last executing test programs:

8m9.513479908s ago: executing program 2 (id=940):
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000100), 0x1, 0x599, &(0x7f0000000540)="$eJzs3T9sG2UbAPDnznHTP/m+9JO+T/pAHSpAKlJVJ+kfKEztiqhUqQMSC0SOG1Vx4ipOoIkike4VogMC1KVsMDCCGBgQCyMrC4gZqaIRSE0HMHJ8TtPULk6I4xL/ftLZ73t39vO+d35e+053cgB962j9IY14KiIuJhHDG5YNRLbwaGO91ZWl4v2VpWIStdqlX5JIIuLeylKxuX6SPR+KiOWI+H9EfJOPOJ6uv+W+ZqG6sDg1Xi6XZrP6yNz01ZHqwuKJK9Pjk6XJ0sypF186c/b0mbGTYxube7+2sZbfWl9v/Hjz3RvfvXL75qefHVkuvj+exLkYypZt7MdOamyTfJzbNP90N4L1UNLrBrAtuSzP66n0vxiOXJb1rdQ2Dg6Du9I8oItqgxE1oE8l8h/6VPN3QP34tznt5u+PO+cbByD1uKsrS8V3ohl/oHFuIvavHZsc/DV56Mikfrx5eDcbyp60fD0iRgcGHv38J9nnb/tGd6KBdNXX5xs76tH9n66PP9Fi/Blqnjv9m5rj32o2/q22iJ9rM/5d7DDG76//9FHb+NcH4+mW8ZP1+EmL+GlEvNlh/FuvfXm23bLaxxHHonX8puTx54dHLl8pl0Ybjy1jfHXsyMvt+x9xsE38xjnb/WtfMxv7vy9rU9ph/7/49vNnlh8T//lnH7//W23/AxHxXofx/3Pvk1fbLbtzPblb/xWw1f2fRD5udxj/hXNHf8iKzhoCAAAAAAAAAMAOSteuZUvSwno5TQuFxj28/42DablSnTt+uTI/M9G45u1w5NPmlVbDjXpSr49l1+M26yc31U/lsoC5A2v1QrFSnuhx3wEAAAAAAAAAAAAAAAAAAOBJcWjT/f+/5dbu/9/8d9XAXtX+L7+BvU7+Q/96OP+TnrUD2H2+/6Fv1eQ/9C/5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChPtXurywV6/WJgYX5qcpbJyZK1anC9HyxUKzMXi1MViqT5VKhWJn+q/dLKpWrozEzf21krlSdG6kuLL4xXZmfaf6naCnf9R4BAAAAAAAAAAAAAAAAAADAP8/Q2pSkhYh8o56mhULEvyLicBLJ5Svl0mhE/Dsivs/lB+v1sV43GgAAAAAAAAAAAAAAAAAAAPaY6sLi1Hi5XJrtXmEgC9XFEJ0XBrayckQs72wz6u+45Vflsw3Y4023Nwq5J+Nz+OQXejgoAQAAAAAAAAAAAAAAAABAn3pw02+nr/ijuw0CAAAAAAAAAAAAAAAAAACAvpT+nEREfTo2/NzQ5qX7ktXc2nNEvH3r0gfXxufmZsfq8++uz5/7MJt/shftBzrVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxQXVicGi+XS7PbLAx2sE6v+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHX8GAAD//xLkz18=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e08003950"], 0x15)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

8m9.345991882s ago: executing program 2 (id=943):
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000013b3f3c1cb0c7cb40000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000950bc299839669ce4dabd7030fb88444dbfb64258951c49a1fca23"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$packet(0x11, 0x2, 0x300)
close(r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000003f64ecb21ed7d74b542e43ae9f57f61af1c5b6016901992307df92d7c26b05a7da0582d208fd1f57c41cee38c7023e71dc864ab49f7894dd5ee29721d0625ee50c8aeca9b5090d85ff1c5df40229f0981507171aec7dc97abd981893d51a27e8a1033fa344fa3c6c27705648a66a47e0a1bc8fcede095704453c77f6c5370191ab55c423aae05729e69c987cf5f9aa2fd88c9e2114f53b9f82157c197397e43647b083db79f1f2"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x20c9}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)

8m8.312442806s ago: executing program 2 (id=951):
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0xfffffffe)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pipe2(&(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
close_range(r3, 0xffffffffffffffff, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000680)="68c8", 0x2}], 0x1)
r4 = accept4$unix(r0, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f0000001680)=[{{0x0, 0x0, &(0x7f0000003380)=[{0x0}, {&(0x7f0000000040)=""/40, 0x28}], 0x2}}], 0x1, 0x2, 0x0)
r5 = socket$inet6(0xa, 0x80001, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_int(r6, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0)
write$cgroup_int(r7, &(0x7f0000000440)=0xffffffff00000001, 0x12)
setsockopt$inet6_MCAST_JOIN_GROUP(r5, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r8 = syz_open_dev$evdev(&(0x7f0000000000), 0x2aa, 0x812000)
ioctl$EVIOCGSND(r8, 0x8040451a, &(0x7f0000000040)=""/214)
setsockopt$inet6_MCAST_MSFILTER(r5, 0x29, 0x30, &(0x7f00000007c0)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000ffff00000000000000bd0000000000000000000000e4ec01000000004000000000fc00000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000006000000000000000005"], 0x310)
syz_open_dev$vcsn(&(0x7f0000000140), 0x3, 0x40002)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, &(0x7f00000005c0)={0x1, {{0xa, 0x4e20, 0x1b, @loopback}}, {{0xa, 0x0, 0x855b, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}}}, 0x108)

8m8.25299473s ago: executing program 2 (id=952):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0xfffffead, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r2 = gettid()
sigaltstack(&(0x7f0000001040)={&(0x7f0000001080)=""/4125, 0x80000000, 0x101d}, 0x0)
rt_sigqueueinfo(r2, 0x21, &(0x7f00000002c0)={0xb, 0x4})
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='./file0/../file0/../file0/../file0\x00')
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000280)={'wg2\x00'})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="a529d5633d98a6a55c638c76ac84af1e44a62600f5364119154b091f540f42e85f91663030a791f96680f1228afc05b3dd9532b8ecab8eb52a224bdf814da4915b01ef9df611", @ANYBLOB="da92743dc36c42404dee4a9c27b1f4dd23b8c700fd02ee5431873626984f1eafd460d22f026766de871b052ea6a4454f9bf49525434e85e11126ec5a479488822cf4189f9f1cd8fc77c7f89aad8bd2cb234e6097d9be1ad4ea87783b22cc0fcbc2a4f907dc92065f654a36b6fec4e30b7256418f3a42fecfeafc301a63bd6ceca9496f982ef34166c0297ce0360b022f60a8e617daaf8fb4ee841619946055590a8a9da08f8e9a313bc1097151b74210e2f6f7083373712665d05610a6e39357aec70732103e575cd85f5f7d97b183bd13ca79e1be920e6c6388887d94ad9087e4ecfe8d09243bc9f519aa8b668b7f5973e06e", @ANYRES64=r1, @ANYRES16=r0, @ANYRESDEC=r0], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r5, 0x0, 0x8000000000000}, 0x9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r4}, 0x10)
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x200, 0x80, 0x20000, 0x0, 0x0, 0x8}, 0x45)
mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
mmap(&(0x7f0000568000/0x2000)=nil, 0x1000000, 0x0, 0x11, r6, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
ioctl$TIOCGPTPEER(r3, 0x5441, 0x1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x4, [@enum={0x2, 0x1, 0x0, 0x6, 0x4, [{0x2001}]}]}, {0x0, [0x2e, 0x2e]}}, 0x0, 0x30}, 0x28)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast})

8m8.02044169s ago: executing program 2 (id=955):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000240)={0x0, 0x28, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0)

8m7.859155423s ago: executing program 2 (id=957):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f00000008c0)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
close(r0)

8m7.844977774s ago: executing program 32 (id=957):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f00000008c0)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
close(r0)

8.616006339s ago: executing program 1 (id=2816):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d499bd28271b98f187f5879b16b409a04d78175cc8d0f707c822805d7011ed4b22419186dd2b22aadf15828db2ca19d79e1bf2f7989237ee5cb2e1eb7b2bfc92d3aa95a26f060935c4fee8b2d7d0bf3c6d82d04329164bd4ee0b8060183f36762b0440d9082d7c8b06e4c2024f77e1018758d28e7ee290f32a48bfc2aa10b3dba9bff00d2410f3477a8e0df689c880dc9a677cfaa16603527c06625a3363744cea5f2d350224cc0fea76c72ca08507235c67346722f20690fde0790f040f5fd3eff75f9b291cc5e9c686ebaadbe756c6fa039ff441e427ed12578d5cb041ebf729cfaa575cc852fbdb54e60435e6d62b9d270433b220ed9ff1ff042b8d3d866231c460765"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x1f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000200)='.\x00', 0x10000a0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/oops_count', 0x0, 0x2e)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eM4/cc23NO/br2CaBvXYqI4Wx7GBETWX0u2+Jua0tu92r76fzO9tP5XDSb9/+ZS88nddH2N4mPImIrIgoR8aPvRfw0dzBufWNzea5SKa9l5alGdXWqvrF5fak6t1heLK+USrMzs9O3b9wqnVhfL1aHs6Mvv/zD1rd+njRrPKtp78dJanV9aC9OZI/5Dz5EsB4YiIjB7PWTudDL9vB+8hHxaURcTq//iRhIn00A4DxrNieiOdFeBgDOu3yaA8vli1kuYDzy+WKxlcP7LMbylVq9ce1RbX1loZUrm4yh/KOlSnk6yxVOxlAuKc+kx2/KpX3lGxHxSUT8YmQ0LRfna5WFXv7DBwD62Ef75v//jLTmfwDgnCv0ugEAwKkz/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0D/Mf8DQF/54b17ydbcyX7/euHxxvpy7fH1hXJ9uVhdny/O19ZWi4u12mL6mz3Vw+6vUqutztyM9SeT316tN6bqG5sPqrX1lcaD9He9H5SHTqVXAMC7fHLxxZ9zEbF1ZzTdom0tB3M1nG/5XjcA6JmBXjcA6BmrfUH/OsZ7fOkBOCc6LNH7lkJEjO6vbDabzQ/XJOADu/oF+X/oV235f/8LGPqM/D/0r675/wNv9oHzptnMHXXN/zjqDQGAs02OH+jy+f+n2f632YcDP1nYf4vn+yt8owAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID+sbv+bzFbuWM88vliMeJCREzGUO7RUqU8HREfR8SfRoZGkvJMj9sMABxX/m+5bP2vqxNXxvefHc69Hkn3EfGzX93/5ZO5RmPtj0n9v/bqG8+z+lIv2g8AHGZ3nk73bW/kX20/nd/dTrM9f/9uRBRa8Xe2h2NnL/5gDKb7QgxFxNi/c1m5JdeWuziOrWcR8flO/c/FeJoDaa18uj9+EvvCqcbPvxU/n55r7ZPH4nMn0BboNy+S8edup+svH5fSfefrv5COUMeXjX/JXc3vpGPgm/i7499Al/Hv0lFj3Pz991tHowfPPYv44mDEbuydtvFnN36uS/wrB++uo7986SuXu51r/jrianSO3x5rqlFdnapvbF5fqs4tlhfLK6XS7Mzs9O0bt0pTaY56qvts8I871z7udi7p/1iX+IVD+v/1o3U/fvPfhz/+6jvif/NrneLn47N3xE/mxG8cMf7c2O8K3c4l8Re69P+w5//aEeO//OvmgWXDAYDeqW9sLs9VKuU1Bw7O/kHykj0Dzeh48J3TijUc7/VXzeb/FavbiHESWTfgLNi76CPida8bAwAAAAAAAAAAAAAAdHQa31jqdR8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4v/4XAAD///4X0fs=")
fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000080)=0x4)
finit_module(r2, 0x0, 0x0)
dup(r1)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
epoll_create1(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x4, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r8}, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x1c, r10, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4008084}, 0x0)

6.63496109s ago: executing program 0 (id=2821):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
syz_usb_connect(0x1, 0xfffffffffffffd22, 0x0, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xc)
unshare(0x42000000)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="18001f000000010000000e000000fe001811000005cd5345e5f5069937e4b0d5a94f43bf533e382d94045f79f445d237ce2f3b21f57051cf3c7990c2318cc05c258b63cef464df347e2926155f225ec463566c536ac5760480b5c86274ba79af950b17f48d5fa5a4d767750c60e9f9a0ee643e04f8ed4f6d63f4053398c49bf9e082bba52a4258ac3286ecf960946cf86b3d0ecb07bd8389a779dbdd906c", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffffe5)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r3, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
syz_read_part_table(0x106b, &(0x7f0000001080)="$eJzsz7FNA0EQBdC/Oz5hR9CB26ADhEQLxCCa4JAogSZISemAjBYIECWQLTo4iQ7AwXvJzPwfTfhXu75Nqp3e10NOcjva/NtN6+zn++T55SKfY0y9XV5VryVe633L5md7zeasjjKltY9R31G7GZWWPO6WY3677nf1tF2a9xz/7asAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLC+AgAA//+VSBLh")
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000c40))
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
unshare(0x64000600)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

4.560141379s ago: executing program 1 (id=2825):
socket$inet(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
lstat(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="4c00000010004b0422000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b000100627269646765"], 0x4c}, 0x1, 0x0, 0x0, 0x200400a0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = syz_open_pts(0xffffffffffffffff, 0x141601)
socketpair(0x18, 0xa, 0x2, &(0x7f00000003c0))
ioctl$TIOCGPTLCK(r5, 0x80045439, &(0x7f0000000000))
statx(0xffffffffffffffff, 0x0, 0x400, 0x4, 0x0)
socket$inet(0x2, 0x2, 0x1)

4.009138504s ago: executing program 3 (id=2827):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[], 0x50)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff})
r2 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0xfffffffffffffea8, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
fchdir(r3)
open(&(0x7f00000003c0)='.\x00', 0x800, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, 0x0, 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r7 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
r8 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000180)="5e73663bf4082f7c6cbecbf09d6dd7be5a06dfd64563f329c16f799d1836bfc45a7badc8faed24bb77c848723a43602d1fe0d236c062e105ec77ffd00fb243c3111dda42112650cc", 0x100000, 0xfe2a)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)

3.56089106s ago: executing program 1 (id=2828):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff00000006"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='kmem_cache_free\x00', r0}, 0x18)
readlink(0x0, 0x0, 0x0)
socket(0x10, 0x3, 0x9)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
waitid(0x0, r3, 0x0, 0x8, 0x0)
waitid(0x1000000000000000, 0x0, 0x0, 0x4, 0x0) (fail_nth: 4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0xfffffffd, @empty}, 0x1c)
r5 = dup(0xffffffffffffffff)
r6 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d1)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

3.499132645s ago: executing program 3 (id=2829):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="c80000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200e00000010c000280050001000000000008000740000000013c001080080002400000000708000140000046e208000340"], 0xc8}, 0x1, 0x0, 0x0, 0x4000090}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = epoll_create1(0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000000)={0xe000202b})
epoll_pwait(r3, &(0x7f0000000140)=[{}], 0x1, 0xfffffffffffffff7, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="06000000040000000800000005"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r1, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000001007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
pipe2$9p(&(0x7f0000000240)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r8 = dup(r7)
write$FUSE_BMAP(r8, &(0x7f0000000100)={0x18}, 0x18)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r8, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])
setxattr$incfs_size(&(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, 0x0, 0x2)
r10 = dup3(r1, r3, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r10, &(0x7f0000000300)={0x200f})

3.221719408s ago: executing program 0 (id=2830):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000240)=ANY=[@ANYRESHEX=r0, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000008850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
setgid(0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
unlink(&(0x7f0000000180)='./cgroup/../file0\x00')
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
close(0xffffffffffffffff)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2c00)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x2}, 0x4)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'wg0\x00', <r6=>0x0})
sendto$packet(r5, &(0x7f0000000180)="0b03feff4f12021202004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r6}, 0x14)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000000000bc43d72daf750683000000800000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044)
r7 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
statx(r7, &(0x7f00000001c0)='./cgroup/../file0\x00', 0x0, 0x8, &(0x7f0000000340))

3.033860873s ago: executing program 3 (id=2832):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="c80000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200e00000010c000280050001000000000008000740000000013c001080080002400000000708000140000046e208000340"], 0xc8}, 0x1, 0x0, 0x0, 0x4000090}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = epoll_create1(0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000000)={0xe000202b})
epoll_pwait(r3, &(0x7f0000000140)=[{}], 0x1, 0xfffffffffffffff7, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="06000000040000000800000005"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r1, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000001007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
pipe2$9p(&(0x7f0000000240)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r8 = dup(r7)
write$FUSE_BMAP(r8, &(0x7f0000000100)={0x18}, 0x18)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r8, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])
setxattr$incfs_size(&(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, 0x0, 0x2)
dup3(r1, r3, 0x0)

2.980103317s ago: executing program 4 (id=2834):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
fspick(0xffffffffffffffff, 0x0, 0x0)
bind$unix(r0, &(0x7f0000000280)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0xfc, 0x0, 0x67b}]}, 0x10)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@multicast, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x2f, 0x0, @rand_addr, @multicast1}, {0x3200, 0x88be, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x0, 0x0, @val=0xe0}}}}}}}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r2, 0x89f9, &(0x7f00000000c0)={'sit0\x00', &(0x7f0000000080)={@remote, @private=0xa010101, 0x2, 0x1}})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
unshare(0x20000400)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=ANY=[@ANYBLOB="160000000000000061b1000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r4, <r5=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f0000000200)={r5, 0x0, &(0x7f0000001780)=""/4096}, 0x20)
pivot_root(&(0x7f00000000c0)='./file0/../file0/../file0/../file0\x00', 0x0)
bind$inet(r2, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
sendmmsg$inet(r2, &(0x7f00000039c0)=[{{&(0x7f0000000800)={0x2, 0x6e20, @multicast1}, 0x10, 0x0}}], 0x1, 0x2000c044)
sendto$inet(r2, &(0x7f0000000c80)="e8", 0x6200, 0x12000000, 0x0, 0x0)

2.960029099s ago: executing program 4 (id=2835):
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000300000005"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000539d00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r6}, 0x8)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0xc, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback=0x10, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r8, 0x1, 0x32, &(0x7f0000000180)=r7, 0x4)
sendmsg$inet(r9, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000340)=[@sack_perm, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x7)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f00000001c0), 0x4)

2.495107777s ago: executing program 1 (id=2836):
socket$inet(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair(0x18, 0xa, 0x2, &(0x7f00000003c0))
socket$inet(0x2, 0x2, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='pids.events\x00', 0x275a, 0x0)

2.190195532s ago: executing program 0 (id=2838):
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x17)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102000028"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bc00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
inotify_init()
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0)={[{@dioread_nolock}, {@minixdf}, {@nolazytime}, {}]}, 0x1, 0x783, &(0x7f0000002200)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")

1.95746845s ago: executing program 4 (id=2839):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e75"], 0x15)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
r4 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000005304", @ANYRES32], 0x14}, 0x1, 0x0, 0x0, 0x24040041}, 0x4008840)
r5 = dup(r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x17, 0x3, &(0x7f0000000200)=@framed={{0x85, 0x0, 0x0, 0x0, 0x6a, 0x4}}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r5, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x4000, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)={0x28, r7, 0x1, 0x0, 0x25dfdbfc, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x2000c050)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000001000)={'batadv_slave_1\x00', <r10=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="540000001400090525bd70000003000002180d00", @ANYRES32=r10, @ANYBLOB="08000b000000000008000200ac14143f080009"], 0x54}}, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r3, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x34, r7, 0x400, 0x70bd25, 0x25dfdbff, {}, [@ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0x2}, @ETHTOOL_A_CHANNELS_HEADER={0x4}, @ETHTOOL_A_CHANNELS_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x44010}, 0x5)
umount2(&(0x7f0000000180)='./file0\x00', 0xb)

1.839091521s ago: executing program 3 (id=2840):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
lookup_dcookie(0x162f, 0x0, 0x0)

1.794895564s ago: executing program 3 (id=2841):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$selinux_access(0xffffffffffffff9c, &(0x7f00000010c0), 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r1], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
write$selinux_access(r0, &(0x7f0000000080)={'system_u:object_r:restorecond_var_run_t:s0', 0x20, '/usr/lib/telepathy/mission-control-5', 0x20, 0xa}, 0x65)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
sched_setaffinity(0x0, 0x0, 0x0)
ptrace$ARCH_SET_GS(0x1e, r4, &(0x7f0000000240), 0x1001)

1.776700166s ago: executing program 0 (id=2842):
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8041}, 0x0)
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x8, 0xc, &(0x7f0000000780)=@raw=[@func, @cb_func={0x18, 0x9, 0x4, 0x0, 0x7}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}], &(0x7f0000000800)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
fspick(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x44, 0x86}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0xffffffffffffffad, &(0x7f0000000840)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x23)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmsg$NLBL_CALIPSO_C_ADD(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x24, 0x0, 0x2, 0x70bd28, 0x25dfdbff, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000080)={@remote, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "8000", 0x30, 0x3a, 0x0, @remote, @mcast2, {[], @dest_unreach={0x2, 0x5, 0x0, 0x0, '\x00', {0x0, 0x6, "f20700", 0x0, 0x2f, 0x0, @private2, @remote}}}}}}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xb, 0x8, 0xc, 0x4, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r6}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800020000000000000000000000000095000000000000005bec413d447a5c16d4ab47fc0b5f2ea24f1ad3af6d582f014b2c5255ac50fee339c8a0f28d38c42558de13aa966a63f0305db0a906efb65d8d35f0a19b6a547264b18ab3f5edb720e23ede73b227ad081a5e6c614919d56b9b139a9c20e26687510ddb3439e30f2dde82a684170182a14aaf64f5e5fd38148a92299a59629051ab660a7a1bb698142d567530220b8e314f3c329df1f74c629622d9f8ee80c18e7ed2600a3079d268cab9bf95210257134f01e32ae359761e9aec1cf709e30dc63b31ebdb3e8216424485475fff8ee032981d898fcc81b359eceb25430cd5bed0b34e19c84f00e82912de1415af0a675c1f50091f0482e01ed4d667e178382b9f51b0f09df8ff3e578311d2699cb2292268ee1e62b33374c95fd8997f0214efbb63b939e429b4879aa3b4f4c9663ab569e0491ae71d653a7ecab3f3a05d2f275f6f2e5742d302ff921e6d2116db10b90293b9b752eb7ca014dd3824fab5c991476a86df9b1459576198b25f39fab474c6ceb4e276831f00000000000001ff6f2dd5f24cf9f609d027"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000800)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xf29cd8a4a6e095f2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3008c94, &(0x7f0000000400)={[{@dioread_lock}, {@journal_dev={'journal_dev', 0x3d, 0x2}}, {@quota}, {@norecovery}, {@auto_da_alloc}, {@noquota}, {@grpquota}, {@barrier_val}, {@grpjquota}, {@jqfmt_vfsold}]}, 0x45, 0x7bf, &(0x7f0000000e00)="$eJzs3c9rG1ceAPDvyPLPZNdeWNjNngQLu4EQeZ31Jlso1KWHUmgg0J56aGJkxaSWrWDJITamTSiFXgpt6a295Nyfl9Jrfxx6af+PkhJaJzSlh+Iy+hHLtuRKiS2T5vOBid+beaM333lPb148YymAR1Yu/ScTcSwi3kwixhvrk4gYrKWyETP1cnc31gvpksTm5nM/JLUydzbWC9GyT+pII/P3iPjytYgTmd31VlbXFmZLpeJyIz9ZXbw8WVldO3lpcXa+OF9cOj01PX3qzP/OnN6/WH/6du3o9289/e+PZn559W8fv/FVEjNxtLGtNY79kotc45wMpqdwm6f2u7JD8+nLXRRq6QHZgzwYepQ2zECjVY7FeAzs1T6j/TwyAOCgvBIRm50MdNwCADzUkvr1/4nDPg4AoF+avwe4s7FeaC6H+xuJ/rr1ZESM1ONv3t+sb8k27tmN1O6Djt1Jtt0ZSSJiYh/qz0XEe5+9+EG6xAHdhwRo59r1iLgwkds9/ie7nlno1X/ar55vzeR2bDT+Qf98ns5//t9u/pe5N/+JNvOf4Tbv3fuRS7bnd7//Mzf3oZqO0vnf4y3Ptt1tib9hYqCR+1NtzjeYXLxUKqZj258j4ngMDqf5qT3qOH7719udtrXO/358+6X30/rTn1slMjezw9v3mZutzj5IzK1uXY/4R7Zd/On4P1xr/6TD/Pdcl3U889jr73balsafxttcdsd/sDZvRPyrbftvdcxkz+cTJ2vdYbLZKdr4ZCbGOtWfy261f7qk9Tf/L9APafuP7R3/RNL6vGal65e+97TYNzfGv+hUqLX/t4+/ff8fSp6vpYca667OVqvLUxFDybO715/a2reZb5ZP4z/+z/bv/+b416b/v5C+/oUuT0R2ID6sj5j3E//BSuOf66n9e07EyN2FgU717xF/o/+k7T+9bZ9uxr9uD/BBzh0AAAAAAAAAAAAAAAAAAAAAAAAAdCsTEUcjyeTvpTOZfL7+Hd5/jbFMqVypnrhYXlmai9p3ZU/EYKb5UZfjLZ+HOtX4PPxm/tSO/H8j4i8R8c7waC2fL5RLc4cdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0HOnw/f+p74Z3FB44jCMEAA7EiAs7ADxqkmz2sA8BAOi3kZ5Kjx7YcQAA/dPb9R8A+CNw/QeAR8/vXP93/hkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Orc2bPpsvnzxnohzc9dWV1ZKF85OVesLOQXVwr5Qnn5cn6+XJ4vFfOF8mLHF7pW/1Eqly9Px9LK1clqsVKdrKyunV8sryxVz19anJ0vni8O9i0yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOheZXVtYbZUKi5L7E9iuHFiu9xr4et68XZlNjcPPxyJvRNxrafmfogSMbQ1Soz2f2ACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeEj8FgAA///+gx9z")
sendmsg$nl_netfilter(r5, &(0x7f0000000740)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0xc467ead09e2a02cd}, 0xc, &(0x7f00000003c0)={&(0x7f00000006c0)={0x6c, 0xf, 0xa, 0x401, 0x70bd27, 0x25dfdbfe, {0x1, 0x0, 0x5}, [@generic="c0c926a8edfcff41a5f4842852ffb6056c0fdf45fccb9697b78b9a3d569bf4d4da93c62634bffb017cd8ce66a7b60e5fb451f3cba4728c9ded9fd6c6ff906c89f81e2634f40ed4864a74ce04bc5e25226a55a2231091"]}, 0x6c}}, 0x28000000)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)

1.655574385s ago: executing program 4 (id=2843):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057000000"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa00000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'wg0\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f0000000180)="0b03feff4f00020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)

1.3564517s ago: executing program 4 (id=2844):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYRES64=r0, @ANYRESHEX], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
r2 = dup(0xffffffffffffffff)
fsetxattr$security_selinux(r2, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

1.339407291s ago: executing program 5 (id=2845):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff00000006"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='kmem_cache_free\x00', r0}, 0x18)
readlink(0x0, 0x0, 0x0)
socket(0x10, 0x3, 0x9)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
waitid(0x0, r3, 0x0, 0x8, 0x0)
waitid(0x1000000000000011, 0x0, 0x0, 0x4, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0xfffffffd, @empty}, 0x1c)
r5 = dup(0xffffffffffffffff)
r6 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d1)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.274991486s ago: executing program 4 (id=2846):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27def"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000200)='.\x00', 0x10000a0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/oops_count', 0x0, 0x2e)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eM4/cc23NO/br2CaBvXYqI4Wx7GBETWX0u2+Jua0tu92r76fzO9tP5XDSb9/+ZS88nddH2N4mPImIrIgoR8aPvRfw0dzBufWNzea5SKa9l5alGdXWqvrF5fak6t1heLK+USrMzs9O3b9wqnVhfL1aHs6Mvv/zD1rd+njRrPKtp78dJanV9aC9OZI/5Dz5EsB4YiIjB7PWTudDL9vB+8hHxaURcTq//iRhIn00A4DxrNieiOdFeBgDOu3yaA8vli1kuYDzy+WKxlcP7LMbylVq9ce1RbX1loZUrm4yh/KOlSnk6yxVOxlAuKc+kx2/KpX3lGxHxSUT8YmQ0LRfna5WFXv7DBwD62Ef75v//jLTmfwDgnCv0ugEAwKkz/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0D/Mf8DQF/54b17ydbcyX7/euHxxvpy7fH1hXJ9uVhdny/O19ZWi4u12mL6mz3Vw+6vUqutztyM9SeT316tN6bqG5sPqrX1lcaD9He9H5SHTqVXAMC7fHLxxZ9zEbF1ZzTdom0tB3M1nG/5XjcA6JmBXjcA6BmrfUH/OsZ7fOkBOCc6LNH7lkJEjO6vbDabzQ/XJOADu/oF+X/oV235f/8LGPqM/D/0r675/wNv9oHzptnMHXXN/zjqDQGAs02OH+jy+f+n2f632YcDP1nYf4vn+yt8owAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID+sbv+bzFbuWM88vliMeJCREzGUO7RUqU8HREfR8SfRoZGkvJMj9sMABxX/m+5bP2vqxNXxvefHc69Hkn3EfGzX93/5ZO5RmPtj0n9v/bqG8+z+lIv2g8AHGZ3nk73bW/kX20/nd/dTrM9f/9uRBRa8Xe2h2NnL/5gDKb7QgxFxNi/c1m5JdeWuziOrWcR8flO/c/FeJoDaa18uj9+EvvCqcbPvxU/n55r7ZPH4nMn0BboNy+S8edup+svH5fSfefrv5COUMeXjX/JXc3vpGPgm/i7499Al/Hv0lFj3Pz991tHowfPPYv44mDEbuydtvFnN36uS/wrB++uo7986SuXu51r/jrianSO3x5rqlFdnapvbF5fqs4tlhfLK6XS7Mzs9O0bt0pTaY56qvts8I871z7udi7p/1iX+IVD+v/1o3U/fvPfhz/+6jvif/NrneLn47N3xE/mxG8cMf7c2O8K3c4l8Re69P+w5//aEeO//OvmgWXDAYDeqW9sLs9VKuU1Bw7O/kHykj0Dzeh48J3TijUc7/VXzeb/FavbiHESWTfgLNi76CPida8bAwAAAAAAAAAAAAAAdHQa31jqdR8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4v/4XAAD///4X0fs=")
fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000080)=0x4)
finit_module(r2, 0x0, 0x0)
dup(r1)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
epoll_create1(0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x4, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r8}, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x1c, r10, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4008084}, 0x0)

1.2339027s ago: executing program 5 (id=2847):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f0000002540)=""/4096, 0x1000)

1.217802531s ago: executing program 5 (id=2848):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x1e}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001f80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r4, 0x8914, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="8fedcb5d07081175f37538e486"], 0x36)

1.159139866s ago: executing program 5 (id=2849):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="d58c8ab3ee63880a44a4d8a3826175ecbba41b268f48545823e48389ed389f9028f01130d45d6c08799afd04d5c4b6409d1c818b85b61200832cb296c42a2250913c347740e1cc85e08e7a962fe89b7ae0e3c2369d927c2d5ee41f7b76ed229934c04af9c11d731d162808da8dd169a7f6223136036f3fba893bb1dcd9ae2a520f2a40ae63b8a872d879c18bd8347c80be10f6a1990bc8e0d2de67b33699346d01037527ac9a24a7a03c7ab138dd633d8e8087544209e9423543560249904536915bacaa3945c99a"], 0x84}, 0x1, 0x0, 0x0, 0x20850}, 0x49)
ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x40086610, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x3bd)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
write(r0, &(0x7f0000004200)='t', 0x1)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003e40)=ANY=[@ANYBLOB="540100001000130700000000000000000000000000000000000000050000a281f8eea1632c37000000000000000000bb00000000000000400000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032000000fe8800000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fdffffff000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c00040001004e234e220000ffffffff00"/266], 0x154}}, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x3ffff)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x7ffff000)

1.11033758s ago: executing program 1 (id=2850):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_emit_ethernet(0x46, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa41208cb8e5b40800450000380000000000019078ac1e0001ac14d18a05bd663af53d000000000000007f0000010800000000002000962def72e531904629f324fb12e820d340ca72e6491696e8b1c646ef1e6a6a367bc666e9ea2ac05101af52048a1b189be631629c748b25e4093bf846a75a2a22ae695478dd37c95b"], 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = getuid()
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000003c0)={{{@in6=@private1, @in=@dev}}, {{@in=@multicast1}, 0x0, @in=@empty}}, &(0x7f00000001c0)=0xe8)
mount$incfs(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0xba600d, &(0x7f00000006c0)=ANY=[@ANYBLOB='rlog_pages=00000000000000000001,appraise_type=imasig,uid>', @ANYRESDEC=r5, @ANYBLOB="fffffffffa58b3da871ba324595ae6b4923e7083854fcfaebd10e45694f846cf53", @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b66736861743d5b292f7b3a402d28fc2c646f6e745f6d6561737572652c686173682c7065726d69745f646972656374696f2c00"])
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040))
ioctl$PIO_CMAP(r6, 0x4b71, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000894000/0x1000)=nil, 0x1000, 0x1, 0x11, r7, 0x7)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x7e})

1.022706277s ago: executing program 0 (id=2851):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
lookup_dcookie(0x162f, 0x0, 0x0)

993.860309ms ago: executing program 5 (id=2852):
ioctl$F2FS_IOC_RESIZE_FS(0xffffffffffffffff, 0x4008f510, &(0x7f0000000640)=0x3)
syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000040)='./bus\x00', 0x3000050, &(0x7f0000000600)=ANY=[], 0x1, 0x14fe, &(0x7f0000002180)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5k2rOm/PmgrlgLpqLly77IhWpyEQmyhBliFKilChzlDnKEmWJskZZo0SUiLJF2aLs0fVRjihnlCvKHeWJ8kapYCOKXMRRHOWPCkTJ6IaoYHRjVCgqHBWJikY+KhYVj26KSkQ3RyWjW6JS0a1R6ei2qExUNioXlY9ujypEd0QVo0pR5ejOqEp0V1Q1qhbdHVWP7olqRPdGNaP7olrR/VHt6IGoTvRgVDd6KKoXPRzVjx6JGkSPRg2jRlHjqEnU9F9aP4QzOR/33Wx3m2p72J72ZdvL9rZ9bF/bz75i+9tX7QD7mh1oB9nB9nU7xL5hh9o37TA73I6wb9mRdpQdbcfYsXacHW/fthPsO3aifddOspPtFDvVTrPT7Qz7np1pZ9nZ9n07x35g59p5dr5dYBfaD+0iu9im2Y/sEvuxXWqX2eV2hV1pV9nVdo1da9fZ9XaD3Wg32c12i91qP7Hb7Ha7w+60u+xuu8d+avfaz+w++7ndb7+wB+yf7EH7pT1kv7KH7df2iP3GHrXf2mP2O3vcfm9P2JP2lP3BnrY/2jP2rD1nf7Ln7c/2gv3FXrTh0sX9pdM7GTKUgTJQCqVQZspMWSgLZaWslKAEZaNslJ2yUw7KQbkoF+WhPJSP8tElTEz5KT8lKUkFqSAVokJUhIqQJ0/FqTiVoBJUkkpSKSpFpak0laEyVI7K0e10O91Bd1AlqkR30p10F91F1agaVafqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUgBpQQ2pIjakxNaWm1IyaUXNqTi2pJbWiVtSaWlMbakNtqS21o3bUntpTB+pAHakjdaJO1IW6UFfqSt2oG6VSKvWkntSLelEf6kP9qB/1p/40gAbQQBpIg2kwDaEhNJSG0jAaTiPoLRpJo2g0jaGxNI7G03iaQBNoIk2kSTSJptAUmkbTaAbNoJk0k2bTbJpDc2guzaX5NJ8W0kJaRIsojdJoCS2hpbSUltNyWkkraTWtprW0ltbTetpIG2kzbaattJW20TbaQTtoF+2iPbSH9tJe2kf7aD/tpwN0gA7SQTpEh+gwHaYjdISO0lE6RsfoOB2nE3SCTtEpOk2n6QydoXN0js7Tz3SBfqGLFCjFKcjsrnJZ3NUuq7vGpbhM7lIcAcClOJfL7fK4vC6fsy6Hy/lXMTnnCrnCrogr6rwr5oq7m34Xl3FlXTlX3t3uKrg7XMXfxdXdPa6Gu9fVdPe5au7uv4pruftdbfeIq+MedXVdI1fPNXH13SOugXvUNXSNXGPXxLVyT7rW7inXxj3t2rpnfhcvcovdWrfOrXcb3F73mTvnfnJH3bfuvPvZdXPdXT/3iuvvXnUD3GtuoBv0u3iEe8uNdKPcaDfGjXXjfhdPcVPdNDfdzXDvuZlu1u/ihe5DN8elublunpvvFvwaX1pTmvvILXEfu6VumVvuVriVbpVb7db877WucJvcZrfF7XGfum1uu9vhdrpdbvev8aV97HOfu/3uC3fEfeMOui/dIXfMHXZf/xpf2t8x95077r53J9xJd8r94E67H90Zd/bX/V/a+w/uF3fRBQeMrFiz4YgzcEZO4Uycma/iLHw1Z+VrOMHXcja+jrPz9ZyDc3Iuzs15OC/nY8vEjpljzs8FOMk3cEG+kQtxYS7CRdlzMS7ON3EJvplL8i1cim/l0nwbl+GyXI7L8+1cge/gilyJK/OdXCUErsrV+G6uzvdwDb6Xa/J9XIvv59r8ANfhB7kuP8T1+GGuz49wA36UG3IjbsxNuCk/xs34cW7OLbglP8Gt+EluzU9xG36a2/Iz3I6f5fb8HHfg57kjv8CduDN34Re5K7/E3bg7p3IP7skvcy/uzX24L/fjV7g/v8oD+DUeyIN4ML/OQ/gNHspv8jAeziP4LR7Jo3g0j+GxPI7H89s8gd/hifwuT+LJPIWn8jSezjP4PZ7Js3g2v89z+AOey/N4Pi/ghfwhL+LFnMYf8RL+mJfyMl7OK3glr+LVvIbX8jpezxt4I2/izbyFt/InvI238w7eybt4N+/hT3kvf8b7+HPez1/wAf4TH+Qv+RB/xYf5az7C3/BR/paP8Xd8nL/nE3yST/EPfJp/5DN8ls/xT3yef+YL/Atf5MAQY6xiHZs4ijPEGeOUOFOcOb4qzhJfHWeNr4kT8bVxtvi6OHt8fZwjzhnninPHeeK8cb7YxhS7mOM4zh8XiJPxDXHB+Ma4UFw4LhIXjX1cLC4e3xSXiG+OS8a3xKXiW+PS8W1xmbhs/Mh95ePb4wrxHXHFuFJcOb4zrhLfFVeNq8V3x9Xje+Ia8b1xzfi+uGR8f1w7fiCuEz8Y140fiuvFD8f140fiBvGjccO4Udw4bhI3jR+Lm8WPx83jFnHL+Im4Vfxk3Dp+Km4TPx23jZ/5w+OpcY+4Z/xy/HIcwr16fnJBcmHyw+Si5OJkWvKj5JLkx8mlyWXJ5ckVyZXJVcnVyTXJtcl1yfXJDcmNyU3JzcktyRCqZQSPXnntjY98Bp/Rp/hMPrO/ymfxV/us/hqf8Nf6bP46n91f73P4nD6Xz+3z+Lw+n7eevPPsY5/fF/BJf4Mv6G/0hXxhX8QX9d4X88V9E9/UN/XN/OO+uW/hW/on/BP+Sf+kf8o/5Z/2bf0zvp1/1rf3z/kO/nn/vH/Bd/KdfRf/ou/qX/LdfHef6lN9T9/T9/K9fB/fx/fz/Xx/398P8AP8QD/QD/aD/RA/xA/1Q/0wP8yP8CP8SD/Sj/aj/Vg/1o/34/0EP8FP9BP9JD/JT/FT/DQ/zc/wM/xMP9PP9rP9nEJz/Fw/18/38/1Cv9Av8ot8mk/zS/wSv9Qv9cv9cr/Sr/Sr/Wq/1q/16/16v9Fv9Jv9Zr/Vb/Xb/Da/w+/wu/wuv8fv8Xv9Xr/P7/P7/X5/wB/wB/1Bf8h/5Q/7r/0R/40/6r/1x/x3/rj/3p/wJ/0p/4M/7X/0Z/xZf87/5M/7n/0F/4u/6IMfn3g7MSHxTmJi4t3EpMTkxJTE1MS0xPTEjMR7iZmJWYnZifcTcxIfJOYm5iXmJxYkFiY+TCxKLE6kJT5KLEl8nFiaWJZYnliRWJlYlQgh77Y45A8FQjLcEAqGG0OhUDgUCUWDD8VC8XBTKBFuDiXDLaFUuDWUDreFMqFsKBceDQ1Do9A4NAlNw2OhWXg8NA8tQsvwRGgVngytw1OhTXg6tA3PhHbh2dA+PBc6hOdDx/BC6BQ6hy7hxdA1vBS6he4hNfQIPcPLoVfoHfqEvqFfeCX0D6+GAeG1MDAMCoPD62FIeCMMDW+GYWF4GBHeCiPDqDA6jAljw7gwPrwdJoR3wsTwbpgUJocpYWqYFqaHGeG9MDPMCrPD+2FO+CDMDfPC/LAgLAwfhkVhcUgLH4Ul4eOwNCwLy8OKsDKsCqvDmrA2rAvrw4awMWwKm8OWsDV8EraF7WFH2Bl2hd1hT/g07A2fhX3h87A/fBEOhD+Fg+HLcCh8FQ6Hr8OR8E04Gr4Nx8J34Xj4PpwIJ8Op8EM4HX4MZ8LZcC78FM6Hn8OF8Eu4KH+zJoQQQgjxd9F/cLzH3/heBgBQv817AsDV23Mf/s81N+b487y3ytMqAQBPd+/40F9GlSqpqam/vXaphqjAPABI/HX9v8TLoCU8CW2gBZT4m+vrrTqf5z+on7wVIPN/yEmBy/Hl+jf/F/Ufe2LEotLxuWz/Tf15AIUKXM7JBJfjy/VL/hf1czb7g/Vn+nI8QPP/kJMFLseX6xeHx+EZaPNXrxRCCCGEEEIIIf6styrX/o/uny/dn+cxl3MywuX4j+7PhRBCCCGEEEIIceU917nLU4+1adOi/d83wd+eC/xjWTKRiUz+P5tc6U8mIYQQQgghxL/a5Yv+K70SIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBAi/fqf+HdiV3qPQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2vwIAAP//OoA48Q==")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="1e00000002000000ff0100000300000001420000", @ANYRES32, @ANYBLOB='\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="050000000100000005001bbf4195"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000030000000000000018112b06", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x44, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000500)={0x10, 0x3, 0x1ffe0000, 0x401, 0x7})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000540)={'veth0_to_batadv\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0x14, 0x0, 0x0)
sendto$packet(r2, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x20240, 0x0)
fcntl$getown(r4, 0x9)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fstat(r6, &(0x7f0000000380))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000004c0)={'gretap0\x00'})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r5}, &(0x7f0000000280), &(0x7f0000000840)=r6}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000)
r7 = syz_open_dev$evdev(&(0x7f0000000680), 0x0, 0x0)
syz_usb_disconnect(r7)
r8 = syz_usb_connect$cdc_ecm(0x0, 0x56, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000090000102505a1a4400000000101090244000101000000090400001202060000052406000005240000000d240f01000000000000000000090581034000000000090582"], 0x0)
syz_usb_ep_write(r8, 0x82, 0x41, &(0x7f00000000c0)="16688a4a3f1cd2db03000007000000000d7c36e51e67f08f961d2fc0c37d7c8c2136536697a794f470c5f44c560dedb1b190fa63c35a3c256fb8b4e2542f15f331")
ioctl$EVIOCRMFF(r7, 0x4004550f, 0x0)

699.068113ms ago: executing program 3 (id=2853):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x0, 0x1, 0x4120932, 0xffffffffffffffff, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
accept4$unix(r2, 0x0, &(0x7f00000001c0), 0x80800)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x9})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000940), 0x800, 0x0)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0100000004000000040000000800000000000000", @ANYRES32, @ANYBLOB], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x18)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@redirect_dir_on}, {@nfs_export_on}]})
openat$kvm(0xffffffffffffff9c, 0x0, 0x22401, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x1800, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000040), 0x206, 0x3601)
ioctl$USBDEVFS_ALLOW_SUSPEND(r6, 0x5522)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff})
recvmsg(r7, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x40040081)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

670.219205ms ago: executing program 0 (id=2854):
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000180)=<r0=>0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f00000003c0)={[{@dioread_lock}, {@usrjquota}, {@quota}, {@norecovery}, {@auto_da_alloc}, {@noquota}, {@jqfmt_vfsv1}, {@barrier_val}, {@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x8}}], [{@uid_gt={'uid>', r0}}, {@appraise}]}, 0x45, 0x7b1, &(0x7f0000000c80)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, &(0x7f0000000000)={0x88, {{0x29, 0x0, 0x3000000, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x88)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
write$binfmt_script(r1, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
bpf$PROG_LOAD(0x5, &(0x7f0000001580)={0x12, 0x0, 0x0, 0x0, 0x40005, 0x4c, &(0x7f0000000980)=""/76, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000a00)={0x7, 0x3}, 0x8, 0x10, &(0x7f0000000a40)={0x5, 0x3, 0x4, 0x6}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000001500), 0x0, 0x10, 0xbc77}, 0x94)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000007040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000007000)={0x20}, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
ioctl$KVM_RUN(r4, 0xae80, 0x0)

110.095011ms ago: executing program 1 (id=2855):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000140)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000000}}, {@mblk_io_submit}, {@nodioread_nolock}, {@test_dummy_encryption}, {@nombcache}, {@nodelalloc}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x1, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73a, &(0x7f0000000800)="$eJzs3E9rXOUaAPDnnCZtb5t7Jxfu4uJKqFih9iRN1a6EiOtCoR+ghslJCDnJhMykNjFg68KFIKgI/ulGv4EbRXBT+h0UwZ2CC0FrGheCi8iZzEx1OpOObdKR+vvBmfO875kzz/vMHF7mwLwTwD/W4+VDEjEWERciotLqTyPicDM6GnF193m3tzar21ub1SR2di7eSsrTmn3t10pa++PRPCX+HxE3RyNOvXZ33vr6xuJMUeSrrfZEY2llor6+cXphaWY+n8+XpyYnz559burZZyb3rdY3X/nkpzc+f/HLD88t/fb8radnk5hu1h1ddeyn3fdkNKa7+pcPItkQJcMeAAAAAym/5x+KiJHmt9RKHGpGAAAAwKNk58gOAAAA8MhLYtgjAAAAAA5W+3cAt7c2q+3tYf7+4McXImL8ztri7U7+keYa4oijMRoRx7aTP61MSHZPgwdy9VpE3Jjucf0nrevv/nWvXLdG+u/nRjn/TPea/9LO/BM95p+R9n8nPKD2/Ld91/x3J/+hPvPfhQFzHFk9+VXf/NciHhvplT/p5E/65H9pwPyfjn3zbb9jOx9HnIze+f+Ya4//h5iYWyjy1mPPHCc+e/XUXvUf65c/2bv+lQHr/+761Hy/uaTM/9SJvT//XvnLa+Kt1jjSiHi7tS/b73TlePLm5Ad71T/bp/57ff4fDVj/F69vfD/gUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKApjYixSNKsE6dplkUcj4j/xbG0qNUbp+Zqa8uz5bGI8RhN5xaKfDIiKrvtpGyfacZ32lNd7bMR8d+IeLfyr2Y7q9aK2WEXDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMfxiBiLJM0iIo2IXyppmmXDHhUAAACw78aHPQAAAADgwLn/BwAAgEef+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIbhw/ny57WxvbVbL9uzl9bXF2uXTs3l9MVtaq2bV2upKNl+rzRd5Vq0t3ev1ilpt5Vwsr12ZaOT1xkR9fePSUm1tuXFpYWlmPr+Ujz6UqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPirxppbkmYRkTbjNM2yiH9HxHiMJnMLRT4ZEf+JiK8ro0fK9plhDxoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9V1/fWJwpinxVIBAIOsGwZyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIahvr6xOFMU+Wp92CMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABguNIfkogot5OVJ8a6jx5Ofq009xHx8vWL712ZaTRWz5T9P3f6G++3+qeGMX4AAACgW/s+vX0fDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMKj6+sbiTFHkqwcYDLtGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/vweAAD//4rSy1s=")
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000050000", @ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
ioperm(0x7, 0x81, 0xfff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00'}, 0x10)
truncate(0x0, 0x8000)
close(0x3)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
setns(r4, 0x24020000)
umount2(&(0x7f0000000040)='.\x00', 0x2)

0s ago: executing program 5 (id=2856):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200"/56, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="0000000000000000b703000000030000850000001b000000b7"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="740000000001010400000000141a000002000000240001801400018008000100e000000108000200640101000c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001100005"], 0x74}, 0x1, 0x0, 0x0, 0x4040080}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r2 = signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x4]}, 0x8)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)={0x1b, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x6, '\x00', 0x0, r2, 0x2, 0x5}, 0x50)
r3 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcf"], 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_usb_control_io$cdc_ecm(r3, &(0x7f00000001c0)={0x14, 0x0, 0x0}, &(0x7f0000000380)={0x1c, &(0x7f0000000200)={0x20, 0x11, 0x94, "4daf8c1633bc62934f6370333397e2d07d0a1bc1cac436c8649c549fa842a367476649aff32b77d29f01bc14b1fbfb776a1128684d396870da1f34ebc64c13461d777e213d0140ba82feeb21390bdac3dd073eb8cd61edd143fefca998fabb8c082c85caf959cfe00f6cd1343999b93b5c9bdd084e77cdf997d2d659739ef5d332edbcd4d22bdb72fae310797fa71657ac905ed6"}, 0x0, &(0x7f0000000340)={0x0, 0x8, 0x1, 0x4}})
dup(0xffffffffffffffff)

kernel console output (not intermixed with test programs):

3e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[  965.886130][   T24] audit: type=1326 audit(949.134:13290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9207 comm="syz.1.2454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[  965.909056][   T24] audit: type=1326 audit(949.134:13291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9207 comm="syz.1.2454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[  965.931951][   T24] audit: type=1326 audit(949.134:13292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9207 comm="syz.1.2454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[  965.945699][ T1189] usb 6-1: unable to read config index 0 descriptor/start: -71
[  965.963287][ T1189] usb 6-1: can't read configurations, error -71
[  965.970429][   T24] audit: type=1326 audit(949.134:13293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9207 comm="syz.1.2454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[  965.993634][   T24] audit: type=1326 audit(949.134:13294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9207 comm="syz.1.2454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[  966.459763][ T9232] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 18)!
[  966.644043][ T9232] EXT4-fs (loop5): group descriptors corrupted!
[  967.142687][ T9242] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  967.252058][ T9238] F2FS-fs (loop0): invalid crc value
[  967.271101][ T7216] usb 4-1: new full-speed USB device number 59 using dummy_hcd
[  967.314731][ T9238] F2FS-fs (loop0): Found nat_bits in checkpoint
[  967.388687][ T9238] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  967.586777][ T9250] F2FS-fs (loop4): invalid crc value
[  967.635494][ T9250] F2FS-fs (loop4): Found nat_bits in checkpoint
[  967.677382][ T7216] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  967.687499][ T7216] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  967.732727][ T9250] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  967.795009][ T7216] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  967.804073][ T7216] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  967.826955][ T7216] usb 4-1: SerialNumber: syz
[  967.870511][ T7216] usb 4-1: 0:2 : does not exist
[  967.895559][ T9238] netlink: 'syz.0.2461': attribute type 10 has an invalid length.
[  967.908080][ T9238] F2FS-fs (loop0): Unrecognized mount option "checkpoint=dFsable" or missing value
[  967.942557][  T277] attempt to access beyond end of device
[  967.942557][  T277] loop0: rw=2049, want=45104, limit=40427
[  968.137277][ T9240] exfat: Deprecated parameter 'utf8'
[  968.142639][ T9240] exfat: Deprecated parameter 'namecase'
[  968.148992][ T9250] netlink: 'syz.4.2465': attribute type 10 has an invalid length.
[  968.161522][ T9240] exfat: Deprecated parameter 'namecase'
[  968.167197][ T9240] exfat: Deprecated parameter 'utf8'
[  968.172937][ T9250] F2FS-fs (loop4): Unrecognized mount option "checkpoint=dFsable" or missing value
[  968.196633][ T9240] exFAT-fs (loop3): Invalid boot checksum (boot checksum : 0x1119abd0, checksum : 0x9119abd2)
[  968.207181][ T9240] exFAT-fs (loop3): invalid boot region
[  968.212956][ T9240] exFAT-fs (loop3): failed to recognize exfat type
[  968.227058][  T279] attempt to access beyond end of device
[  968.227058][  T279] loop4: rw=2049, want=45104, limit=40427
[  968.418347][ T9268] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 18)!
[  968.429048][ T9268] EXT4-fs (loop0): group descriptors corrupted!
[  968.494074][ T7216] usb 4-1: USB disconnect, device number 59
[  968.764626][ T8291] udevd[8291]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  968.765192][ T9278] EXT4-fs (loop1): Ignoring removed orlov option
[  969.029709][ T9278] EXT4-fs (loop1): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue
[  969.159481][ T9287] exfat: Deprecated parameter 'utf8'
[  969.171379][ T9287] exfat: Deprecated parameter 'namecase'
[  969.182835][ T9287] exfat: Deprecated parameter 'namecase'
[  969.194757][ T9287] exfat: Deprecated parameter 'utf8'
[  969.207936][ T9287] exFAT-fs (loop3): Invalid boot checksum (boot checksum : 0x1119abd0, checksum : 0x9119abd2)
[  969.227412][ T9287] exFAT-fs (loop3): invalid boot region
[  969.233607][ T9287] exFAT-fs (loop3): failed to recognize exfat type
[  969.545868][ T9290] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  969.547633][ T9297] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2476'.
[  969.572335][ T9290] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  969.591851][ T9290] F2FS-fs (loop0): invalid crc value
[  969.603792][ T9290] F2FS-fs (loop0): Found nat_bits in checkpoint
[  969.654834][ T9290] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  969.672919][ T9290] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  969.922273][ T1189] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  970.200194][ T1189] usb 5-1: Using ep0 maxpacket: 16
[  970.328639][ T1189] usb 5-1: config 0 has an invalid interface number: 8 but max is 0
[  970.336744][ T1189] usb 5-1: config 0 has no interface number 0
[  970.343242][ T1189] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  970.343386][ T9308] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  970.354811][ T1189] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  970.377355][ T9308] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  970.388745][ T9308] F2FS-fs (loop1): invalid crc value
[  970.395406][ T9311] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  970.403416][ T9311] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  970.413198][ T9311] F2FS-fs (loop0): invalid crc value
[  970.422357][ T9308] F2FS-fs (loop1): Found nat_bits in checkpoint
[  970.460857][ T9311] F2FS-fs (loop0): Found nat_bits in checkpoint
[  970.479077][ T9308] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  970.486197][ T9308] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  970.499720][ T1189] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  970.512227][ T1189] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  970.524962][ T1189] usb 5-1: Product: syz
[  970.531204][ T1189] usb 5-1: SerialNumber: syz
[  970.540769][ T1189] usb 5-1: config 0 descriptor??
[  970.585797][   T24] kauditd_printk_skb: 163 callbacks suppressed
[  970.585810][   T24] audit: type=1326 audit(955.140:13458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9296 comm="syz.4.2476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f306e17f4a5 code=0x7ffc0000
[  970.623494][ T9311] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  970.647392][ T9311] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  970.662390][   T24] audit: type=1326 audit(955.206:13459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9310 comm="syz.0.2478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f37a39ad550 code=0x7ffc0000
[  970.686325][   T24] audit: type=1326 audit(955.206:13460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9310 comm="syz.0.2478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f37a39ad937 code=0x7ffc0000
[  970.709502][   T24] audit: type=1326 audit(955.206:13461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9310 comm="syz.0.2478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f37a39ad550 code=0x7ffc0000
[  970.733352][   T24] audit: type=1326 audit(955.206:13462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9310 comm="syz.0.2478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f37a39ae7eb code=0x7ffc0000
[  970.757041][   T24] audit: type=1326 audit(955.206:13463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9310 comm="syz.0.2478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f37a39ad84a code=0x7ffc0000
[  970.779962][   T24] audit: type=1326 audit(955.206:13464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9310 comm="syz.0.2478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[  970.806548][   T24] audit: type=1326 audit(955.215:13465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9310 comm="syz.0.2478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[  970.829848][   T24] audit: type=1326 audit(955.224:13466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9310 comm="syz.0.2478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[  970.854010][ T1189] usb 5-1: USB disconnect, device number 55
[  970.860766][   T24] audit: type=1326 audit(955.224:13467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9310 comm="syz.0.2478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[  971.204359][ T9332] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  971.233921][ T9340] EXT4-fs (loop1): Ignoring removed orlov option
[  971.241044][ T9332] 9pnet: Insufficient options for proto=fd
[  971.270805][ T9340] EXT4-fs (loop1): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue
[  971.426606][ T9347] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  971.448075][ T9347] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  971.510249][ T9347] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62da9da, utbl_chksum : 0xe619d30d)
[  971.625224][ T9354] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2489'.
[  971.784634][ T9344] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2487'.
[  972.252806][   T20] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  972.637565][   T20] usb 1-1: Using ep0 maxpacket: 16
[  972.776737][   T20] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  972.797768][   T20] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  972.815568][   T20] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  972.847771][   T20] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  972.969337][   T20] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  972.982594][   T20] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  972.990978][   T20] usb 1-1: SerialNumber: syz
[  972.996827][ T9365] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  973.040939][ T9365] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  973.051228][ T9365] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62da9da, utbl_chksum : 0xe619d30d)
[  973.055110][   T20] hub 1-1:1.0: bad descriptor, ignoring hub
[  973.069753][   T20] hub: probe of 1-1:1.0 failed with error -5
[  973.170976][   T20] cdc_ether: probe of 1-1:1.0 failed with error -22
[  973.788866][ T9380] F2FS-fs (loop5): Found nat_bits in checkpoint
[  973.796366][   T20] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[  973.863515][ T9380] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  974.486725][ T9389] attempt to access beyond end of device
[  974.486725][ T9389] loop5: rw=2049, want=45104, limit=40427
[  974.690217][   T20] usb 5-1: Using ep0 maxpacket: 16
[  975.470339][ T3663] attempt to access beyond end of device
[  975.470339][ T3663] loop5: rw=2049, want=45112, limit=40427
[  975.481649][   T20] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  975.481684][   T20] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  975.518451][   T20] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  975.523132][ T9391] F2FS-fs (loop1): Found nat_bits in checkpoint
[  975.542536][   T20] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  975.574633][ T9391] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  975.673769][   T20] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  975.682966][   T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  975.702978][   T20] usb 5-1: SerialNumber: syz
[  975.781178][  T282] usb 1-1: USB disconnect, device number 56
[  975.839176][   T20] hub 5-1:1.0: bad descriptor, ignoring hub
[  975.839496][ T9409] EXT4-fs (loop5): Ignoring removed orlov option
[  975.852034][   T20] hub: probe of 5-1:1.0 failed with error -5
[  976.577843][ T9413] attempt to access beyond end of device
[  976.577843][ T9413] loop1: rw=2049, want=45104, limit=40427
[  976.755562][   T20] cdc_ether: probe of 5-1:1.0 failed with error -22
[  976.809928][   T20] usb 5-1: USB disconnect, device number 56
[  976.816555][ T9409] EXT4-fs (loop5): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue
[  977.032098][ T9431] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2504'.
[  977.045773][ T9429] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  977.055179][  T275] attempt to access beyond end of device
[  977.055179][  T275] loop1: rw=2049, want=45112, limit=40427
[  977.071664][ T9429] 9pnet: Insufficient options for proto=fd
[  977.427103][ T9437] exfat: Deprecated parameter 'utf8'
[  977.432468][ T9437] exfat: Deprecated parameter 'namecase'
[  977.441416][ T9437] exfat: Deprecated parameter 'namecase'
[  977.447428][ T9437] exfat: Deprecated parameter 'utf8'
[  977.485291][ T9437] exFAT-fs (loop4): Invalid boot checksum (boot checksum : 0x1119abd0, checksum : 0x9119abd2)
[  977.506306][ T9437] exFAT-fs (loop4): invalid boot region
[  977.511934][ T9437] exFAT-fs (loop4): failed to recognize exfat type
[  977.565048][ T9448] erofs: (device loop3): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832
[  977.609380][ T9447] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[  977.616819][ T9447] EXT4-fs (loop5): Test dummy encryption mode enabled
[  977.631197][ T9447] EXT4-fs (loop5): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,mblk_io_submit,nodioread_nolock,test_dummy_encryption,nombcache,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[  977.669227][ T9448] netlink: 212 bytes leftover after parsing attributes in process `syz.3.2513'.
[  977.685212][ T9448] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9448 comm=syz.3.2513
[  977.751210][   T24] kauditd_printk_skb: 109 callbacks suppressed
[  977.751223][   T24] audit: type=1400 audit(961.847:13577): avc:  denied  { create } for  pid=9446 comm="syz.5.2511" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  977.777279][ T9447] fscrypt: AES-256-CTS-CBC using implementation "cts(cbc-aes-aesni)"
[  977.834056][   T24] audit: type=1400 audit(961.922:13578): avc:  denied  { unmount } for  pid=9446 comm="syz.5.2511" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  978.901428][ T9465] fuse: Bad value for 'fd'
[  978.950328][   T24] audit: type=1326 audit(962.960:13579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9469 comm="syz.3.2519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efefe7eebe9 code=0x7ffc0000
[  978.982940][   T24] audit: type=1326 audit(962.988:13580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9469 comm="syz.3.2519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efefe7eebe9 code=0x7ffc0000
[  979.006447][   T24] audit: type=1326 audit(962.988:13581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9469 comm="syz.3.2519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efefe7eebe9 code=0x7ffc0000
[  979.031382][   T24] audit: type=1326 audit(962.988:13582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9469 comm="syz.3.2519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7efefe7eebe9 code=0x7ffc0000
[  979.059940][ T9468] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  979.107574][   T24] audit: type=1326 audit(962.988:13583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9469 comm="syz.3.2519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efefe7eebe9 code=0x7ffc0000
[  979.144176][ T9468] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  979.185534][ T9468] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  979.239791][ T9484] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  979.259688][ T9484] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  979.269745][ T9484] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  979.518618][ T9487] sch_tbf: peakrate 2147483647 is lower than or equals to rate 2831599472947593698 !
[  979.839010][ T9495] overlayfs: missing 'workdir'
[  980.684082][ T9499] erofs: (device loop3): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832
[  980.712370][ T9499] netlink: 212 bytes leftover after parsing attributes in process `syz.3.2528'.
[  980.728683][ T9499] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9499 comm=syz.3.2528
[  980.911936][   T24] audit: type=1326 audit(964.756:13584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9501 comm="syz.1.2529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[  981.416963][   T24] audit: type=1326 audit(964.766:13585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9501 comm="syz.1.2529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[  981.461788][   T24] audit: type=1326 audit(964.766:13586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9501 comm="syz.1.2529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f65acf68c23 code=0x7ffc0000
[  981.623501][ T9511] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  981.657351][ T9511] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  981.667300][ T9511] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  981.728824][ T9502] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  981.736754][ T9502] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  981.746623][ T9502] F2FS-fs (loop1): invalid crc value
[  981.770530][ T9502] F2FS-fs (loop1): Found nat_bits in checkpoint
[  981.981468][ T9502] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  981.995828][ T9502] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  982.928731][ T9534] EXT4-fs (loop1): Unrecognized mount option "uid>00000000000000000000" or missing value
[  983.014076][ T9537] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 18)!
[  983.028725][ T9537] EXT4-fs (loop3): group descriptors corrupted!
[  983.304813][   T24] kauditd_printk_skb: 29 callbacks suppressed
[  983.304827][   T24] audit: type=1400 audit(967.039:13616): avc:  denied  { write } for  pid=9533 comm="syz.1.2535" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  984.715090][ T9554] erofs: (device loop4): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832
[  984.839378][ T9554] netlink: 212 bytes leftover after parsing attributes in process `syz.4.2542'.
[  984.856531][ T9554] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9554 comm=syz.4.2542
[  985.220164][   T24] audit: type=1400 audit(968.835:13617): avc:  denied  { setattr } for  pid=9556 comm="syz.1.2543" name="ip6_tables_names" dev="proc" ino=4026532341 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  985.373758][ T9549] F2FS-fs (loop0): Found nat_bits in checkpoint
[  985.512777][ T9549] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  985.756658][ T9566] EXT4-fs (loop4): Ignoring removed orlov option
[  985.788257][ T9566] EXT4-fs (loop4): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue
[  985.874926][ T9573] attempt to access beyond end of device
[  985.874926][ T9573] loop0: rw=2049, want=45104, limit=40427
[  986.344422][ T9570] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2545'.
[  986.407429][   T24] audit: type=1326 audit(969.948:13618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9569 comm="syz.5.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[  986.470974][   T24] audit: type=1326 audit(969.967:13619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9569 comm="syz.5.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[  986.532663][   T24] audit: type=1326 audit(969.967:13620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9569 comm="syz.5.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[  986.557690][  T277] attempt to access beyond end of device
[  986.557690][  T277] loop0: rw=2049, want=45112, limit=40427
[  986.584224][ T9577] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 18)!
[  986.584889][   T24] audit: type=1326 audit(969.967:13621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9569 comm="syz.5.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[  986.616419][ T9577] EXT4-fs (loop1): group descriptors corrupted!
[  986.636381][   T24] audit: type=1326 audit(969.967:13622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9569 comm="syz.5.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[  986.940783][ T9582] netlink: 212 bytes leftover after parsing attributes in process `syz.5.2548'.
[  986.956010][ T9582] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9582 comm=syz.5.2548
[  988.574906][ T9588] x_tables: duplicate underflow at hook 1
[  990.418849][ T9590] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  990.455033][ T9590] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  990.495051][ T9590] F2FS-fs (loop0): invalid crc value
[  990.526796][ T9590] F2FS-fs (loop0): Found nat_bits in checkpoint
[  990.613538][ T9590] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  990.624329][ T9590] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  991.105636][   T24] audit: type=1326 audit(974.332:13623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9620 comm="syz.4.2557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306e14cbe9 code=0x7ffc0000
[  991.131059][ T9621] fuse: Bad value for 'fd'
[  991.172154][   T24] audit: type=1326 audit(974.369:13624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9620 comm="syz.4.2557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f306e14cbe9 code=0x7ffc0000
[  991.202957][   T24] audit: type=1326 audit(974.369:13625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9620 comm="syz.4.2557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306e14cbe9 code=0x7ffc0000
[  991.234470][   T24] audit: type=1326 audit(974.379:13626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9620 comm="syz.4.2557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306e14cbe9 code=0x7ffc0000
[  991.715310][ T9630] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2559'.
[  992.639902][ T9638] exfat: Unknown parameter 'fsmagic'
[  992.729557][ T9638] FAULT_INJECTION: forcing a failure.
[  992.729557][ T9638] name failslab, interval 1, probability 0, space 0, times 0
[  992.742262][ T9638] CPU: 0 PID: 9638 Comm: syz.0.2558 Tainted: G        W         5.10.240-syzkaller #0
[  992.751804][ T9638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  992.761861][ T9638] Call Trace:
[  992.765161][ T9638]  __dump_stack+0x21/0x24
[  992.769488][ T9638]  dump_stack_lvl+0x169/0x1d8
[  992.774163][ T9638]  ? show_regs_print_info+0x18/0x18
[  992.779381][ T9638]  dump_stack+0x15/0x1c
[  992.783535][ T9638]  should_fail+0x3c1/0x510
[  992.787946][ T9638]  ? security_inode_alloc+0x33/0x110
[  992.793240][ T9638]  __should_failslab+0xa4/0xe0
[  992.798006][ T9638]  should_failslab+0x9/0x20
[  992.802511][ T9638]  kmem_cache_alloc+0x3d/0x2e0
[  992.807309][ T9638]  security_inode_alloc+0x33/0x110
[  992.812430][ T9638]  inode_init_always+0x70a/0x9b0
[  992.817369][ T9638]  new_inode_pseudo+0x91/0x210
[  992.822134][ T9638]  new_inode+0x28/0x1e0
[  992.826316][ T9638]  ? sysvec_reschedule_ipi+0x69/0x70
[  992.831597][ T9638]  shmem_get_inode+0x34a/0x9d0
[  992.836356][ T9638]  __shmem_file_setup+0x113/0x2b0
[  992.841372][ T9638]  shmem_file_setup+0x2f/0x40
[  992.846047][ T9638]  __se_sys_memfd_create+0x1e6/0x3a0
[  992.851347][ T9638]  __x64_sys_memfd_create+0x5b/0x70
[  992.856535][ T9638]  do_syscall_64+0x31/0x40
[  992.860946][ T9638]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  992.866862][ T9638] RIP: 0033:0x7f37a39aebe9
[  992.871312][ T9638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  992.890930][ T9638] RSP: 002b:00007f37a23d4e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  992.899344][ T9638] RAX: ffffffffffffffda RBX: 0000000000001503 RCX: 00007f37a39aebe9
[  992.907314][ T9638] RDX: 00007f37a23d4ef0 RSI: 0000000000000000 RDI: 00007f37a3a327e8
[  992.915286][ T9638] RBP: 0000200000000580 R08: 00007f37a23d4bb7 R09: 00007f37a23d4e40
[  992.923248][ T9638] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000001b40
[  992.931213][ T9638] R13: 00007f37a23d4ef0 R14: 00007f37a23d4eb0 R15: 0000200000002a80
[  993.132383][ T9644] EXT4-fs (loop3): Ignoring removed orlov option
[  993.158688][ T9644] EXT4-fs (loop3): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue
[  993.499155][ T9653] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2565'.
[  993.566548][   T24] audit: type=1326 audit(976.633:13627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9654 comm="syz.1.2564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[  993.631041][   T24] audit: type=1326 audit(976.661:13628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9654 comm="syz.1.2564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[  993.692751][   T24] audit: type=1326 audit(976.661:13629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9654 comm="syz.1.2564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[  993.715945][   T24] audit: type=1326 audit(976.661:13630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9654 comm="syz.1.2564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[  993.801095][   T24] audit: type=1326 audit(976.661:13631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9654 comm="syz.1.2564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[  993.824434][   T24] audit: type=1326 audit(976.661:13632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9654 comm="syz.1.2564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[  994.462947][ T9674] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 18)!
[  994.499998][ T9674] EXT4-fs (loop0): group descriptors corrupted!
[  994.991872][ T9665] F2FS-fs (loop4): Found nat_bits in checkpoint
[  995.798796][ T9665] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  996.077504][ T9700] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2576'.
[  996.869495][ T9703] attempt to access beyond end of device
[  996.869495][ T9703] loop4: rw=2049, want=45104, limit=40427
[  997.542069][  T279] attempt to access beyond end of device
[  997.542069][  T279] loop4: rw=2049, want=45112, limit=40427
[  997.809467][ T9721] x_tables: duplicate underflow at hook 1
[  997.940436][ T9722] overlayfs: missing 'workdir'
[  998.416755][ T9726] F2FS-fs (loop4): invalid crc value
[  998.440448][ T9726] F2FS-fs (loop4): Found nat_bits in checkpoint
[  998.569005][ T9726] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  998.617017][ T9739] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 18)!
[  998.627322][ T9739] EXT4-fs (loop0): group descriptors corrupted!
[  999.034801][ T9731] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  999.094868][ T9731] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  999.313779][ T9731] F2FS-fs (loop3): invalid crc value
[  999.610493][ T9731] F2FS-fs (loop3): Found nat_bits in checkpoint
[  999.645848][ T9748] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  999.673534][ T9748] EXT4-fs (loop1): Test dummy encryption mode enabled
[  999.712055][ T9748] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,mblk_io_submit,nodioread_nolock,test_dummy_encryption,nombcache,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[  999.776358][ T9731] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  999.794354][ T9731] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  999.871667][ T9726] netlink: 'syz.4.2580': attribute type 10 has an invalid length.
[  999.880243][ T9726] F2FS-fs (loop4): Unrecognized mount option "checkpoint=dFsable" or missing value
[  999.898317][ T9756] EXT4-fs (loop0): Ignoring removed orlov option
[  999.964966][  T279] attempt to access beyond end of device
[  999.964966][  T279] loop4: rw=2049, want=45104, limit=40427
[  999.988470][ T9756] EXT4-fs (loop0): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue
[ 1000.071071][ T9762] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2591'.
[ 1000.084679][   T24] kauditd_printk_skb: 50 callbacks suppressed
[ 1000.084703][   T24] audit: type=1326 audit(982.732:13683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9758 comm="syz.5.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1000.116660][   T24] audit: type=1326 audit(982.732:13684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9758 comm="syz.5.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1000.149548][   T24] audit: type=1326 audit(982.732:13685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9758 comm="syz.5.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1000.173621][   T24] audit: type=1326 audit(982.732:13686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9758 comm="syz.5.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1000.197299][   T24] audit: type=1326 audit(982.732:13687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9758 comm="syz.5.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1000.346918][   T24] audit: type=1400 audit(982.985:13688): avc:  denied  { write } for  pid=9772 comm="syz.3.2593" name="uinput" dev="devtmpfs" ino=257 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 1000.386756][ T9773] input: syz0 as /devices/virtual/input/input5
[ 1000.404887][   T24] audit: type=1400 audit(983.013:13689): avc:  denied  { ioctl } for  pid=9772 comm="syz.3.2593" path="/dev/uinput" dev="devtmpfs" ino=257 ioctlcmd=0x5501 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 1000.482436][   T24] audit: type=1400 audit(983.032:13690): avc:  denied  { read } for  pid=80 comm="acpid" name="event3" dev="devtmpfs" ino=2105 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1000.515994][ T9776] overlayfs: missing 'workdir'
[ 1000.530706][   T24] audit: type=1400 audit(983.032:13691): avc:  denied  { open } for  pid=80 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=2105 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1000.556121][   T24] audit: type=1400 audit(983.032:13692): avc:  denied  { ioctl } for  pid=80 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=2105 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1000.913419][ T9777] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1000.934542][ T9777] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1000.948863][ T9777] F2FS-fs (loop3): invalid crc value
[ 1000.982645][ T9777] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1001.031801][ T9789] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 18)!
[ 1001.042684][ T9789] EXT4-fs (loop1): group descriptors corrupted!
[ 1001.049346][ T9777] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1001.056497][ T9777] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1001.204409][ T9794] IPv6: addrconf: prefix option has invalid lifetime
[ 1001.227457][ T9794] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1001.243920][ T9794] device syzkaller0 entered promiscuous mode
[ 1001.252845][ T9794] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[ 1001.369732][ T9794] tipc: Resetting bearer <eth:syzkaller0>
[ 1001.387313][ T9793] tipc: Resetting bearer <eth:syzkaller0>
[ 1001.390202][ T9796] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 18)!
[ 1001.404045][ T9793] tipc: Disabling bearer <eth:syzkaller0>
[ 1001.409916][ T9796] EXT4-fs (loop4): group descriptors corrupted!
[ 1002.118980][ T9804] FAT-fs (loop0): Unrecognized mount option "" or missing value
[ 1002.540729][ T9818] FAULT_INJECTION: forcing a failure.
[ 1002.540729][ T9818] name failslab, interval 1, probability 0, space 0, times 0
[ 1002.553427][ T9818] CPU: 1 PID: 9818 Comm: syz.3.2603 Tainted: G        W         5.10.240-syzkaller #0
[ 1002.562962][ T9818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1002.573096][ T9818] Call Trace:
[ 1002.576386][ T9818]  __dump_stack+0x21/0x24
[ 1002.580707][ T9818]  dump_stack_lvl+0x169/0x1d8
[ 1002.585375][ T9818]  ? thaw_kernel_threads+0x220/0x220
[ 1002.590658][ T9818]  ? show_regs_print_info+0x18/0x18
[ 1002.595847][ T9818]  ? __schedule+0xb4f/0x1310
[ 1002.600428][ T9818]  dump_stack+0x15/0x1c
[ 1002.604581][ T9818]  should_fail+0x3c1/0x510
[ 1002.609049][ T9818]  ? dup_task_struct+0x57/0xbd0
[ 1002.613889][ T9818]  __should_failslab+0xa4/0xe0
[ 1002.618645][ T9818]  should_failslab+0x9/0x20
[ 1002.623139][ T9818]  kmem_cache_alloc+0x3d/0x2e0
[ 1002.627887][ T9818]  ? __kasan_check_write+0x14/0x20
[ 1002.632986][ T9818]  dup_task_struct+0x57/0xbd0
[ 1002.637650][ T9818]  ? __kasan_check_write+0x14/0x20
[ 1002.642817][ T9818]  ? recalc_sigpending+0x1ac/0x230
[ 1002.647923][ T9818]  copy_process+0x5b2/0x32c0
[ 1002.652501][ T9818]  ? memset+0x35/0x40
[ 1002.656477][ T9818]  ? __kasan_check_write+0x14/0x20
[ 1002.661579][ T9818]  ? __pidfd_prepare+0x150/0x150
[ 1002.666504][ T9818]  ? compat_start_thread+0x80/0x80
[ 1002.671601][ T9818]  kernel_clone+0x23f/0x940
[ 1002.676095][ T9818]  ? create_io_thread+0x130/0x130
[ 1002.681105][ T9818]  ? finish_task_switch+0x12e/0x5a0
[ 1002.686287][ T9818]  ? __switch_to_asm+0x34/0x60
[ 1002.691036][ T9818]  __x64_sys_clone+0x176/0x1d0
[ 1002.695791][ T9818]  ? __ia32_sys_vfork+0xf0/0xf0
[ 1002.700645][ T9818]  ? __kasan_check_read+0x11/0x20
[ 1002.705671][ T9818]  do_syscall_64+0x31/0x40
[ 1002.710077][ T9818]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1002.715955][ T9818] RIP: 0033:0x7efefe7eebe9
[ 1002.720462][ T9818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1002.740056][ T9818] RSP: 002b:00007efefd214fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1002.748470][ T9818] RAX: ffffffffffffffda RBX: 00007efefea16180 RCX: 00007efefe7eebe9
[ 1002.756436][ T9818] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000041200000
[ 1002.764500][ T9818] RBP: 00007efefd215090 R08: 0000000000000000 R09: 0000000000000000
[ 1002.772462][ T9818] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1002.780428][ T9818] R13: 00007efefea16218 R14: 00007efefea16180 R15: 00007ffcd19ad0e8
[ 1002.955168][  T920] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[ 1003.199246][ T9814] F2FS-fs (loop0): invalid crc value
[ 1003.216618][ T9814] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1003.256739][ T9814] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1003.436224][  T920] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1003.553970][  T920] usb 2-1: config 255 has an invalid interface number: 154 but max is 0
[ 1003.591490][  T920] usb 2-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config
[ 1003.717090][  T920] usb 2-1: config 255 has no interface number 0
[ 1003.765780][  T920] usb 2-1: config 255 interface 154 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1003.788693][  T920] usb 2-1: config 255 interface 154 has no altsetting 0
[ 1003.918573][ T9830] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2608'.
[ 1003.937239][ T9814] netlink: 'syz.0.2605': attribute type 10 has an invalid length.
[ 1003.945977][ T9814] F2FS-fs (loop0): Unrecognized mount option "checkpoint=dFsable" or missing value
[ 1003.965337][  T277] attempt to access beyond end of device
[ 1003.965337][  T277] loop0: rw=2049, want=45104, limit=40427
[ 1004.077800][  T920] usb 2-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=9a.6f
[ 1004.078216][ T9834] overlayfs: missing 'workdir'
[ 1004.100278][  T920] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1004.119341][  T920] usb 2-1: Product: syz
[ 1004.131097][  T920] usb 2-1: Manufacturer: syz
[ 1004.144257][  T920] usb 2-1: SerialNumber: syz
[ 1004.272126][ T9839] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2611'.
[ 1004.286904][ T9841] EXT4-fs (loop3): Ignoring removed orlov option
[ 1004.293406][ T9839] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2611'.
[ 1004.308797][ T9841] EXT4-fs (loop3): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue
[ 1004.467528][ T9847] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1004.539760][ T9853] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2604'.
[ 1005.411678][ T9862] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2615'.
[ 1005.457662][   T24] kauditd_printk_skb: 83 callbacks suppressed
[ 1005.457676][   T24] audit: type=1400 audit(987.765:13776): avc:  denied  { append } for  pid=9865 comm="syz.3.2616" name="event2" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 1005.487080][ T9866] FAULT_INJECTION: forcing a failure.
[ 1005.487080][ T9866] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1005.502451][ T9866] CPU: 0 PID: 9866 Comm: syz.3.2616 Tainted: G        W         5.10.240-syzkaller #0
[ 1005.512015][ T9866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1005.522061][ T9866] Call Trace:
[ 1005.525352][ T9866]  __dump_stack+0x21/0x24
[ 1005.529683][ T9866]  dump_stack_lvl+0x169/0x1d8
[ 1005.534354][ T9866]  ? thaw_kernel_threads+0x220/0x220
[ 1005.539638][ T9866]  ? vsnprintf+0x1871/0x1960
[ 1005.544219][ T9866]  ? show_regs_print_info+0x18/0x18
[ 1005.549414][ T9866]  dump_stack+0x15/0x1c
[ 1005.553561][ T9866]  should_fail+0x3c1/0x510
[ 1005.557972][ T9866]  should_fail_usercopy+0x1a/0x20
[ 1005.562985][ T9866]  _copy_to_user+0x20/0x90
[ 1005.567461][ T9866]  simple_read_from_buffer+0xe9/0x160
[ 1005.572830][ T9866]  proc_fail_nth_read+0x19a/0x210
[ 1005.577846][ T9866]  ? proc_fault_inject_write+0x2f0/0x2f0
[ 1005.583470][ T9866]  ? rw_verify_area+0x1c0/0x360
[ 1005.588311][ T9866]  ? proc_fault_inject_write+0x2f0/0x2f0
[ 1005.593947][ T9866]  vfs_read+0x1fe/0xa10
[ 1005.598098][ T9866]  ? kernel_read+0x70/0x70
[ 1005.602506][ T9866]  ? __kasan_check_write+0x14/0x20
[ 1005.607617][ T9866]  ? mutex_lock+0x8c/0xe0
[ 1005.611934][ T9866]  ? mutex_trylock+0xa0/0xa0
[ 1005.616518][ T9866]  ? __fget_files+0x2c4/0x320
[ 1005.621195][ T9866]  ? __fdget_pos+0x2d2/0x380
[ 1005.625776][ T9866]  ? ksys_read+0x71/0x240
[ 1005.630099][ T9866]  ksys_read+0x140/0x240
[ 1005.634334][ T9866]  ? vfs_write+0xd60/0xd60
[ 1005.638747][ T9866]  __x64_sys_read+0x7b/0x90
[ 1005.643241][ T9866]  do_syscall_64+0x31/0x40
[ 1005.647661][ T9866]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1005.653640][ T9866] RIP: 0033:0x7efefe7ed5fc
[ 1005.658050][ T9866] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1005.677657][ T9866] RSP: 002b:00007efefd257030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1005.686070][ T9866] RAX: ffffffffffffffda RBX: 00007efefea15fa0 RCX: 00007efefe7ed5fc
[ 1005.694042][ T9866] RDX: 000000000000000f RSI: 00007efefd2570a0 RDI: 0000000000000004
[ 1005.702022][ T9866] RBP: 00007efefd257090 R08: 0000000000000000 R09: 0000000000000000
[ 1005.709989][ T9866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1005.717954][ T9866] R13: 00007efefea16038 R14: 00007efefea15fa0 R15: 00007ffcd19ad0e8
[ 1005.726166][   T24] audit: type=1326 audit(987.802:13777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9861 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1005.757887][   T24] audit: type=1326 audit(987.802:13778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9861 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1005.805344][   T24] audit: type=1326 audit(987.802:13779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9861 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1005.828323][   T24] audit: type=1326 audit(987.802:13780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9861 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1005.851235][   T24] audit: type=1326 audit(987.802:13781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9861 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1005.875828][   T24] audit: type=1326 audit(987.802:13782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9861 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1005.899103][   T24] audit: type=1326 audit(987.802:13783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9861 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f37a39ad550 code=0x7ffc0000
[ 1006.029351][ T1915] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[ 1006.038288][   T24] audit: type=1326 audit(987.802:13784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9861 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f37a39ae7eb code=0x7ffc0000
[ 1006.061585][   T24] audit: type=1326 audit(987.802:13785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9861 comm="syz.0.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f37a39ae7eb code=0x7ffc0000
[ 1006.432201][  T920] snd-usb-audio: probe of 2-1:255.154 failed with error -2
[ 1006.446655][ T9880] overlayfs: missing 'workdir'
[ 1006.451780][  T920] usb 2-1: USB disconnect, device number 62
[ 1008.102704][ T1915] usb 1-1: Using ep0 maxpacket: 16
[ 1008.154579][ T9884] erofs: (device loop1): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832
[ 1008.201065][ T9884] netlink: 212 bytes leftover after parsing attributes in process `syz.1.2620'.
[ 1008.213660][ T9884] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9884 comm=syz.1.2620
[ 1008.289998][ T1915] usb 1-1: config 0 has an invalid interface number: 8 but max is 0
[ 1008.319596][ T1915] usb 1-1: config 0 has no interface number 0
[ 1008.438141][ T1915] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1008.462475][ T1915] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1008.718139][ T9883] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1008.821771][ T9883] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1008.845496][ T1915] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1008.854749][ T9883] F2FS-fs (loop3): invalid crc value
[ 1008.861516][ T9894] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2624'.
[ 1008.877879][ T1915] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1008.889122][ T1915] usb 1-1: Product: syz
[ 1008.910797][ T1915] usb 1-1: config 0 descriptor??
[ 1008.923356][ T9883] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1008.931082][ T1915] usb 1-1: can't set config #0, error -71
[ 1008.938045][ T1915] usb 1-1: USB disconnect, device number 57
[ 1008.986966][ T9883] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1008.994132][ T9883] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1009.230129][ T9906] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2627'.
[ 1009.828611][ T9920] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2629'.
[ 1010.157313][ T9930] erofs: (device loop1): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832
[ 1010.173635][ T9930] netlink: 212 bytes leftover after parsing attributes in process `syz.1.2635'.
[ 1010.185542][ T9930] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9930 comm=syz.1.2635
[ 1011.292869][   T24] kauditd_printk_skb: 56 callbacks suppressed
[ 1011.292884][   T24] audit: type=1326 audit(993.218:13842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.3.2637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efefe7eebe9 code=0x7ffc0000
[ 1011.419070][   T24] audit: type=1326 audit(993.246:13843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.3.2637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7efefe7eebe9 code=0x7ffc0000
[ 1011.496000][   T24] audit: type=1326 audit(993.246:13844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.3.2637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7efefe7eec23 code=0x7ffc0000
[ 1011.519277][ T9941] exfat: Deprecated parameter 'utf8'
[ 1011.524595][ T9941] exfat: Deprecated parameter 'namecase'
[ 1011.539447][ T9941] exfat: Deprecated parameter 'namecase'
[ 1011.555989][ T9941] exfat: Deprecated parameter 'utf8'
[ 1011.586523][ T9941] exFAT-fs (loop4): Invalid boot checksum (boot checksum : 0x1119abd0, checksum : 0x9119abd2)
[ 1011.610587][   T24] audit: type=1326 audit(993.480:13845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.3.2637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7efefe7ed69f code=0x7ffc0000
[ 1011.634068][ T9941] exFAT-fs (loop4): invalid boot region
[ 1011.640077][ T9941] exFAT-fs (loop4): failed to recognize exfat type
[ 1011.768899][   T24] audit: type=1326 audit(993.667:13846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.3.2637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7efefe7eec77 code=0x7ffc0000
[ 1011.792042][   T24] audit: type=1326 audit(993.686:13847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.3.2637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efefe7ed550 code=0x7ffc0000
[ 1011.861791][ T9927] F2FS-fs (loop0): Unrecognized mount option "" or missing value
[ 1011.871862][   T24] audit: type=1326 audit(993.761:13848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.3.2637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efefe7ee7eb code=0x7ffc0000
[ 1011.896477][   T24] audit: type=1326 audit(993.789:13849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.3.2637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7efefe7ed84a code=0x7ffc0000
[ 1011.919445][   T24] audit: type=1326 audit(993.789:13850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.3.2637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7efefe7ed84a code=0x7ffc0000
[ 1011.998325][ T9953] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2642'.
[ 1012.009871][   T24] audit: type=1326 audit(993.883:13851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.3.2637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7efefe7ed457 code=0x7ffc0000
[ 1012.053295][ T9937] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1012.068047][ T9937] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1012.089165][ T9937] F2FS-fs (loop3): invalid crc value
[ 1012.108791][ T9937] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1012.224805][ T9937] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1012.231938][ T9937] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1012.263144][ T9965] EXT4-fs (loop0): Unrecognized mount option "uid>00000000000000000000" or missing value
[ 1012.687342][ T9972] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2646'.
[ 1013.483245][ T9976] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1013.484237][ T9974] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[ 1013.529830][ T9974] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1013.549574][ T9974] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,mblk_io_submit,nodioread_nolock,test_dummy_encryption,nombcache,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[ 1013.552773][ T9976] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[ 1013.598117][ T9983] FAULT_INJECTION: forcing a failure.
[ 1013.598117][ T9983] name failslab, interval 1, probability 0, space 0, times 0
[ 1013.623877][ T9983] CPU: 1 PID: 9983 Comm: syz.3.2650 Tainted: G        W         5.10.240-syzkaller #0
[ 1013.633453][ T9983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1013.643518][ T9983] Call Trace:
[ 1013.646812][ T9983]  __dump_stack+0x21/0x24
[ 1013.651141][ T9983]  dump_stack_lvl+0x169/0x1d8
[ 1013.655814][ T9983]  ? thaw_kernel_threads+0x220/0x220
[ 1013.661098][ T9983]  ? show_regs_print_info+0x18/0x18
[ 1013.666296][ T9983]  dump_stack+0x15/0x1c
[ 1013.670459][ T9983]  should_fail+0x3c1/0x510
[ 1013.674880][ T9983]  ? __alloc_skb+0x9e/0x520
[ 1013.679379][ T9983]  __should_failslab+0xa4/0xe0
[ 1013.684158][ T9983]  should_failslab+0x9/0x20
[ 1013.688674][ T9983]  kmem_cache_alloc+0x3d/0x2e0
[ 1013.693437][ T9983]  ? audit_log_start+0x3b7/0x860
[ 1013.698368][ T9983]  __alloc_skb+0x9e/0x520
[ 1013.702707][ T9983]  ? kmem_cache_alloc+0x165/0x2e0
[ 1013.707738][ T9983]  ? audit_log_start+0x3b7/0x860
[ 1013.712680][ T9983]  audit_log_start+0x3df/0x860
[ 1013.717442][ T9983]  ? ____kasan_slab_free+0x130/0x160
[ 1013.722717][ T9983]  ? audit_serial+0x30/0x30
[ 1013.727214][ T9983]  ? kstrtouint_from_user+0x1a0/0x200
[ 1013.732578][ T9983]  ? kmem_cache_free+0x100/0x2d0
[ 1013.737517][ T9983]  ? memset+0x35/0x40
[ 1013.741499][ T9983]  audit_seccomp+0x62/0x160
[ 1013.746005][ T9983]  __seccomp_filter+0xb4c/0x1990
[ 1013.750941][ T9983]  ? proc_fail_nth_read+0x210/0x210
[ 1013.756228][ T9983]  ? rw_verify_area+0x1c0/0x360
[ 1013.761073][ T9983]  ? preempt_count_add+0x90/0x1b0
[ 1013.766089][ T9983]  ? __secure_computing+0x290/0x290
[ 1013.771274][ T9983]  ? vfs_write+0xac8/0xd60
[ 1013.775702][ T9983]  ? __kasan_slab_free+0x11/0x20
[ 1013.780676][ T9983]  ? kernel_write+0x3c0/0x3c0
[ 1013.785357][ T9983]  ? __kasan_check_write+0x14/0x20
[ 1013.790457][ T9983]  ? mutex_lock+0x8c/0xe0
[ 1013.794780][ T9983]  ? mutex_trylock+0xa0/0xa0
[ 1013.799362][ T9983]  ? __fget_files+0x2c4/0x320
[ 1013.804038][ T9983]  ? __kasan_check_write+0x14/0x20
[ 1013.809139][ T9983]  ? fput_many+0x15a/0x1a0
[ 1013.813551][ T9983]  ? __kasan_check_write+0x14/0x20
[ 1013.818662][ T9983]  ? switch_fpu_return+0x197/0x340
[ 1013.823762][ T9983]  __secure_computing+0xea/0x290
[ 1013.828696][ T9983]  syscall_trace_enter+0xb5/0x170
[ 1013.833713][ T9983]  syscall_enter_from_user_mode+0x20/0x30
[ 1013.839420][ T9983]  do_syscall_64+0x13/0x40
[ 1013.843845][ T9983]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1013.849724][ T9983] RIP: 0033:0x7efefe7eebe9
[ 1013.854130][ T9983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1013.873734][ T9983] RSP: 002b:00007efefd257038 EFLAGS: 00000246 ORIG_RAX: 000000000000011a
[ 1013.882140][ T9983] RAX: ffffffffffffffda RBX: 00007efefea15fa0 RCX: 00007efefe7eebe9
[ 1013.890108][ T9983] RDX: 0000000000000008 RSI: 0000200000000000 RDI: ffffffffffffffff
[ 1013.898073][ T9983] RBP: 00007efefd257090 R08: 0000000000000000 R09: 0000000000000000
[ 1013.906042][ T9983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1013.914011][ T9983] R13: 00007efefea16038 R14: 00007efefea15fa0 R15: 00007ffcd19ad0e8
[ 1013.934238][ T9976] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62da9da, utbl_chksum : 0xe619d30d)
[ 1014.303562][ T9987] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1014.312609][ T9993] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1014.325233][ T9987] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[ 1014.333118][ T9993] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1014.343954][ T9987] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62da9da, utbl_chksum : 0xe619d30d)
[ 1014.348742][ T9993] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1014.532635][ T8104] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[ 1014.789205][ T8104] usb 2-1: Using ep0 maxpacket: 16
[ 1014.896146][ T1915] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[ 1014.917680][ T8104] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1014.951218][ T8104] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1014.962234][ T8104] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1014.972060][ T8104] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1015.067213][ T8104] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1015.076495][ T8104] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1015.084407][T10002] EXT4-fs (loop0): Ignoring removed orlov option
[ 1015.089257][ T8104] usb 2-1: SerialNumber: syz
[ 1015.107767][T10002] EXT4-fs (loop0): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue
[ 1015.150086][ T8104] hub 2-1:1.0: bad descriptor, ignoring hub
[ 1015.174088][ T1915] usb 4-1: Using ep0 maxpacket: 16
[ 1015.177732][ T8104] hub: probe of 2-1:1.0 failed with error -5
[ 1015.215586][T10006] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1015.227110][ T8104] cdc_ether: probe of 2-1:1.0 failed with error -22
[ 1015.233784][T10006] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1015.247733][T10006] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1015.302435][ T1915] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1015.313042][ T1915] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1015.324204][ T1915] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1015.334088][ T1915] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1015.430809][ T1915] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1015.440074][ T1915] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1015.448192][ T1915] usb 4-1: SerialNumber: syz
[ 1015.495453][ T1915] hub 4-1:1.0: bad descriptor, ignoring hub
[ 1015.515776][ T1915] hub: probe of 4-1:1.0 failed with error -5
[ 1015.533147][ T1915] cdc_ether: probe of 4-1:1.0 failed with error -22
[ 1016.398510][T10023] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2660'.
[ 1016.456959][ T8104] usb 5-1: new full-speed USB device number 57 using dummy_hcd
[ 1016.729833][   T24] kauditd_printk_skb: 122 callbacks suppressed
[ 1016.729867][   T24] audit: type=1326 audit(998.307:13972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10024 comm="syz.5.2661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1016.759058][   T24] audit: type=1326 audit(998.307:13973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10024 comm="syz.5.2661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1016.782039][   T24] audit: type=1326 audit(998.307:13974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10024 comm="syz.5.2661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1016.805015][   T24] audit: type=1326 audit(998.307:13975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10024 comm="syz.5.2661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1016.828217][   T24] audit: type=1326 audit(998.307:13976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10024 comm="syz.5.2661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1016.873886][ T8104] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1016.884221][ T8104] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1016.899985][T10028] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2662'.
[ 1016.909094][T10028] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2662'.
[ 1016.970105][ T8104] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1016.979262][ T8104] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1016.980866][ T1915] usb 2-1: USB disconnect, device number 63
[ 1016.987325][ T8104] usb 5-1: SerialNumber: syz
[ 1017.035033][ T8104] usb 5-1: 0:2 : does not exist
[ 1017.287248][   T24] audit: type=1400 audit(998.822:13977): avc:  denied  { ioctl } for  pid=10029 comm="syz.0.2663" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1017.633467][T10017] exfat: Deprecated parameter 'utf8'
[ 1017.638904][T10017] exfat: Deprecated parameter 'namecase'
[ 1017.644844][T10017] exfat: Deprecated parameter 'namecase'
[ 1017.650574][T10017] exfat: Deprecated parameter 'utf8'
[ 1017.676694][  T301] usb 4-1: USB disconnect, device number 60
[ 1017.694519][T10017] exFAT-fs (loop4): Invalid boot checksum (boot checksum : 0x1119abd0, checksum : 0x9119abd2)
[ 1017.707514][T10017] exFAT-fs (loop4): invalid boot region
[ 1017.715714][T10017] exFAT-fs (loop4): failed to recognize exfat type
[ 1017.899506][T10038] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 18)!
[ 1018.047595][T10038] EXT4-fs (loop3): group descriptors corrupted!
[ 1018.437558][ T8104] usb 5-1: USB disconnect, device number 57
[ 1018.467919][   T24] audit: type=1326 audit(999.935:13978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10042 comm="syz.0.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1018.480541][T10043] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2666'.
[ 1018.491212][   T24] audit: type=1326 audit(999.944:13979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10042 comm="syz.0.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1018.523430][   T24] audit: type=1326 audit(999.944:13980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10042 comm="syz.0.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1018.546955][   T24] audit: type=1326 audit(999.944:13981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10042 comm="syz.0.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1018.830174][ T7215] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[ 1018.991085][T10119] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[ 1019.006147][T10119] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1019.033261][T10119] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,mblk_io_submit,nodioread_nolock,test_dummy_encryption,nombcache,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[ 1019.097361][ T7215] usb 1-1: Using ep0 maxpacket: 16
[ 1019.225749][ T7215] usb 1-1: config 0 has an invalid interface number: 8 but max is 0
[ 1019.243612][ T7215] usb 1-1: config 0 has no interface number 0
[ 1019.262853][ T7215] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1019.296672][ T7215] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1019.439577][ T7215] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1019.448714][ T7215] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1019.457030][ T7215] usb 1-1: Product: syz
[ 1019.462092][ T7215] usb 1-1: SerialNumber: syz
[ 1019.491934][ T7215] usb 1-1: config 0 descriptor??
[ 1019.832315][T10133] overlayfs: missing 'workdir'
[ 1020.747359][ T7215] usb 1-1: USB disconnect, device number 58
[ 1020.813289][T10140] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1020.839888][T10140] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[ 1020.856647][T10140] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62da9da, utbl_chksum : 0xe619d30d)
[ 1021.150607][T10143] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1021.161231][T10143] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1021.180450][T10143] F2FS-fs (loop4): invalid crc value
[ 1021.206440][T10143] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1021.261185][T10143] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1021.268497][T10143] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1021.446126][T10166] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1021.456828][T10166] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[ 1021.467361][T10166] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1021.495168][T10169] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 18)!
[ 1021.505807][T10169] EXT4-fs (loop4): group descriptors corrupted!
[ 1021.728586][T10173] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 18)!
[ 1021.739179][T10173] EXT4-fs (loop0): group descriptors corrupted!
[ 1024.239009][T10188] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 1024.280109][T10188] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1024.327481][T10188] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,mblk_io_submit,nodioread_nolock,test_dummy_encryption,nombcache,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[ 1024.351450][T10195] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 18)!
[ 1024.378411][T10195] EXT4-fs (loop4): group descriptors corrupted!
[ 1025.006375][   T24] kauditd_printk_skb: 82 callbacks suppressed
[ 1025.006399][   T24] audit: type=1326 audit(1006.049:14064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10202 comm="syz.1.2692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[ 1025.601412][   T24] audit: type=1326 audit(1006.096:14065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10202 comm="syz.1.2692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[ 1025.624599][   T24] audit: type=1326 audit(1006.114:14066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10202 comm="syz.1.2692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[ 1025.647877][   T24] audit: type=1326 audit(1006.114:14067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10202 comm="syz.1.2692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[ 1025.680210][   T24] audit: type=1326 audit(1006.114:14068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10202 comm="syz.1.2692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[ 1026.168911][T10219] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2697'.
[ 1026.304806][T10214] EXT4-fs (loop1): Ignoring removed orlov option
[ 1026.408667][T10214] EXT4-fs (loop1): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue
[ 1026.570450][T10208] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1026.584386][T10208] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1026.606924][T10208] F2FS-fs (loop3): invalid crc value
[ 1026.635123][T10208] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1026.712482][T10208] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1026.726261][T10208] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1027.078970][   T24] audit: type=1326 audit(1007.985:14069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10232 comm="syz.4.2701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306e14cbe9 code=0x7ffc0000
[ 1027.084085][T10230] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1027.114543][T10230] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[ 1027.124325][T10230] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1027.167243][   T24] audit: type=1326 audit(1008.013:14070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10232 comm="syz.4.2701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306e14cbe9 code=0x7ffc0000
[ 1027.191738][T10237] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1027.191765][   T24] audit: type=1326 audit(1008.013:14071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10232 comm="syz.4.2701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f306e14cbe9 code=0x7ffc0000
[ 1027.225569][   T24] audit: type=1326 audit(1008.013:14072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10232 comm="syz.4.2701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306e14cbe9 code=0x7ffc0000
[ 1027.244426][T10237] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[ 1027.248864][   T24] audit: type=1326 audit(1008.013:14073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10232 comm="syz.4.2701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306e14cbe9 code=0x7ffc0000
[ 1027.289416][T10237] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1027.717067][T10246] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1027.824374][T10246] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1027.929501][T10250] F2FS-fs (loop4): Unrecognized mount option "18446744073709551615" or missing value
[ 1028.049587][T10259] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2709'.
[ 1028.058752][T10259] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2709'.
[ 1028.157659][T10260] attempt to access beyond end of device
[ 1028.157659][T10260] loop1: rw=2049, want=45104, limit=40427
[ 1028.549653][T10264] x_tables: duplicate underflow at hook 1
[ 1029.222725][T10270] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1029.235473][  T275] attempt to access beyond end of device
[ 1029.235473][  T275] loop1: rw=2049, want=45112, limit=40427
[ 1029.315782][T10265] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,minixdf,nolazytime,bsddf,,errors=continue
[ 1029.490413][  T301] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[ 1030.219284][T10292] FAULT_INJECTION: forcing a failure.
[ 1030.219284][T10292] name failslab, interval 1, probability 0, space 0, times 0
[ 1030.232218][T10292] CPU: 0 PID: 10292 Comm: syz.0.2715 Tainted: G        W         5.10.240-syzkaller #0
[ 1030.241857][T10292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1030.251910][T10292] Call Trace:
[ 1030.255212][T10292]  __dump_stack+0x21/0x24
[ 1030.259695][T10292]  dump_stack_lvl+0x169/0x1d8
[ 1030.264376][T10292]  ? show_regs_print_info+0x18/0x18
[ 1030.269583][T10292]  ? preempt_schedule_irq+0xbb/0x110
[ 1030.274866][T10292]  dump_stack+0x15/0x1c
[ 1030.279064][T10292]  should_fail+0x3c1/0x510
[ 1030.283483][T10292]  ? audit_log_start+0x3b7/0x860
[ 1030.288436][T10292]  __should_failslab+0xa4/0xe0
[ 1030.293202][T10292]  should_failslab+0x9/0x20
[ 1030.297695][T10292]  kmem_cache_alloc+0x3d/0x2e0
[ 1030.302453][T10292]  audit_log_start+0x3b7/0x860
[ 1030.307208][T10292]  ? audit_serial+0x30/0x30
[ 1030.311707][T10292]  ? kstrtouint_from_user+0x1a0/0x200
[ 1030.317068][T10292]  ? kmem_cache_free+0x2ac/0x2d0
[ 1030.321999][T10292]  ? memset+0x35/0x40
[ 1030.325978][T10292]  audit_seccomp+0x62/0x160
[ 1030.330572][T10292]  __seccomp_filter+0xb4c/0x1990
[ 1030.335506][T10292]  ? proc_fail_nth_read+0x210/0x210
[ 1030.340699][T10292]  ? rw_verify_area+0x1c0/0x360
[ 1030.345550][T10292]  ? preempt_count_add+0x90/0x1b0
[ 1030.350564][T10292]  ? __secure_computing+0x290/0x290
[ 1030.355761][T10292]  ? vfs_write+0xac8/0xd60
[ 1030.360169][T10292]  ? kernel_write+0x3c0/0x3c0
[ 1030.364848][T10292]  ? __kasan_check_write+0x14/0x20
[ 1030.369949][T10292]  ? mutex_lock+0x8c/0xe0
[ 1030.374281][T10292]  ? mutex_trylock+0xa0/0xa0
[ 1030.378861][T10292]  ? __fget_files+0x2c4/0x320
[ 1030.383535][T10292]  ? __kasan_check_write+0x14/0x20
[ 1030.388636][T10292]  ? fput_many+0x15a/0x1a0
[ 1030.393052][T10292]  ? __kasan_check_write+0x14/0x20
[ 1030.398160][T10292]  ? switch_fpu_return+0x197/0x340
[ 1030.403264][T10292]  __secure_computing+0xea/0x290
[ 1030.408192][T10292]  syscall_trace_enter+0xb5/0x170
[ 1030.413210][T10292]  syscall_enter_from_user_mode+0x20/0x30
[ 1030.418920][T10292]  do_syscall_64+0x13/0x40
[ 1030.423332][T10292]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1030.429213][T10292] RIP: 0033:0x7f37a39aebe9
[ 1030.433623][T10292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1030.453212][T10292] RSP: 002b:00007f37a2417038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c9
[ 1030.461616][T10292] RAX: ffffffffffffffda RBX: 00007f37a3bd5fa0 RCX: 00007f37a39aebe9
[ 1030.469582][T10292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1030.477548][T10292] RBP: 00007f37a2417090 R08: 0000000000000000 R09: 0000000000000000
[ 1030.485515][T10292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1030.493479][T10292] R13: 00007f37a3bd6038 R14: 00007f37a3bd5fa0 R15: 00007ffc4a06ca08
[ 1030.703616][  T301] usb 5-1: device descriptor read/64, error -71
[ 1030.710049][T10292] audit_log_lost: 73 callbacks suppressed
[ 1030.710060][T10292] audit: audit_lost=4 audit_rate_limit=0 audit_backlog_limit=64
[ 1030.710066][T10292] audit: out of memory in audit_log_start
[ 1030.710511][   T24] audit: type=1326 audit(1011.381:14147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10286 comm="syz.0.2715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f37a39ad5fc code=0x7ffc0000
[ 1030.760862][   T24] audit: type=1326 audit(1011.381:14148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10286 comm="syz.0.2715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f37a39ad69f code=0x7ffc0000
[ 1030.784023][   T24] audit: type=1326 audit(1011.381:14149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10286 comm="syz.0.2715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f37a39ad84a code=0x7ffc0000
[ 1030.823970][   T24] audit: type=1326 audit(1011.381:14150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10286 comm="syz.0.2715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1030.880407][T10296] overlayfs: missing 'workdir'
[ 1030.888931][   T24] audit: type=1326 audit(1011.381:14151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10286 comm="syz.0.2715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1030.940361][T10299] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2718'.
[ 1030.951011][T10299] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2718'.
[ 1031.003384][T10300] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1031.078531][T10300] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[ 1031.135629][T10304] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1031.144689][T10300] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1031.268196][T10313] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1031.289853][T10313] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[ 1031.299899][T10313] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1031.318734][T10313] tipc: New replicast peer: 10.1.1.2
[ 1031.324158][T10313] tipc: Enabled bearer <udp:úT>, priority 10
[ 1031.556102][T10306] F2FS-fs (loop4): invalid crc value
[ 1031.620329][T10306] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1031.915181][T10306] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1031.975950][   T24] audit: type=1326 audit(1012.569:14152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10329 comm="syz.1.2725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[ 1032.315873][   T24] audit: type=1326 audit(1012.597:14153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10329 comm="syz.1.2725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[ 1032.342837][   T24] audit: type=1326 audit(1012.597:14154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10329 comm="syz.1.2725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[ 1032.499950][T10340] FAULT_INJECTION: forcing a failure.
[ 1032.499950][T10340] name failslab, interval 1, probability 0, space 0, times 0
[ 1032.513081][T10340] CPU: 1 PID: 10340 Comm: syz.0.2729 Tainted: G        W         5.10.240-syzkaller #0
[ 1032.522727][T10340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1032.532783][T10340] Call Trace:
[ 1032.536084][T10340]  __dump_stack+0x21/0x24
[ 1032.540422][T10340]  dump_stack_lvl+0x169/0x1d8
[ 1032.545123][T10340]  ? thaw_kernel_threads+0x220/0x220
[ 1032.550416][T10340]  ? show_regs_print_info+0x18/0x18
[ 1032.555621][T10340]  dump_stack+0x15/0x1c
[ 1032.559796][T10340]  should_fail+0x3c1/0x510
[ 1032.564221][T10340]  ? __alloc_skb+0x9e/0x520
[ 1032.568733][T10340]  __should_failslab+0xa4/0xe0
[ 1032.573525][T10340]  should_failslab+0x9/0x20
[ 1032.578043][T10340]  kmem_cache_alloc+0x3d/0x2e0
[ 1032.582813][T10340]  ? audit_log_start+0x3b7/0x860
[ 1032.587768][T10340]  __alloc_skb+0x9e/0x520
[ 1032.592109][T10340]  ? kmem_cache_alloc+0x165/0x2e0
[ 1032.597136][T10340]  ? audit_log_start+0x3b7/0x860
[ 1032.602071][T10340]  audit_log_start+0x3df/0x860
[ 1032.606829][T10340]  ? audit_serial+0x30/0x30
[ 1032.611330][T10340]  ? kstrtouint_from_user+0x1a0/0x200
[ 1032.616700][T10340]  ? kmem_cache_free+0x2ac/0x2d0
[ 1032.621632][T10340]  ? memset+0x35/0x40
[ 1032.625604][T10340]  audit_seccomp+0x62/0x160
[ 1032.630233][T10340]  __seccomp_filter+0xb4c/0x1990
[ 1032.635172][T10340]  ? proc_fail_nth_read+0x210/0x210
[ 1032.640377][T10340]  ? rw_verify_area+0x1c0/0x360
[ 1032.645220][T10340]  ? preempt_count_add+0x90/0x1b0
[ 1032.650356][T10340]  ? __secure_computing+0x290/0x290
[ 1032.655551][T10340]  ? vfs_write+0xac8/0xd60
[ 1032.659966][T10340]  ? kernel_write+0x3c0/0x3c0
[ 1032.664639][T10340]  ? __kasan_check_write+0x14/0x20
[ 1032.669743][T10340]  ? mutex_lock+0x8c/0xe0
[ 1032.674068][T10340]  ? mutex_trylock+0xa0/0xa0
[ 1032.678758][T10340]  ? __fget_files+0x2c4/0x320
[ 1032.683436][T10340]  ? __kasan_check_write+0x14/0x20
[ 1032.688563][T10340]  ? fput_many+0x15a/0x1a0
[ 1032.692991][T10340]  ? __kasan_check_write+0x14/0x20
[ 1032.698095][T10340]  ? switch_fpu_return+0x197/0x340
[ 1032.703196][T10340]  __secure_computing+0xea/0x290
[ 1032.708129][T10340]  syscall_trace_enter+0xb5/0x170
[ 1032.713148][T10340]  syscall_enter_from_user_mode+0x20/0x30
[ 1032.718854][T10340]  do_syscall_64+0x13/0x40
[ 1032.723265][T10340]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1032.729148][T10340] RIP: 0033:0x7f37a39aebe9
[ 1032.733568][T10340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1032.753158][T10340] RSP: 002b:00007f37a2417038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[ 1032.761568][T10340] RAX: ffffffffffffffda RBX: 00007f37a3bd5fa0 RCX: 00007f37a39aebe9
[ 1032.769529][T10340] RDX: 0000000000400000 RSI: 0000000000001000 RDI: 0000200000a96000
[ 1032.777491][T10340] RBP: 00007f37a2417090 R08: 0000200000000000 R09: 0000000000000000
[ 1032.785451][T10340] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[ 1032.793413][T10340] R13: 00007f37a3bd6038 R14: 00007f37a3bd5fa0 R15: 00007ffc4a06ca08
[ 1032.909427][T10348] FAULT_INJECTION: forcing a failure.
[ 1032.909427][T10348] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1032.962516][T10348] CPU: 0 PID: 10348 Comm: syz.3.2730 Tainted: G        W         5.10.240-syzkaller #0
[ 1032.972179][T10348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1032.982230][T10348] Call Trace:
[ 1032.985529][T10348]  __dump_stack+0x21/0x24
[ 1032.989891][T10348]  dump_stack_lvl+0x169/0x1d8
[ 1032.994597][T10348]  ? show_regs_print_info+0x18/0x18
[ 1032.999804][T10348]  ? ___slab_alloc+0xa6/0x450
[ 1033.004489][T10348]  dump_stack+0x15/0x1c
[ 1033.008660][T10348]  should_fail+0x3c1/0x510
[ 1033.013080][T10348]  should_fail_usercopy+0x1a/0x20
[ 1033.018111][T10348]  _copy_from_user+0x20/0xd0
[ 1033.022713][T10348]  strndup_user+0xb1/0x150
[ 1033.027137][T10348]  __se_sys_mount+0x9c/0x380
[ 1033.031728][T10348]  ? fput+0x1a/0x20
[ 1033.035547][T10348]  ? __x64_sys_mount+0xd0/0xd0
[ 1033.040316][T10348]  ? fpu__clear_all+0x20/0x20
[ 1033.045013][T10348]  __x64_sys_mount+0xbf/0xd0
[ 1033.049607][T10348]  do_syscall_64+0x31/0x40
[ 1033.054028][T10348]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1033.059922][T10348] RIP: 0033:0x7efefe7eebe9
[ 1033.064347][T10348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1033.083961][T10348] RSP: 002b:00007efefd257038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1033.092386][T10348] RAX: ffffffffffffffda RBX: 00007efefea15fa0 RCX: 00007efefe7eebe9
[ 1033.100368][T10348] RDX: 0000200000000040 RSI: 0000200000000100 RDI: 0000200000000140
[ 1033.108352][T10348] RBP: 00007efefd257090 R08: 0000000000000000 R09: 0000000000000000
[ 1033.116328][T10348] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001
[ 1033.124308][T10348] R13: 00007efefea16038 R14: 00007efefea15fa0 R15: 00007ffcd19ad0e8
[ 1033.134618][T10353] FAULT_INJECTION: forcing a failure.
[ 1033.134618][T10353] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1033.134753][T10306] netlink: 'syz.4.2720': attribute type 10 has an invalid length.
[ 1033.161939][T10306] F2FS-fs (loop4): Unrecognized mount option "checkpoint=dFsable" or missing value
[ 1033.188053][  T279] attempt to access beyond end of device
[ 1033.188053][  T279] loop4: rw=2049, want=45104, limit=40427
[ 1033.192853][T10353] CPU: 1 PID: 10353 Comm: syz.0.2731 Tainted: G        W         5.10.240-syzkaller #0
[ 1033.208884][T10353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1033.218941][T10353] Call Trace:
[ 1033.222238][T10353]  __dump_stack+0x21/0x24
[ 1033.226573][T10353]  dump_stack_lvl+0x169/0x1d8
[ 1033.231255][T10353]  ? show_regs_print_info+0x18/0x18
[ 1033.236450][T10353]  ? stack_trace_save+0x98/0xe0
[ 1033.241310][T10353]  dump_stack+0x15/0x1c
[ 1033.245467][T10353]  should_fail+0x3c1/0x510
[ 1033.249889][T10353]  should_fail_usercopy+0x1a/0x20
[ 1033.254920][T10353]  _copy_from_user+0x20/0xd0
[ 1033.259517][T10353]  iovec_from_user+0x1bc/0x2f0
[ 1033.264284][T10353]  ? __copy_msghdr_from_user+0x302/0x5e0
[ 1033.269914][T10353]  __import_iovec+0x71/0x390
[ 1033.274506][T10353]  ? __ia32_sys_shutdown+0x1e0/0x1e0
[ 1033.279793][T10353]  import_iovec+0x7c/0xb0
[ 1033.284128][T10353]  ___sys_sendmsg+0x1b9/0x260
[ 1033.288816][T10353]  ? __sys_sendmsg+0x250/0x250
[ 1033.293583][T10353]  ? rw_verify_area+0x1c0/0x360
[ 1033.298444][T10353]  ? __fdget+0x1a1/0x230
[ 1033.302697][T10353]  __x64_sys_sendmsg+0x1e2/0x2a0
[ 1033.307629][T10353]  ? fput+0x1a/0x20
[ 1033.311441][T10353]  ? ___sys_sendmsg+0x260/0x260
[ 1033.316301][T10353]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 1033.322365][T10353]  do_syscall_64+0x31/0x40
[ 1033.326805][T10353]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1033.332700][T10353] RIP: 0033:0x7f37a39aebe9
[ 1033.337135][T10353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1033.356739][T10353] RSP: 002b:00007f37a23f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1033.365146][T10353] RAX: ffffffffffffffda RBX: 00007f37a3bd6090 RCX: 00007f37a39aebe9
[ 1033.373119][T10353] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000007
[ 1033.381080][T10353] RBP: 00007f37a23f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1033.389039][T10353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1033.396998][T10353] R13: 00007f37a3bd6128 R14: 00007f37a3bd6090 R15: 00007ffc4a06ca08
[ 1033.405379][  T301] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[ 1033.427791][T10358] tipc: New replicast peer: 0.0.255.255
[ 1033.433500][T10358] tipc: Enabled bearer <udp:>, priority 10
[ 1033.494206][T10355] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 18)!
[ 1033.504549][T10355] EXT4-fs (loop3): group descriptors corrupted!
[ 1035.344043][T10380] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2742'.
[ 1035.357816][T10378] FAULT_INJECTION: forcing a failure.
[ 1035.357816][T10378] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1035.392231][T10380] netlink: 65536 bytes leftover after parsing attributes in process `syz.5.2742'.
[ 1035.421781][T10380] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2742'.
[ 1035.431918][T10378] CPU: 0 PID: 10378 Comm: syz.4.2740 Tainted: G        W         5.10.240-syzkaller #0
[ 1035.441549][T10378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1035.451609][T10378] Call Trace:
[ 1035.454907][T10378]  __dump_stack+0x21/0x24
[ 1035.459241][T10378]  dump_stack_lvl+0x169/0x1d8
[ 1035.463920][T10378]  ? show_regs_print_info+0x18/0x18
[ 1035.469117][T10378]  ? format_decode+0x1bb/0x1520
[ 1035.473975][T10378]  dump_stack+0x15/0x1c
[ 1035.478135][T10378]  should_fail+0x3c1/0x510
[ 1035.482574][T10378]  should_fail_usercopy+0x1a/0x20
[ 1035.487600][T10378]  _copy_from_user+0x20/0xd0
[ 1035.492199][T10378]  kstrtouint_from_user+0xbe/0x200
[ 1035.497314][T10378]  ? kstrtol_from_user+0x260/0x260
[ 1035.502431][T10378]  ? memset+0x35/0x40
[ 1035.506440][T10378]  ? avc_policy_seqno+0x1b/0x70
[ 1035.511291][T10378]  ? selinux_file_permission+0x2a5/0x510
[ 1035.516926][T10378]  proc_fail_nth_write+0x85/0x1f0
[ 1035.521951][T10378]  ? proc_fail_nth_read+0x210/0x210
[ 1035.527149][T10378]  ? rw_verify_area+0x1c0/0x360
[ 1035.532003][T10378]  ? proc_fail_nth_read+0x210/0x210
[ 1035.537203][T10378]  vfs_write+0x32d/0xd60
[ 1035.538998][  T301] usb 2-1: Using ep0 maxpacket: 16
[ 1035.541457][T10378]  ? kernel_write+0x3c0/0x3c0
[ 1035.551229][T10378]  ? __kasan_check_write+0x14/0x20
[ 1035.556343][T10378]  ? mutex_lock+0x8c/0xe0
[ 1035.560678][T10378]  ? mutex_trylock+0xa0/0xa0
[ 1035.565263][T10378]  ? __fget_files+0x2c4/0x320
[ 1035.569956][T10378]  ? __fdget_pos+0x2d2/0x380
[ 1035.574565][T10378]  ? ksys_write+0x71/0x240
[ 1035.578990][T10378]  ksys_write+0x140/0x240
[ 1035.583328][T10378]  ? __ia32_sys_read+0x90/0x90
[ 1035.588097][T10378]  ? fpu__clear_all+0x20/0x20
[ 1035.592774][T10378]  ? fd_install+0x50/0x60
[ 1035.597109][T10378]  __x64_sys_write+0x7b/0x90
[ 1035.601703][T10378]  do_syscall_64+0x31/0x40
[ 1035.606127][T10378]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1035.612016][T10378] RIP: 0033:0x7f306e14b69f
[ 1035.616435][T10378] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1035.636044][T10378] RSP: 002b:00007f306cb73030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1035.644466][T10378] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f306e14b69f
[ 1035.652454][T10378] RDX: 0000000000000001 RSI: 00007f306cb730a0 RDI: 0000000000000007
[ 1035.660443][T10378] RBP: 00007f306cb73090 R08: 0000000000000000 R09: 0000000000000000
[ 1035.668419][T10378] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1035.676401][T10378] R13: 00007f306e374218 R14: 00007f306e374180 R15: 00007ffddc2bafa8
[ 1035.699055][T10384] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1035.738269][T10384] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[ 1035.785965][T10384] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62da9da, utbl_chksum : 0xe619d30d)
[ 1035.858369][  T301] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1035.871779][  T301] usb 2-1: New USB device found, idVendor=0458, idProduct=0087, bcdDevice= 0.00
[ 1035.881088][  T301] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1035.889849][  T301] usb 2-1: config 0 descriptor??
[ 1036.169757][T10393] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2745'.
[ 1036.223844][   T24] kauditd_printk_skb: 64 callbacks suppressed
[ 1036.223877][   T24] audit: type=1326 audit(1016.516:14217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10383 comm="syz.0.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1036.339231][   T24] audit: type=1326 audit(1016.516:14218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10383 comm="syz.0.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1036.363259][   T24] audit: type=1326 audit(1016.628:14219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10383 comm="syz.0.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f37a39ad550 code=0x7ffc0000
[ 1036.387108][   T24] audit: type=1326 audit(1016.638:14220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10383 comm="syz.0.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f37a39ae7eb code=0x7ffc0000
[ 1036.410453][   T24] audit: type=1326 audit(1016.638:14221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10383 comm="syz.0.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f37a39ae7eb code=0x7ffc0000
[ 1036.411529][T10397] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1036.433447][   T24] audit: type=1326 audit(1016.638:14222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10383 comm="syz.0.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f37a39ae7eb code=0x7ffc0000
[ 1036.433468][   T24] audit: type=1326 audit(1016.638:14223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10383 comm="syz.0.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f37a39ae7eb code=0x7ffc0000
[ 1036.493250][T10397] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1036.504029][T10397] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1036.650797][  T301] usbhid 2-1:0.0: can't add hid device: -71
[ 1036.659420][  T301] usbhid: probe of 2-1:0.0 failed with error -71
[ 1036.666035][ T8097] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[ 1036.704604][  T301] usb 2-1: USB disconnect, device number 64
[ 1036.859851][ T7168] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[ 1036.868123][   T24] audit: type=1326 audit(1016.984:14224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10383 comm="syz.0.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f37a39ae7eb code=0x7ffc0000
[ 1037.007914][ T7168] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1037.192163][ T8097] usb 1-1: device descriptor read/64, error -71
[ 1037.787456][ T7168] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[ 1037.807262][   T24] audit: type=1326 audit(1017.171:14225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10383 comm="syz.0.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f37a39ae7eb code=0x7ffc0000
[ 1037.813477][ T7168] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1037.841806][ T7168] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1037.850998][ T7168] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1037.859709][ T7168] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1037.867926][ T7168] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1037.876774][   T24] audit: type=1326 audit(1017.199:14226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10383 comm="syz.0.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f37a39ae7eb code=0x7ffc0000
[ 1038.140536][T10410] erofs: (device loop1): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832
[ 1038.349417][T10410] netlink: 212 bytes leftover after parsing attributes in process `syz.1.2749'.
[ 1038.361304][T10410] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10410 comm=syz.1.2749
[ 1038.824748][T10417] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2750'.
[ 1039.156497][T10400] netlink: 'syz.5.2747': attribute type 10 has an invalid length.
[ 1039.328199][T10429] FAULT_INJECTION: forcing a failure.
[ 1039.328199][T10429] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1039.341469][T10429] CPU: 0 PID: 10429 Comm: syz.0.2756 Tainted: G        W         5.10.240-syzkaller #0
[ 1039.351106][T10429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1039.361179][T10429] Call Trace:
[ 1039.364483][T10429]  __dump_stack+0x21/0x24
[ 1039.368817][T10429]  dump_stack_lvl+0x169/0x1d8
[ 1039.373498][T10429]  ? thaw_kernel_threads+0x220/0x220
[ 1039.378793][T10429]  ? show_regs_print_info+0x18/0x18
[ 1039.383994][T10429]  dump_stack+0x15/0x1c
[ 1039.388153][T10429]  should_fail+0x3c1/0x510
[ 1039.392568][T10429]  should_fail_usercopy+0x1a/0x20
[ 1039.397582][T10429]  strncpy_from_user+0x24/0x2e0
[ 1039.402424][T10429]  ? kmem_cache_alloc+0x165/0x2e0
[ 1039.407436][T10429]  ? mutex_lock+0x8c/0xe0
[ 1039.411763][T10429]  ? getname_flags+0xb9/0x500
[ 1039.416445][T10429]  getname_flags+0xf4/0x500
[ 1039.420946][T10429]  user_path_at_empty+0x2f/0x50
[ 1039.425792][T10429]  __se_sys_fspick+0x178/0x460
[ 1039.430549][T10429]  ? __x64_sys_fspick+0x90/0x90
[ 1039.435392][T10429]  ? fpu__clear_all+0x20/0x20
[ 1039.440059][T10429]  __x64_sys_fspick+0x7b/0x90
[ 1039.444733][T10429]  do_syscall_64+0x31/0x40
[ 1039.449147][T10429]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1039.455032][T10429] RIP: 0033:0x7f37a39aebe9
[ 1039.459440][T10429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1039.479039][T10429] RSP: 002b:00007f37a2417038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b1
[ 1039.487444][T10429] RAX: ffffffffffffffda RBX: 00007f37a3bd5fa0 RCX: 00007f37a39aebe9
[ 1039.495489][T10429] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1039.503447][T10429] RBP: 00007f37a2417090 R08: 0000000000000000 R09: 0000000000000000
[ 1039.511419][T10429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1039.519401][T10429] R13: 00007f37a3bd6038 R14: 00007f37a3bd5fa0 R15: 00007ffc4a06ca08
[ 1039.634237][T10436] overlayfs: missing 'workdir'
[ 1039.959334][T10433] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1041.355815][T10454] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1041.375964][T10454] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1041.388210][T10454] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1041.400645][T10452] EXT4-fs (loop3): Ignoring removed nobh option
[ 1041.407903][T10452] EXT4-fs (loop3): Ignoring removed bh option
[ 1041.448710][T10452] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,noload,,errors=continue
[ 1041.479142][T10462] EXT4-fs (loop1): Unrecognized mount option "uid>00000000000000000000" or missing value
[ 1041.784801][T10474] FAULT_INJECTION: forcing a failure.
[ 1041.784801][T10474] name failslab, interval 1, probability 0, space 0, times 0
[ 1041.797625][T10474] CPU: 1 PID: 10474 Comm: syz.3.2763 Tainted: G        W         5.10.240-syzkaller #0
[ 1041.803490][ T7217] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[ 1041.807260][T10474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1041.807275][T10474] Call Trace:
[ 1041.828190][T10474]  __dump_stack+0x21/0x24
[ 1041.832532][T10474]  dump_stack_lvl+0x169/0x1d8
[ 1041.837237][T10474]  ? show_regs_print_info+0x18/0x18
[ 1041.842436][T10474]  dump_stack+0x15/0x1c
[ 1041.846585][T10474]  should_fail+0x3c1/0x510
[ 1041.850992][T10474]  ? alloc_pipe_info+0xe7/0x4b0
[ 1041.855849][T10474]  __should_failslab+0xa4/0xe0
[ 1041.860610][T10474]  should_failslab+0x9/0x20
[ 1041.865125][T10474]  kmem_cache_alloc_trace+0x3a/0x2e0
[ 1041.870406][T10474]  ? kasan_set_free_info+0x23/0x40
[ 1041.875519][T10474]  ? ____kasan_slab_free+0x125/0x160
[ 1041.880802][T10474]  ? __kasan_slab_free+0x11/0x20
[ 1041.885731][T10474]  alloc_pipe_info+0xe7/0x4b0
[ 1041.890405][T10474]  splice_direct_to_actor+0x95e/0xb10
[ 1041.895936][T10474]  ? kstrtouint_from_user+0x1a0/0x200
[ 1041.901314][T10474]  ? avc_policy_seqno+0x1b/0x70
[ 1041.906165][T10474]  ? do_splice_direct+0x2c0/0x2c0
[ 1041.911295][T10474]  ? selinux_file_permission+0x2a5/0x510
[ 1041.916923][T10474]  ? fsnotify_perm+0x66/0x4b0
[ 1041.921591][T10474]  ? pipe_to_sendpage+0x310/0x310
[ 1041.926607][T10474]  ? security_file_permission+0x83/0xa0
[ 1041.932146][T10474]  ? rw_verify_area+0x1c0/0x360
[ 1041.936988][T10474]  do_splice_direct+0x1b3/0x2c0
[ 1041.941829][T10474]  ? do_splice_to+0x180/0x180
[ 1041.946499][T10474]  ? fsnotify_perm+0x66/0x4b0
[ 1041.951165][T10474]  ? security_file_permission+0x83/0xa0
[ 1041.956702][T10474]  do_sendfile+0x8ca/0xf90
[ 1041.961111][T10474]  ? __kasan_check_write+0x14/0x20
[ 1041.966215][T10474]  ? do_preadv+0x330/0x330
[ 1041.970638][T10474]  ? fput_many+0x15a/0x1a0
[ 1041.975054][T10474]  ? ksys_write+0x1eb/0x240
[ 1041.979548][T10474]  __x64_sys_sendfile64+0x18f/0x1f0
[ 1041.984735][T10474]  ? fpu__clear_all+0x20/0x20
[ 1041.989410][T10474]  ? __ia32_sys_sendfile+0x190/0x190
[ 1041.994720][T10474]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 1042.000775][T10474]  do_syscall_64+0x31/0x40
[ 1042.005183][T10474]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1042.011076][T10474] RIP: 0033:0x7efefe7eebe9
[ 1042.015484][T10474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1042.035079][T10474] RSP: 002b:00007efefd215038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1042.043488][T10474] RAX: ffffffffffffffda RBX: 00007efefea16180 RCX: 00007efefe7eebe9
[ 1042.051449][T10474] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000006
[ 1042.059409][T10474] RBP: 00007efefd215090 R08: 0000000000000000 R09: 0000000000000000
[ 1042.067400][T10474] R10: 0000020000023896 R11: 0000000000000246 R12: 0000000000000001
[ 1042.075364][T10474] R13: 00007efefea16218 R14: 00007efefea16180 R15: 00007ffcd19ad0e8
[ 1042.319553][T10479] FAULT_INJECTION: forcing a failure.
[ 1042.319553][T10479] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1042.329279][T10485] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1042.359374][ T7217] usb 1-1: Using ep0 maxpacket: 8
[ 1042.364478][T10479] CPU: 1 PID: 10479 Comm: syz.3.2769 Tainted: G        W         5.10.240-syzkaller #0
[ 1042.374134][T10479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1042.384188][T10479] Call Trace:
[ 1042.387488][T10479]  __dump_stack+0x21/0x24
[ 1042.391898][T10479]  dump_stack_lvl+0x169/0x1d8
[ 1042.396569][T10479]  ? show_regs_print_info+0x18/0x18
[ 1042.401757][T10479]  dump_stack+0x15/0x1c
[ 1042.405903][T10479]  should_fail+0x3c1/0x510
[ 1042.410329][T10479]  should_fail_usercopy+0x1a/0x20
[ 1042.415347][T10479]  strncpy_from_user+0x24/0x2e0
[ 1042.420191][T10479]  ? kmem_cache_alloc+0x165/0x2e0
[ 1042.425218][T10479]  ? getname_flags+0xb9/0x500
[ 1042.429888][T10479]  getname_flags+0xf4/0x500
[ 1042.434393][T10479]  __x64_sys_execveat+0xc3/0xf0
[ 1042.439235][T10479]  do_syscall_64+0x31/0x40
[ 1042.443644][T10479]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1042.449525][T10479] RIP: 0033:0x7efefe7eebe9
[ 1042.453933][T10479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1042.473650][T10479] RSP: 002b:00007efefd257038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[ 1042.482051][T10479] RAX: ffffffffffffffda RBX: 00007efefea15fa0 RCX: 00007efefe7eebe9
[ 1042.490101][T10479] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000007
[ 1042.498075][T10479] RBP: 00007efefd257090 R08: 0000000000001000 R09: 0000000000000000
[ 1042.506038][T10479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1042.514000][T10479] R13: 00007efefea16038 R14: 00007efefea15fa0 R15: 00007ffcd19ad0e8
[ 1042.604371][T10493] xt_hashlimit: size too large, truncated to 1048576
[ 1042.615990][ T7217] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[ 1042.627915][ T7217] usb 1-1: config 179 has no interface number 0
[ 1042.641110][ T7217] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1042.668260][T10494] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2772'.
[ 1042.686343][ T7217] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1042.709041][ T7217] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1042.734986][ T7217] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[ 1042.757232][ T7217] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1042.785458][ T7217] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1042.803781][ T7217] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1042.851154][T10467] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1042.884150][T10497] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2774'.
[ 1043.022312][  T301] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[ 1043.290242][ T7217] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input6
[ 1043.431880][T10467] udc-core: couldn't find an available UDC or it's busy
[ 1043.438971][T10467] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1043.449918][  T301] usb 5-1: config 1 has an invalid descriptor of length 129, skipping remainder of the config
[ 1043.460855][  T301] usb 5-1: config 1 interface 0 altsetting 8 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1043.474956][  T301] usb 5-1: config 1 interface 0 has no altsetting 0
[ 1043.664045][  T301] usb 5-1: New USB device found, idVendor=05ac, idProduct=02ba, bcdDevice= 0.40
[ 1043.688570][  T301] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1043.725192][  T301] usb 5-1: Product: syz
[ 1043.729770][  T301] usb 5-1: Manufacturer: syz
[ 1043.734757][  T301] usb 5-1: SerialNumber: syz
[ 1043.747007][  T282] usb 1-1: USB disconnect, device number 60
[ 1043.749078][    C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 1043.761266][    C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 1043.890356][T10513] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2779'.
[ 1043.899585][T10513] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2779'.
[ 1044.230183][T10517] erofs: (device loop3): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832
[ 1044.247802][T10517] netlink: 212 bytes leftover after parsing attributes in process `syz.3.2778'.
[ 1044.259621][T10517] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10517 comm=syz.3.2778
[ 1044.493694][T10493] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2772'.
[ 1044.601531][T10513] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1044.876963][   T24] kauditd_printk_skb: 17 callbacks suppressed
[ 1044.876998][   T24] audit: type=1400 audit(1024.636:14244): avc:  denied  { set_context_mgr } for  pid=10523 comm="syz.0.2780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[ 1044.907967][   T24] audit: type=1400 audit(1024.664:14245): avc:  denied  { relabelfrom } for  pid=10523 comm="syz.0.2780" name="" dev="pipefs" ino=43345 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 1045.064348][  T301] usbhid 5-1:1.0: couldn't find an input interrupt endpoint
[ 1045.083097][  T301] usb 5-1: USB disconnect, device number 59
[ 1045.150141][T10527] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1045.187771][T10539] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1045.227315][T10539] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[ 1045.260978][T10542] overlayfs: missing 'workdir'
[ 1045.381667][T10538] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2785'.
[ 1045.417779][T10539] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1045.475143][T10544] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2786'.
[ 1045.489096][T10544] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2786'.
[ 1045.611798][T10548] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1045.926465][T10555] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2788'.
[ 1046.972836][T10577] FAULT_INJECTION: forcing a failure.
[ 1046.972836][T10577] name failslab, interval 1, probability 0, space 0, times 0
[ 1046.985692][T10577] CPU: 1 PID: 10577 Comm: syz.0.2795 Tainted: G        W         5.10.240-syzkaller #0
[ 1046.995406][T10577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1047.005446][T10577] Call Trace:
[ 1047.008731][T10577]  __dump_stack+0x21/0x24
[ 1047.013050][T10577]  dump_stack_lvl+0x169/0x1d8
[ 1047.017718][T10577]  ? thaw_kernel_threads+0x220/0x220
[ 1047.022997][T10577]  ? show_regs_print_info+0x18/0x18
[ 1047.028185][T10577]  ? update_rt_rq_load_avg+0x25/0x230
[ 1047.033544][T10577]  dump_stack+0x15/0x1c
[ 1047.037694][T10577]  should_fail+0x3c1/0x510
[ 1047.042101][T10577]  ? dup_task_struct+0x57/0xbd0
[ 1047.046948][T10577]  __should_failslab+0xa4/0xe0
[ 1047.051709][T10577]  should_failslab+0x9/0x20
[ 1047.056202][T10577]  kmem_cache_alloc+0x3d/0x2e0
[ 1047.060969][T10577]  ? __kasan_check_write+0x14/0x20
[ 1047.066110][T10577]  dup_task_struct+0x57/0xbd0
[ 1047.070778][T10577]  ? __kasan_check_write+0x14/0x20
[ 1047.075886][T10577]  ? recalc_sigpending+0x1ac/0x230
[ 1047.080986][T10577]  copy_process+0x5b2/0x32c0
[ 1047.085564][T10577]  ? memset+0x35/0x40
[ 1047.089542][T10577]  ? __kasan_check_write+0x14/0x20
[ 1047.094651][T10577]  ? __pidfd_prepare+0x150/0x150
[ 1047.099606][T10577]  ? compat_start_thread+0x80/0x80
[ 1047.104718][T10577]  kernel_clone+0x23f/0x940
[ 1047.109213][T10577]  ? create_io_thread+0x130/0x130
[ 1047.114241][T10577]  ? finish_task_switch+0x12e/0x5a0
[ 1047.119431][T10577]  ? __switch_to_asm+0x34/0x60
[ 1047.124207][T10577]  __x64_sys_clone+0x176/0x1d0
[ 1047.128959][T10577]  ? __ia32_sys_vfork+0xf0/0xf0
[ 1047.133803][T10577]  ? __kasan_check_read+0x11/0x20
[ 1047.138816][T10577]  do_syscall_64+0x31/0x40
[ 1047.143221][T10577]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1047.149096][T10577] RIP: 0033:0x7f37a39aebe9
[ 1047.153502][T10577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1047.173092][T10577] RSP: 002b:00007f37a23d4fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1047.181492][T10577] RAX: ffffffffffffffda RBX: 00007f37a3bd6180 RCX: 00007f37a39aebe9
[ 1047.189468][T10577] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000041200000
[ 1047.197433][T10577] RBP: 00007f37a23d5090 R08: 0000000000000000 R09: 0000000000000000
[ 1047.205397][T10577] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1047.213359][T10577] R13: 00007f37a3bd6218 R14: 00007f37a3bd6180 R15: 00007ffc4a06ca08
[ 1047.458850][T10562] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1047.489738][T10562] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1047.505265][   T24] audit: type=1326 audit(1027.096:14246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10579 comm="syz.5.2796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1047.554427][T10562] F2FS-fs (loop1): invalid crc value
[ 1047.575351][   T24] audit: type=1326 audit(1027.124:14247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10579 comm="syz.5.2796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1047.598861][   T24] audit: type=1326 audit(1027.124:14248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10579 comm="syz.5.2796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1047.622133][   T24] audit: type=1326 audit(1027.124:14249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10579 comm="syz.5.2796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0c3cb78c23 code=0x7ffc0000
[ 1047.649569][   T24] audit: type=1326 audit(1027.227:14250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10578 comm="syz.3.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efefe7eebe9 code=0x7ffc0000
[ 1047.650575][T10562] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1047.672980][   T24] audit: type=1326 audit(1027.227:14251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10578 comm="syz.3.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efefe7eebe9 code=0x7ffc0000
[ 1047.702210][   T24] audit: type=1326 audit(1027.227:14252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10578 comm="syz.3.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efefe7eebe9 code=0x7ffc0000
[ 1047.725487][   T24] audit: type=1326 audit(1027.227:14253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10578 comm="syz.3.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efefe7eebe9 code=0x7ffc0000
[ 1047.781817][T10562] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1047.788935][T10562] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1048.305572][T10587] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,minixdf,nolazytime,bsddf,,errors=continue
[ 1048.528926][T10603] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1048.540036][T10603] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[ 1048.552522][T10603] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1048.807261][T10618] exfat: Deprecated parameter 'utf8'
[ 1048.818788][T10618] exfat: Deprecated parameter 'namecase'
[ 1048.824693][T10618] exfat: Deprecated parameter 'namecase'
[ 1048.830681][T10618] exfat: Deprecated parameter 'utf8'
[ 1048.864118][T10618] exFAT-fs (loop4): Invalid boot checksum (boot checksum : 0x1119abd0, checksum : 0x9119abd2)
[ 1048.880558][T10618] exFAT-fs (loop4): invalid boot region
[ 1048.912474][T10618] exFAT-fs (loop4): failed to recognize exfat type
[ 1049.228563][T10632] __nla_validate_parse: 1 callbacks suppressed
[ 1049.228583][T10632] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2810'.
[ 1049.660974][T10639] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1049.691215][T10639] 9pnet: Could not find request transport: fd0x0000000000000007
[ 1049.783336][T10644] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2814'.
[ 1049.831859][T10644] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2814'.
[ 1050.046410][T10644] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1050.428978][   T24] kauditd_printk_skb: 56 callbacks suppressed
[ 1050.428990][   T24] audit: type=1400 audit(1029.827:14310): avc:  denied  { bind } for  pid=10657 comm="syz.5.2818" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1050.460225][   T24] audit: type=1400 audit(1029.827:14311): avc:  denied  { setopt } for  pid=10657 comm="syz.5.2818" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1050.501062][T10656] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1050.511913][T10652] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 18)!
[ 1050.890129][T10665] netlink: 212 bytes leftover after parsing attributes in process `syz.5.2819'.
[ 1050.906913][T10665] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10665 comm=syz.5.2819
[ 1050.922851][T10656] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[ 1050.937191][T10656] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1050.953432][T10652] EXT4-fs (loop1): group descriptors corrupted!
[ 1051.149881][T10649] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1051.820359][T10649] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1052.202406][T10672] attempt to access beyond end of device
[ 1052.202406][T10672] loop4: rw=2049, want=45104, limit=40427
[ 1053.366058][T10671] exfat: Deprecated parameter 'utf8'
[ 1053.373437][  T279] attempt to access beyond end of device
[ 1053.373437][  T279] loop4: rw=2049, want=45112, limit=40427
[ 1053.387434][T10671] exfat: Deprecated parameter 'namecase'
[ 1053.397370][T10671] exfat: Deprecated parameter 'namecase'
[ 1053.404519][T10671] exfat: Deprecated parameter 'utf8'
[ 1053.436012][T10671] exFAT-fs (loop3): Invalid boot checksum (boot checksum : 0x1119abd0, checksum : 0x9119abd2)
[ 1053.446408][T10671] exFAT-fs (loop3): invalid boot region
[ 1053.451982][T10671] exFAT-fs (loop3): failed to recognize exfat type
[ 1054.333146][T10688] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1054.389932][T10696] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2825'.
[ 1054.647404][T10688] 9pnet: Could not find request transport: fd0x0000000000000007
[ 1054.866348][T10701] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2826'.
[ 1054.966469][   T24] audit: type=1326 audit(1034.065:14312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10697 comm="syz.5.2826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1055.118343][   T24] audit: type=1326 audit(1034.065:14313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10697 comm="syz.5.2826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1055.141753][   T24] audit: type=1326 audit(1034.065:14314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10697 comm="syz.5.2826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1055.190133][T10706] FAULT_INJECTION: forcing a failure.
[ 1055.190133][T10706] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1055.231937][T10709] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2829'.
[ 1055.240973][T10709] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2829'.
[ 1055.243178][T10706] CPU: 1 PID: 10706 Comm: syz.1.2828 Tainted: G        W         5.10.240-syzkaller #0
[ 1055.250068][   T24] audit: type=1326 audit(1034.065:14315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10697 comm="syz.5.2826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1055.259541][T10706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1055.259547][T10706] Call Trace:
[ 1055.259568][T10706]  __dump_stack+0x21/0x24
[ 1055.259591][T10706]  dump_stack_lvl+0x169/0x1d8
[ 1055.304932][T10706]  ? show_regs_print_info+0x18/0x18
[ 1055.310146][T10706]  ? hrtimer_start_range_ns+0x9db/0xaf0
[ 1055.315705][T10706]  dump_stack+0x15/0x1c
[ 1055.319869][T10706]  should_fail+0x3c1/0x510
[ 1055.324289][T10706]  should_fail_usercopy+0x1a/0x20
[ 1055.326674][   T24] audit: type=1326 audit(1034.065:14316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10697 comm="syz.5.2826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c3cb78be9 code=0x7ffc0000
[ 1055.329324][T10706]  fpu__restore_sig+0x1e5/0x1240
[ 1055.357237][T10706]  ? recalc_sigpending+0x1ac/0x230
[ 1055.362354][T10706]  ? copy_fpstate_to_sigframe+0xb40/0xb40
[ 1055.368085][T10706]  ? __kasan_check_write+0x14/0x20
[ 1055.373197][T10706]  ? recalc_sigpending+0x1ac/0x230
[ 1055.378316][T10706]  ? __kasan_check_write+0x14/0x20
[ 1055.383427][T10706]  ? _copy_from_user+0x95/0xd0
[ 1055.388185][T10706]  __ia32_sys_rt_sigreturn+0x5d0/0x6c0
[ 1055.393646][T10706]  ? KSTK_ESP+0x60/0x60
[ 1055.397802][T10706]  ? fpu__clear_all+0x20/0x20
[ 1055.402473][T10706]  ? __kasan_check_write+0x14/0x20
[ 1055.407585][T10706]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 1055.413648][T10706]  do_syscall_64+0x31/0x40
[ 1055.418062][T10706]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1055.423951][T10706] RIP: 0033:0x7f65acf68be7
[ 1055.428362][T10706] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[ 1055.447957][T10706] RSP: 002b:00007f65ab9d1038 EFLAGS: 00000246
[ 1055.454018][T10706] RAX: 00000000000000f7 RBX: 00007f65ad18ffa0 RCX: 00007f65acf68be9
[ 1055.461982][T10706] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 1000000000000000
[ 1055.469949][T10706] RBP: 00007f65ab9d1090 R08: 0000000000000000 R09: 0000000000000000
[ 1055.477911][T10706] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[ 1055.485874][T10706] R13: 00007f65ad190038 R14: 00007f65ad18ffa0 R15: 00007ffce91ea098
[ 1055.504940][   T24] audit: type=1400 audit(1034.196:14317): avc:  denied  { mount } for  pid=10702 comm="syz.3.2827" name="/" dev="configfs" ino=2044 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[ 1055.538252][   T24] audit: type=1400 audit(1034.205:14318): avc:  denied  { search } for  pid=10702 comm="syz.3.2827" name="/" dev="configfs" ino=2044 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1055.570957][   T24] audit: type=1400 audit(1034.205:14319): avc:  denied  { read } for  pid=10702 comm="syz.3.2827" name="/" dev="configfs" ino=2044 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1055.783252][T10725] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2832'.
[ 1055.800121][T10725] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2832'.
[ 1056.123027][T10730] overlayfs: missing 'workdir'
[ 1056.435564][   T24] kauditd_printk_skb: 1 callbacks suppressed
[ 1056.435579][   T24] audit: type=1326 audit(1035.449:14321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10733 comm="syz.1.2836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[ 1056.489831][   T24] audit: type=1326 audit(1035.477:14322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10733 comm="syz.1.2836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[ 1056.569319][   T24] audit: type=1326 audit(1035.477:14323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10733 comm="syz.1.2836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[ 1056.592944][   T24] audit: type=1326 audit(1035.477:14324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10733 comm="syz.1.2836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65acf68be9 code=0x7ffc0000
[ 1056.617407][   T24] audit: type=1326 audit(1035.552:14325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10739 comm="syz.0.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1056.640766][   T24] audit: type=1326 audit(1035.552:14326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10739 comm="syz.0.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1056.664293][   T24] audit: type=1326 audit(1035.552:14327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10739 comm="syz.0.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1056.727362][   T24] audit: type=1326 audit(1035.552:14328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10739 comm="syz.0.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1056.732093][T10740] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,minixdf,nolazytime,bsddf,,errors=continue
[ 1056.750555][   T24] audit: type=1326 audit(1035.552:14329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10739 comm="syz.0.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1056.750580][   T24] audit: type=1326 audit(1035.552:14330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10739 comm="syz.0.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f37a39aebe9 code=0x7ffc0000
[ 1056.885652][T10747] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2839'.
[ 1057.327137][T10757] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,journal_dev=0x0000000000000002,quota,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold,,errors=continue
[ 1057.450468][T10769] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 18)!
[ 1057.471749][T10769] EXT4-fs (loop4): group descriptors corrupted!
[ 1057.628929][T10780] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2850'.
[ 1058.075405][T10790] EXT4-fs (loop0): Unrecognized mount option "uid>00000000000000000000" or missing value
[ 1058.668262][T10796] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 1058.709937][T10796] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1058.752005][T10796] ==================================================================
[ 1058.760213][T10796] BUG: KASAN: use-after-free in __ext4_iget+0x36d/0x40e0
[ 1058.767330][T10796] Read of size 8 at addr ffff8881355c5268 by task syz.1.2855/10796
[ 1058.775207][T10796] 
[ 1058.777653][T10796] CPU: 1 PID: 10796 Comm: syz.1.2855 Tainted: G        W         5.10.240-syzkaller #0
[ 1058.787273][T10796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1058.797328][T10796] Call Trace:
[ 1058.800629][T10796]  __dump_stack+0x21/0x24
[ 1058.804966][T10796]  dump_stack_lvl+0x169/0x1d8
[ 1058.809647][T10796]  ? show_regs_print_info+0x18/0x18
[ 1058.814849][T10796]  ? thaw_kernel_threads+0x220/0x220
[ 1058.820141][T10796]  ? _raw_spin_lock+0x8e/0xe0
[ 1058.824827][T10796]  print_address_description+0x7f/0x2c0
[ 1058.830535][T10796]  ? __ext4_iget+0x36d/0x40e0
[ 1058.835229][T10796]  kasan_report+0xe2/0x130
[ 1058.839663][T10796]  ? __ext4_iget+0x36d/0x40e0
[ 1058.844348][T10796]  __asan_report_load8_noabort+0x14/0x20
[ 1058.849987][T10796]  __ext4_iget+0x36d/0x40e0
[ 1058.854617][T10796]  ? idr_replace+0x190/0x190
[ 1058.859211][T10796]  ? __kasan_check_write+0x14/0x20
[ 1058.864332][T10796]  ? _raw_write_lock+0x8e/0xe0
[ 1058.869108][T10796]  ? _raw_write_trylock+0x140/0x140
[ 1058.874555][T10796]  ? __proc_create+0x564/0x8d0
[ 1058.879337][T10796]  ? __kasan_check_write+0x14/0x20
[ 1058.884466][T10796]  ? ext4_get_projid+0x140/0x140
[ 1058.889410][T10796]  ? _raw_write_unlock+0x2b/0x60
[ 1058.894368][T10796]  ? proc_register+0x34d/0x4e0
[ 1058.899203][T10796]  ext4_enable_quotas+0x33b/0x6d0
[ 1058.904286][T10796]  ext4_fill_super+0x82a9/0x8b60
[ 1058.909274][T10796]  ? ext4_mount+0x40/0x40
[ 1058.913611][T10796]  ? set_blocksize+0x1fe/0x3c0
[ 1058.918509][T10796]  ? sb_set_blocksize+0xaa/0xf0
[ 1058.923493][T10796]  mount_bdev+0x28b/0x3a0
[ 1058.927890][T10796]  ? ext4_mount+0x40/0x40
[ 1058.932238][T10796]  ext4_mount+0x34/0x40
[ 1058.936405][T10796]  legacy_get_tree+0xed/0x190
[ 1058.941096][T10796]  ? ext4_chksum+0x160/0x160
[ 1058.945697][T10796]  vfs_get_tree+0x89/0x260
[ 1058.950120][T10796]  do_new_mount+0x25a/0xa20
[ 1058.954630][T10796]  path_mount+0x572/0xc80
[ 1058.958962][T10796]  __se_sys_mount+0x318/0x380
[ 1058.963646][T10796]  ? __x64_sys_mount+0xd0/0xd0
[ 1058.968417][T10796]  __x64_sys_mount+0xbf/0xd0
[ 1058.973008][T10796]  do_syscall_64+0x31/0x40
[ 1058.977430][T10796]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1058.983325][T10796] RIP: 0033:0x7f65acf6a38a
[ 1058.987833][T10796] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1059.007446][T10796] RSP: 002b:00007f65ab9d0e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1059.015868][T10796] RAX: ffffffffffffffda RBX: 00007f65ab9d0ef0 RCX: 00007f65acf6a38a
[ 1059.023844][T10796] RDX: 0000200000000100 RSI: 0000200000000280 RDI: 00007f65ab9d0eb0
[ 1059.031821][T10796] RBP: 0000200000000100 R08: 00007f65ab9d0ef0 R09: 0000000000000000
[ 1059.039799][T10796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000280
[ 1059.047794][T10796] R13: 00007f65ab9d0eb0 R14: 0000000000000baf R15: 0000200000000140
[ 1059.055779][T10796] 
[ 1059.058112][T10796] Allocated by task 9777:
[ 1059.062449][T10796]  __kasan_slab_alloc+0xbd/0xf0
[ 1059.067433][T10796]  slab_post_alloc_hook+0x5d/0x2f0
[ 1059.072568][T10796]  kmem_cache_alloc+0x165/0x2e0
[ 1059.077518][T10796]  f2fs_alloc_inode+0x26/0x410
[ 1059.082296][T10796]  iget_locked+0x146/0x7d0
[ 1059.086725][T10796]  f2fs_iget+0x55/0x4dc0
[ 1059.090980][T10796]  f2fs_fill_super+0x45ba/0x6c70
[ 1059.095927][T10796]  mount_bdev+0x28b/0x3a0
[ 1059.100269][T10796]  f2fs_mount+0x34/0x40
[ 1059.104434][T10796]  legacy_get_tree+0xed/0x190
[ 1059.109116][T10796]  vfs_get_tree+0x89/0x260
[ 1059.113545][T10796]  do_new_mount+0x25a/0xa20
[ 1059.118151][T10796]  path_mount+0x572/0xc80
[ 1059.122485][T10796]  __se_sys_mount+0x318/0x380
[ 1059.127168][T10796]  __x64_sys_mount+0xbf/0xd0
[ 1059.131765][T10796]  do_syscall_64+0x31/0x40
[ 1059.136194][T10796]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1059.142080][T10796] 
[ 1059.144410][T10796] Last potentially related work creation:
[ 1059.150149][T10796]  kasan_save_stack+0x3a/0x60
[ 1059.154838][T10796]  __kasan_record_aux_stack+0xd2/0x100
[ 1059.160302][T10796]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1059.166182][T10796]  call_rcu+0x10e/0x1050
[ 1059.170434][T10796]  evict+0x857/0x910
[ 1059.174343][T10796]  iput+0x638/0x7c0
[ 1059.178170][T10796]  f2fs_put_super+0x649/0xc00
[ 1059.182854][T10796]  generic_shutdown_super+0x149/0x320
[ 1059.188233][T10796]  kill_block_super+0x7f/0xf0
[ 1059.192922][T10796]  kill_f2fs_super+0x2e7/0x390
[ 1059.197708][T10796]  deactivate_locked_super+0xa0/0x100
[ 1059.203088][T10796]  deactivate_super+0xaf/0xe0
[ 1059.207773][T10796]  cleanup_mnt+0x446/0x500
[ 1059.212194][T10796]  __cleanup_mnt+0x19/0x20
[ 1059.216611][T10796]  task_work_run+0x127/0x190
[ 1059.221207][T10796]  exit_to_user_mode_loop+0xcb/0xe0
[ 1059.226422][T10796]  syscall_exit_to_user_mode+0x68/0x90
[ 1059.231894][T10796]  do_syscall_64+0x3d/0x40
[ 1059.236323][T10796]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1059.242212][T10796] 
[ 1059.244551][T10796] Second to last potentially related work creation:
[ 1059.251159][T10796]  kasan_save_stack+0x3a/0x60
[ 1059.255854][T10796]  __kasan_record_aux_stack+0xd2/0x100
[ 1059.261337][T10796]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1059.267165][T10796]  call_rcu+0x10e/0x1050
[ 1059.271423][T10796]  evict+0x857/0x910
[ 1059.275342][T10796]  iput+0x638/0x7c0
[ 1059.279164][T10796]  f2fs_put_super+0x649/0xc00
[ 1059.283847][T10796]  generic_shutdown_super+0x149/0x320
[ 1059.289227][T10796]  kill_block_super+0x7f/0xf0
[ 1059.293921][T10796]  kill_f2fs_super+0x2e7/0x390
[ 1059.298695][T10796]  deactivate_locked_super+0xa0/0x100
[ 1059.304076][T10796]  deactivate_super+0xaf/0xe0
[ 1059.308770][T10796]  cleanup_mnt+0x446/0x500
[ 1059.313191][T10796]  __cleanup_mnt+0x19/0x20
[ 1059.317606][T10796]  task_work_run+0x127/0x190
[ 1059.322204][T10796]  exit_to_user_mode_loop+0xcb/0xe0
[ 1059.325241][T10800] netlink: 68 bytes leftover after parsing attributes in process `syz.5.2856'.
[ 1059.327411][T10796]  syscall_exit_to_user_mode+0x68/0x90
[ 1059.341782][T10796]  do_syscall_64+0x3d/0x40
[ 1059.346207][T10796]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1059.352092][T10796] 
[ 1059.354432][T10796] The buggy address belongs to the object at ffff8881355c4d40
[ 1059.354432][T10796]  which belongs to the cache f2fs_inode_cache of size 1520
[ 1059.356529][T10800] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2856'.
[ 1059.369016][T10796] The buggy address is located 1320 bytes inside of
[ 1059.369016][T10796]  1520-byte region [ffff8881355c4d40, ffff8881355c5330)
[ 1059.369021][T10796] The buggy address belongs to the page:
[ 1059.369051][T10796] page:ffffea0004d57000 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8881355c46d0 pfn:0x1355c0
[ 1059.369060][T10796] head:ffffea0004d57000 order:3 compound_mapcount:0 compound_pincount:0
[ 1059.369074][T10796] flags: 0x4000000000010200(slab|head)
[ 1059.369090][T10796] raw: 4000000000010200 ffffea0004d53200 0000000200000002 ffff8881029c3c80
[ 1059.369103][T10796] raw: ffff8881355c46d0 0000000080130002 00000001ffffffff 0000000000000000
[ 1059.369108][T10796] page dumped because: kasan: bad access detected
[ 1059.369113][T10796] page_owner tracks the page as allocated
[ 1059.369131][T10796] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 4474, ts 620353394574, free_ts 617672342111
[ 1059.369146][T10796]  prep_new_page+0x179/0x180
[ 1059.369159][T10796]  get_page_from_freelist+0x2235/0x23d0
[ 1059.369171][T10796]  __alloc_pages_nodemask+0x268/0x5f0
[ 1059.369180][T10796]  new_slab+0x84/0x3f0
[ 1059.369191][T10796]  ___slab_alloc+0x2a6/0x450
[ 1059.369201][T10796]  __slab_alloc+0x63/0xa0
[ 1059.369221][T10796]  kmem_cache_alloc+0x1af/0x2e0
[ 1059.506699][T10796]  f2fs_alloc_inode+0x26/0x410
[ 1059.511471][T10796]  iget_locked+0x146/0x7d0
[ 1059.515891][T10796]  f2fs_iget+0x55/0x4dc0
[ 1059.520170][T10796]  f2fs_fill_super+0x45ba/0x6c70
[ 1059.525110][T10796]  mount_bdev+0x28b/0x3a0
[ 1059.529465][T10796]  f2fs_mount+0x34/0x40
[ 1059.533631][T10796]  legacy_get_tree+0xed/0x190
[ 1059.538319][T10796]  vfs_get_tree+0x89/0x260
[ 1059.542741][T10796]  do_new_mount+0x25a/0xa20
[ 1059.547246][T10796] page last free stack trace:
[ 1059.551933][T10796]  free_unref_page_prepare+0x2b7/0x2d0
[ 1059.557389][T10796]  __free_pages+0x14b/0x380
[ 1059.561892][T10796]  __free_slab+0xcf/0x190
[ 1059.566222][T10796]  unfreeze_partials+0x15f/0x190
[ 1059.571179][T10796]  put_cpu_partial+0xc1/0x180
[ 1059.575855][T10796]  __slab_free+0x2c9/0x3a0
[ 1059.580281][T10796]  ___cache_free+0x111/0x130
[ 1059.584875][T10796]  qlink_free+0x50/0x90
[ 1059.589056][T10796]  qlist_free_all+0x5f/0xb0
[ 1059.593564][T10796]  kasan_quarantine_reduce+0x14a/0x160
[ 1059.599036][T10796]  __kasan_slab_alloc+0x2f/0xf0
[ 1059.603900][T10796]  slab_post_alloc_hook+0x5d/0x2f0
[ 1059.609019][T10796]  kmem_cache_alloc_trace+0x160/0x2e0
[ 1059.614397][T10796]  kernfs_iop_get_link+0x66/0x600
[ 1059.619430][T10796]  vfs_readlink+0x171/0x3d0
[ 1059.623954][T10796]  do_readlinkat+0x23b/0x480
[ 1059.628553][T10796] 
[ 1059.630900][T10796] Memory state around the buggy address:
[ 1059.636535][T10796]  ffff8881355c5100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1059.644598][T10796]  ffff8881355c5180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1059.652670][T10796] >ffff8881355c5200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1059.660733][T10796]                                                           ^
[ 1059.668202][T10796]  ffff8881355c5280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1059.676300][T10796]  ffff8881355c5300: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[ 1059.684371][T10796] ==================================================================
[ 1059.692435][T10796] Disabling lock debugging due to kernel taint
[ 1059.718243][T10796] EXT4-fs warning (device loop1): ext4_enable_quotas:6491: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[ 1059.734198][T10796] EXT4-fs (loop1): mount failed
[ 1059.960789][T10805] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1060.010735][T10796] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1060.069524][T10805] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1060.296783][T10816] attempt to access beyond end of device
[ 1060.296783][T10816] loop4: rw=2049, want=45104, limit=40427
[ 1060.718786][  T279] attempt to access beyond end of device
[ 1060.718786][  T279] loop4: rw=2049, want=45112, limit=40427