program: r0 = socket$netlink(0x10, 0x3, 0x0) (async) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0) (async) syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x10, &(0x7f0000000400)=ANY=[], 0x1, 0xf04, &(0x7f0000000f40)="$eJzs3U9sHNX9APA367+JTbwGfmDgR0ihFYGCHZJITW9BoB4Rl95BIaERhqKGHoiAmB4QlRBFQpwqDlRcKJVSpCKBKlWop7anVr31hHqhUpVKQT20SImr2G/Wuy/72PXYnrV3Px/p67dv3ux8v2M7zszs7NsAjKzG2tfjxxeKEN759O1HX36q+Pjasrtaaxxa+1rEXjOEMNHWL5LtfR4XXLn80qlubRGOrn0t++GxS63nzoQQVsKh8Flohg+Xlr/84N1HDn/02vQtb55/5pUd2v2WdD8AAGAYXfzT8t/u+8cfH5j/6uLBk2Gqtbw8Pm/G/kw87j8SD5TL4+VG6OwXbdFuMllvLEYjWW8sWW88yTOeyTeRbGcis95kj3xjbcu67ScAAADsReV5bTMUjcWOfqOxuLh+3n/N53OTxeJzZ5fPnBtQoQAAAEBl/76wdtOtEEIIIYQQQgghhjhW5wZ9BQIAAAAYNel8YddZ2d6Zulpba/aX/9LDje7Ph21Q9+//1+efHnD+LkY8//uv+osDAEB1w3o0We5XeRxdzmOQziM4ljxvs8f/jWQ745usMzev4F6ZbzBXZ/p93a1y9W/25zgoufrT+TB3q1z96Tydu1Wu/qma66gqV3+XKz+7Uq7+fTXXUVWu/v0111FVrv6ZmuuoKlf/bM11VJWr/4aa66gqV/+BmuuoKlf/XrmtNld/s+Y6qsrVP19zHVXl6r+x5jqqytV/U811VJWr/+aa6xiUO2Nbfh8OZtab6XJOt1fO8QAAAGDU/df8f0IIIUR7rN8CMfg6hBBCCCG2NS4M+gIEAAAAMHDl+wLKd72vRuX4WI/x8fbx6Y0VyvGJHs+f7DE+1WMcAAAACOG3r5+57a1iY767rc6HV84btS98fDVUmMconY9ws/m3Ou/ZVvPvlXnLAAAAGC3F9z67ev+j770w/9XFgyfbzn6vxvPdch7Q8Xht4JPYL+8LmE36RXkOfbIzTyOzXnp94Ibc9h7f4o4CAADACCvP35uhaCy2nXc3Q6OxuLhxPr4QJoozZ5dPH4n98vNZ/jA3MXVt+UM11w0AAAD0b+N8v/v5f/k5vgthslh87uzymXPr/dnW8olG+3WBuY3lRft1gWay/Ghm+bHYLz+/8wdz+9aWL5764fJT273zAAAAMCLOvXj+mSeXl0//yAMPPPCg9WDQf5kAAIDt9sUXb0/8+Njs79bf/78x/93V+OBQ7Dfj3H5/jsvL+wTK9wFc9379JzrzzOXWe75zvWay3liMqaTu6bbthLX5BjufN5/L1+zczmQm30ySbzbJl85TMJ6sX3SZSzB0mZ+wXG8uWZ7Owzie5CiS/Hd3yQUAAAClpReefX7p3IvnHzz77JNPn3769HPHjp747okTRx76zkNLa/f1L7Xf3Q8AAADsRRs3/Q66EgAAAAAAAAAAAAAAAAAAABhddXyc2KD3EQAAAEbdvy6EEFaEyET5AYODrkPs5lidGnwNwx3Bv0MhhBBCbDGc94mVEFZX00+aBwAAANhZVy6/dKq9vc5Ksa35WltrrjdXY96ynX3wr/PXolzt0sOd10v2b2s1jLq6f//l3635p7qOv//q9uafDht/+0Jff/8anRs42dHb12/ee5d+udDKH0K4fbzP/On+P95vxk6Hk/z3hv7yr76X5H+io9foN/99Sf79fea/bv+f7zdjp/tj/oXYP3xPv/k7d7H8LS33o99fgG8n+/9U6Dd/sv/NPhMmHoj5AWAUtf43X70w2EK2WXmUUB5Pz8R+ub/xcDOkdz9s9vi/kWxnfMuVd263PA66NfanW3V05i1ttv7y+zIb2xsq1pnaK3eV5Orfrp/jTsvVP1FzHVXl6p+suY6qcvV3P3vffXL1T9dcR1W5+vu+EDFgufr3ynXlXP0zNddRVa7+2ZrrqCpX/2b/Hx+UXP0Haq6jqlz9czXXUVWu/oqX1WqXq3++5jqqytV/Y811VJWr/6aa66gqV//NNdcxKHfENnc+XJ5/zsWxst9M+lNdvpd9vxgCAAAA7Kh/7sp5INquHAy8FiGEEEIIIYY//rO6btB1CCF2LlZXB3n1gUHb2XczA7Bb+fs/2vz8R5uf/2jz8+frlK/EF0m/NNZjfLzH+ESP8clkPP19neoxflOy3dXyumZ0c4/x/4t7kBs/0OP5t/YYX+gxfluP8dt7jN/RYxwAAIDRcEtsnR8CAADA8Hr5V5+88Zt7n7g8/9XFgyfD5HXzzh+J/an42vrrsZ/Oe1+aiK/5/yT2fxHb38f278n67j8BAACAnVd+TozX/wEAAGB4lZ9T6vwfAAAAhtd8bJ3/AwAAwPC6MbbO/wEAAGCIFdPdF8e2vC5wd2z7ndcPANj9/j+2d8b2YGzviu03YlseB9wT22/WVB8AsH1+/v2fnnir2Jjv/1gyfiUuL9vrrKxfKSganTP574vt/th+q8960s8D6Dd/6UCfeXYq/9wW8wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw6Ox9vX48YUihHc+ffvRn02+8Zdry+5qrXFo7WsRe80QwkTreeXoRv/XccUrl1861d5ejW0RjoYiFK3l4bFLrUwzIYSVcCh8Fprhw6XlLz9495HDH702fcub5595ZQe/BR37BwAAAMPofwEAAP//fccg7g==") (async) unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x5a6d5828, 0x800, 0x6, 0x9}}}}]}, 0x48}}, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff0006}]}) syz_mount_image$nilfs2(&(0x7f00000000c0), &(0x7f0000000300)='./file1\x00', 0x1014800, &(0x7f00000005c0)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0, @ANYRESDEC, @ANYRES8=0x0, @ANYRES8=0x0, @ANYRESDEC, @ANYRESOCT, @ANYBLOB="65fb591cc8900dee25824c081a15", @ANYRES32], 0x1, 0xda6, &(0x7f0000003c80)="$eJzs3ctvXFf9APBzx544r/7iNO4vJoTEJJSGR+wmtSg7XCksKqQKKX9BFdKS4pZHwqJVKiVZsCVS1T+AqmtY8MyiUtRVUDcg/oGqKzahqlQgQmqNbJ8zHn8zw51xbI/H8/lId87c+z33nnPmcefOfZ0EjKzGyuP8/HSV0tt33rrw4OT4v5ennGzlmFl5HM9jCymlZmu+lCbD8hYmVtPPPrl+qT39PKdVOp+qVLWmpxfut+Y9kFK6kWbS3TSZLn589PYrHzy/+N6Rm0cuvHnm3ta0HgAARsuD77370z8/9d3rh//zmxMLaaI1vWyfL+Txg3m7f6FaHc9J639A1ZZWbePFnpBvPA+NkG+sQ772cpoh33iX8veE5Ta75JuoKX+sbVqndsMwW/sfXzVm1403GrOzq//Jl304tqeafe3K4ktXB1RRYNN9ejLv4jMYDCM3LB0a9BoIYFU8bviQG3HPwqNpLW28t/LvP9foPD9sgu3+/Ct/uMp/96Y1Dptnt36aSrvK9+hgHo/HEcbDfP1+/8vy4vGIZo/17HYcYViOL3Sr59g212OjutU/fi52qy/ltLwOJ0K8/fsT39NheY+Bzh7Y/28wjOywNOgVELBjxfPmlrISj+f1xfhETXxvTXxfTXx/TfxATRxG2W+v/TLdrtb+58f/9P3uDyv72R7L6f/1WZ+4P7Lf8uN5v/161PLj+cSwo5351/FPf373L/H8/8/D+f+n82/pZF5BlP2Fcb9669z/cGFwo0u+x0N1HuuQf+X51Pp81dTaclLbeuahekyvn+9Qt3zH1+ebDPn2522RvaG+cftkf5ivbH+U9Wp5vcZDe5uhHXtCPco7czine0N7DndrV9iRvSfka+bhSGjXVGjXE2G+/w/tqqbXtyvuPy/1ORqmx+MkJV942x76XYrvRbwu41ROb+X0nZy+n9OPOpQ7isrnsdv5/+XzOZ2a1UtXFi8/ncfL5/TeWHNiefq5ba438Oh6vf5nOq2//udga3qz0b5eOLQ2vWpfL0yG6ee7TH8mj5ffsx+O7VuZPnvpx4s/2OzGw4i7+vobP3pxcfHyzzzxxBNPWk/+x0rj1zMXr23jOgrYGnPXXv3J3NXX3zh75dUXX7788uXXzj397W898+yz83MrW/Vz7dv2wO6y9qM/6JoAAAAAAAAAAAAAPav2dZ6c07r725brycv16fH6eIZDed/Kp6Hcx6Bc/9ntvi7l+s3D21BHNt92XE406DYCnf3D/X8NhpEdlpbcxR/YGQbd/1+572FJD5792+HloWS7/9z69WW8fyE8ip3e/5zyd1f/f63+r3pe/4UesyY3Vu7vHuz7a1ux6Viv5cf2l/vATvVX/u9z+aU1T6beyl/6VSg/3qi0R38I5e/vsfyH2n98Y+X/MZdfXrYzp3stf7XGVWN9PeJ+43IfwLjfuPhTaH+5t18/7T91a+Mdtd3J5cMoG5Z+Jvs1LP1/dlOWW9aDefXcOk5X7r8d+zvot/7lvt/ld+CJsPyq5vdN/5/Dra7/z/L5m9P/J+w6Hzr+ZzCM7LC0tDTQrk9Gtd+VnWLQr/+gtyEHXf6gX/86sf/P+H8p9v8Z47H/zxiP/X/GeOxfK8Zj/5/x9Yz9f8b40bDc2D/odE38CzXxYzXxL9bEj9fE4/+3GJ+piZ+oiZ+siT9eEz9VEz9dE/9KTfzJmvhTNfEzNfHd7ss5HdX2wyiL/Ub6/sPoKMd/un3/p2riwPCK/TrH7/dXa+LA8Crnefh+wwiqOt+xI+5vL/txb+X0nZy+n9OPtqyCbIev5fTrOf1GTr+Z07M5nc3pXE71DTncfvH3YyduV2vn+R0K8V7PJ43XA8T7xJzrsT7x+Fy/57Me7bGcrSp/g5eDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyNxsrj/Px0ldLbd9668M+p73x/ecrJVo6ZlcfxPLaQUmqmlKo8Ph6Wd2NiNf3sk+uXOqVVOr/yWMbTC/db8x5Ynj/NpLtpMl38+OjtVz54fvG9IzePXHjzzL2taT0AAACMhv8GAAD//5Cp5/o=") (async) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_SET_PIT2(r6, 0x4070aea0, &(0x7f00000001c0)={[{0x4, 0x4, 0x3, 0x2, 0x80, 0x0, 0x7, 0x80, 0x2, 0x0, 0x80, 0x4, 0x3ff}, {0xfffffd18, 0x5, 0xca, 0x4, 0x6, 0xea, 0xa6, 0x10, 0x67, 0xa, 0x7f, 0x10, 0x1}, {0x7ff, 0x2, 0x5, 0x2, 0x5, 0x2, 0x1, 0x3, 0x4e, 0x37, 0x6, 0x6}], 0xe}) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f00000002c0)=0x20) (async) r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x147040, 0x0) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x5, 0x11, r7, 0x0) (async) r8 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0xa2003, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r8, 0xc0184800, &(0x7f0000000100)={0x20004, r3}) r10 = syz_open_dev$dri(&(0x7f0000000280), 0x1ff, 0x140) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r10, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r9}) ioctl$DRM_IOCTL_GEM_FLINK(r10, 0xc00864d2, &(0x7f0000000300)={r11}) (async) ioctl$DRM_IOCTL_PANTHOR_BO_SYNC(0xffffffffffffffff, 0xc010644f, &(0x7f0000000040)={{0x18, 0x1, &(0x7f0000000000)=[{r11, 0x1, 0xf, 0x5}]}}) (async) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@gettclass={0x24, 0x2a, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}}}, 0x24}}, 0x0) [ 84.511610][ T44] Bluetooth: hci0: command tx timeout [ 84.663735][ T24] audit: type=1800 audit(1778661304.836:2): pid=5325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file0" dev="tmpfs" ino=18 res=0 errno=0 [ 84.693861][ T5326] loop0: detected capacity change from 0 to 4096 [ 84.871602][ T5324] ------------[ cut here ]------------ [ 84.874183][ T5324] !RB_EMPTY_ROOT(&prime_fpriv->dmabufs) [ 84.874195][ T5324] WARNING: drivers/gpu/drm/drm_prime.c:224 at drm_prime_destroy_file_private+0x4b/0x60, CPU#0: syz.0.0/5324 [ 84.883674][ T5324] Modules linked in: [ 84.885633][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 84.889691][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 84.894105][ T5324] RIP: 0010:drm_prime_destroy_file_private+0x4b/0x60 [ 84.897037][ T5324] Code: 00 fc ff df 80 3c 08 00 74 08 48 89 df e8 2d c9 c6 fc 48 83 3b 00 75 0c e8 72 fd 59 fc 5b e9 cc e4 41 06 cc e8 66 fd 59 fc 90 <0f> 0b 90 5b e9 bc e4 41 06 cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 [ 84.905621][ T5324] RSP: 0018:ffffc9000e1a7c40 EFLAGS: 00010293 [ 84.909498][ T5324] RAX: ffffffff856bd3da RBX: ffff8880120f63b0 RCX: ffff88803f844a00 [ 84.912965][ T5324] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff8880120f6328 [ 84.916284][ T5324] RBP: ffff8880120f6278 R08: ffffc9000e1a7bc7 R09: 1ffff92001c34f78 [ 84.919829][ T5324] R10: dffffc0000000000 R11: fffff52001c34f79 R12: dffffc0000000000 [ 84.923340][ T5324] R13: dead000000000100 R14: 0000000000000000 R15: ffff8880120f6288 [ 84.926712][ T5324] FS: 0000555576a3b540(0000) GS:ffff88808c881000(0000) knlGS:0000000000000000 [ 84.930352][ T5324] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.932916][ T5324] CR2: 00007f905a18b000 CR3: 00000000350e3000 CR4: 0000000000352ef0 [ 84.936204][ T5324] Call Trace: [ 84.937731][ T5324] [ 84.939072][ T5324] drm_file_free+0x7f1/0xa00 [ 84.941031][ T5324] drm_release+0x2de/0x3f0 [ 84.942815][ T5324] ? __pfx_drm_release+0x10/0x10 [ 84.944756][ T5324] __fput+0x44f/0xa60 [ 84.946296][ T5324] task_work_run+0x1d9/0x270 [ 84.948240][ T5324] ? __pfx_task_work_run+0x10/0x10 [ 84.950592][ T5324] exit_to_user_mode_loop+0xf3/0x4d0 [ 84.952822][ T5324] ? rcu_is_watching+0x15/0xb0 [ 84.954764][ T5324] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.957824][ T5324] do_syscall_64+0x33e/0xf80 [ 84.959817][ T5324] ? trace_irq_disable+0x3b/0x140 [ 84.962013][ T5324] ? clear_bhb_loop+0x40/0x90 [ 84.964052][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.966351][ T5324] RIP: 0033:0x7f3e6d19ce59 [ 84.968322][ T5324] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 84.976363][ T5324] RSP: 002b:00007ffe1d12cd78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 84.979761][ T5324] RAX: 0000000000000000 RBX: 00007f3e6d417da0 RCX: 00007f3e6d19ce59 [ 84.982942][ T5324] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 84.986234][ T5324] RBP: 00007f3e6d417da0 R08: 0000000000000006 R09: 0000000000000000 [ 84.989767][ T5324] R10: 0000000000dffcf0 R11: 0000000000000246 R12: 0000000000014d1c [ 84.993270][ T5324] R13: 00007f3e6d41618c R14: 0000000000014a66 R15: 00007f3e6d416180 [ 84.996672][ T5324] [ 84.998246][ T5324] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 85.001361][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 85.005148][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 85.009394][ T5324] Call Trace: [ 85.010852][ T5324] [ 85.012172][ T5324] vpanic+0x56c/0xa60 [ 85.013899][ T5324] ? __pfx__printk+0x10/0x10 [ 85.015896][ T5324] ? __pfx_vpanic+0x10/0x10 [ 85.017832][ T5324] ? is_bpf_text_address+0x292/0x2b0 [ 85.020098][ T5324] ? is_bpf_text_address+0x26/0x2b0 [ 85.022363][ T5324] panic+0xc5/0xd0 [ 85.023908][ T5324] ? __pfx_panic+0x10/0x10 [ 85.025843][ T5324] __warn+0x315/0x4c0 [ 85.027386][ T5324] ? drm_prime_destroy_file_private+0x4b/0x60 [ 85.029714][ T5324] ? drm_prime_destroy_file_private+0x4b/0x60 [ 85.032086][ T5324] __report_bug+0x29a/0x540 [ 85.033963][ T5324] ? drm_prime_destroy_file_private+0x4b/0x60 [ 85.036292][ T5324] ? __pfx___report_bug+0x10/0x10 [ 85.038331][ T5324] ? drm_file_free+0x78a/0xa00 [ 85.040465][ T5324] ? drm_prime_destroy_file_private+0x4b/0x60 [ 85.042812][ T5324] report_bug+0x16a/0x220 [ 85.044599][ T5324] ? drm_prime_destroy_file_private+0x4b/0x60 [ 85.047675][ T5324] ? drm_prime_destroy_file_private+0x4d/0x60 [ 85.050319][ T5324] handle_bug+0x9c/0x200 [ 85.052057][ T5324] exc_invalid_op+0x1a/0x50 [ 85.053940][ T5324] asm_exc_invalid_op+0x1a/0x20 [ 85.056081][ T5324] RIP: 0010:drm_prime_destroy_file_private+0x4b/0x60 [ 85.058883][ T5324] Code: 00 fc ff df 80 3c 08 00 74 08 48 89 df e8 2d c9 c6 fc 48 83 3b 00 75 0c e8 72 fd 59 fc 5b e9 cc e4 41 06 cc e8 66 fd 59 fc 90 <0f> 0b 90 5b e9 bc e4 41 06 cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 [ 85.066873][ T5324] RSP: 0018:ffffc9000e1a7c40 EFLAGS: 00010293 [ 85.069465][ T5324] RAX: ffffffff856bd3da RBX: ffff8880120f63b0 RCX: ffff88803f844a00 [ 85.072713][ T5324] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff8880120f6328 [ 85.076180][ T5324] RBP: ffff8880120f6278 R08: ffffc9000e1a7bc7 R09: 1ffff92001c34f78 [ 85.079491][ T5324] R10: dffffc0000000000 R11: fffff52001c34f79 R12: dffffc0000000000 [ 85.082740][ T5324] R13: dead000000000100 R14: 0000000000000000 R15: ffff8880120f6288 [ 85.086606][ T5324] ? drm_prime_destroy_file_private+0x4a/0x60 [ 85.089327][ T5324] drm_file_free+0x7f1/0xa00 [ 85.091393][ T5324] drm_release+0x2de/0x3f0 [ 85.093238][ T5324] ? __pfx_drm_release+0x10/0x10 [ 85.095309][ T5324] __fput+0x44f/0xa60 [ 85.097036][ T5324] task_work_run+0x1d9/0x270 [ 85.099032][ T5324] ? __pfx_task_work_run+0x10/0x10 [ 85.101009][ T5324] exit_to_user_mode_loop+0xf3/0x4d0 [ 85.103159][ T5324] ? rcu_is_watching+0x15/0xb0 [ 85.105141][ T5324] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.107728][ T5324] do_syscall_64+0x33e/0xf80 [ 85.109812][ T5324] ? trace_irq_disable+0x3b/0x140 [ 85.111768][ T5324] ? clear_bhb_loop+0x40/0x90 [ 85.113542][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.115642][ T5324] RIP: 0033:0x7f3e6d19ce59 [ 85.117242][ T5324] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 85.124845][ T5324] RSP: 002b:00007ffe1d12cd78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 85.128420][ T5324] RAX: 0000000000000000 RBX: 00007f3e6d417da0 RCX: 00007f3e6d19ce59 [ 85.131850][ T5324] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 85.135257][ T5324] RBP: 00007f3e6d417da0 R08: 0000000000000006 R09: 0000000000000000 [ 85.138876][ T5324] R10: 0000000000dffcf0 R11: 0000000000000246 R12: 0000000000014d1c [ 85.142366][ T5324] R13: 00007f3e6d41618c R14: 0000000000014a66 R15: 00007f3e6d416180 [ 85.145875][ T5324] [ 85.147621][ T5324] Kernel Offset: disabled [ 85.149544][ T5324] Rebooting in 86400 seconds..