5cf905d564eeeb83ff0150ca0f3c44f7fda4d20a05050342ea9685ecc8838e049f1f2e2d081ddda375bb7008adc297a5ece1bb2df53d17bef26bb6f8", 0x5a}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0x98, 0x100, 0x0, {}, [@common=@ttl={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98, 0x0, {0xed030000}}, {0x28, '\x00', 0x4}}}}, 0x3a4)

2.801725897s ago: executing program 5 (id=423):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

2.770786897s ago: executing program 0 (id=424):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
execve(&(0x7f0000000180)='./file0\x00', &(0x7f0000000340)={[0x0, &(0x7f0000000200)='\xee-\x00', &(0x7f0000000480)='/dev/kvm\x00p\xf1\x8ftv1\x00\x99\x0eF\xec\x9c`\xaf\xf5\xa4\xd8to\x94\xc9\x1e\xaa\xbaw\x81v\rX\x0e\xfa% V\xbc\x1e\x1b\xb9\x01\xc3\x92f[;\xf2\xa2S7\xcc\xafH,\xa5\"g\xaa\xb4\x918\x9fL\xe0\xf9\xa8\xa1x\xc2\x9c4\xc9\xe8;\xa6\xad\xa1K\x06\x0e\xf1\x1d\xde', &(0x7f00000002c0)='/dev/kvw\x15', 0x0]}, &(0x7f0000000400)={[&(0x7f0000000380)='mm_page_alloc\x00', &(0x7f00000003c0)='mm_page_alloc\x00']})
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$key(0xf, 0x3, 0x2)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x20c006, &(0x7f0000000600)={[{}, {@nojournal_checksum}, {@nomblk_io_submit}, {@minixdf}, {@bsdgroups}, {@noquota}, {@resuid}, {@acl}, {@nogrpid}, {@noinit_itable}], [{@fscontext={'fscontext', 0x3d, 'user_u'}}]}, 0x1, 0x44d, &(0x7f0000000d40)="$eJzs28tvG0UYAPBv7TilD6ipyqMPIFAQFY+kSUvpgQsIJA4gIcGhHEOSVqVug5og0aqCgFA5okrcEUck/gJOcEHACYkr3FGlCuXSAhejtXcT27XTOnWyBf9+0rYzu+PM92V37NmdOIChNZb+k0TsiIjfImJns9reYKz53/XlizN/LV+cSaJef/PPpNHu2vLFmbxp/rrteWUkovRpEvu69Ltw/sLp6Vpt7lxWn1g8897EwvkLz546M31y7uTc2aljx44cnnz+6NRzA8kzzeva3g/n9+959e3Lr88cv/zOT98kef4deQzI2FoHn6jXB9xdse5uKScjBQZCX8rNYRqVxvjfGeVYPXk745VPCg0O2FD1er1+f+/DS3XgfyyJoiMAipF/0Kf3v/m2SVOPO8LVF5s3QGne17OtcaASUcraVDrubwdpLCKOL/39ZbrFxjyHAABo8106/3kmm/+1LfyUovW50D3ZGko1Iu6NiF0RcTQidkfEfRGNtg9ExIN99t+5SHLj/Kd0pc8f2Zd0/vdCtrbVNv9bmf1FtRzxTz5drkYlOXGqNnco+50cjMqWtD65Rh/fv/zr572Otc7/0i3tP58LZnFcGdnS/prZ6cXp28m51dWPI/aOdMs/WVkJSC+LPRGxd519nHrq6/29jt08/3ajrZUBrDPVv4p4snn+l6Ij/1yy9vrkxF1Rmzs0kV8VN/r5l0tv9Oq/3/wHLT3/27pe/yuqSet67UL/fVz6/bOe9zTrvf5Hk7fa9n0wvbh4bjJiNHmtGXTr/qmOdlOr7dP8Dx7oPv53Za9J898XEelF/FBEPBwRj2SxPxoRj0XEgTXy//Glx99t35P0kf/GSvOf7Xr+V2LsOP+rhdHo3NO9UD79w7dtnVajj/zT83+kUTqY7bmV979biWt9VzMAAAD895QiYkckpfGVcqk0Pt78G/7dsa1Um19YfPrE/PtnZ5vfEahGpZQ/6Wo+D24+D53Mbuvz+lRH/XD23PiL8tZGfXxmvjZbdPIw5Lb3GP+pP8pFRwdsON/XguFl/MPwMv5heBn/MLy6jP+tRcQBbL5un/8fFRAHsPk6xr9lPxgi7v9heBn/MLxuY/wng4wD2FQLW+PmX5JX2LDC0p0RxjoKUSo0jGJ7H4JC0e9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAg/FvAAAA///LF+nh")
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001600)=ANY=[], 0x0}, 0x94)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r3}, 0x18)
connect$pppl2tp(0xffffffffffffffff, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x8, 0x0, 0xfffe, 0x0, {0xa, 0x4e20, 0x0, @local, 0x400000}}}, 0x32)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='mountinfo\x00')
read$FUSE(r4, &(0x7f0000002380)={0x2020}, 0x2020)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8010, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

2.757351387s ago: executing program 5 (id=425):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
syz_clone3(&(0x7f0000000600)={0x1000000, &(0x7f0000000280), &(0x7f0000000340), &(0x7f0000000380)=<r2=>0x0, {0x30}, &(0x7f00000008c0)=""/203, 0xcb, &(0x7f00000003c0), &(0x7f0000000400)=[0x0], 0x1}, 0x58)
sched_setaffinity(r2, 0x8, &(0x7f0000000500)=0x6)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r1}, 0x57)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="df189c07db8077dd", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x0, &(0x7f0000000080)={[{@barrier_val={'barrier', 0x3d, 0x7}}]}, 0xc1, 0x7b7, &(0x7f00000007c0)="$eJzs3ctrXNcZAPDvjl6W7FYqFFp3JSi0AuNR5ap2C124dFEKNRjadW0xGgtXI43RjIwlBLYpgWwCScgikGy8zsPZZZvHNvkvsgg2TiKLKGQRJtzRHWlkzciSo5kR6PeDq3vOfeicb859nJlzmQngxBpP/+QizkbEq0nEaLY8iYiBeqo/4vLWdpvra4V0SqJW+/fXSX2bjfW1QjTtkzqdZX4dEZ+8FHEuly44tavcysrq/EypVFzK8pPVhVuTlZXV8zcXZuaKc8XFi1PT0xcu/enSxaOL9dvPV888fu0fv3//8vf//9XDVz5N4nKcydY1x3FUxmM8e00G0pdwl78fdWE9lvS6AryQ9NTs2zrL42yMRl891cZwN2sGAHTK3YioAQAnTOL+DwAnTONzgI31tUJj6u0nEt315G9bQ5Mb2djm5nb8/dmY3an6OOjIRrJrZCSJiLEjKH88It7+8L/vplN0aBwSoJV79yPi+tj43ut/sueZhcP6w34ra0P12fgzi13/oHs+Svs/f27V/8tt93+iRf9nqMW5+yKef/7nHh1BMW2l/b+/Nj3bttkUf2asL8v9rN7nG0hu3CwV02vbzyNiIgaG0vxUfdPWT0FNPP3habvym/t/37z+v3fS8tP5zha5R/1Du/eZnanO/NS4G57cj/hNf6v4k+32T9r0f68esIx//uXlt9qtS+NP421Me+PvrNqDiN+1bP+dtkz2fT5xsn44TDYOihY++OLNkXbl77T/UH2elt94L9ANafuP7B//WNL8vGbl8GV89mD043brmo//1vG3Pv4Hk//U04PZsjsz1erSVMRg8q+9yy/s7NvIN7ZP45/4bevzv93xn8uejb2+ndtf/+Ov3sv+Vcv46+61i7+z0vhnD9X++yRq2T7PrHq4Od/XrvyDtf90PTWRLTnI9e85NW0knt94AAAAAAAAAAAAAAAAAAAAAAAAAHAEchFxJpJcfjudy+XzW7/h/csYyZXKleq5G+Xlxdmo/1b2WAzkGl91Odr0fahT2ffhN/IXnsn/MSJ+ERFvDA3X8/lCuTTb6+ABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHN69+//301n+fzWui+Hel07AKBjTvW6AgBA17n/A8DJc7j7/3DH6gEAdM+h3//Xks5UBADomgPf/693th4AQPcY/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDDrl65kk6179bXCml+9vbK8nz59vnZYmU+v7BcyBfKS7fyc+XyXKmYL5QX2v6je1uzUrl8azoWl+9MVouV6mRlZfXaQnl5sXrt5sLMXPFacaBrkQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwVVWVudnSqXiksS+ieHjUY1jk+iPY1GNI0vU+rbOh+NRn/5oLBnsWTWarxLDPbo6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABx/PwYAAP//eUchiw==")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x20)
write$UHID_DESTROY(r4, &(0x7f0000000280), 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000f80)={0x2020}, 0x2020)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r6 = socket$packet(0x11, 0x3, 0x300)
r7 = socket(0x10, 0x3, 0x0)
write(r7, &(0x7f00000003c0)="26000027c24321e1399f2fecae3e8800220047010d0000070000000000000020002b1f000a4a11f1ee839cd53400b017ca5b", 0xfffffffffffffcbd)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x4}}}]}, 0x34}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000840), r8)
sendmsg$WG_CMD_SET_DEVICE(r8, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="2c020000", @ANYRES16=r9, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d7843e40108804400208024000100000000000100000000000000fdffff01000000000000000000000000000000001400040003000000ac1414bb00000000000000000600050000000000000100802400020073e591ec06154031d3954ac0e16752e72640f08b5281a8461d17d26d12f2bbb6060005000021000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39228c00098028000080060001000a0000001400020020010000000000000000000002000001050003000000000088000080060001000a000000140002002001000000f800000000000000000002050003000000001003800080060001008c0e000008000200ac1414aa05000300000000001c000080060001000200000008000200ac1414bb0500030000000000200004000e00000000000000fe800000000000000000000000000000000000009c0000802400020073961633df6dc9cb418b15afd0bae7b90f1e6cfed8bb423cf9285c474163154908000a00010000002400010000000000000000000000000000000000000000000000000000000000000000004800098028000080060001000a00000014000200fe8000000000000000000000000000bb05000300000000001c000080060001000200000008000200000000000500030000000000080005000100000008000100", @ANYRES32=r9], 0x22c}}, 0x20000004)
setsockopt$sock_int(r7, 0x1, 0x22, &(0x7f0000000200)=0x1, 0x4)
recvmmsg$unix(r7, &(0x7f00000001c0), 0x4000000000000bd, 0x2, 0x0)
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00'})
io_setup(0x7f, &(0x7f0000000100)=<r10=>0x0)
io_submit(r10, 0x1, &(0x7f0000000580)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)={0x0}, 0x1, 0x0, 0x0, 0x24040004}, 0x40044)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x3, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.971272369s ago: executing program 1 (id=426):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = syz_open_procfs(0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', 0x0, 0x0, 0x101091, 0x0)
mkdir(0x0, 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000003c0)=@o_path={&(0x7f0000000180)='./file0\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x8, 0x5, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3000}, [@alu={0x7, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2f22}, @jmp={0x5, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000000}, 0x78)

1.592465905s ago: executing program 5 (id=427):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
symlink(&(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd59}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x2d)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000001c0)="5500000018007f5f00fe01b2a4a2809302060000ff41fd010404000039000b0002002800000019002d4400009b84136ef75afb83de066a5900e1baac341b61130000f2ff000001000000000000000000000000fdff", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)

1.591529665s ago: executing program 0 (id=428):
syz_usb_connect(0x5, 0xa4, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/dev\x00')
pread64(r2, &(0x7f0000019040)=""/102400, 0x19000, 0x400000000003)

1.183253691s ago: executing program 5 (id=429):
getpgid(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x6e, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000300000085000000060004009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0xf, 0x0, 0x0, 0x7995}, 0x10007, 0x0, 0x0, 0x48000000, 0x0, 0x40000000, 0x0})
ioctl$HIDIOCGCOLLECTIONINFO(r5, 0xc0104811, &(0x7f0000000080)={0x1, 0x4, 0x8, 0xfff})
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000180)={0x3}, 0x4)
socket$pppl2tp(0x18, 0x1, 0x1)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x0, 0x7fff0000}]})
clock_gettime(0x0, &(0x7f00000001c0))
ioctl$F2FS_IOC_COMPRESS_FILE(r6, 0xf518, 0x0)
fcntl$setlease(r6, 0x400, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000001c0)=@security={'security\x00', 0xe, 0x4, 0x4b0, 0xffffffff, 0x310, 0x0, 0x310, 0xffffffff, 0xffffffff, 0x3e0, 0x3e0, 0x3e0, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@private1, @local, [0xff, 0x0, 0x0, 0xff000000], [0xff000000, 0x0, 0x0, 0xffffffff], '\x00', 'veth1_to_batadv\x00', {}, {0xff}, 0x2b, 0x0, 0x4, 0x59}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@eui64={{0x28}}]}, @common=@unspec=@AUDIT={0x28}}, {{@uncond, 0x0, 0x1e0, 0x218, 0x0, {}, [@common=@rt={{0x138}, {0x7, [0x5, 0x3], 0x1, 0x4, 0x4, [@empty, @local, @ipv4={'\x00', '\xff\xff', @empty}, @private2, @rand_addr=' \x01\x00', @loopback, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, @ipv4={'\x00', '\xff\xff', @multicast1}, @mcast1, @mcast2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, @private1={0xfc, 0x1, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}], 0xc}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x1, 0x4}, {0x4, 0x0, 0x1}, {0x1, 0x4, 0x7}, 0x5, 0x6}}}, {{@ipv6={@private2={0xfc, 0x2, '\x00', 0x1}, @local, [0xff, 0xff000000, 0xff], [0xffffff00, 0xffffffff, 0x0, 0xff], 'veth1_to_team\x00', 'veth0_to_bond\x00', {0xff}, {0xff}, 0x8, 0x10, 0x1, 0x8}, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x14, 0x4, 0xf05f}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x510)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000004fcd2467f73a0909ada99ef59a24e4b51c57c9c511101fe18f14771b92f0809d6a48d7f1fff92e7a56d629c64429b17b971a283a32cd1ebcd0c65a73f5a0cef0ad5ad6487bba49c31b262167bffa124a8d422bc445d00c30ce44da"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r7, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r3, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffb1, 0x0, 0x0, 0x0, 0x92, 0x0, 0xffffffffffffff63, 0x0, 0x0, 0x0, 0x0, 0x8d, 0x0, 0x0, 0x0}}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x10, &(0x7f00000004c0)={[{@i_version}, {@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x3ff}}]}, 0x1, 0x3f7, &(0x7f0000003080)="$eJzs3U1vG0UfAPD/bt7atE+TSs+Bl4sFSERCJE3aApVAIuLCoT3RA0es2C1RnQYlRqJVxItA3EAC8QHgAHwEjnDgO8AZOEClCOVAys1o7V3HxHbapA6ukt9PGnlmZ+2Z9XjW68nsJIBjqxQRL0fESESci4ipfHuah3i/FbL9trc2lv7e2lhKotF47c8kknxb8VpJ/ngqf4GZNCL9KInHe5S7fuv2jXKtVl3L03P1lbfm1m/dfnZ5pXy9er16c+G58xcuXnzh0sLzAzvWzZXkk6e+ufzbZx9XPv/pj++ns/qezvM6j2NQSlFqvye7XRp0YUN2oiOejA6xIgAA7CnNr/1Hm9f/UzESOxdvU/Hpj0OtHAAAADAQjUbxCAAAABxdid/+AAAAcMQV8wC2tzaWijDE6Qj8xzYXI2K61f5389DKGW3f0zu26/7eQSpFxKsnrixkIQ7pPmwAAACA4+yHxdbCf93jf2k80rHfyYiYLNb2G6DSrnT3+E96Z8BF0mFzMeLFiLjbNf6XFrtMj+Sp/zWHCseSa8u16rmIOBMRMzE2kaXn9yjj3SdufNsvr3P878tfX5/Pys8ed/ZI74xO/Ps5lXK9/CDHzI7NDyIeG+3V/kl7zLdzncyDeGN5+6V+eVn7Z+1dhO725zA1vop4umf/31m5NNl7fda55vlgLj8rTHSX8cvprz/sV35n/89CVn7xtwAOX9b/J/du/+Y6ue31etf3X8Z3f135uV/evdu/9/l/PLnarOB4vu2dcr2+Nh8xnlzu3u7T1Fa8H8X7lbX/zJO9v/+L678k/+4/07E+9H688t7Zq/3y9P/hytq/sq/+v//Im5OPzvQr//76/4VmZYoXcf13b/fbQMOuJwAAAAAAAACDkTbn9iXpbDueprOzrXm+/4/JtLa6Xn/m2urbNyutOYDTMZYW8z+nOuaDzrduI2+nF3alz0fE2Yj4YupkMz27tFqrDPvgAQAA4Jg41ef3f+b3g9zsAQAAADycpoddAQAAAODQ+f0PAAAAR9qDrOtfq64V/yLogE8XETlYZCT/4D0s9Tl6kSGelAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIfwIAAP//keS8Nw==")

980.837614ms ago: executing program 1 (id=430):
r0 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x800714, &(0x7f0000000240), 0xff, 0x494, &(0x7f0000000840)="$eJzs3M1vFOUfAPDvTFugvLU/foiCoFU0El9aWlA5eFCjiQdNTPSAx9oWRBZqaE2ENFqNwaMh8W48mvgXePNi1IMx8aqJR0NCtDGheKqZnRm6bHf7RtuF7ueTLPs8M8/0eb4z8+w+Mw+zAbStvuyfJGJnRPwWET159tYCffnb7MzUyI2ZqZEk5ube+Cuplrs+MzVSFi2321FkjqQR6adJPJ8srHfi4qWzw5XK2IUiPzB57r2BiYuXnjpzbvj02Omx80MnThw/NvjsM0NPr0mcWVzXD3w4fnD/K29deW3k5JW3f/wma9a+Q/n62jiWdKNBQA30ZXvt77mq+nWPrqDtd4NdNemks4UNYUU6IiI7XF3V/t8THTF/8Hri5U9a2jhgXWXfTVubr56eAzaxJFrdAqA1yi/67Pq3fG3Q0OOOcO2FiC1FenZmamT2ZvydkRbLu9ax/r6IODn975fZK1Z6HwIAYBWqY5snG43/0thXfc/nOnYXcyi9EfG/iNgTEf+PiL0RcU9Etey9EXFfvvFczzLr76vLLxz/pFcbtnmNZOO/52rGfrM18RdvvR1Fblc1/q7k1JnK2NFinxyJrq1ZfnCROr576dfPm62rHf9lr6z+cixYNOBqZ90NutHhyeG12gnXPo440Nko/uTmTEB2BuyPiAMr+9O7oztPnHn864PNCi0d/yLWYJ5p7quIx/LjPx118ZeSxecnB7ZFZezoQHlWLPTTL5dfb1b/bcW/BrLjv/3W87+uRM8/ST5f2xWVytiFiZXXcfn3z5pe06z2/N+SvFmds/75nXzZB8OTkxcGI7Ykr1bz5TVddfnQ/LZlviyfxX/kcOP+v6fYJov//ojITuJDEfFARDxYtP2hiHg4Ig4vEv8PLz7y7iLxJ5FES4//aMPPv5vnf29SO1+/ikTH2e+/bTZjvrzjfzymq5+1uern3xKW28Db3H0AAABwV0gjYmckaX+e7tsZadrfn/8f/r2xPa2MT0w+cWr8/fOj+TMCvdGVlne6emruhw4m08VfzPNDxb3icv2x4r7xFx3d1Xz/yHhltMWxQ7vbcWv/j7L/Z/7saHXrgHXneS1oX/X9P21RO4CNt5zvf9cCsDk16P/drWgHsPFc/0P7atT/P6rLG//D5rSw///R4CfrgM3I+B/al/4P7Uv/h7Z0O8/1L5FIm1dRPiyw+iq2LfsJ/3VOdEXEHdCMylj5ixfrWVd3zC+JtOUht1Ei6zEbW+n8b6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADczf4LAAD//3344cc=")
mknodat$loop(0xffffffffffffff9c, 0x0, 0x6004, 0x1)
openat(r0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
io_setup(0x58, &(0x7f00000001c0)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
write(r1, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f00000031c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x180, 0x0)
connect$unix(r2, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e)
r4 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
fsopen(0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r9, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x3, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
dup(r8)

890.222746ms ago: executing program 4 (id=431):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="04000000000000000400000005"], 0x50)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000200)={0x0, r0}, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x0, 0x0, 0x0}, 0x94)
socket$inet(0x2, 0x2, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
writev(r6, &(0x7f00000003c0)=[{&(0x7f0000000180)}], 0x100000000000026b)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x900, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r8}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0xfffffffffffffe3a)
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x1008801, &(0x7f0000005ac0)=ANY=[], 0x2, 0x1e6, &(0x7f0000000700)="$eJzsmbGr00Acx793yWufD1FcHFwcfOATfWmSqrzlDRUcBaEVdSw2lmraShuhLQgWFxdHB8HVf8DBoZODm5urDioIDnZ0jtzlmpxNU1rjUPT3gV6+d7n73e9+Sb9LQBDEf8vXLz8/P7tyULsA4Ch2UVTj341kDtfmf3rx8Pzzw6svX3989a5z7NFkPh4DEIar7y/2e1sxgMfHZT8Mf1+9q6418FjfAMc5pW+CwZrlGiarPTDcVsP3NN09ooTvsTtdv3G35Xu2aBzRuKIpA0kKJoDpmKEBYFttwbT8+sPR/boP9CLhezOxFc72Sd1aVyyrn8yvwnGolUA8r1tPn4xF31LjtlY/BxyO0mUwVJU+QBGWZSUl0c5/ykziG6nz5zwk8tdooTix/5cD/ruC5XyCADbgFKsJNj8i/tDxyMnp5H161bdNSf4PhDQuAKlbH3Z8/1qOyAVlApmvROQfzATOav5kwoz9oxS0H5T6w9F+q11vek2v47rly/ZF277klqQRRe0S/9uW/rSjxd/KmFtgBQzqQdBzBkDQc+K+G7Wa41bfdH/INVz6H8femSiGeFXksYuL92Dqx+VVqD0jM3mCIAiCIAiCIAiCIAiCIIi1OA0WfQiLPlSFGbjX5exfAQAA//8vzmsS")
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x222240, 0x0)

572.530311ms ago: executing program 0 (id=432):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473", 0xa}, {&(0x7f0000000440)="9c74dfbf7757", 0x6}], 0x2)

92.014498ms ago: executing program 5 (id=433):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = dup(r0)
sendmsg$netlink(r3, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)

91.439078ms ago: executing program 3 (id=434):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
write(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r2, &(0x7f0000000140)="54000000010006", 0x7)

41.752889ms ago: executing program 5 (id=435):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x3004000, &(0x7f0000000300)={[{@errors_remount}, {@resuid}, {@block_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x7}}, {@nobarrier}, {@nouser_xattr}, {@dioread_nolock}]}, 0x1, 0x790, &(0x7f0000001740)="$eJzs3c9rHFUcAPDvTHaT/k4qClZRAx5aEPPLgj9QaMGjiKCevDQkaSnd/qCJYEOEFrEnjwXBiwiCF2+KF0FKT4p46UX6H0ilSBBaxUNkprPJttlNds1upnU/H5jkvXm7+95k+c6bHy/zAuhbo9mPNOJARFxMIoaL9UlEVPNUJeLI3dfdWV6a+Wt5aSaJlZW3/0jy19xeXpqJhvdkdhdv2xER168l8cjA+nrnLyyemq7V5s4X+fGF0+fG5y8sPn/y9PSJuRNzZ6ampl6eOjz54sRU17b1o6d+/uafy29+/Om+G1d+v/7dviSOxJ6irHE7umU0Rlf/Jo0qEfF6tysryUCxPWnDuqRSYoPoSNrwHT4ewzEQa1/ecFz7ttTGAQA9sZItAECfSfT/ANBn6tcBbi8vzdSXcq9IANvl1tHIb9RncX+nWO6WVOJI/ntHPg5g159JNN7WTepjB7Yo+4yv36t+ni3Ro/vwQHMXL+U3/pv0/0ke/yP5KJ718T8QUewftub+fYj4h+2zlfh/qwv1i38AAAAAAADonqtHI+KlZvf/0tXxP9Hk/t9QREx0of7N7/+lN7tQDdDEraMRrxbP9rl3/N/qE11GBorc3oh4LKrJ8ZO1uSz290XEoagOZfnJ5h+f7zLevTz5Q6v6G8f/ZUtWf30sYNGOm5Whe98zO70wvdXtBiJuXYp4otIs/pPV/j9pMf73WJt1fL/01dOtyjaPf6BXVr6IONi0/197cl2y8fP5xvPjgfH6UcF6i8de+7BV/W3F/9q/KQFdlPX/uzaO/5Gk8Xmd853X8cntic9alf3X4//B5J38qaKDxboPphcWzk9GDCZvrF/fvUeIwkOtHg/1eMni/9Czzc//Nzr+r0bEuTbr/PLH6q+tykbzSHX8D2XI4n+2o/6/88TfvzzZclfRXv9/OO/TDxVrXP+DjbUboGW3EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuimNiD2RpGOr6TQdG4vYHRGPxq60dnZ+4bnjZ98/M5uVRYxENT1+sjY3ERHDd/NJlp/M02v5qfvyL0TE/oi4MrQzz4/NnK3Nlr3xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDY3WL+/8xvQ2W3DgDomR1lNwAA2Hb6fwDoP/p/AOg/Hff/P+3tTUMAgG3j/B8A+o/+HwAAAAAAAAAAAAAAAAAAAAAAAAB6av8zV28kEXHxlZ35khksyqqltgzotbTsBgClGSi7AUBpKu28KElWzwmA/w/n+ECySXnrKUJcQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoH8cPNDu/P9tzRQKPETM3gf9y/z/0L8c1UP/Mv8/YP5/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY3PyFxVPTtdrceYluJyoPRjMehMRQRDwAzZDoIFH2ngkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfBvwEAAP//snoPXw==")
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r1, 0x0, 0x0)
mkdir(0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x92)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
fsconfig$FSCONFIG_SET_PATH(r2, 0x3, &(0x7f00000002c0)='kmem_cache_free\x00', &(0x7f00000003c0)='./file1\x00', r0)
rename(&(0x7f0000000180)='./bus\x00', &(0x7f00000001c0)='./file0\x00')
ioctl$INCFS_IOC_PERMIT_FILL(0xffffffffffffffff, 0x40046721, &(0x7f00000001c0))
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket(0x1e, 0x805, 0x0)
connect$tipc(r5, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{}, 0x2}}, 0x10)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r6, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_UMEM_FILL_RING(r6, 0x11b, 0x5, &(0x7f0000000340)=0x8000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00', <r8=>0x0})
setsockopt$XDP_TX_RING(r6, 0x11b, 0x3, &(0x7f0000000180)=0x2, 0x4)
bind$xdp(r6, &(0x7f0000000100)={0x2c, 0x0, r8}, 0x10)
writev(r6, &(0x7f0000000300)=[{&(0x7f00000003c0)="6f6298661e", 0x5}], 0x1)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f00000002c0), 0xfc, 0x572, &(0x7f0000000300)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
r9 = open(&(0x7f0000000980)='./file1\x00', 0x0, 0x2)
ioctl$FS_IOC_SETFLAGS(r9, 0x40086602, &(0x7f00000001c0)=0x20000008)

32.92929ms ago: executing program 3 (id=436):
open_tree(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x1c00)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{}, 0x0, 0x0}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
prlimit64(0x0, 0x425ea057ada49652, &(0x7f0000000140)={0x4231, 0x24b0}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$netlink(0x10, 0x3, 0x15)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000540)=@newlink={0x4c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1159b}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_FWMARK={0x8, 0x14, 0x200}, @IFLA_GRE_FLAGS={0x8, 0xd, 0x20100}]}}}]}, 0x4c}}, 0x3f000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

0s ago: executing program 4 (id=437):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_emit_ethernet(0xae, &(0x7f0000000440)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd60f4adf700382900000000000000000000f9000000000000ff020000000000000000000000000001"], 0x0)

kernel console output (not intermixed with test programs):

d,dioread_lock,noblock_validity,nouid32,,errors=continue
[   57.496151][   T24] kauditd_printk_skb: 4722 callbacks suppressed
[   57.496160][   T24] audit: type=1400 audit(1751109287.479:7077): avc:  denied  { append } for  pid=861 comm="syz.3.160" path="/50/file1/memory.swap.events" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   57.526848][   T24] audit: type=1400 audit(1751109287.479:7078): avc:  denied  { map } for  pid=861 comm="syz.3.160" path="/50/file1/memory.swap.events" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   57.551669][  T866] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   57.570274][  T866] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.585323][   T24] audit: type=1400 audit(1751109287.569:7079): avc:  denied  { remove_name } for  pid=853 comm="syz.1.157" name="file0" dev="loop1" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   57.623305][   T24] audit: type=1400 audit(1751109287.569:7080): avc:  denied  { rename } for  pid=853 comm="syz.1.157" name="file0" dev="loop1" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   57.670348][  T378] usb 5-1: USB disconnect, device number 5
[   57.891732][  T884] F2FS-fs (loop3): invalid crc value
[   57.897285][  T886] EXT4-fs (loop1): Ignoring removed orlov option
[   57.904024][  T886] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   57.916577][  T884] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   57.943645][  T884] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0
[   57.950798][  T884] F2FS-fs (loop3): Start checkpoint disabled!
[   57.955543][  T886] EXT4-fs (loop1): 1 orphan inode deleted
[   57.959344][  T884] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[   57.975228][   T15] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[   57.983774][  T886] EXT4-fs (loop1): 1 truncate cleaned up
[   57.989503][  T886] EXT4-fs (loop1): mounted filesystem without journal. Opts: init_itable=0x0000000000000957,nombcache,debug_want_extra_isize=0x000000000000002a,stripe=0x0000000000000008,orlov,errors=remount-ro,
[   58.532644][   T24] audit: type=1400 audit(1751109288.359:7081): avc:  denied  { create } for  pid=881 comm="syz.3.164" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[   58.597536][  T886] EXT4-fs error (device loop1): ext4_generic_delete_entry:2683: inode #12: block 7: comm syz.1.167: bad entry in directory: rec_len is too small for name_len - offset=0, inode=13, rec_len=16, size=56 fake=0
[   58.620141][   T24] audit: type=1400 audit(1751109288.579:7082): avc:  denied  { unlink } for  pid=885 comm="syz.1.167" name="file1" dev="loop1" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[   58.621024][  T886] EXT4-fs (loop1): Remounting filesystem read-only
[   58.643141][  T112] attempt to access beyond end of device
[   58.643141][  T112] loop3: rw=2049, want=45104, limit=40427
[   58.649151][  T378] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   58.668164][  T886] EXT4-fs error (device loop1) in ext4_delete_inline_entry:1777: Corrupt filesystem
[   58.679588][   T15] usb 1-1: Using ep0 maxpacket: 32
[   58.788650][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   58.788655][  T423] Buffer I/O error on dev loop3p3, logical block 8, async page read
[   58.788676][  T423] Buffer I/O error on dev loop3p3, logical block 9, async page read
[   58.797369][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   58.804816][   T15] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   58.831942][   T15] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   58.841730][   T15] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[   58.851129][   T15] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   58.859715][   T15] usb 1-1: config 0 descriptor??
[   58.870047][  T900] erofs: dax options not supported
[   58.909623][  T378] usb 5-1: Using ep0 maxpacket: 16
[   59.004292][  T300] udevd[300]: incorrect erofs checksum on /dev/loop1
[   59.021638][  T905] EXT4-fs (loop3): 1 orphan inode deleted
[   59.027445][  T905] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   59.036414][  T905] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.064064][  T378] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   59.109036][  T378] usb 5-1: config 0 has no interfaces?
[   59.143608][  T910] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[   59.359684][  T378] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00
[   59.368846][  T378] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   59.377180][  T378] usb 5-1: Product: syz
[   59.382322][  T378] usb 5-1: Manufacturer: syz
[   59.388223][  T378] usb 5-1: SerialNumber: syz
[   59.399861][  T378] usb 5-1: config 0 descriptor??
[   59.428368][  T912] EXT4-fs (loop3): Test dummy encryption mode enabled
[   59.449052][  T912] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.173: inode #1: comm syz.3.173: iget: illegal inode #
[   59.462055][  T912] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.173: error while reading EA inode 1 err=-117
[   59.474366][  T912] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.173: inode #1: comm syz.3.173: iget: illegal inode #
[   59.488159][  T912] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.173: error while reading EA inode 1 err=-117
[   59.501033][  T912] EXT4-fs (loop3): 1 orphan inode deleted
[   59.506768][  T912] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpjquota=,discard,norecovery,noinit_itable,test_dummy_encryption,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,jqfmt=vfsold,dioread_lock,noblock_validity,nouid32,,errors=continue
[   59.534264][   T15] savu 0003:1E7D:2D5A.0008: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0
[   59.681264][  T875] udc-core: couldn't find an available UDC or it's busy
[   59.688234][  T875] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   59.703175][   T15] usb 5-1: USB disconnect, device number 6
[   59.738851][  T915] F2FS-fs (loop2): invalid crc value
[   59.745309][  T915] F2FS-fs (loop2): Found nat_bits in checkpoint
[   59.766812][  T915] F2FS-fs (loop2): Start checkpoint disabled!
[   59.773653][  T915] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   59.845014][  T927] netlink: 68 bytes leftover after parsing attributes in process `syz.3.174'.
[   59.908324][  T922] FAT-fs (loop1): Directory bread(block 64) failed
[   59.962088][  T378] usb 1-1: USB disconnect, device number 9
[   59.983754][  T922] FAT-fs (loop1): Directory bread(block 65) failed
[   60.001316][   T24] audit: type=1400 audit(1751109289.989:7083): avc:  denied  { ioctl } for  pid=914 comm="syz.2.172" path="/27/file0/file0" dev="loop2" ino=10 ioctlcmd=0xf50d scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   60.021355][  T922] FAT-fs (loop1): Directory bread(block 66) failed
[   60.033895][  T922] FAT-fs (loop1): Directory bread(block 67) failed
[   60.040680][  T922] FAT-fs (loop1): Directory bread(block 68) failed
[   60.047307][  T922] FAT-fs (loop1): Directory bread(block 69) failed
[   60.055804][  T922] FAT-fs (loop1): Directory bread(block 70) failed
[   60.062667][  T922] FAT-fs (loop1): Directory bread(block 71) failed
[   60.069244][  T922] FAT-fs (loop1): Directory bread(block 72) failed
[   60.075925][  T922] FAT-fs (loop1): Directory bread(block 73) failed
[   60.138469][  T112] attempt to access beyond end of device
[   60.138469][  T112] loop2: rw=2049, want=40968, limit=40427
[   60.150075][  T112] attempt to access beyond end of device
[   60.150075][  T112] loop2: rw=2049, want=41000, limit=40427
[   60.161927][   T24] audit: type=1326 audit(1751109290.149:7084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=921 comm="syz.1.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccd8a93929 code=0x7ffc0000
[   60.201946][   T24] audit: type=1326 audit(1751109290.169:7085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=921 comm="syz.1.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fccd8a93929 code=0x7ffc0000
[   60.229638][   T24] audit: type=1326 audit(1751109290.169:7086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=921 comm="syz.1.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccd8a93929 code=0x7ffc0000
[   60.372180][  T936] erofs: dax options not supported
[   60.375553][  T300] udevd[300]: incorrect erofs checksum on /dev/loop2
[   60.776042][  T948] EXT4-fs error (device loop0): ext4_orphan_get:1395: inode #15: comm syz.0.183: casefold flag without casefold feature
[   60.807962][  T954] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[   60.939644][  T948] EXT4-fs error (device loop0): ext4_orphan_get:1400: comm syz.0.183: couldn't read orphan inode 15 (err -117)
[   60.951913][  T951] EXT4-fs (loop3): Test dummy encryption mode enabled
[   60.987603][  T948] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   61.000119][  T951] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.184: inode #1: comm syz.3.184: iget: illegal inode #
[   61.023621][  T951] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.184: error while reading EA inode 1 err=-117
[   61.037530][  T951] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.184: inode #1: comm syz.3.184: iget: illegal inode #
[   61.064560][  T951] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.184: error while reading EA inode 1 err=-117
[   61.077428][  T951] EXT4-fs (loop3): 1 orphan inode deleted
[   61.083378][  T951] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpjquota=,discard,norecovery,noinit_itable,test_dummy_encryption,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,jqfmt=vfsold,dioread_lock,noblock_validity,nouid32,,errors=continue
[   62.030748][  T423] print_req_error: 29 callbacks suppressed
[   62.030769][  T423] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   62.049526][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   62.197179][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   62.228385][  T423] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   62.249431][  T300] buffer_io_error: 22 callbacks suppressed
[   62.249441][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   62.263625][  T423] Buffer I/O error on dev loop3p3, logical block 8, async page read
[   62.283233][  T968] EXT4-fs (loop1): orphan cleanup on readonly fs
[   62.289654][  T423] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   62.300848][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   62.311721][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   62.319832][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   62.330683][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   62.338785][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   62.349636][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   62.357736][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   62.368615][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   62.390976][  T423] Buffer I/O error on dev loop3p3, logical block 9, async page read
[   62.400469][  T968] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.187: bg 0: block 248: padding at end of block bitmap is not set
[   62.413723][  T967] F2FS-fs (loop3): invalid crc value
[   62.422411][  T968] EXT4-fs error (device loop1): ext4_acquire_dquot:6226: comm syz.1.187: Failed to acquire dquot type 1
[   62.430522][  T967] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   62.460703][  T967] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0
[   62.467414][  T967] F2FS-fs (loop3): Start checkpoint disabled!
[   62.474654][  T968] EXT4-fs (loop1): 1 truncate cleaned up
[   62.480429][  T967] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[   62.488228][  T380] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[   62.497790][  T968] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   62.532532][  T968] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   62.643778][  T968] EXT4-fs (loop1): re-mounted. Opts: (null)
[   62.657227][  T979] __quota_error: 30 callbacks suppressed
[   62.657240][  T979] Quota error (device loop1): find_block_dqentry: Quota for id 131072 referenced but not present
[   62.809702][  T380] usb 3-1: not running at top speed; connect to a high speed hub
[   62.915850][  T979] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 131072
[   62.925904][  T979] EXT4-fs error (device loop1): ext4_acquire_dquot:6226: comm syz.1.187: Failed to acquire dquot type 1
[   62.969685][  T380] usb 3-1: config 95 has an invalid interface number: 1 but max is 0
[   62.977874][  T380] usb 3-1: config 95 has no interface number 0
[   62.984296][  T380] usb 3-1: config 95 interface 1 has no altsetting 0
[   63.471832][  T987] netlink: 68 bytes leftover after parsing attributes in process `syz.0.192'.
[   63.491488][  T990] netlink: 8 bytes leftover after parsing attributes in process `syz.1.193'.
[   63.502634][    T7] attempt to access beyond end of device
[   63.502634][    T7] loop3: rw=2049, want=45104, limit=40427
[   63.700114][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   63.713187][  T423] Buffer I/O error on dev loop3p3, logical block 8, async page read
[   63.729742][  T380] usb 3-1: string descriptor 0 read error: -22
[   63.735980][  T380] usb 3-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[   63.756551][  T380] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   63.759462][  T423] Buffer I/O error on dev loop3p3, logical block 9, async page read
[   63.779913][  T994] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[   63.784527][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   63.795857][  T994] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   63.820020][ T1000] erofs: dax options not supported
[   63.826905][  T320] udevd[320]: incorrect erofs checksum on /dev/loop0
[   63.833111][  T994] EXT4-fs error (device loop4): ext4_fill_super:4955: inode #2: comm syz.4.196: iget: special inode unallocated
[   63.865926][  T994] EXT4-fs (loop4): get root inode failed
[   63.899400][  T994] EXT4-fs (loop4): mount failed
[   63.937411][ T1006] xt_CT: You must specify a L4 protocol and not use inversions on it
[   64.019572][ T1008] tipc: Started in network mode
[   64.024598][ T1008] tipc: Own node identity 00000000000000000000000000000001, cluster identity 4711
[   64.034637][ T1008] tipc: Enabled bearer <udp:syz0>, priority 10
[   64.310301][ T1003] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:476: comm syz.1.195: Invalid block bitmap block 0 in block_group 0
[   64.331807][ T1003] Quota error (device loop1): write_blk: dquota write failed
[   64.339213][ T1003] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   64.349651][ T1003] EXT4-fs error (device loop1): ext4_acquire_dquot:6226: comm syz.1.195: Failed to acquire dquot type 0
[   64.369654][ T1003] EXT4-fs error (device loop1): ext4_free_blocks:5685: comm syz.1.195: Freeing blocks not in datazone - block = 0, count = 4096
[   64.392580][ T1003] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.195: Invalid inode bitmap blk 0 in block_group 0
[   64.404432][  T965] udc-core: couldn't find an available UDC or it's busy
[   64.411921][ T1003] EXT4-fs error (device loop1) in ext4_free_inode:360: Corrupt filesystem
[   64.412087][  T965] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   64.420755][  T303] Quota error (device loop1): remove_tree: Getting block too big (0 >= 9)
[   64.441136][    T5] usb 3-1: USB disconnect, device number 5
[   64.453025][ T1003] EXT4-fs (loop1): 1 orphan inode deleted
[   64.455746][  T303] EXT4-fs error (device loop1): ext4_release_dquot:6262: comm kworker/u4:3: Failed to release dquot type 0
[   64.458759][ T1003] EXT4-fs (loop1): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue
[   64.687474][ T1016] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[   64.695765][ T1016] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   64.696349][ T1012] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   64.719611][ T1016] EXT4-fs error (device loop4): ext4_fill_super:4955: inode #2: comm syz.4.199: iget: special inode unallocated
[   64.719636][ T1012] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.743359][ T1016] EXT4-fs (loop4): get root inode failed
[   64.749008][ T1016] EXT4-fs (loop4): mount failed
[   65.163518][  T378] tipc: 32-bit node address hash set to 1000000
[   65.339590][  T319] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[   65.349637][   T54] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[   65.589619][  T319] usb 1-1: Using ep0 maxpacket: 16
[   65.619616][  T296] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   65.689675][   T54] usb 2-1: not running at top speed; connect to a high speed hub
[   65.765880][ T1043] netlink: 68 bytes leftover after parsing attributes in process `syz.4.207'.
[   65.905786][   T54] usb 2-1: config 95 has an invalid interface number: 1 but max is 0
[   65.914464][   T54] usb 2-1: config 95 has no interface number 0
[   65.921115][   T54] usb 2-1: config 95 interface 1 has no altsetting 0
[   65.949641][  T319] usb 1-1: unable to read config index 0 descriptor/start: -61
[   65.957393][  T319] usb 1-1: can't read configurations, error -61
[   66.032636][  T296] usb 4-1: Using ep0 maxpacket: 16
[   66.199642][  T296] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 8
[   66.276419][  T319] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[   66.349639][   T54] usb 2-1: string descriptor 0 read error: -22
[   66.356003][   T54] usb 2-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[   66.365235][   T54] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   66.388085][   T24] audit: type=1326 audit(1751109296.369:7115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1048 comm="syz.2.209" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5e53b9f929 code=0x0
[   66.399667][  T296] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[   66.420133][  T296] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   66.428124][  T296] usb 4-1: Product: syz
[   66.432307][  T296] usb 4-1: Manufacturer: syz
[   66.436910][  T296] usb 4-1: SerialNumber: syz
[   66.445146][  T296] usb 4-1: config 0 descriptor??
[   66.456500][ T1050] device bridge_slave_1 left promiscuous mode
[   66.463077][ T1050] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.470777][ T1050] device bridge_slave_0 left promiscuous mode
[   66.477028][ T1050] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.496473][  T296] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[   66.509160][  T296] usb 4-1: Detected FT232RL
[   66.529587][  T319] usb 1-1: Using ep0 maxpacket: 16
[   66.568373][ T1057] EXT4-fs error (device loop4): ext4_orphan_get:1395: inode #15: comm syz.4.211: casefold flag without casefold feature
[   66.581099][ T1057] EXT4-fs error (device loop4): ext4_orphan_get:1400: comm syz.4.211: couldn't read orphan inode 15 (err -117)
[   66.593092][ T1057] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   66.643699][ T1033] udc-core: couldn't find an available UDC or it's busy
[   66.650756][ T1033] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   66.660994][   T54] usb 2-1: USB disconnect, device number 5
[   66.698510][   T24] audit: type=1326 audit(1751109296.679:7116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1029 comm="syz.3.205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb9bc77929 code=0x7ffc0000
[   66.722152][  T319] usb 1-1: unable to read config index 0 descriptor/start: -61
[   66.734578][  T319] usb 1-1: can't read configurations, error -61
[   66.780214][  T319] usb usb1-port1: attempt power cycle
[   66.786440][   T24] audit: type=1326 audit(1751109296.719:7117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1029 comm="syz.3.205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7ffb9bc77929 code=0x7ffc0000
[   66.812644][   T24] audit: type=1326 audit(1751109296.719:7118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1029 comm="syz.3.205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb9bc77929 code=0x7ffc0000
[   66.838591][   T24] audit: type=1326 audit(1751109296.719:7119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1029 comm="syz.3.205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffb9bc7752b code=0x7ffc0000
[   66.894297][  T300] udevd[300]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:95.1/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   67.199656][  T319] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[   67.299735][  T319] usb 1-1: Using ep0 maxpacket: 16
[   67.449693][  T296] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[   67.469790][  T296] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71
[   67.476856][  T296] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   67.490071][  T296] usb 4-1: USB disconnect, device number 7
[   67.501813][  T296] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   67.511727][  T296] ftdi_sio 4-1:0.0: device disconnected
[   67.546652][  T423] print_req_error: 59 callbacks suppressed
[   67.546667][  T423] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   67.550324][  T319] usb 1-1: unable to read config index 0 descriptor/start: -61
[   67.571341][  T319] usb 1-1: can't read configurations, error -61
[   67.584886][ T1065] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   67.595555][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   67.595998][  T423] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   67.610289][ T1065] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.618074][  T423] buffer_io_error: 49 callbacks suppressed
[   67.618084][  T423] Buffer I/O error on dev loop3p3, logical block 8, async page read
[   67.634340][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   67.642431][  T423] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   67.729709][   T20] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[   67.729725][  T319] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[   67.873330][  T423] Buffer I/O error on dev loop3p3, logical block 9, async page read
[   67.889057][   T24] kauditd_printk_skb: 5 callbacks suppressed
[   67.889067][   T24] audit: type=1400 audit(1751109297.789:7125): avc:  denied  { connect } for  pid=1071 comm="syz.4.215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   67.919528][  T423] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   67.979253][  T423] Buffer I/O error on dev loop3p3, logical block 10, async page read
[   67.983583][  T319] usb 1-1: Using ep0 maxpacket: 16
[   67.987675][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   68.049669][  T319] usb 1-1: device descriptor read/all, error -71
[   68.056441][  T319] usb usb1-port1: unable to enumerate USB device
[   68.100619][  T320] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   68.196693][  T320] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   68.207742][  T320] Buffer I/O error on dev loop3p3, logical block 8, async page read
[   68.216263][  T320] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   68.227908][  T320] Buffer I/O error on dev loop3p3, logical block 9, async page read
[   68.236106][  T320] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   68.254591][  T320] Buffer I/O error on dev loop3p3, logical block 10, async page read
[   68.264816][  T320] Buffer I/O error on dev loop3p3, logical block 11, async page read
[   68.276113][  T320] Buffer I/O error on dev loop3p3, logical block 12, async page read
[   68.286254][  T320] Buffer I/O error on dev loop3p3, logical block 13, async page read
[   68.320299][ T1088] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   68.536120][ T1084] F2FS-fs (loop0): invalid crc value
[   68.570388][ T1084] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   68.597821][ T1084] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0
[   68.604525][ T1084] F2FS-fs (loop0): Start checkpoint disabled!
[   68.616740][ T1084] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[   68.619633][   T20] usb 3-1: not running at top speed; connect to a high speed hub
[   68.632631][ T1085] F2FS-fs (loop3): invalid crc value
[   68.642179][ T1085] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   68.911417][   T20] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[   68.920445][   T20] usb 3-1: config 1 has no interface number 1
[   68.927117][   T20] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[   69.141746][ T1085] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0
[   69.148536][ T1085] F2FS-fs (loop3): Start checkpoint disabled!
[   69.189504][    T7] attempt to access beyond end of device
[   69.189504][    T7] loop0: rw=2049, want=45104, limit=40427
[   69.239629][ T1085] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[   69.299758][   T20] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   69.317322][   T20] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   69.326405][   T20] usb 3-1: Product: syz
[   69.331701][   T20] usb 3-1: Manufacturer: syz
[   69.336406][   T20] usb 3-1: SerialNumber: syz
[   69.569788][ T1109] EXT4-fs error (device loop0): ext4_orphan_get:1395: inode #15: comm syz.0.225: casefold flag without casefold feature
[   69.582577][ T1109] EXT4-fs error (device loop0): ext4_orphan_get:1400: comm syz.0.225: couldn't read orphan inode 15 (err -117)
[   69.594829][ T1109] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   69.920715][   T15] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   70.239814][   T20] usb 3-1: 2:130: cannot set enable PITCH
[   70.304266][   T20] usb 3-1: USB disconnect, device number 6
[   70.806873][  T305] attempt to access beyond end of device
[   70.806873][  T305] loop3: rw=2049, want=45104, limit=40427
[   70.858058][ T1126] xt_CT: No such helper "netbios-ns"
[   70.872587][ T1123] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   70.881729][ T1123] ext4 filesystem being mounted at /49/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.001390][   T15] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   71.023550][   T15] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   71.056188][   T24] audit: type=1400 audit(1751109301.039:7126): avc:  denied  { create } for  pid=1131 comm="syz.1.231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   71.075797][   T24] audit: type=1400 audit(1751109301.039:7127): avc:  denied  { write } for  pid=1131 comm="syz.1.231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   71.084011][   T15] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[   71.145784][   T15] usb 5-1: config 0 interface 0 has no altsetting 0
[   71.156400][   T15] usb 5-1: New USB device found, idVendor=0458, idProduct=5015, bcdDevice= 0.00
[   71.166448][   T15] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   71.176138][   T15] usb 5-1: config 0 descriptor??
[   71.273894][ T1137] EXT4-fs (loop1): orphan cleanup on readonly fs
[   71.280713][ T1142] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.283434][ T1137] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.232: bg 0: block 248: padding at end of block bitmap is not set
[   71.292692][ T1142] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[   71.303742][ T1137] Quota error (device loop1): write_blk: dquota write failed
[   71.326922][ T1137] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   71.337559][ T1137] EXT4-fs error (device loop1): ext4_acquire_dquot:6226: comm syz.1.232: Failed to acquire dquot type 1
[   71.352437][ T1137] EXT4-fs (loop1): 1 truncate cleaned up
[   71.363938][   T24] audit: type=1400 audit(1751109301.349:7128): avc:  denied  { read write } for  pid=1141 comm="syz.3.233" name="ppp" dev="devtmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   71.366649][ T1137] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   71.388635][   T24] audit: type=1400 audit(1751109301.379:7129): avc:  denied  { open } for  pid=1141 comm="syz.3.233" path="/dev/ppp" dev="devtmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   71.459679][  T296] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[   71.473079][ T1146] tipc: Enabled bearer <udp:syz2>, priority 10
[   71.509675][   T15] usbhid 5-1:0.0: can't add hid device: -71
[   71.515697][   T15] usbhid: probe of 5-1:0.0 failed with error -71
[   71.527453][  T300] udevd[300]: incorrect erofs checksum on /dev/loop1
[   71.528642][   T15] usb 5-1: USB disconnect, device number 7
[   71.546640][ T1146] erofs: dax options not supported
[   71.728852][  T296] usb 1-1: Using ep0 maxpacket: 16
[   71.736848][ T1157] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[   71.744272][ T1157] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   71.757735][ T1157] EXT4-fs error (device loop2): ext4_fill_super:4955: inode #2: comm syz.2.238: iget: special inode unallocated
[   71.771905][ T1157] EXT4-fs (loop2): get root inode failed
[   71.777599][ T1157] EXT4-fs (loop2): mount failed
[   71.837034][ T1162] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[   72.759540][    C0] sched: RT throttling activated
[   72.759711][  T296] usb 1-1: unable to read config index 0 descriptor/start: -61
[   72.826086][ T1165] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   72.835687][ T1165] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.877603][  T296] usb 1-1: can't read configurations, error -61
[   72.891765][  T300] print_req_error: 86 callbacks suppressed
[   72.891780][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   72.926416][  T423] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   72.945825][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   72.947423][  T423] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   72.967346][  T300] buffer_io_error: 72 callbacks suppressed
[   72.967357][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   72.967881][  T423] Buffer I/O error on dev loop3p3, logical block 8, async page read
[   72.982463][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   72.989550][  T423] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   73.015854][  T423] Buffer I/O error on dev loop3p3, logical block 9, async page read
[   73.024241][  T423] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   73.035373][  T423] Buffer I/O error on dev loop3p3, logical block 10, async page read
[   73.043729][  T423] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   73.055039][  T423] Buffer I/O error on dev loop3p3, logical block 11, async page read
[   73.067507][ T1177] tipc: Bearer <udp:s>: already 2 bearers with priority 10
[   73.074747][ T1177] tipc: Bearer <udp:s>: trying with adjusted priority
[   73.081546][ T1177] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[   73.168806][  T423] blk_update_request: I/O error, dev loop3, sector 13 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   73.184158][  T423] Buffer I/O error on dev loop3p3, logical block 12, async page read
[   73.201930][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   73.212311][  T296] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[   73.217150][  T423] blk_update_request: I/O error, dev loop3, sector 14 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   73.231298][  T423] Buffer I/O error on dev loop3p3, logical block 13, async page read
[   73.239651][  T423] Buffer I/O error on dev loop3p3, logical block 14, async page read
[   73.247880][  T423] Buffer I/O error on dev loop3p3, logical block 15, async page read
[   73.311144][ T1177] F2FS-fs (loop4): Unrecognized mount option "0xffffffffffffffff" or missing value
[   73.632101][  T300] udevd[300]: incorrect erofs checksum on /dev/loop1
[   73.643597][ T1186] erofs: dax options not supported
[   73.651294][ T1189] netlink: 28 bytes leftover after parsing attributes in process `syz.2.245'.
[   73.679600][  T296] usb 1-1: Using ep0 maxpacket: 16
[   73.922828][ T1201] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[   73.944536][ T1199] netlink: 12 bytes leftover after parsing attributes in process `syz.2.250'.
[   74.051389][ T1195] F2FS-fs (loop4): invalid crc value
[   74.130597][ T1195] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   74.150925][  T296] usb 1-1: unable to read config index 0 descriptor/start: -71
[   74.169167][ T1195] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0
[   74.176122][ T1195] F2FS-fs (loop4): Start checkpoint disabled!
[   74.189619][  T296] usb 1-1: can't read configurations, error -71
[   74.198415][  T296] usb usb1-port1: attempt power cycle
[   74.224458][ T1195] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[   75.010733][  T305] attempt to access beyond end of device
[   75.010733][  T305] loop4: rw=2049, want=45104, limit=40427
[   75.089255][ T1228] FAULT_INJECTION: forcing a failure.
[   75.089255][ T1228] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   75.098761][ T1216] EXT4-fs (loop0): orphan cleanup on readonly fs
[   75.109434][ T1216] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.254: bg 0: block 248: padding at end of block bitmap is not set
[   75.124989][ T1216] Quota error (device loop0): write_blk: dquota write failed
[   75.132560][ T1216] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[   75.142726][ T1216] EXT4-fs error (device loop0): ext4_acquire_dquot:6226: comm syz.0.254: Failed to acquire dquot type 1
[   75.154132][ T1228] CPU: 1 PID: 1228 Comm: syz.3.256 Not tainted 5.10.238-syzkaller-00008-g59e9a7228857 #0
[   75.163935][ T1228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   75.173984][ T1228] Call Trace:
[   75.177274][ T1228]  __dump_stack+0x21/0x24
[   75.181576][ T1228]  dump_stack_lvl+0x169/0x1d8
[   75.186226][ T1228]  ? show_regs_print_info+0x18/0x18
[   75.191398][ T1228]  dump_stack+0x15/0x1c
[   75.195534][ T1228]  should_fail+0x3c1/0x510
[   75.199925][ T1228]  should_fail_usercopy+0x1a/0x20
[   75.204924][ T1228]  _copy_from_user+0x20/0xd0
[   75.209489][ T1228]  __se_sys_memfd_create+0x131/0x3a0
[   75.214750][ T1228]  __x64_sys_memfd_create+0x5b/0x70
[   75.219942][ T1228]  do_syscall_64+0x31/0x40
[   75.224339][ T1228]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   75.230206][ T1228] RIP: 0033:0x7ffb9bc77929
[   75.234597][ T1228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.254179][ T1228] RSP: 002b:00007ffb9a2dfe18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   75.262568][ T1228] RAX: ffffffffffffffda RBX: 0000000000000512 RCX: 00007ffb9bc77929
[   75.270519][ T1228] RDX: 00007ffb9a2dfef0 RSI: 0000000000000000 RDI: 00007ffb9bcfa4cc
[   75.278466][ T1228] RBP: 0000200000000c40 R08: 00007ffb9a2dfbb7 R09: 00007ffb9a2dfe40
[   75.286424][ T1228] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000200
[   75.294372][ T1228] R13: 00007ffb9a2dfef0 R14: 00007ffb9a2dfeb0 R15: 0000200000000180
[   75.308375][ T1230] cannot load conntrack support for proto=3
[   75.510011][   T24] audit: type=1400 audit(1751109305.489:7130): avc:  denied  { setopt } for  pid=1226 comm="syz.1.257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   75.535626][ T1216] EXT4-fs (loop0): 1 truncate cleaned up
[   75.561901][ T1216] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   75.962253][ T1240] EXT4-fs (loop3): 1 orphan inode deleted
[   75.968117][ T1240] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   75.977443][ T1240] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.013981][   T24] audit: type=1326 audit(1751109305.999:7131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1254 comm="syz.3.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb9bc77929 code=0x7ffc0000
[   76.037571][   T24] audit: type=1326 audit(1751109305.999:7132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1254 comm="syz.3.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb9bc77929 code=0x7ffc0000
[   76.665049][   T24] audit: type=1326 audit(1751109305.999:7133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1254 comm="syz.3.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ffb9bc77929 code=0x7ffc0000
[   76.699630][   T24] audit: type=1400 audit(1751109305.999:7134): avc:  denied  { wake_alarm } for  pid=1254 comm="syz.3.266" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   76.731664][   T24] audit: type=1326 audit(1751109306.399:7135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1254 comm="syz.3.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb9bc77929 code=0x7ffc0000
[   76.769919][   T24] audit: type=1326 audit(1751109306.399:7136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1254 comm="syz.3.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb9bc77929 code=0x7ffc0000
[   76.794651][ T1255] netlink: 8 bytes leftover after parsing attributes in process `syz.3.266'.
[   76.803934][   T15] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   76.819660][ T1255] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   76.834990][   T24] audit: type=1326 audit(1751109306.399:7137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1254 comm="syz.3.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffb9bc77929 code=0x7ffc0000
[   76.858817][ T1270] EXT4-fs (loop0): Ignoring removed orlov option
[   76.990370][ T1270] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,resgid=0x0000000000000000,nodioread_nolock,norecovery,debug_want_extra_isize=0x0000000000000080,resgid=0x0000000000000000,errors=remount-ro,grpid,orlov,
[   77.089169][ T1276] F2FS-fs (loop1): invalid crc value
[   77.100469][ T1276] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   77.126894][ T1276] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0
[   77.133939][   T15] usb 3-1: Using ep0 maxpacket: 16
[   77.139217][ T1276] F2FS-fs (loop1): Start checkpoint disabled!
[   77.146022][ T1276] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   77.269939][ T1255] exfat: Unknown parameter '18446744073709551615'
[   77.293491][  T296] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[   77.309647][   T15] usb 3-1: unable to read config index 0 descriptor/start: -61
[   77.319625][   T15] usb 3-1: can't read configurations, error -61
[   77.649600][   T15] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   77.729941][ T1284] exfat: Unknown parameter 'syzkaller'
[   77.753840][    T7] attempt to access beyond end of device
[   77.753840][    T7] loop1: rw=2049, want=45104, limit=40427
[   77.993530][  T296] usb 5-1: not running at top speed; connect to a high speed hub
[   78.045803][ T1284] EXT4-fs (loop0): Ignoring removed nobh option
[   78.052380][   T15] usb 3-1: Using ep0 maxpacket: 16
[   78.060051][ T1284] EXT4-fs (loop0): Mount option "noacl" will be removed by 3.5
[   78.060051][ T1284] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[   78.060051][ T1284] 
[   78.081600][  T296] usb 5-1: config 95 has an invalid interface number: 1 but max is 0
[   78.092637][  T296] usb 5-1: config 95 has no interface number 0
[   78.098821][  T296] usb 5-1: config 95 interface 1 has no altsetting 0
[   78.111854][ T1284] EXT4-fs error (device loop0) in ext4_do_update_inode:5335: error 27
[   78.120435][ T1284] EXT4-fs (loop0): Remounting filesystem read-only
[   78.127023][ T1284] EXT4-fs error (device loop0): ext4_dirty_inode:6142: inode #16: comm syz.0.273: mark_inode_dirty error
[   78.138622][ T1284] EXT4-fs error (device loop0) in ext4_do_update_inode:5335: error 27
[   78.147156][ T1284] EXT4-fs error (device loop0): __ext4_ext_dirty:182: inode #16: comm syz.0.273: mark_inode_dirty error
[   78.158562][ T1284] EXT4-fs error (device loop0) in ext4_do_update_inode:5335: error 27
[   78.166949][ T1284] EXT4-fs error (device loop0) in ext4_orphan_del:3292: error 27
[   78.174978][ T1284] EXT4-fs error (device loop0) in ext4_do_update_inode:5335: error 27
[   78.183331][ T1284] EXT4-fs error (device loop0): ext4_truncate:4390: inode #16: comm syz.0.273: mark_inode_dirty error
[   78.194648][ T1284] EXT4-fs error (device loop0) in ext4_orphan_cleanup:3108: error 27
[   78.203167][ T1284] EXT4-fs (loop0): 1 truncate cleaned up
[   78.208830][ T1284] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,max_batch_time=0x0000000000000008,nobh,lazytime,auto_da_alloc=0x0000000000000008,noacl,
[   78.225764][ T1284] ext4 filesystem being mounted at /55/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   78.260903][   T15] usb 3-1: unable to read config index 0 descriptor/start: -61
[   78.271359][   T15] usb 3-1: can't read configurations, error -61
[   78.277679][   T15] usb usb3-port1: attempt power cycle
[   78.379615][  T296] usb 5-1: string descriptor 0 read error: -22
[   78.385895][  T296] usb 5-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[   78.389575][   T20] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[   78.395150][  T296] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   78.672584][  T322] print_req_error: 110 callbacks suppressed
[   78.672600][  T322] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   78.673219][  T423] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   78.680682][  T322] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   78.690591][  T423] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   78.704663][ T1305] tipc: Enabled bearer <udp:syz2>, priority 10
[   78.719554][  T423] buffer_io_error: 94 callbacks suppressed
[   78.719564][  T423] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   78.729803][   T15] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[   78.737953][  T423] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   78.747689][  T322] Buffer I/O error on dev loop3p3, logical block 8, async page read
[   78.750539][  T423] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   78.762222][  T322] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   78.779375][  T423] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   78.792609][  T322] Buffer I/O error on dev loop3p3, logical block 9, async page read
[   78.809066][  T322] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   78.809778][ T1305] erofs: dax options not supported
[   78.809924][  T423] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   78.833927][  T322] Buffer I/O error on dev loop3p3, logical block 10, async page read
[   78.850349][   T15] usb 3-1: device descriptor read/8, error -71
[   78.906577][  T423] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   78.923948][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   78.935390][  T423] Buffer I/O error on dev loop3p3, logical block 8, async page read
[   78.943730][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   78.949809][   T20] usb 2-1: not running at top speed; connect to a high speed hub
[   78.952472][  T423] Buffer I/O error on dev loop3p3, logical block 9, async page read
[   78.967844][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   79.069297][ T1312] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[   79.099852][   T20] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[   79.136163][   T20] usb 2-1: config 1 has no interface number 1
[   79.230210][ T1314] FAULT_INJECTION: forcing a failure.
[   79.230210][ T1314] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   79.246438][   T20] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[   79.262304][ T1274] udc-core: couldn't find an available UDC or it's busy
[   79.276507][ T1274] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   79.288203][   T54] usb 5-1: USB disconnect, device number 8
[   79.295149][ T1314] CPU: 1 PID: 1314 Comm: syz.2.279 Not tainted 5.10.238-syzkaller-00008-g59e9a7228857 #0
[   79.304968][ T1314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   79.315013][ T1314] Call Trace:
[   79.318299][ T1314]  __dump_stack+0x21/0x24
[   79.322623][ T1314]  dump_stack_lvl+0x169/0x1d8
[   79.327291][ T1314]  ? show_regs_print_info+0x18/0x18
[   79.332476][ T1314]  ? stack_trace_save+0x98/0xe0
[   79.337319][ T1314]  dump_stack+0x15/0x1c
[   79.341462][ T1314]  should_fail+0x3c1/0x510
[   79.345864][ T1314]  should_fail_usercopy+0x1a/0x20
[   79.349761][   T15] usb 3-1: device descriptor read/8, error -71
[   79.350872][ T1314]  _copy_from_user+0x20/0xd0
[   79.350881][ T1314]  iovec_from_user+0x1bc/0x2f0
[   79.350892][ T1314]  ? __copy_msghdr_from_user+0x302/0x5e0
[   79.350900][ T1314]  __import_iovec+0x71/0x390
[   79.350909][ T1314]  ? __ia32_sys_shutdown+0x1e0/0x1e0
[   79.350927][ T1314]  import_iovec+0x7c/0xb0
[   79.377568][ T1316] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,min_batch_time=0x0000000000000000,barrier=0x0000000000000040,nodelalloc,,errors=continue
[   79.381779][ T1314]  ___sys_sendmsg+0x1b9/0x260
[   79.381790][ T1314]  ? __sys_sendmsg+0x250/0x250
[   79.381799][ T1314]  ? rw_verify_area+0x1c0/0x360
[   79.381814][ T1314]  ? __fdget+0x1a1/0x230
[   79.381823][ T1314]  __x64_sys_sendmsg+0x1e2/0x2a0
[   79.381831][ T1314]  ? fput+0x1a/0x20
[   79.381840][ T1314]  ? ___sys_sendmsg+0x260/0x260
[   79.381855][ T1314]  ? fpregs_assert_state_consistent+0xb1/0xe0
[   79.381865][ T1314]  do_syscall_64+0x31/0x40
[   79.381885][ T1314]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   79.450937][ T1314] RIP: 0033:0x7f5e53b9f929
[   79.455528][ T1314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.475123][ T1314] RSP: 002b:00007f5e521c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.483542][ T1314] RAX: ffffffffffffffda RBX: 00007f5e53dc7160 RCX: 00007f5e53b9f929
[   79.491514][ T1314] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008
[   79.499480][ T1314] RBP: 00007f5e521c6090 R08: 0000000000000000 R09: 0000000000000000
[   79.507446][ T1314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.515418][ T1314] R13: 0000000000000000 R14: 00007f5e53dc7160 R15: 00007fffa088eaa8
[   79.639663][   T20] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   79.648984][   T20] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   79.660383][   T20] usb 2-1: Product: syz
[   79.664805][   T20] usb 2-1: Manufacturer: syz
[   79.669442][   T20] usb 2-1: SerialNumber: syz
[   80.245869][ T1296] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   80.253873][   T24] kauditd_printk_skb: 75 callbacks suppressed
[   80.253882][   T24] audit: type=1400 audit(1751109310.229:7213): avc:  denied  { unlink } for  pid=1295 comm="syz.1.275" name="#1" dev="tmpfs" ino=316 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   80.431212][ T1339] capability: warning: `syz.2.286' uses deprecated v2 capabilities in a way that may be insecure
[   80.702650][ T1342] F2FS-fs (loop4): invalid crc value
[   80.716403][ T1342] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   80.731461][   T20] usb 2-1: 2:1 : no UAC_FORMAT_TYPE desc
[   80.795577][ T1342] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0
[   80.802519][ T1342] F2FS-fs (loop4): Start checkpoint disabled!
[   80.825847][   T20] usb 2-1: USB disconnect, device number 6
[   80.986517][ T1342] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[   82.397560][  T303] attempt to access beyond end of device
[   82.397560][  T303] loop4: rw=2049, want=45104, limit=40427
[   82.411139][ T1373] netlink: 'syz.0.294': attribute type 13 has an invalid length.
[   82.420496][ T1373] gretap0: refused to change device tx_queue_len
[   82.426986][ T1373] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   82.433564][  T300] udevd[300]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   82.487400][ T1369] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[   82.499210][ T1369] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   82.840661][ T1369] EXT4-fs error (device loop3): ext4_fill_super:4955: inode #2: comm syz.3.296: iget: special inode unallocated
[   82.853096][ T1369] EXT4-fs (loop3): get root inode failed
[   82.858740][ T1369] EXT4-fs (loop3): mount failed
[   82.934145][ T1386] syz.0.299[1386] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   82.934413][ T1386] syz.0.299[1386] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   83.070968][ T1377] EXT4-fs (loop1): Test dummy encryption mode enabled
[   83.331804][ T1377] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.297: inode #1: comm syz.1.297: iget: illegal inode #
[   83.494543][ T1377] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.297: error while reading EA inode 1 err=-117
[   83.507193][ T1377] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.297: inode #1: comm syz.1.297: iget: illegal inode #
[   83.520510][ T1377] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.297: error while reading EA inode 1 err=-117
[   83.562014][ T1396] fuse: Bad value for 'fd'
[   83.582636][ T1377] EXT4-fs (loop1): 1 orphan inode deleted
[   83.612054][ T1399] EXT4-fs error (device loop4): ext4_orphan_get:1395: inode #15: comm syz.4.298: casefold flag without casefold feature
[   83.620745][ T1377] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpjquota=,discard,norecovery,noinit_itable,test_dummy_encryption,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,jqfmt=vfsold,dioread_lock,noblock_validity,nouid32,,errors=continue
[   83.657381][ T1399] EXT4-fs error (device loop4): ext4_orphan_get:1400: comm syz.4.298: couldn't read orphan inode 15 (err -117)
[   83.705587][ T1399] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   83.952025][ T1409] F2FS-fs (loop2): invalid crc value
[   84.009666][   T24] audit: type=1326 audit(1751109313.979:7214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1393 comm="syz.4.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837494a929 code=0x7ffc0000
[   84.062449][   T24] audit: type=1326 audit(1751109313.979:7215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1393 comm="syz.4.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837494a929 code=0x7ffc0000
[   84.086407][ T1409] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   84.113376][ T1409] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[   84.120139][ T1409] F2FS-fs (loop2): Start checkpoint disabled!
[   84.132341][ T1409] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   84.214825][  T300] print_req_error: 133 callbacks suppressed
[   84.214838][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   84.232389][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   84.243619][  T300] buffer_io_error: 113 callbacks suppressed
[   84.243630][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   84.786750][  T423] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   84.802976][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   84.805015][  T423] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   84.818854][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   84.828696][  T423] Buffer I/O error on dev loop3p3, logical block 8, async page read
[   84.836764][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   84.854136][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   84.864092][  T423] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   84.876452][  T423] Buffer I/O error on dev loop3p3, logical block 9, async page read
[   84.885460][  T423] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   84.897869][  T423] Buffer I/O error on dev loop3p3, logical block 10, async page read
[   85.057008][  T423] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   85.131979][  T423] Buffer I/O error on dev loop3p3, logical block 11, async page read
[   85.140812][  T305] attempt to access beyond end of device
[   85.140812][  T305] loop2: rw=2049, want=45104, limit=40427
[   85.152472][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   85.173932][ T1430] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[   85.189818][  T423] Buffer I/O error on dev loop3p3, logical block 12, async page read
[   85.201509][  T423] Buffer I/O error on dev loop3p3, logical block 13, async page read
[   85.209800][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   85.284338][   T24] audit: type=1400 audit(1751109315.269:7216): avc:  denied  { write } for  pid=1427 comm="syz.0.308" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   85.340634][   T24] audit: type=1400 audit(1751109315.269:7217): avc:  denied  { add_name } for  pid=1427 comm="syz.0.308" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   85.362773][   T24] audit: type=1400 audit(1751109315.269:7218): avc:  denied  { associate } for  pid=1427 comm="syz.0.308" name="file1" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   85.385265][   T24] audit: type=1400 audit(1751109315.269:7219): avc:  denied  { read write } for  pid=1427 comm="syz.0.308" name="file1" dev="loop0" ino=1048607 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   85.408551][   T24] audit: type=1400 audit(1751109315.269:7220): avc:  denied  { open } for  pid=1427 comm="syz.0.308" path="/64/file0/file1" dev="loop0" ino=1048607 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   85.432097][   T24] audit: type=1400 audit(1751109315.299:7221): avc:  denied  { bind } for  pid=1436 comm="syz.1.309" lport=256 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   85.505068][ T1443] netlink: 12 bytes leftover after parsing attributes in process `syz.1.309'.
[   85.593664][   T24] audit: type=1400 audit(1751109315.309:7222): avc:  denied  { remove_name } for  pid=1427 comm="syz.0.308" name="file0" dev="loop0" ino=1048609 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   85.668460][   T24] audit: type=1400 audit(1751109315.309:7223): avc:  denied  { rename } for  pid=1427 comm="syz.0.308" name="file0" dev="loop0" ino=1048609 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   85.722301][   T24] audit: type=1400 audit(1751109315.309:7224): avc:  denied  { write } for  pid=1427 comm="syz.0.308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   85.750042][   T24] audit: type=1326 audit(1751109315.699:7225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1448 comm="syz.0.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2183bb929 code=0x7ffc0000
[   85.905991][ T1451] EXT4-fs (loop2): Test dummy encryption mode enabled
[   85.914462][ T1451] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.315: inode #1: comm syz.2.315: iget: illegal inode #
[   85.927712][ T1451] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.315: error while reading EA inode 1 err=-117
[   85.940272][ T1451] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.315: inode #1: comm syz.2.315: iget: illegal inode #
[   85.953351][ T1451] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.315: error while reading EA inode 1 err=-117
[   85.965909][ T1451] EXT4-fs (loop2): 1 orphan inode deleted
[   85.972439][ T1451] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,discard,norecovery,noinit_itable,test_dummy_encryption,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,jqfmt=vfsold,dioread_lock,noblock_validity,nouid32,,errors=continue
[   85.996939][ T1457] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   86.031957][ T1449] EXT4-fs (loop0): Invalid log cluster size: 511
[   86.166040][ T1457] erofs: dax options not supported
[   86.406235][  T378] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[   86.668110][ T1474] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   86.678230][ T1466] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[   86.686675][ T1479] netlink: 20 bytes leftover after parsing attributes in process `syz.2.318'.
[   86.690457][ T1474] ext4 filesystem being mounted at /90/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   86.869608][  T378] usb 2-1: not running at top speed; connect to a high speed hub
[   86.935648][ T1474] netlink: 'syz.3.321': attribute type 11 has an invalid length.
[   86.969635][  T378] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[   86.979043][  T378] usb 2-1: config 1 has no interface number 1
[   86.985683][  T378] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[   87.090958][ T1489] bridge_slave_0: mtu greater than device maximum
[   87.189570][  T378] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   87.210529][  T378] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   87.239629][  T378] usb 2-1: Product: syz
[   87.244126][  T378] usb 2-1: Manufacturer: syz
[   87.283477][ T1490] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:476: comm syz.4.323: Invalid block bitmap block 0 in block_group 0
[   87.289606][  T378] usb 2-1: SerialNumber: syz
[   87.307237][ T1490] EXT4-fs error (device loop4): ext4_acquire_dquot:6226: comm syz.4.323: Failed to acquire dquot type 0
[   87.360780][ T1490] EXT4-fs error (device loop4): ext4_free_blocks:5685: comm syz.4.323: Freeing blocks not in datazone - block = 0, count = 4096
[   87.419398][ T1490] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.323: Invalid inode bitmap blk 0 in block_group 0
[   87.432458][    T7] EXT4-fs error (device loop4): ext4_release_dquot:6262: comm kworker/u4:0: Failed to release dquot type 0
[   87.444526][ T1490] EXT4-fs error (device loop4) in ext4_free_inode:360: Corrupt filesystem
[   87.454976][ T1490] EXT4-fs (loop4): 1 orphan inode deleted
[   87.461041][ T1490] EXT4-fs (loop4): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue
[   87.585306][ T1500] netlink: 8 bytes leftover after parsing attributes in process `syz.0.325'.
[   87.594161][ T1500] netlink: 24 bytes leftover after parsing attributes in process `syz.0.325'.
[   87.730120][  T378] usb 2-1: 2:130: cannot set enable PITCH
[   88.120030][  T378] usb 2-1: USB disconnect, device number 7
[   88.357777][ T1504] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[   88.365827][ T1504] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[   88.374569][ T1504] EXT4-fs (loop3): 1 truncate cleaned up
[   88.380245][ T1504] EXT4-fs (loop3): mounted filesystem without journal. Opts: usrquota,usrjquota="data=ordered,noload,grpid,grpjquota="init_itable,jqfmt=vfsold,noblock_validity,,errors=continue
[   88.434059][ T1508] F2FS-fs (loop2): invalid crc value
[   88.440465][ T1508] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   88.461322][ T1508] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[   88.468131][ T1508] F2FS-fs (loop2): Start checkpoint disabled!
[   88.474872][ T1508] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   89.261782][  T112] attempt to access beyond end of device
[   89.261782][  T112] loop2: rw=2049, want=45104, limit=40427
[   89.299624][ T1517] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[   89.308120][  T300] print_req_error: 95 callbacks suppressed
[   89.308135][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   89.326953][  T320] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   89.363823][ T1517] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   89.375297][  T320] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.387042][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.398581][ T1517] EXT4-fs error (device loop1): ext4_fill_super:4955: inode #2: comm syz.1.331: iget: special inode unallocated
[   89.442531][  T320] buffer_io_error: 81 callbacks suppressed
[   89.442540][  T320] Buffer I/O error on dev loop3p3, logical block 8, async page read
[   89.466730][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   89.475164][ T1517] EXT4-fs (loop1): get root inode failed
[   89.481033][ T1517] EXT4-fs (loop1): mount failed
[   89.489851][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.501075][  T320] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.522383][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   89.530597][  T320] Buffer I/O error on dev loop3p3, logical block 9, async page read
[   89.542408][  T320] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.554459][  T320] Buffer I/O error on dev loop3p3, logical block 10, async page read
[   89.562730][  T320] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.574522][  T320] Buffer I/O error on dev loop3p3, logical block 11, async page read
[   89.582807][  T320] blk_update_request: I/O error, dev loop3, sector 13 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.594007][  T320] Buffer I/O error on dev loop3p3, logical block 12, async page read
[   89.603424][  T320] blk_update_request: I/O error, dev loop3, sector 14 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.614648][  T320] Buffer I/O error on dev loop3p3, logical block 13, async page read
[   89.626816][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   89.629453][  T423] udevd[423]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   89.651205][  T320] Buffer I/O error on dev loop3p3, logical block 14, async page read
[   89.820758][ T1543] netlink: 32 bytes leftover after parsing attributes in process `syz.2.336'.
[   89.868520][ T1535] F2FS-fs (loop3): invalid crc value
[   89.875341][ T1535] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   89.901218][ T1535] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0
[   89.907920][ T1535] F2FS-fs (loop3): Start checkpoint disabled!
[   89.918088][ T1535] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[   90.036223][ T1549] EXT4-fs (loop4): Test dummy encryption mode enabled
[   90.059692][ T1549] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.339: inode #1: comm syz.4.339: iget: illegal inode #
[   90.072811][ T1549] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.339: error while reading EA inode 1 err=-117
[   90.085137][ T1549] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.339: inode #1: comm syz.4.339: iget: illegal inode #
[   90.098316][ T1549] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.339: error while reading EA inode 1 err=-117
[   90.128688][ T1549] EXT4-fs (loop4): 1 orphan inode deleted
[   90.186926][ T1549] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpjquota=,discard,norecovery,noinit_itable,test_dummy_encryption,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,jqfmt=vfsold,dioread_lock,noblock_validity,nouid32,,errors=continue
[   90.364462][  T350] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[   90.365133][  T112] attempt to access beyond end of device
[   90.365133][  T112] loop3: rw=2049, want=45104, limit=40427
[   90.372077][  T755] usb 1-1: new full-speed USB device number 17 using dummy_hcd
[   90.502298][ T1562] FAULT_INJECTION: forcing a failure.
[   90.502298][ T1562] name failslab, interval 1, probability 0, space 0, times 1
[   90.515104][ T1562] CPU: 0 PID: 1562 Comm: syz.1.344 Not tainted 5.10.238-syzkaller-00008-g59e9a7228857 #0
[   90.524896][ T1562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   90.534943][ T1562] Call Trace:
[   90.538241][ T1562]  __dump_stack+0x21/0x24
[   90.542563][ T1562]  dump_stack_lvl+0x169/0x1d8
[   90.547226][ T1562]  ? show_regs_print_info+0x18/0x18
[   90.552413][ T1562]  dump_stack+0x15/0x1c
[   90.556549][ T1562]  should_fail+0x3c1/0x510
[   90.560940][ T1562]  ? security_inode_alloc+0x33/0x110
[   90.566203][ T1562]  __should_failslab+0xa4/0xe0
[   90.570942][ T1562]  should_failslab+0x9/0x20
[   90.575420][ T1562]  kmem_cache_alloc+0x3d/0x2e0
[   90.580159][ T1562]  ? shmem_alloc_inode+0x1a/0x30
[   90.585074][ T1562]  security_inode_alloc+0x33/0x110
[   90.590160][ T1562]  inode_init_always+0x70a/0x9b0
[   90.595071][ T1562]  new_inode_pseudo+0x91/0x210
[   90.599807][ T1562]  new_inode+0x28/0x1e0
[   90.603937][ T1562]  ? _raw_spin_trylock_bh+0x130/0x130
[   90.609283][ T1562]  shmem_get_inode+0x34a/0x9d0
[   90.614020][ T1562]  ? _raw_spin_unlock+0x4d/0x70
[   90.618846][ T1562]  __shmem_file_setup+0x113/0x2b0
[   90.623847][ T1562]  shmem_file_setup+0x2f/0x40
[   90.628502][ T1562]  __se_sys_memfd_create+0x1e6/0x3a0
[   90.633763][ T1562]  __x64_sys_memfd_create+0x5b/0x70
[   90.638938][ T1562]  do_syscall_64+0x31/0x40
[   90.643335][ T1562]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   90.649200][ T1562] RIP: 0033:0x7fccd8a93929
[   90.653589][ T1562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.673172][ T1562] RSP: 002b:00007fccd70fbe18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   90.681564][ T1562] RAX: ffffffffffffffda RBX: 0000000000000512 RCX: 00007fccd8a93929
[   90.689513][ T1562] RDX: 00007fccd70fbef0 RSI: 0000000000000000 RDI: 00007fccd8b164cc
[   90.697464][ T1562] RBP: 0000200000000c40 R08: 00007fccd70fbbb7 R09: 00007fccd70fbe40
[   90.705410][ T1562] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000200
[   90.713367][ T1562] R13: 00007fccd70fbef0 R14: 00007fccd70fbeb0 R15: 0000200000000180
[   90.769622][  T350] usb 3-1: Using ep0 maxpacket: 32
[   90.825708][   T24] kauditd_printk_skb: 33 callbacks suppressed
[   90.825716][   T24] audit: type=1400 audit(1751109320.809:7256): avc:  denied  { remount } for  pid=1569 comm="syz.3.347" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   90.851663][  T755] usb 1-1: not running at top speed; connect to a high speed hub
[   90.869623][  T380] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[   90.889700][  T350] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   90.903048][  T350] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   90.913030][  T350] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   90.922492][  T350] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.930670][  T755] usb 1-1: config 95 has an invalid interface number: 1 but max is 0
[   90.939622][  T755] usb 1-1: config 95 has no interface number 0
[   90.945897][  T755] usb 1-1: config 95 interface 1 has no altsetting 0
[   90.958116][  T350] usb 3-1: config 0 descriptor??
[   91.000131][  T350] hub 3-1:0.0: USB hub found
[   91.204579][ T1578] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodelalloc,nobarrier,errors=remount-ro,
[   91.220254][  T350] hub 3-1:0.0: 2 ports detected
[   91.249664][  T380] usb 5-1: not running at top speed; connect to a high speed hub
[   91.329856][  T380] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[   91.338862][  T380] usb 5-1: config 1 has no interface number 1
[   91.344992][  T380] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[   91.359635][  T755] usb 1-1: string descriptor 0 read error: -22
[   91.365822][   T15] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[   91.373679][  T755] usb 1-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[   91.382789][  T755] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.519697][  T380] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   91.528805][  T380] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.536802][  T380] usb 5-1: Product: syz
[   91.540990][  T380] usb 5-1: Manufacturer: syz
[   91.545561][  T380] usb 5-1: SerialNumber: syz
[   91.619601][   T15] usb 4-1: Using ep0 maxpacket: 16
[   91.632061][ T1552] udc-core: couldn't find an available UDC or it's busy
[   91.639064][ T1552] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   91.650980][  T755] usb 1-1: USB disconnect, device number 17
[   91.680005][   T24] audit: type=1400 audit(1751109321.669:7257): avc:  denied  { ioctl } for  pid=1546 comm="syz.2.341" path="socket:[19702]" dev="sockfs" ino=19702 ioctlcmd=0x8916 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   91.739657][   T15] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   91.750697][   T15] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   91.879768][   T15] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[   91.888830][   T15] usb 4-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0
[   91.897218][   T15] usb 4-1: Product: syz
[   91.901448][   T15] usb 4-1: Manufacturer: syz
[   91.906566][   T15] usb 4-1: config 0 descriptor??
[   91.920469][  T350] usb 3-1: USB disconnect, device number 11
[   91.959669][  T380] usb 5-1: 2:130: cannot set enable PITCH
[   91.963632][ T1585] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[   91.972774][ T1585] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   91.981161][ T1585] EXT4-fs (loop1): can't mount with commit=3, fs mounted w/o journal
[   91.992294][  T380] usb 5-1: USB disconnect, device number 9
[   92.151877][   T24] audit: type=1326 audit(1751109322.139:7258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1574 comm="syz.3.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb9bc77929 code=0x7ffc0000
[   92.184462][   T24] audit: type=1326 audit(1751109322.139:7259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1574 comm="syz.3.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb9bc77929 code=0x7ffc0000
[   92.208457][   T24] audit: type=1326 audit(1751109322.139:7260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1574 comm="syz.3.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7ffb9bc77929 code=0x7ffc0000
[   92.210339][  T322] udevd[322]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   92.232309][   T24] audit: type=1326 audit(1751109322.139:7261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1574 comm="syz.3.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb9bc77929 code=0x7ffc0000
[   92.271156][   T24] audit: type=1326 audit(1751109322.139:7262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1574 comm="syz.3.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb9bc77929 code=0x7ffc0000
[   92.294926][   T24] audit: type=1326 audit(1751109322.139:7263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1574 comm="syz.3.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffb9bc77929 code=0x7ffc0000
[   92.318992][   T24] audit: type=1326 audit(1751109322.139:7264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1574 comm="syz.3.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb9bc77929 code=0x7ffc0000
[   92.377856][   T24] audit: type=1326 audit(1751109322.169:7265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1574 comm="syz.3.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffb9bc77929 code=0x7ffc0000
[   92.410803][ T1592] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   92.419135][ T1592] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   92.700678][ T1592] F2FS-fs (loop2): Found nat_bits in checkpoint
[   92.730294][ T1600] erofs: dax options not supported
[   92.770729][ T1592] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   92.783542][ T1592] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   92.936210][ T1592] device wg2 entered promiscuous mode
[   93.042578][ T1614] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[   93.231622][ T1613] netlink: 44 bytes leftover after parsing attributes in process `syz.1.356'.
[   93.279597][ T1613] netlink: 4 bytes leftover after parsing attributes in process `syz.1.356'.
[   93.331806][ T1617] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   93.353328][ T1617] EXT4-fs (loop2): 1 truncate cleaned up
[   93.359135][ T1617] EXT4-fs (loop2): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,jqfmt=vfsold,minixdf,quota,,errors=continue
[   93.692934][ T1637] EXT4-fs (loop1): Test dummy encryption mode enabled
[   93.701631][ T1637] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.364: inode #1: comm syz.1.364: iget: illegal inode #
[   93.714678][ T1637] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.364: error while reading EA inode 1 err=-117
[   93.727123][ T1637] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.364: inode #1: comm syz.1.364: iget: illegal inode #
[   93.740270][ T1637] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.364: error while reading EA inode 1 err=-117
[   93.752691][ T1637] EXT4-fs (loop1): 1 orphan inode deleted
[   93.758435][ T1637] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpjquota=,discard,norecovery,noinit_itable,test_dummy_encryption,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,jqfmt=vfsold,dioread_lock,noblock_validity,nouid32,,errors=continue
[   93.893016][ T1642] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[   93.902576][ T1642] EXT4-fs (loop1): Unrecognized mount option "obj_type=noauto_da_alloc" or missing value
[   93.999729][   T15] usbhid 4-1:0.0: can't add hid device: -71
[   94.005761][   T15] usbhid: probe of 4-1:0.0 failed with error -71
[   94.015346][   T15] usb 4-1: USB disconnect, device number 8
[   95.190711][ T1659] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   95.205250][ T1659] EXT4-fs (loop1): 1 truncate cleaned up
[   95.226113][ T1659] EXT4-fs (loop1): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,jqfmt=vfsold,minixdf,quota,,errors=continue
[   95.251191][ T1656] erofs: dax options not supported
[   95.486737][ T1665] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:476: comm syz.0.369: Invalid block bitmap block 0 in block_group 0
[   95.564032][ T1676] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[   95.642969][ T1670] EXT4-fs error (device loop2): ext4_orphan_get:1395: inode #15: comm syz.2.374: casefold flag without casefold feature
[   95.662494][ T1665] EXT4-fs error (device loop0): ext4_acquire_dquot:6226: comm syz.0.369: Failed to acquire dquot type 0
[   95.678921][ T1670] EXT4-fs error (device loop2): ext4_orphan_get:1400: comm syz.2.374: couldn't read orphan inode 15 (err -117)
[   95.684259][ T1665] EXT4-fs error (device loop0): ext4_free_blocks:5685: comm syz.0.369: Freeing blocks not in datazone - block = 0, count = 4096
[   95.695668][ T1670] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   95.704663][ T1665] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.369: Invalid inode bitmap blk 0 in block_group 0
[   95.725578][  T303] EXT4-fs error (device loop0): ext4_release_dquot:6262: comm kworker/u4:3: Failed to release dquot type 0
[   95.730032][ T1665] EXT4-fs error (device loop0) in ext4_free_inode:360: Corrupt filesystem
[   95.745836][ T1665] EXT4-fs (loop0): 1 orphan inode deleted
[   95.751677][ T1665] EXT4-fs (loop0): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue
[   96.543330][ T1678] F2FS-fs (loop1): fault_injection options not supported
[   96.650714][ T1678] F2FS-fs (loop1): invalid crc value
[   96.690605][ T1678] F2FS-fs (loop1): Found nat_bits in checkpoint
[   96.723965][ T1678] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   96.819664][ T1695] device ip6erspan0 entered promiscuous mode
[   96.847394][   T24] kauditd_printk_skb: 27 callbacks suppressed
[   96.847435][   T24] audit: type=1400 audit(1751109326.779:7290): avc:  denied  { create } for  pid=1686 comm="syz.2.377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[   96.943120][ T1685] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:476: comm syz.4.376: Invalid block bitmap block 0 in block_group 0
[   96.966592][ T1678] attempt to access beyond end of device
[   96.966592][ T1678] loop1: rw=2049, want=78624, limit=40427
[   96.968668][  T300] print_req_error: 110 callbacks suppressed
[   96.968683][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   96.999260][  T423] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   97.010621][ T1685] Quota error (device loop4): write_blk: dquota write failed
[   97.030656][ T1685] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[   97.041549][  T276] attempt to access beyond end of device
[   97.041549][  T276] loop1: rw=2049, want=45104, limit=40427
[   97.053205][  T423] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   97.076610][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   97.105087][  T423] buffer_io_error: 94 callbacks suppressed
[   97.105095][  T423] Buffer I/O error on dev loop3p3, logical block 8, async page read
[   97.111051][ T1685] EXT4-fs error (device loop4): ext4_acquire_dquot:6226: comm syz.4.376: Failed to acquire dquot type 0
[   97.129140][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   97.138386][  T423] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   97.150767][  T423] Buffer I/O error on dev loop3p3, logical block 9, async page read
[   97.158862][  T423] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   97.159621][ T1685] EXT4-fs error (device loop4): ext4_free_blocks:5685: comm syz.4.376: Freeing blocks not in datazone - block = 0, count = 4096
[   97.170258][  T423] Buffer I/O error on dev loop3p3, logical block 10, async page read
[   97.191884][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   97.202865][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   97.211080][  T423] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   97.222199][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   97.233165][  T423] Buffer I/O error on dev loop3p3, logical block 11, async page read
[   97.241392][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   97.249491][  T423] blk_update_request: I/O error, dev loop3, sector 13 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   97.261456][ T1685] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.376: Invalid inode bitmap blk 0 in block_group 0
[   97.274261][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[   97.282415][  T303] Quota error (device loop4): remove_tree: Getting block too big (0 >= 9)
[   97.282422][  T423] Buffer I/O error on dev loop3p3, logical block 12, async page read
[   97.282472][  T423] Buffer I/O error on dev loop3p3, logical block 13, async page read
[   97.301128][  T303] EXT4-fs error (device loop4): ext4_release_dquot:6262: comm kworker/u4:3: Failed to release dquot type 0
[   97.308717][ T1685] EXT4-fs error (device loop4) in ext4_free_inode:360: Corrupt filesystem
[   97.331245][ T1685] EXT4-fs (loop4): 1 orphan inode deleted
[   97.338303][ T1685] EXT4-fs (loop4): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue
[   97.750611][ T1714] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000004,bsddf,,errors=continue
[   97.763201][ T1714] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.849871][ T1726] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   97.860919][   T24] audit: type=1326 audit(1751109327.849:7291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1727 comm="syz.1.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccd8a93929 code=0x7ffc0000
[   97.884922][   T24] audit: type=1326 audit(1751109327.849:7292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1727 comm="syz.1.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccd8a93929 code=0x7ffc0000
[   97.909815][ T1726] tipc: Disabling bearer <eth:syzkaller0>
[   97.917316][   T24] audit: type=1326 audit(1751109327.869:7293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1727 comm="syz.1.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7fccd8a93929 code=0x7ffc0000
[   97.929425][ T1728] SELinux: ebitmap: truncated map
[   97.940793][   T24] audit: type=1326 audit(1751109327.869:7294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1727 comm="syz.1.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccd8a93929 code=0x7ffc0000
[   97.946375][ T1728] SELinux: failed to load policy
[   97.974105][   T24] audit: type=1326 audit(1751109327.869:7295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1727 comm="syz.1.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccd8a93929 code=0x7ffc0000
[   97.999058][   T24] audit: type=1326 audit(1751109327.869:7296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1727 comm="syz.1.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fccd8a93929 code=0x7ffc0000
[   98.074652][ T1733] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   98.090158][ T1733] EXT4-fs (loop0): 1 truncate cleaned up
[   98.095959][ T1733] EXT4-fs (loop0): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,jqfmt=vfsold,minixdf,quota,,errors=continue
[   98.100999][  T319] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[   98.123895][  T380] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[   98.439599][  T319] usb 5-1: Using ep0 maxpacket: 32
[   98.445150][ T1751] EXT4-fs (loop0): filesystem is read-only
[   98.455658][ T1751] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   98.480355][ T1751] EXT4-fs (loop0): filesystem is read-only
[   98.486274][ T1751] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpjquota=,noblock_validity,auto_da_alloc=0x0000000000000000,inode_readahead_blks=0x0000000000001000,user_xattr,errors=remount-ro,nodioread_nolock,nolazytime,grpid,noauto_da_alloc,
[   98.539645][  T380] usb 4-1: not running at top speed; connect to a high speed hub
[   98.565962][ T1756] netlink: 84 bytes leftover after parsing attributes in process `syz.2.396'.
[   98.579579][   T15] usb 2-1: new full-speed USB device number 8 using dummy_hcd
[   98.579602][  T319] usb 5-1: config 0 has an invalid interface number: 151 but max is 0
[   98.595393][  T319] usb 5-1: config 0 has no interface number 0
[   98.601532][  T319] usb 5-1: config 0 interface 151 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[   98.612784][  T319] usb 5-1: config 0 interface 151 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[   98.629624][  T380] usb 4-1: config 95 has an invalid interface number: 1 but max is 0
[   98.637801][  T380] usb 4-1: config 95 has no interface number 0
[   98.644051][  T380] usb 4-1: config 95 interface 1 has no altsetting 0
[   98.779624][  T319] usb 5-1: New USB device found, idVendor=0499, idProduct=6bb7, bcdDevice=68.2f
[   98.788763][  T319] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.796827][  T319] usb 5-1: Product: syz
[   98.801031][  T319] usb 5-1: Manufacturer: syz
[   98.805619][  T319] usb 5-1: SerialNumber: syz
[   98.811144][  T319] usb 5-1: config 0 descriptor??
[   98.889654][  T380] usb 4-1: string descriptor 0 read error: -22
[   98.895950][  T380] usb 4-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[   98.905032][  T380] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.949625][   T15] usb 2-1: not running at top speed; connect to a high speed hub
[   99.029623][   T15] usb 2-1: config 95 has an invalid interface number: 1 but max is 0
[   99.037851][   T15] usb 2-1: config 95 has no interface number 0
[   99.044090][   T15] usb 2-1: config 95 interface 1 has no altsetting 0
[   99.053279][ T1730] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1730 comm=syz.4.385
[   99.131829][  T319] usb 5-1: USB disconnect, device number 10
[   99.151934][ T1724] udc-core: couldn't find an available UDC or it's busy
[   99.158968][ T1724] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   99.171922][  T380] usb 4-1: USB disconnect, device number 9
[   99.319753][   T15] usb 2-1: string descriptor 0 read error: -22
[   99.326220][   T15] usb 2-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[   99.335659][   T15] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.474920][ T1768] netlink: 'syz.0.398': attribute type 11 has an invalid length.
[   99.555814][  T300] udevd[300]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:95.1/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   99.602146][ T1748] udc-core: couldn't find an available UDC or it's busy
[   99.611025][ T1748] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   99.632728][   T15] usb 2-1: USB disconnect, device number 8
[   99.813103][ T1776] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   99.822347][ T1776] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.884896][ T1782] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.892218][ T1782] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.900105][ T1782] device bridge_slave_0 entered promiscuous mode
[   99.908167][ T1782] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.915691][ T1782] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.923302][ T1782] device bridge_slave_1 entered promiscuous mode
[  100.073313][ T1782] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.080490][ T1782] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.087845][ T1782] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.094987][ T1782] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.164542][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  100.188682][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  100.197741][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  100.225728][ T1782] device veth0_vlan entered promiscuous mode
[  100.237697][ T1782] device veth1_macvtap entered promiscuous mode
[  100.276944][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  100.300780][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  100.336116][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  100.351347][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  100.356056][ T1800] EXT4-fs (loop0): Ignoring removed orlov option
[  100.360212][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  100.372934][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  100.423721][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  100.449586][    C1] ------------[ cut here ]------------
[  100.449603][    C0] ------------[ cut here ]------------
[  100.455052][    C1] refcount_t: addition on 0; use-after-free.
[  100.460504][    C0] refcount_t: saturated; leaking memory.
[  100.466558][    C1] WARNING: CPU: 1 PID: 1796 at lib/refcount.c:25 refcount_warn_saturate+0x104/0x1a0
[  100.472144][    C0] WARNING: CPU: 0 PID: 1804 at lib/refcount.c:22 refcount_warn_saturate+0x158/0x1a0
[  100.481419][    C1] Modules linked in:
[  100.481437][    C1] CPU: 1 PID: 1796 Comm: syz.1.411 Not tainted 5.10.238-syzkaller-00008-g59e9a7228857 #0
[  100.490867][    C0] Modules linked in:
[  100.494733][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.504511][    C0] 
[  100.508392][    C1] RIP: 0010:refcount_warn_saturate+0x104/0x1a0
[  100.518428][    C0] CPU: 0 PID: 1804 Comm: syz.1.411 Not tainted 5.10.238-syzkaller-00008-g59e9a7228857 #0
[  100.520738][    C1] Code: 04 01 48 c7 c7 00 f8 1f 85 e8 d8 c7 31 02 0f 0b eb df e8 5f 5d 29 ff c6 05 3b 05 66 04 01 48 c7 c7 40 f7 1f 85 e8 bc c7 31 02 <0f> 0b eb c3 e8 43 5d 29 ff c6 05 20 05 66 04 01 48 c7 c7 a0 f7 1f
[  100.526855][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.536640][    C1] RSP: 0018:ffffc90000170a20 EFLAGS: 00010246
[  100.556244][    C0] RIP: 0010:refcount_warn_saturate+0x158/0x1a0
[  100.566274][    C1] 
[  100.572327][    C0] Code: 04 01 48 c7 c7 c0 f6 1f 85 e8 84 c7 31 02 0f 0b eb 8b e8 0b 5d 29 ff c6 05 e6 04 66 04 01 48 c7 c7 c0 f6 1f 85 e8 68 c7 31 02 <0f> 0b e9 6c ff ff ff e8 ec 5c 29 ff c6 05 cb 04 66 04 01 48 c7 c7
[  100.578634][    C1] RAX: 3673c520e5c8d800 RBX: 0000000000000002 RCX: ffff888114f8a780
[  100.580966][    C0] RSP: 0018:ffffc90000007a20 EFLAGS: 00010246
[  100.600566][    C1] RDX: 0000000080000101 RSI: 0000000080000101 RDI: 0000000000000000
[  100.608505][    C0] 
[  100.614548][    C1] RBP: ffffc90000170a30 R08: 0000000000000004 R09: 0000000000000003
[  100.614560][    C1] R10: fffff5200002e088 R11: 1ffff9200002e088 R12: ffff8881102b4608
[  100.622513][    C0] RAX: 3760a98f4fc3fc00 RBX: 0000000000000001 RCX: ffff88811e83bb40
[  100.624813][    C1] R13: dffffc0000000000 R14: 0000000000000002 R15: ffffc90000170be0
[  100.632852][    C0] RDX: 0000000080000100 RSI: 0000000080000100 RDI: 0000000000000000
[  100.640813][    C1] FS:  00007fccd70fc6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  100.648753][    C0] RBP: ffffc90000007a30 R08: 0000000000000004 R09: 0000000000000003
[  100.656711][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  100.664684][    C0] R10: fffff52000000e88 R11: 1ffff92000000e88 R12: ffff8881102b4608
[  100.673597][    C1] CR2: 00007fccced19000 CR3: 00000001192bc000 CR4: 00000000003506a0
[  100.681573][    C0] R13: dffffc0000000000 R14: 0000000000000001 R15: ffffc90000007be0
[  100.688136][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  100.697228][    C0] FS:  00007fccd70db6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  100.705183][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  100.713148][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  100.721099][    C1] Call Trace:
[  100.730012][    C0] CR2: 00007f8372f92d58 CR3: 00000001192bc000 CR4: 00000000003506b0
[  100.737950][    C1]  <IRQ>
[  100.744522][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  100.747785][    C1]  tipc_crypto_xmit+0x1927/0x23f0
[  100.755735][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  100.758561][    C1]  ? tipc_crypto_do_cmd+0xcf0/0xcf0
[  100.766616][    C0] Call Trace:
[  100.771636][    C1]  ? memcpy+0x56/0x70
[  100.779586][    C0]  <IRQ>
[  100.784765][    C1]  tipc_bearer_xmit_skb+0x226/0x360
[  100.788015][    C0]  tipc_crypto_xmit+0x1927/0x23f0
[  100.791983][    C1]  ? __skb_clone+0x469/0x780
[  100.794803][    C0]  ? tipc_crypto_do_cmd+0xcf0/0xcf0
[  100.799986][    C1]  ? tipc_bearer_mtu+0x160/0x160
[  100.799999][    C1]  ? skb_clone+0x21c/0x380
[  100.804995][    C0]  ? memcpy+0x56/0x70
[  100.809564][    C1]  tipc_disc_timeout+0x6a2/0x830
[  100.814732][    C0]  tipc_bearer_xmit_skb+0x226/0x360
[  100.819648][    C1]  ? tipc_disc_init_msg+0x600/0x600
[  100.824030][    C0]  ? __skb_clone+0x469/0x780
[  100.827980][    C1]  ? __kasan_check_write+0x14/0x20
[  100.832894][    C0]  ? tipc_bearer_mtu+0x160/0x160
[  100.838059][    C1]  ? _raw_spin_lock_irq+0x8f/0xe0
[  100.843230][    C0]  ? skb_clone+0x21c/0x380
[  100.847786][    C1]  ? _raw_spin_lock_irqsave+0x110/0x110
[  100.852871][    C0]  tipc_disc_timeout+0x6a2/0x830
[  100.857776][    C1]  ? wg_expired_send_keepalive+0x145/0x1b0
[  100.862778][    C0]  ? tipc_disc_init_msg+0x600/0x600
[  100.867160][    C1]  ? tipc_disc_init_msg+0x600/0x600
[  100.872685][    C0]  ? iov_iter_get_pages+0x113/0x7a0
[  100.877588][    C1]  call_timer_fn+0x38/0x290
[  100.883370][    C0]  ? __kasan_check_write+0x14/0x20
[  100.888536][    C1]  ? tipc_disc_init_msg+0x600/0x600
[  100.893838][    C0]  ? _raw_spin_lock_irq+0x8f/0xe0
[  100.899008][    C1]  __run_timers+0x639/0x9a0
[  100.903505][    C0]  ? _raw_spin_lock_irqsave+0x110/0x110
[  100.908580][    C1]  ? calc_index+0x200/0x200
[  100.913759][    C0]  ? tipc_disc_init_msg+0x600/0x600
[  100.918759][    C1]  ? sched_clock_cpu+0x1b/0x3d0
[  100.923243][    C0]  call_timer_fn+0x38/0x290
[  100.928753][    C1]  run_timer_softirq+0x6a/0xf0
[  100.933237][    C0]  ? tipc_disc_init_msg+0x600/0x600
[  100.938402][    C1]  __do_softirq+0x255/0x563
[  100.943233][    C0]  __run_timers+0x639/0x9a0
[  100.947706][    C1]  asm_call_irq_on_stack+0xf/0x20
[  100.952447][    C0]  ? calc_index+0x200/0x200
[  100.957605][    C1]  </IRQ>
[  100.962093][    C0]  ? sched_clock_cpu+0x1b/0x3d0
[  100.966562][    C1]  do_softirq_own_stack+0x60/0x80
[  100.971565][    C0]  run_timer_softirq+0x6a/0xf0
[  100.976037][    C1]  __irq_exit_rcu+0x128/0x150
[  100.978944][    C0]  __do_softirq+0x255/0x563
[  100.983774][    C1]  irq_exit_rcu+0x9/0x10
[  100.988772][    C0]  asm_call_irq_on_stack+0xf/0x20
[  100.993516][    C1]  sysvec_apic_timer_interrupt+0xbf/0xe0
[  100.998151][    C0]  </IRQ>
[  101.002642][    C1]  asm_sysvec_apic_timer_interrupt+0x12/0x20
[  101.006851][    C0]  do_softirq_own_stack+0x60/0x80
[  101.011862][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x49/0x60
[  101.017461][    C0]  __irq_exit_rcu+0x128/0x150
[  101.020386][    C1] Code: f7 c2 00 01 00 00 74 35 83 b9 dc 0a 00 00 00 74 2c 8b 91 b8 0a 00 00 83 fa 02 75 21 48 8b 91 c0 0a 00 00 48 8b 32 48 8d 7e 01 <8b> 89 bc 0a 00 00 48 39 cf 73 08 48 89 44 f2 08 48 89 3a 5d c3 66
[  101.026339][    C0]  irq_exit_rcu+0x9/0x10
[  101.031343][    C1] RSP: 0018:ffffc90001317448 EFLAGS: 00000246
[  101.037483][    C0]  sysvec_apic_timer_interrupt+0xbf/0xe0
[  101.042137][    C1] RAX: ffffffff82156645 RBX: ffff88811cfd9000 RCX: ffff888114f8a780
[  101.061730][    C0]  asm_sysvec_apic_timer_interrupt+0x12/0x20
[  101.065933][    C1] RDX: ffffc9000152b000 RSI: 000000000002d250 RDI: 000000000002d251
[  101.071983][    C0] RIP: 0010:memset_erms+0xb/0x10
[  101.077577][    C1] RBP: ffffc90001317448 R08: dffffc0000000000 R09: ffffc90001317500
[  101.085537][    C0] Code: 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 f3 48 ab 89 d1 f3 aa 4c 89 c8 c3 90 49 89 f9 40 88 f0 48 89 d1 f3 aa <4c> 89 c8 c3 90 49 89 fa 40 0f b6 ce 48 b8 01 01 01 01 01 01 01 01
[  101.091492][    C1] R10: fffff52000262ea7 R11: 1ffff92000262ea0 R12: 0000000000000086
[  101.099432][    C0] RSP: 0018:ffffc900011f7a90 EFLAGS: 00000202
[  101.104339][    C1] R13: 0000000000000086 R14: dffffc0000000000 R15: 0000000000000086
[  101.104357][    C1]  ? avc_lookup+0x1e5/0x2e0
[  101.112304][    C0] 
[  101.131898][    C1]  avc_lookup+0x1e5/0x2e0
[  101.139844][    C0] RAX: ffffffff838d7300 RBX: 0000000000000038 RCX: 0000000000000000
[  101.139849][    C0] RDX: 0000000000000038 RSI: 0000000000000000 RDI: ffffc900011f7b58
[  101.139862][    C0] RBP: ffffc900011f7ab0 R08: dffffc0000000000 R09: ffffc900011f7b20
[  101.145901][    C1]  avc_has_perm+0x112/0x360
[  101.153858][    C0] R10: fffff5200023ef6b R11: 1ffff9200023ef64 R12: ffffc900011f7d60
[  101.158336][    C1]  ? release_firmware_map_entry+0x190/0x190
[  101.160641][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffc900011f7b20
[  101.164939][    C1]  ? avc_has_perm_noaudit+0x240/0x240
[  101.172896][    C0]  ? ___sys_recvmsg+0x50/0x4f0
[  101.180852][    C1]  ? __kasan_check_read+0x11/0x20
[  101.188790][    C0]  ? memset+0x35/0x40
[  101.193273][    C1]  ? schedule_timeout+0xa6/0x2d0
[  101.201223][    C0]  ___sys_recvmsg+0x117/0x4f0
[  101.207084][    C1]  selinux_socket_unix_may_send+0x1be/0x280
[  101.215039][    C0]  ? __sys_recvmsg+0x250/0x250
[  101.220391][    C1]  ? prepare_to_wait_exclusive+0x1d3/0x210
[  101.225120][    C0]  ? sched_clock+0x3a/0x40
[  101.230122][    C1]  ? selinux_socket_unix_stream_connect+0x470/0x470
[  101.234079][    C0]  ? asm_sysvec_call_function_single+0x12/0x20
[  101.238986][    C1]  ? __kasan_check_write+0x14/0x20
[  101.243646][    C0]  ? do_recvmmsg+0x352/0x790
[  101.249511][    C1]  ? _raw_spin_lock+0x8e/0xe0
[  101.254253][    C0]  do_recvmmsg+0x347/0x790
[  101.260026][    C1]  ? _raw_spin_trylock_bh+0x130/0x130
[  101.260040][    C1]  security_unix_may_send+0x6b/0xa0
[  101.264443][    C0]  ? __sys_recvmmsg+0x280/0x280
[  101.271019][    C1]  unix_dgram_sendmsg+0xcad/0x17d0
[  101.277146][    C0]  ? selinux_file_ioctl+0x377/0x480
[  101.282239][    C1]  ? unix_dgram_poll+0x620/0x620
[  101.286813][    C0]  ? do_user_addr_fault+0x791/0xc80
[  101.291473][    C1]  ? release_firmware_map_entry+0x190/0x190
[  101.295860][    C0]  __x64_sys_recvmmsg+0x18d/0x240
[  101.301209][    C1]  ? security_socket_sendmsg+0x82/0xa0
[  101.306373][    C0]  ? do_recvmmsg+0x790/0x790
[  101.311200][    C1]  ? unix_dgram_poll+0x620/0x620
[  101.316282][    C0]  ? debug_smp_processor_id+0x17/0x20
[  101.321460][    C1]  ____sys_sendmsg+0x5a2/0x8c0
[  101.326370][    C0]  ? irqentry_exit_to_user_mode+0x41/0x80
[  101.331547][    C1]  ? __sys_sendmsg_sock+0x40/0x40
[  101.337409][    C0]  do_syscall_64+0x31/0x40
[  101.342415][    C1]  ? import_iovec+0x7c/0xb0
[  101.347845][    C0]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  101.352414][    C1]  ___sys_sendmsg+0x1f0/0x260
[  101.357312][    C0] RIP: 0033:0x7fccd8a93929
[  101.357327][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.362684][    C1]  ? __sys_sendmsg+0x250/0x250
[  101.367413][    C0] RSP: 002b:00007fccd70db038 EFLAGS: 00000246
[  101.373114][    C1]  ? __fdget+0x1a1/0x230
[  101.378100][    C0]  ORIG_RAX: 000000000000012b
[  101.382499][    C1]  __sys_sendmmsg+0x273/0x450
[  101.386974][    C0] RAX: ffffffffffffffda RBX: 00007fccd8cbb080 RCX: 00007fccd8a93929
[  101.392841][    C1]  ? __ia32_sys_sendmsg+0x2a0/0x2a0
[  101.397490][    C0] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003
[  101.401891][    C1]  ? unix_dgram_connect+0xa6f/0xb50
[  101.401908][    C1]  ? __kasan_check_write+0x14/0x20
[  101.421494][    C0] RBP: 00007fccd8b15b39 R08: 0000000000000000 R09: 0000000000000000
[  101.426252][    C1]  ? switch_fpu_return+0x197/0x340
[  101.432289][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  101.436509][    C1]  ? fpu__clear_all+0x20/0x20
[  101.441164][    C0] R13: 0000000000000001 R14: 00007fccd8cbb080 R15: 00007ffe9e20a6c8
[  101.445812][    C1]  __x64_sys_sendmmsg+0xa0/0xb0
[  101.453762][    C0] ---[ end trace f415bf87e2f41cbc ]---
[  101.458934][    C1]  do_syscall_64+0x31/0x40
[  101.466892][    C0] ------------[ cut here ]------------
[  101.472072][    C1]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  101.477142][    C0] refcount_t: underflow; use-after-free.
[  101.485100][    C1] RIP: 0033:0x7fccd8a93929
[  101.485114][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.490291][    C0] WARNING: CPU: 0 PID: 1804 at lib/refcount.c:28 refcount_warn_saturate+0x120/0x1a0
[  101.498150][    C1] RSP: 002b:00007fccd70fc038 EFLAGS: 00000246
[  101.502801][    C0] Modules linked in:
[  101.510757][    C1]  ORIG_RAX: 0000000000000133
[  101.515573][    C0] 
[  101.521008][    C1] RAX: ffffffffffffffda RBX: 00007fccd8cbafa0 RCX: 00007fccd8a93929
[  101.521019][    C1] RDX: 0000000000000651 RSI: 0000200000000000 RDI: 0000000000000004
[  101.525409][    C0] CPU: 0 PID: 1804 Comm: syz.1.411 Tainted: G        W         5.10.238-syzkaller-00008-g59e9a7228857 #0
[  101.530840][    C1] RBP: 00007fccd8b15b39 R08: 0000000000000000 R09: 0000000000000000
[  101.536699][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.542316][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  101.546709][    C0] RIP: 0010:refcount_warn_saturate+0x120/0x1a0
[  101.566295][    C1] R13: 0000000000000000 R14: 00007fccd8cbafa0 R15: 00007ffe9e20a6c8
[  101.575646][    C0] Code: 04 01 48 c7 c7 40 f7 1f 85 e8 bc c7 31 02 0f 0b eb c3 e8 43 5d 29 ff c6 05 20 05 66 04 01 48 c7 c7 a0 f7 1f 85 e8 a0 c7 31 02 <0f> 0b eb a7 e8 27 5d 29 ff c6 05 01 05 66 04 01 48 c7 c7 c0 f6 1f
[  101.581694][    C1] ---[ end trace f415bf87e2f41cbd ]---
[  101.585555][    C0] RSP: 0018:ffffc90000007a20 EFLAGS: 00010246
[  101.601264][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  101.608455][    C0] 
[  101.619898][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  101.627601][    C0] RAX: 3760a98f4fc3fc00 RBX: 0000000000000003 RCX: ffff88811e83bb40
[  101.661118][ T1800] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,quota,noauto_da_alloc,debug_want_extra_isize=0x0000000000000080,lazytime,noauto_da_alloc,stripe=0x0000000000000005,orlov,,errors=continue
[  101.679382][    C0] RDX: 0000000000000100 RSI: 0000000000000100 RDI: 0000000000000000
[  101.679390][    C0] RBP: ffffc90000007a30 R08: 0000000000000004 R09: 0000000000000003
[  101.679397][    C0] R10: fffff52000000e88 R11: 1ffff92000000e88 R12: ffff8881102b4608
[  101.679402][    C0] R13: dffffc0000000000 R14: 0000000000000003 R15: 00000000c0000000
[  101.679410][    C0] FS:  00007fccd70db6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  101.679416][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  101.679421][    C0] CR2: 00007f8372f92d58 CR3: 00000001192bc000 CR4: 00000000003506b0
[  101.679429][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  101.679435][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  101.679438][    C0] Call Trace:
[  101.679442][    C0]  <IRQ>
[  101.679455][    C0]  tipc_crypto_xmit+0x1a71/0x23f0
[  101.679466][    C0]  ? tipc_crypto_do_cmd+0xcf0/0xcf0
[  101.679475][    C0]  ? memcpy+0x56/0x70
[  101.679486][    C0]  tipc_bearer_xmit_skb+0x226/0x360
[  101.679500][    C0]  ? __skb_clone+0x469/0x780
[  101.679533][    C0]  ? tipc_bearer_mtu+0x160/0x160
[  101.679541][    C0]  ? skb_clone+0x21c/0x380
[  101.679550][    C0]  tipc_disc_timeout+0x6a2/0x830
[  101.679559][    C0]  ? tipc_disc_init_msg+0x600/0x600
[  101.679569][    C0]  ? iov_iter_get_pages+0x113/0x7a0
[  101.679578][    C0]  ? __kasan_check_write+0x14/0x20
[  101.679588][    C0]  ? _raw_spin_lock_irq+0x8f/0xe0
[  101.679597][    C0]  ? _raw_spin_lock_irqsave+0x110/0x110
[  101.679605][    C0]  ? tipc_disc_init_msg+0x600/0x600
[  101.679626][    C0]  call_timer_fn+0x38/0x290
[  101.888856][    C0]  ? tipc_disc_init_msg+0x600/0x600
[  101.894063][    C0]  __run_timers+0x639/0x9a0
[  101.898556][    C0]  ? calc_index+0x200/0x200
[  101.903066][    C0]  ? sched_clock_cpu+0x1b/0x3d0
[  101.907900][    C0]  run_timer_softirq+0x6a/0xf0
[  101.912667][    C0]  __do_softirq+0x255/0x563
[  101.917149][    C0]  asm_call_irq_on_stack+0xf/0x20
[  101.922168][    C0]  </IRQ>
[  101.925089][    C0]  do_softirq_own_stack+0x60/0x80
[  101.930111][    C0]  __irq_exit_rcu+0x128/0x150
[  101.934767][    C0]  irq_exit_rcu+0x9/0x10
[  101.938985][    C0]  sysvec_apic_timer_interrupt+0xbf/0xe0
[  101.944625][    C0]  asm_sysvec_apic_timer_interrupt+0x12/0x20
[  101.950604][    C0] RIP: 0010:memset_erms+0xb/0x10
[  101.955519][    C0] Code: 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 f3 48 ab 89 d1 f3 aa 4c 89 c8 c3 90 49 89 f9 40 88 f0 48 89 d1 f3 aa <4c> 89 c8 c3 90 49 89 fa 40 0f b6 ce 48 b8 01 01 01 01 01 01 01 01
[  101.975140][    C0] RSP: 0018:ffffc900011f7a90 EFLAGS: 00000202
[  101.981233][    C0] RAX: ffffffff838d7300 RBX: 0000000000000038 RCX: 0000000000000000
[  101.989216][    C0] RDX: 0000000000000038 RSI: 0000000000000000 RDI: ffffc900011f7b58
[  101.997196][    C0] RBP: ffffc900011f7ab0 R08: dffffc0000000000 R09: ffffc900011f7b20
[  102.005172][    C0] R10: fffff5200023ef6b R11: 1ffff9200023ef64 R12: ffffc900011f7d60
[  102.013148][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffc900011f7b20
[  102.021133][    C0]  ? ___sys_recvmsg+0x50/0x4f0
[  102.025872][    C0]  ? memset+0x35/0x40
[  102.029852][    C0]  ___sys_recvmsg+0x117/0x4f0
[  102.034521][    C0]  ? __sys_recvmsg+0x250/0x250
[  102.039272][    C0]  ? sched_clock+0x3a/0x40
[  102.043918][    C0]  ? asm_sysvec_call_function_single+0x12/0x20
[  102.050077][    C0]  ? do_recvmmsg+0x352/0x790
[  102.054641][    C0]  do_recvmmsg+0x347/0x790
[  102.059034][    C0]  ? __sys_recvmmsg+0x280/0x280
[  102.063891][    C0]  ? selinux_file_ioctl+0x377/0x480
[  102.069076][    C0]  ? do_user_addr_fault+0x791/0xc80
[  102.074279][    C0]  __x64_sys_recvmmsg+0x18d/0x240
[  102.079286][    C0]  ? do_recvmmsg+0x790/0x790
[  102.083877][    C0]  ? debug_smp_processor_id+0x17/0x20
[  102.089232][    C0]  ? irqentry_exit_to_user_mode+0x41/0x80
[  102.094951][    C0]  do_syscall_64+0x31/0x40
[  102.099349][    C0]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  102.105238][    C0] RIP: 0033:0x7fccd8a93929
[  102.109661][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.129278][    C0] RSP: 002b:00007fccd70db038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  102.137707][    C0] RAX: ffffffffffffffda RBX: 00007fccd8cbb080 RCX: 00007fccd8a93929
[  102.145684][    C0] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003
[  102.153659][    C0] RBP: 00007fccd8b15b39 R08: 0000000000000000 R09: 0000000000000000
[  102.161635][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  102.169646][    C0] R13: 0000000000000001 R14: 00007fccd8cbb080 R15: 00007ffe9e20a6c8
[  102.177602][    C0] ---[ end trace f415bf87e2f41cbe ]---
[  102.283030][ T1810] netlink: 12 bytes leftover after parsing attributes in process `syz.4.414'.
[  102.729681][ T1806] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodelalloc,nobarrier,errors=remount-ro,
[  102.834285][   T24] kauditd_printk_skb: 46 callbacks suppressed
[  102.881912][   T24] audit: type=1400 audit(1751109332.799:7343): avc:  denied  { mounton } for  pid=1799 comm="syz.0.413" path="/87/file2/file0" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  103.147005][  T300] print_req_error: 50 callbacks suppressed
[  103.147020][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  103.206032][  T423] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  103.209035][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  103.234999][  T423] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  103.246200][  T300] buffer_io_error: 42 callbacks suppressed
[  103.246210][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[  103.262890][  T423] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  103.271351][  T423] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  103.284709][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  103.296141][  T423] Buffer I/O error on dev loop3p3, logical block 9, async page read
[  103.304471][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[  103.312917][  T423] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  103.324510][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  103.340117][  T423] Buffer I/O error on dev loop3p3, logical block 10, async page read
[  103.348364][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[  103.480439][  T423] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  103.505678][  T300] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  103.562172][  T423] Buffer I/O error on dev loop3p3, logical block 11, async page read
[  103.569244][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[  103.583621][  T423] Buffer I/O error on dev loop3p3, logical block 12, async page read
[  103.619467][  T300] Buffer I/O error on dev loop3p1, logical block 0, async page read
[  103.653147][ T1800] netlink: 104 bytes leftover after parsing attributes in process `syz.0.413'.
[  103.675448][  T303] tipc: Disabling bearer <udp:syz2>
[  103.678931][ T1834] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  103.691393][  T303] tipc: Disabling bearer <udp:syz0>
[  103.695198][ T1834] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  103.705215][   T15] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  103.705257][  T303] tipc: Left network mode
[  103.718498][ T1834] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  103.756882][   T24] audit: type=1400 audit(1751109333.739:7344): avc:  denied  { rename } for  pid=1833 comm="syz.1.420" name="file0" dev="loop1" ino=1048625 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  103.780741][   T24] audit: type=1400 audit(1751109333.769:7345): avc:  denied  { reparent } for  pid=1833 comm="syz.1.420" name="file0" dev="loop1" ino=1048625 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  103.803728][   T24] audit: type=1400 audit(1751109333.769:7346): avc:  denied  { rmdir } for  pid=1833 comm="syz.1.420" name="file0" dev="loop1" ino=1048624 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  103.851666][ T1834] xt_bpf: check failed: parse error
[  103.860199][  T303] ------------[ cut here ]------------
[  103.865710][  T303] refcount_t: saturated; leaking memory.
[  103.872289][  T303] WARNING: CPU: 0 PID: 303 at lib/refcount.c:19 refcount_warn_saturate+0x13c/0x1a0
[  103.880211][ T1844] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  103.881942][  T303] Modules linked in:
[  103.893065][  T303] CPU: 0 PID: 303 Comm: kworker/u4:3 Tainted: G        W         5.10.238-syzkaller-00008-g59e9a7228857 #0
[  103.899185][ T1844] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  103.904562][  T303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.914420][   T54] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  103.924492][  T303] Workqueue: netns cleanup_net
[  103.936705][  T303] RIP: 0010:refcount_warn_saturate+0x13c/0x1a0
[  103.943132][  T303] Code: 04 01 48 c7 c7 a0 f7 1f 85 e8 a0 c7 31 02 0f 0b eb a7 e8 27 5d 29 ff c6 05 01 05 66 04 01 48 c7 c7 c0 f6 1f 85 e8 84 c7 31 02 <0f> 0b eb 8b e8 0b 5d 29 ff c6 05 e6 04 66 04 01 48 c7 c7 c0 f6 1f
[  103.963066][  T303] RSP: 0018:ffffc900079f77c0 EFLAGS: 00010246
[  103.963433][ T1844] EXT4-fs error (device loop0): ext4_fill_super:4955: inode #2: comm syz.0.424: iget: special inode unallocated
[  103.969160][  T303] RAX: eddd215701f9d600 RBX: 0000000000000000 RCX: ffff88810c0c93c0
[  103.989362][  T303] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  103.997425][  T303] RBP: ffffc900079f77d0 R08: dffffc0000000000 R09: ffffed103ee0a5f8
[  104.005749][  T303] R10: ffffed103ee0a5f8 R11: 1ffff1103ee0a5f7 R12: 1ffff92000f3ef04
[  104.013992][  T303] R13: ffff888124c239c4 R14: 0000000000000000 R15: 0000000000000cc0
[  104.022250][  T303] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  104.027929][ T1844] EXT4-fs (loop0): get root inode failed
[  104.031417][  T303] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  104.043576][ T1844] EXT4-fs (loop0): mount failed
[  104.049199][  T303] CR2: 0000001b2d10dff8 CR3: 000000010d0ed000 CR4: 00000000003506b0
[  104.050015][ T1846] EXT4-fs (loop5): mounted filesystem without journal. Opts: barrier=0x0000000000000007,,errors=continue
[  104.057687][  T303] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  104.076617][  T303] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  104.084679][  T303] Call Trace:
[  104.084691][   T15] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  104.084708][   T15] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  104.088096][  T303]  nf_nat_masq_schedule+0x421/0x490
[  104.099039][   T15] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  104.109249][  T303]  ? __kasan_check_write+0x14/0x20
[  104.114826][   T15] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  104.127369][  T303]  ? nf_nat_masq_schedule+0x490/0x490
[  104.132148][   T15] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.142244][  T303]  ? masq_device_event+0xd0/0xd0
[  104.147465][   T15] usb 5-1: config 0 descriptor??
[  104.159884][  T303]  ? nfqnl_rcv_dev_event+0x441/0x470
[  104.170212][  T303]  ? rtnl_is_locked+0x15/0x20
[  104.174954][  T303]  masq_device_event+0x9b/0xd0
[  104.179979][  T303]  raw_notifier_call_chain+0x90/0x100
[  104.185487][  T303]  dev_close_many+0x330/0x4d0
[  104.190413][  T303]  ? __dev_open+0x4c0/0x4c0
[  104.194966][  T303]  ? try_to_wake_up+0x616/0xd70
[  104.200833][  T303]  ? __kasan_check_read+0x11/0x20
[  104.205919][  T303]  unregister_netdevice_many+0x44c/0x1980
[  104.212043][  T303]  ? wake_up_q+0x12c/0x1e0
[  104.216527][  T303]  ? __mutex_unlock_slowpath+0x1f2/0x2f0
[  104.222534][  T303]  ? alloc_netdev_mqs+0xc80/0xc80
[  104.227621][  T303]  ? unregister_netdevice_queue+0x1aa/0x360
[  104.233832][  T303]  ? list_netdevice+0x4c0/0x4c0
[  104.238726][  T303]  ? find_next_bit+0xc9/0x100
[  104.243687][  T303]  ip6gre_exit_batch_net+0x5a5/0x5f0
[  104.249069][  T303]  ? ip6gre_init_net+0x340/0x340
[  104.254697][  T303]  ? ip6gre_init_net+0x340/0x340
[  104.260206][  T303]  cleanup_net+0x5fb/0xb70
[  104.261173][   T54] usb 4-1: Using ep0 maxpacket: 16
[  104.270987][  T303]  ? __kasan_check_write+0x14/0x20
[  104.276154][  T303]  ? ops_init+0x4a0/0x4a0
[  104.280549][  T303]  ? read_word_at_a_time+0x12/0x20
[  104.285697][  T303]  ? strscpy+0x9b/0x290
[  104.289971][  T303]  process_one_work+0x6e1/0xba0
[  104.295025][  T303]  worker_thread+0xa6a/0x13b0
[  104.299883][  T303]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  104.305428][  T303]  kthread+0x346/0x3d0
[  104.309539][  T303]  ? worker_clr_flags+0x190/0x190
[  104.314552][  T303]  ? kthread_blkcg+0xd0/0xd0
[  104.319115][  T303]  ret_from_fork+0x1f/0x30
[  104.323671][  T303] ---[ end trace f415bf87e2f41cbf ]---
[  104.450263][   T54] usb 4-1: unable to read config index 0 descriptor/start: -61
[  104.458864][   T54] usb 4-1: can't read configurations, error -61
[  104.609571][   T54] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  104.660293][   T15] plantronics 0003:047F:FFFF.0009: invalid report_size 2068630588
[  104.668105][   T15] plantronics 0003:047F:FFFF.0009: item 0 4 1 7 parsing failed
[  104.676285][   T15] plantronics 0003:047F:FFFF.0009: parse failed
[  104.682768][   T15] plantronics: probe of 0003:047F:FFFF.0009 failed with error -22
[  104.869896][  T303] device veth1_macvtap left promiscuous mode
[  104.899658][   T54] usb 4-1: Using ep0 maxpacket: 16
[  104.918445][  T303] device veth0_vlan left promiscuous mode
[  104.972770][   T25] usb 5-1: USB disconnect, device number 11
[  105.045869][ T1863] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  105.069305][ T1863] ext4 filesystem being mounted at /5/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  105.092885][   T54] usb 4-1: unable to read config index 0 descriptor/start: -61
[  105.110061][   T54] usb 4-1: can't read configurations, error -61
[  105.116675][   T54] usb usb4-port1: attempt power cycle
[  105.292912][ T1863] netlink: 'syz.5.427': attribute type 11 has an invalid length.
[  105.579649][   T54] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  105.689738][   T54] usb 4-1: Using ep0 maxpacket: 16
[  105.790746][ T1871] EXT4-fs (loop5): mounted filesystem without journal. Opts: i_version,nodiscard,min_batch_time=0x00000000000003ff,,errors=continue
[  106.059700][   T54] usb 4-1: unable to read config index 0 descriptor/start: -71
[  106.090930][   T54] usb 4-1: can't read configurations, error -71
[  106.436657][ T1884] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  106.453290][ T1876] tipc: Resetting bearer <eth:syzkaller0>
[  106.461683][ T1875] EXT4-fs error (device loop1): ext4_orphan_get:1395: inode #15: comm syz.1.430: casefold flag without casefold feature
[  106.486290][ T1875] EXT4-fs error (device loop1): ext4_orphan_get:1400: comm syz.1.430: couldn't read orphan inode 15 (err -117)
[  106.505871][ T1876] tipc: Disabling bearer <eth:syzkaller0>
[  106.511749][ T1875] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  106.592492][ T1892] EXT4-fs (loop5): Mount option "nouser_xattr" will be removed by 3.5
[  106.592492][ T1892] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  106.592492][ T1892] 
[  106.621262][ T1892] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  106.712740][ T1900] device ip6erspan0 entered promiscuous mode
[  106.813054][  T303] ==================================================================
[  106.821146][  T303] BUG: KASAN: use-after-free in inet_twsk_purge+0x1fe/0x620
[  106.828417][  T303] Read of size 4 at addr ffff888124c239c4 by task kworker/u4:3/303
[  106.836271][  T303] 
[  106.838577][  T303] CPU: 1 PID: 303 Comm: kworker/u4:3 Tainted: G        W         5.10.238-syzkaller-00008-g59e9a7228857 #0
[  106.849909][  T303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  106.859963][  T303] Workqueue: netns cleanup_net
[  106.864724][  T303] Call Trace:
[  106.868012][  T303]  __dump_stack+0x21/0x24
[  106.872351][  T303]  dump_stack_lvl+0x169/0x1d8
[  106.877029][  T303]  ? show_regs_print_info+0x18/0x18
[  106.882215][  T303]  ? thaw_kernel_threads+0x220/0x220
[  106.887488][  T303]  print_address_description+0x7f/0x2c0
[  106.893017][  T303]  ? inet_twsk_purge+0x1fe/0x620
[  106.897928][  T303]  kasan_report+0xe2/0x130
[  106.902321][  T303]  ? inet_twsk_purge+0x1fe/0x620
[  106.907236][  T303]  kasan_check_range+0x280/0x290
[  106.912150][  T303]  __kasan_check_read+0x11/0x20
[  106.916974][  T303]  inet_twsk_purge+0x1fe/0x620
[  106.921716][  T303]  ? preempt_schedule_thunk+0x16/0x18
[  106.927066][  T303]  ? __inet_twsk_schedule+0x130/0x130
[  106.932413][  T303]  ? sock_release+0x111/0x140
[  106.937066][  T303]  ? tcpv6_net_exit+0x80/0x80
[  106.941717][  T303]  tcpv6_net_exit_batch+0x1a/0x20
[  106.946715][  T303]  cleanup_net+0x5fb/0xb70
[  106.951107][  T303]  ? __kasan_check_write+0x14/0x20
[  106.956193][  T303]  ? ops_init+0x4a0/0x4a0
[  106.960501][  T303]  ? read_word_at_a_time+0x12/0x20
[  106.965586][  T303]  ? strscpy+0x9b/0x290
[  106.969717][  T303]  process_one_work+0x6e1/0xba0
[  106.974545][  T303]  worker_thread+0xa6a/0x13b0
[  106.979204][  T303]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  106.984643][  T303]  kthread+0x346/0x3d0
[  106.988684][  T303]  ? worker_clr_flags+0x190/0x190
[  106.993683][  T303]  ? kthread_blkcg+0xd0/0xd0
[  106.998248][  T303]  ret_from_fork+0x1f/0x30
[  107.002640][  T303] 
[  107.004944][  T303] Allocated by task 278:
[  107.009164][  T303]  __kasan_slab_alloc+0xbd/0xf0
[  107.013995][  T303]  slab_post_alloc_hook+0x5d/0x2f0
[  107.019082][  T303]  kmem_cache_alloc+0x165/0x2e0
[  107.023905][  T303]  copy_net_ns+0x13f/0x520
[  107.028294][  T303]  create_new_namespaces+0x3a2/0x650
[  107.033726][  T303]  unshare_nsproxy_namespaces+0x120/0x170
[  107.039431][  T303]  ksys_unshare+0x4ac/0x7d0
[  107.043916][  T303]  __x64_sys_unshare+0x38/0x40
[  107.048658][  T303]  do_syscall_64+0x31/0x40
[  107.053143][  T303]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  107.059004][  T303] 
[  107.061310][  T303] Freed by task 303:
[  107.065191][  T303]  kasan_set_track+0x4a/0x70
[  107.069753][  T303]  kasan_set_free_info+0x23/0x40
[  107.074663][  T303]  ____kasan_slab_free+0x125/0x160
[  107.079745][  T303]  __kasan_slab_free+0x11/0x20
[  107.084483][  T303]  slab_free_freelist_hook+0xc5/0x190
[  107.089830][  T303]  kmem_cache_free+0x100/0x2d0
[  107.094569][  T303]  cleanup_net+0xae3/0xb70
[  107.098957][  T303]  process_one_work+0x6e1/0xba0
[  107.103781][  T303]  worker_thread+0xa6a/0x13b0
[  107.108432][  T303]  kthread+0x346/0x3d0
[  107.112474][  T303]  ret_from_fork+0x1f/0x30
[  107.116859][  T303] 
[  107.119165][  T303] The buggy address belongs to the object at ffff888124c239c0
[  107.119165][  T303]  which belongs to the cache net_namespace of size 4672
[  107.133454][  T303] The buggy address is located 4 bytes inside of
[  107.133454][  T303]  4672-byte region [ffff888124c239c0, ffff888124c24c00)
[  107.146621][  T303] The buggy address belongs to the page:
[  107.152245][  T303] page:ffffea0004930800 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888124c24d00 pfn:0x124c20
[  107.163754][  T303] head:ffffea0004930800 order:3 compound_mapcount:0 compound_pincount:0
[  107.172054][  T303] flags: 0x4000000000010200(slab|head)
[  107.177494][  T303] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888107fdc900
[  107.186057][  T303] raw: ffff888124c24d00 0000000080060005 00000001ffffffff 0000000000000000
[  107.194617][  T303] page dumped because: kasan: bad access detected
[  107.201018][  T303] page_owner tracks the page as allocated
[  107.206715][  T303] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 275, ts 23681408044, free_ts 0
[  107.224921][  T303]  prep_new_page+0x179/0x180
[  107.229492][  T303]  get_page_from_freelist+0x2235/0x23d0
[  107.235022][  T303]  __alloc_pages_nodemask+0x268/0x5f0
[  107.240369][  T303]  new_slab+0x84/0x3f0
[  107.244410][  T303]  ___slab_alloc+0x2a6/0x450
[  107.248981][  T303]  __slab_alloc+0x63/0xa0
[  107.253285][  T303]  kmem_cache_alloc+0x1af/0x2e0
[  107.258116][  T303]  copy_net_ns+0x13f/0x520
[  107.262509][  T303]  create_new_namespaces+0x3a2/0x650
[  107.267780][  T303]  unshare_nsproxy_namespaces+0x120/0x170
[  107.273474][  T303]  ksys_unshare+0x4ac/0x7d0
[  107.277980][  T303]  __x64_sys_unshare+0x38/0x40
[  107.282718][  T303]  do_syscall_64+0x31/0x40
[  107.287113][  T303]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  107.292981][  T303] page_owner free stack trace missing
[  107.298323][  T303] 
[  107.300628][  T303] Memory state around the buggy address:
[  107.306235][  T303]  ffff888124c23880: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  107.314274][  T303]  ffff888124c23900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  107.322312][  T303] >ffff888124c23980: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[  107.330435][  T303]                                            ^
[  107.336563][  T303]  ffff888124c23a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  107.344600][  T303]  ffff888124c23a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  107.352634][  T303] ==================================================================
[  107.360665][  T303] Disabling lock debugging due to kernel taint
[  107.414127][ T1892] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,resuid=0x0000000000000000,block_validity,min_batch_time=0x0000000000000007,nobarrier,nouser_xattr,dioread_nolock,
[  107.448663][   T24] audit: type=1400 audit(1751109337.429:7347): avc:  denied  { rename } for  pid=1891 comm="syz.5.435" name="bus" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  107.448709][ T1892] EXT4-fs error (device loop5): empty_inline_dir:1850: inode #12: block 9: comm syz.5.435: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=13, rec_len=21, size=60 fake=0
[  107.488753][   T24] audit: type=1400 audit(1751109337.429:7348): avc:  denied  { rmdir } for  pid=1891 comm="syz.5.435" name="file0" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  107.488761][ T1892] EXT4-fs (loop5): Remounting filesystem read-only
[  107.488782][ T1892] EXT4-fs warning (device loop5): empty_inline_dir:1857: bad inline directory (dir #12) - inode 13, rec_len 21, name_len 5inline size 60
[  107.514451][   T24] audit: type=1400 audit(1751109337.499:7349): avc:  denied  { connect } for  pid=1891 comm="syz.5.435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  107.557937][   T24] audit: type=1400 audit(1751109337.539:7350): avc:  denied  { bind } for  pid=1891 comm="syz.5.435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  107.577300][   T24] audit: type=1400 audit(1751109337.539:7351): avc:  denied  { write } for  pid=1891 comm="syz.5.435" path="socket:[20492]" dev="sockfs" ino=20492 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1