last executing test programs:

2m11.19448396s ago: executing program 4 (id=321):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000030000000000000000000024000a20000000000a1f000000000000001000010000000900010073797a300000000058000000030a0104000000000000000001000000090003803d2175fbe782c2002c00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c0004804800018008000100666962003c000280080003400000000c08000140000000020800014000000030080002400000000308000140000000120800034000000000080003400000000a"], 0x122}, 0x1, 0x0, 0x0, 0x44800}, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb86dd6012000800103afffe8000000000000000000004000000bbff0200000000000000400000000000018600907800000200001d000000000000"], 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[], 0x48)
syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$UI_DEV_CREATE(r6, 0x5501)
socket$l2tp(0x2, 0x2, 0x73)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0xb40, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0xc3)

2m5.532807983s ago: executing program 4 (id=334):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
r4 = socket$kcm(0x10, 0x400000002, 0x0)
recvmsg$kcm(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000001c80)=""/108, 0x6c}, {&(0x7f0000001d00)=""/200, 0xc8}, {&(0x7f00000024c0)=""/4096, 0x1000}, {&(0x7f0000000a00)=""/97, 0x61}, {&(0x7f0000000a80)=""/224, 0xe0}, {&(0x7f0000000340)=""/69, 0x45}, {&(0x7f0000000540)=""/49, 0x31}], 0x7}, 0x0)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029ea69801d76ab0a272a2a788bab6c95f79725074", 0x1c}], 0x1}, 0x0)
write$vga_arbiter(r3, &(0x7f0000000200)=ANY=[@ANYBLOB='lock io'], 0xc)
ioctl$VIDIOC_S_CROP(0xffffffffffffffff, 0x4014563c, &(0x7f0000000180)={0x1, {0xfffffffa, 0x800, 0x200005, 0x8}})
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000580)={0x1, @pix_mp={0xfffffffc, 0x9, 0x41414270, 0x0, 0xb, [{0x4, 0x80}, {0xffffffff, 0xb}, {0x1, 0x8000}, {0x4, 0x101}, {0xffffffff, 0x80}, {0xa, 0x9}, {0xffffffff}, {0x8000, 0x9}], 0x7, 0x4, 0x7, 0x1}})
write$vga_arbiter(r3, &(0x7f0000000b40)=@unlock_all, 0xb)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x4001, 0x3, 0x2b8, 0x180, 0x0, 0x148, 0x0, 0x148, 0x220, 0x240, 0x240, 0x220, 0x240, 0x7fffffe, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth1_to_batadv\x00', {}, {}, 0x88}, 0x0, 0x118, 0x180, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'lo\x00', {0x0, 0x0, 0x1ff, 0x0, 0x0, 0xed, 0x7}}}, @common=@inet=@multiport={{0x50}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x318)

2m1.376833771s ago: executing program 4 (id=340):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
r4 = socket$kcm(0x10, 0x400000002, 0x0)
recvmsg$kcm(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000001c80)=""/108, 0x6c}, {&(0x7f0000001d00)=""/200, 0xc8}, {&(0x7f00000024c0)=""/4096, 0x1000}, {&(0x7f0000000a00)=""/97, 0x61}, {&(0x7f0000000a80)=""/224, 0xe0}, {&(0x7f0000000340)=""/69, 0x45}, {&(0x7f0000000540)=""/49, 0x31}], 0x7}, 0x0)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029ea69801d76ab0a272a2a788bab6c95f79725074", 0x1c}], 0x1}, 0x0)
write$vga_arbiter(r3, &(0x7f0000000200)=ANY=[@ANYBLOB='lock io'], 0xc)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
ioctl$VIDIOC_S_CROP(r5, 0x4014563c, &(0x7f0000000180)={0x1, {0xfffffffa, 0x800, 0x200005, 0x8}})
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x4001, 0x3, 0x2b8, 0x180, 0x0, 0x148, 0x0, 0x148, 0x220, 0x240, 0x240, 0x220, 0x240, 0x7fffffe, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth1_to_batadv\x00', {}, {}, 0x88}, 0x0, 0x118, 0x180, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'lo\x00', {0x0, 0x0, 0x1ff, 0x0, 0x0, 0xed, 0x7}}}, @common=@inet=@multiport={{0x50}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x318)

1m57.946864306s ago: executing program 4 (id=346):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000d40)={[{@test_dummy_encryption}]}, 0x1, 0x246, &(0x7f0000000ac0)="$eJzs3DFoJFUcBvBvZnc9c7fIqY0gqCAiGghnJ9icjcKJHIeIoMKJiI1yEWKCXWJlY6G1SiqbIHZGS0kTbBTBKmqK2AgaLAwWiqzMTiJJXGNgkx3J/H4wuzM78+b/htnv7TbzArTWxSSXk3SSTCfpJSn2H3BPvVzc3VyeWr+eDAZP/VIMj6u3a3vtLiRZSvJwkrWyyCvdZGH1ua3fNh6//+353n0frj47NdGL3LW9tfnkzgdX3/rkykMLX33z09Uil9M/cF0nrxjxWbdIbjuNYv8TRbfpHnAc1974+Nsq97cnuXeY/17K1Dfvnbmb1np58P1/a/vuz1/fOcm+AidvMOhVv4FLA6B1yiT9FOVMknq9LGdm6v/w33XOl6/Ozr0+/fLs/I2Xmh6pgJPSTzYf++zcpxcO5f/HTp1/4Cx54sBWlf+nr618X63vdJrqE9CEKv/TLyw+EPmH1pF/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aC/5h7PtxSP2HSP/5Wn1C2jW/vwDAO0yONf0E8hAU5oefwAAAAAAAAAAAAAAAAAAgH9anlq/vrdMquYX7yXbjybpjqrf2Z2A7Obh6/lfi+qwvxV1s7E8f/eYJxjTRw0/fX3LD83W//KuZusv3kiW3kxyqds99P37c5Bi7Anwbv2P/b2jJuibgEeeabb+HyvN1r+ykXxejT+XRo0/Ze4Yvo8ef/rV/Ruz/mu/j3kCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJuavAAAA///41m/U")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x850c00, 0x0, 0x0, 0x0, &(0x7f0000000400))
chdir(&(0x7f00000003c0)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x408, 0x1)
syz_io_uring_setup(0x2, &(0x7f0000000080)={0x0, 0x0, 0x1046, 0x0, 0x1}, &(0x7f0000002500), &(0x7f0000002540))
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x82400, 0x184)
getdents(r0, &(0x7f00000001c0)=""/109, 0x6d)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001080)={0x14, 0x38, 0x301, 0x270bd26, 0x25dfdbfa, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x8001}, 0x4)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={0xffffffffffffffff, &(0x7f0000000180), 0x0}, 0x20)
lseek(r0, 0x8, 0x1)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newlink={0x40, 0x10, 0x503, 0x20000000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x880}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x36}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000800}, 0x4000)
getdents(r0, 0x0, 0x40)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
splice(r2, 0x0, r3, &(0x7f00000002c0), 0x6, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
open(&(0x7f00000000c0)='./file1\x00', 0x800a01, 0x89)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000200)='./file0\x00', 0x810410, &(0x7f0000000000)=ANY=[], 0x1, 0x1e8, &(0x7f0000000880)="$eJzsmT+MEkEUxr8ZFlaJMbGxsDFRVIyy7C5qaEjQxN4E/3YSWQm6gIElARILYmNjaWFia2dlYUFtZ2erhZqYWEhpvWaGgR2B1SPk7kju/ZJ79+3M7Lw3b7MfCYAgiAPL92+/v764Vrx5EcARZGCq8Z+JaA3X1n951bvwsnT99bvPbz60jj4dL+5nrpW9LKNxCgjUSBiGob4iIyMzRBUZNXYLHOeVvgOGM0rfB8dtpT0w3FP6kabbh5XwPetB2689bPieLYIjgitCQc9vAJiMGGoADqn6mDbfHQwfV33f6yyKZDjLszS1rvhXB2V9VzlKWv/E87r7/NlIXFtq3Nb654DDUboAhorSRZiwLCtqiXb+E0a0f2In598GcSy3FWX8R4TmVpSxP+JsD9jLpG/Vy/vXlBibrzk+GX9cvv3H5tnZbr8yIoH4W5ySxoUVff6U3ixpCiuaORORPwn3PievytI/DBhz/8gHzSf57mCYazSrda/utVy3cMW+ZNuX3bw0omlc6X3qWNKf0pr/JWO8MsVS6FeDoOP0gaDjzK/dadQct/K+/Uvew+X+HNnT0z1Ef+WxYz7oZs+Ay/9CZRMx5RAEQRAEQRAEQRAEQRAEQazJSTD5Laj6oSqMwb0hV/8JAAD//+YqXEg=")
write$FUSE_INIT(r4, &(0x7f0000002300)={0x50, 0x0, 0x0, {0x7, 0x9, 0x0, 0x1030002}}, 0x50)

1m54.188605309s ago: executing program 4 (id=353):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
unshare(0x26020280)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x404})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x64f015fd58a9b8d5)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)}, {0x0}], 0x2)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000339000/0x1000)=nil, 0x800000})
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x20002, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000140)=0xe)
ioctl$TCFLSH(r2, 0x540b, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x15, 0x1c, &(0x7f0000000000)=@ringbuf={{0x18, 0x8}, {{}, {}, {0x7, 0x0, 0xb, 0x6, 0x0, 0x0, 0x5}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0x6, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x1, 0xa, 0x9, 0x9}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x6}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x66, '\x00', 0x0, @sk_reuseport, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)

1m42.484145302s ago: executing program 4 (id=374):
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
landlock_restrict_self(r0, 0x0)

1m42.086087886s ago: executing program 32 (id=374):
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
landlock_restrict_self(r0, 0x0)

16.459389342s ago: executing program 3 (id=502):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x69703000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000040000000000001d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x37, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x48)

10.472772681s ago: executing program 0 (id=513):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x1000008, &(0x7f0000000180)=ANY=[@ANYBLOB='iocharset=cp850,fmask=00000000000000000000240,errors=remount-ro,iocharset=cp936,iocharset=iso8859-14,dmask=00000000000000000000000,gid=', @ANYRESHEX=0x0, @ANYRES8], 0x1, 0x152f, &(0x7f0000000880)="$eJzs3AucTVX7OPDnWWvtMSSdJrkMa61nc5LLIklySZJLkiRJkltC0iSvJCSG3JKGJCSXIbkMIblMTBr3+/2SkCRNkoTklqz/Z8r81Vvv/33f39svv/9vnu/nsz+znrP2s/ba85yzz977nJlvug6r1aR29UZEBP8R/OVHIgDEAsAgALgGAAIAKB9XPi6zP6fExP9sI+zP9VDKlZ4Bu5K4/tkb1z974/pnb1z/7I3rn71x/bM3rn/2xvVnLDvbMqPgtbxk34Xv/2dn/P7/v0hG6XFfrCt9fTeAmH81hev//z/8D3K5/v9rBf/KSlz/7I3rn13FXukJsP8B+PWfHeT4hz1c/+yN689Ydvbre8GxcOXvR//VC0Sy92cgV/r5xxhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsezjrL1MAkNW+0vNijDHGGGOMMcbYn8fnuNIzYIwxxhhjjDHG2H8/BAESFAQQAzkgFnJCLhAAMVn910IcXAd54XrIB/mhABSEeCgEhUGDAQsEIRSBohCFG6AY3AjFoQSUhFLgoDSUgZugLNwM5eAWKA+3QgW4DSpCJagMVeB2qAp3QDW4E6rDXVADakItqA13Qx24B+rCvVAP7oP6cD80gAegITwIjeAhaAwPQxN4BJrCo9AMmkMLaAmt/kv5L0BPeBF6QW9IhD7QF16CftAfBsBAGAQvw2B4BYbAq5AEQ2EYvAbD4XUYAW/ASBgFo+FNGANvwVgYB+NhAiTDRJgEb8NkeAemwFSYBtMhBWbATHgXZsFsmAPvwVx4H+bBfFgACyEVPoBFsBjS4ENYAh9BOiyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBR/DbvgE9sBe2Aefwn747N/MP/N3+d0QEFCgQIUKYzAGYzEWc2EuzI25MQ/mwQhGMA7jMC/mxXyYDwtgAYzHeCyMhdGgQULCIlgEoxjFYlgMi2NxLIkl0aHDMlgGy+LNWA7LYXksjxWwAlbESlgJq2AVrIpVsRpWw+pYHWtgDayFtfBuvBv7YF2si/WwHtbH+lm3p7ARNsLG2BibYBNsik2xGTbDFtgCW2ErbI2tsQ22wXbYDttje+yAHTABE7AjdsRO2Ak7Y2fsgl2wK3bFbtgdu2e8kAPwRXwRe2MN0Qf7Yl/sh0k5BuBAHIgv42B8BV/BVzEJh+IwfA1fw9dxBJ7GkTgKR+NorCrewrE4DklMwGRMxkk4CSfjZJyCU3EqTscUnIEzcSbOwtk4G9/Dufg+vo/zcT4uxFRMxUW4GNMwDZfgGUzHpbgMl+MKXIkrcDWuwdW4DtfjOtyIG3EzbsatuBW343bciTvxY1QA+Anuxb2YhPtxPx7AA3gQD+IhPIQZmIGH8TAewSN4FI/iMTyGx/EEnsQTeApP4Wk8g2fxLJ7H83gBn4v/qvHHJdYmgcikhBIxIkbEiliRS+QSuUVukUfkEREREXEiTuQVeUU+kU8UEAVEvIgXhUVhYYQRJMLMI4WIiqgoJoqJ4qK4KClKCiecKCPKiLKirCgnyony4lZRQdwmKopKoq2rIqqIqqKdqybuFNVFdVFD1BS1RG1RW9QRdURdUVfUE/VEfVFfNBAPiIaiDw7Ah0RmZZqIodhUDMNmormQl45QrcUIbCPainbiCTEKR2IH0doliKdFRzEWO4m/iXH4rOgiJmBX8bzoJrqLHuIF0VO0cb1EbzEF+4i+Yjr2E/3FADFQzMKa4j2cm7OWeFUkiaFimHhNLMTXxQjxhhgpRonR4k0xRrwlxopxYryYIJLFRDFJvC0mi3fEFDFVTBPTRYqYIWaKd8UsMVvMEe+JueJ9MU/MFwvEQpEqPhCLxGKRJj4US8RHIl0sFcvEcrFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHaxQ+wUu8THYrf4ROwRe8U+8anYLz4TB8Tn4qD4QhwSX4oM8ZU4LL4WR8Q34qj4VhwT34nj4oQ4Kb4Xp8QP4rQ4I86Kc+K8+FFcED+Ji8ILkCiFlFLJQMbIHDJW5pS55FUytwyyjv8yTl4n88rrZT6ZXxaQBWW8LCQLSy2NtJJkKIvIojIqb5DF5I2yuCwhS8pS0snSsoy8SZaVN8ty8hZZXt4qK8jbZEVZSVaWVeTtsqq8Q0Lkl23UkDVlLVlb3i0T4R5ZV94r68n7ZH15v2wgH5AN5YOykXxINpYPyybyEdlUPiqbyeayhWwpW8nHZGv5uGwj28p28gnZXj4pO8inZIJ8WnaU/tJT5FnZRT4nu8rnZTfZXfaQP8mL0stesreEPiD7ypdkP9lfDpAD5SD5shwsX5FD5KsySQ6Vw+Rrcrh8XY6Qb8iRcpQcLd+UY+RbcqwcJ8fLCTJZTpST5NtysnxHTpFT5TQ5XabIGXLApZHmSPlP89/+g/whP299s9wit8ptcrvcIXfKXfJjuVvulnvkHrlP7pP75X55QB6QB+VBeUgekhkyQx6Wh+UReUQelUflMXlMHpcn5Dn5vTwlf5Cn5Rl5Rp6T5+V5eeHS7wAUKqGkUipQMSqHilU5VS51lcqtrlZ51DUqoq5Vceo6lVddr/Kp/KqAKqjiVSFVWGlllFWkQlVEFVVRdQNeesKokqqUcqq0KqNu+nfyVTF1oyquSvwmP2t+if9gfq1UK9VatVZtVBvVTrVT7VV71UF1UAkqQXVUHVUn1Ul1Vp1VF9VFdVVdVTfVTfVQPVRP1VP1Ur1UokpUfdVLqp/qrwaogWqQellk7sMQNUQlqSQ1TA1Tw9VwNUKNUCPVSDVajVZj1Bg1Vo1V49V4layS1SQ1SU1Wk9UUNUVNU9NUikpRM9VMNUvNUnPUHDVXzVXz1Dy1QC1QqSpVLVKLVJpKU0vUEpWulqqlarlarlaqlWq1Wq3WqrVqvVqvNqqNKl1tUVvUNrVN7VA71C61S+1Wu9UetUftU/vUfrVfHVAH1EF1UB1Sh1SGylCH1WF1RB1RR9VRdUwdU8fVcXVSnVSn1Cl1Wp1WZ9VZdV6dVxfUBXVRXcw87QtEIAIVqCAmiAlig9ggV5AryB3kDvIEeYJIEAnigrggb3B9kC/IHxQICgbxQaGgcKADE9hAXCp6NLghKBbcGBQPSgQlg1KBC0oHZYKbgrLBzUG54JagfHBrUCG4LagYVAoqB1WC24OqwR1BteDOoHpwV1AjqBnUCmoHdwd1gnuCusG9Qb3gvqB+cH/QIHggaBg8GDQKHgoaBw8HTYJHgqbBo0GzoHnQImgZtPpTx/f+dP7HXS/dWyfqPrqvfkn30/31AD1QD9Iv68H6FT1Ev6qT9FA9TL+mh+vX9Qj9hh6pR+nR+k09Rr+lx+pxeryeoJP1RD1Jv60n63f0FD1VT9PTdYqeoWfqd/UsPVvP0e/pufp9PU/P1wv0Qp2qP9CL9GKdpj/US/RHOl0v1cv0cr1Cr9Sr9Gq9Rq/V6/R6vUFv1Jv0Zr1Fb9Xb9Ha9Q+/Uu/THerf+RO/Re/U+/anerz/TB/Tn+qD+Qh/SX+oM/ZU+rL/WR/Q3+qj+Vh/T3+nj+oQ+qb/Xp/QP+rQ+o8/qc/q8/lFf0D/pi9pnntxnvr0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSavyWvymXymgClg4k28KWwKm0xkyBQxRUzURE0xU8wUN8VNSVPSOONMGVPGlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3G5uN3eYO8yd5k5zl7nL1DQ1TW1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDPNTAvTwrQyrUxr09q0MW1MO9POtDftTQfTwSSYBNPRdDSdTCfT2XQ2XUwX09V0Nd1MN9PD9DA9TU/Ty/QyiSbR9DV9TT/TzwwwA8wgM8gMNoPNEDPEJJkkM8wMM8PNcDPCjDAjzSgzOvNE1bxlxppxZryZYJJNsplkJpnJZrKZYqaYaWaaSTEpZqaZaWaZWWaOmWPmmrlmnplnFpgFJtWkmkVmkUkzaWaJWWLSTbpZZpaZFWaFWWVWmTVmjVln1pkNsMFsMpvMFrPFbDPbzA6zw+wyu8xus9vsMXvMPrPP7Df7zQFzwBw0B80hc8hkmAxz2Bw2R8wRc9QcNcfMMXPcHDcnzUlzypwyp81pc9acNedN/kvvl97E2pw2l73K5rZX2zz2Gvv3cQFb0MbbQraw1Tafzf+b2Fhri9sStqQtZZ0tbcvYm34XV7SVbGVbxd5uq9o7bLXfxXXsPbauvdfWs/fZ2vbu38T17f22gX3ENkQEsM1tY9vSNrGP2Kb2UdvMNrctbEvb3j5pO9inbIJ92na0z/wuXmQX2zV2rV1n19s9dq89a8/ZI/Ybe97+aHvZ3naQfdkOtq/YIfZVm2SH/i4ebd+0Y+xbdqwdZ8fbCb+Lp9npNsXOsDPtu3aWnf27ONV+YOfaNDvPzrcL7MKf48w5pdkP7RL7kU23ASyzy+0Ku9Kusqv/71yX2412k91sd9tP7Da73e6wO+2urBNhu9fus5/a/fYze9h+bQ/aL+whe9Rm2K9+jjP376j91h6z39nj9oQ9ab+3p+wPKis7c9+/tz/Zi9ZbICQgSYoCiqEcFEs5KRddRbnpaspD11CErqU4uo7y0vWUj/JTASpI8VSICpMmQ5aIQipCRSlKN1DW9EpSKXJUmsrQTVSWbqZydAuVp1upAt1GFakSVaYqdDtVpTuoGt1J1ekuqkE1qRbVprupDt1Ddeleqkf3UX26nxrQA9SQHqRG9BA1poepCT1CTelRakbNqQW1pFb0GLWmx6kNtaV29AS1pyepAz1FCfQ0daRnqBP9jTrTs9SFnqOu9Dx1o+7Ug16gnvQi9aLelEh9qC+9RP2oPw2ggTSIXqbB9AoNoVcpiYbSMHqNhtPrNILeoJE0ikbTmzSG3qKxNI7G0wRKpok0id6myfQOTaGpNI2mUwrNoJn0Ls2i2TSH3qO59D7No/m0gBZSKn1Ai2gxpdGHtIQ+onRaSstoOa2glbSKVtMaWkvraD1toI20iTbTFtpK22g77aCdtIs+pt30Ce2hvbSPPqX99BkdoM/pIH1Bh+hLyqCv6DB9TUfoGzpK3/re9B0dpxN0kr6nU/QDnaYzdJbO0Xn6kS7QT3SRPEGIoQhlqMIgjAlzhLFhzjBXeFWYO7w6zBNeE0bCa8O48Lowb3h9mC/MHxYIC4bxYaGwcKhDE9qQwjAsEhYNo+ENYbHwxrB4WCIsGZYKXVg6LBPeFJYNbw7LhbeE5cNbwwrhbWHFsFL4yH1VwtvDquEdYbXwzrB6eFdYI6wZ1gprh3eHdcJ7wrrhvWG98L6wXHh/2CB8IGwYPhg2Ch8KG4cPh03CR8Km4aNhs7B52CJsGbYKHwtbh4+HbcK2YbvwqrB9+GTYIXwqTAifDjuGz/zcf//irP4nftefGPYJ+4YvhS+F3t8rF0QXRlOjH0QXRRdH06IfRpdEP4qmR5dGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGN0U3R72vnQMcOuGkUy5wMS6Hi3U5XS53lcvtrnZ53DUu4q51ce46l9dd7/K5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd4Mr5m50xV0JV9KVcs6VdmVcS9fKtXKt3eOujWvr2rkn3BPuSfeke8o95Z52Hd0zrpP7m+vsnnVd3HPuOfe86+a6ux7uBdfTTczzy2sy0fV1fV0/188NcAPcIDfIDXaD3RA3xCW5JDfMDXPD3XA3wo1wI91IN9qNdmPcGDfWjXXj3XiX7JLdJDfJTXaT3RQ3xU1z01yKS3Ez3Uw3y81yVWf/spV5bp5b4Ba4VJfqFrnMc8Y0t8Qtceku3S1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73G632+3x1/wyqNvvDrgD7qA76A65L12G+8oddl+7I+4bd9R9646579xxd8KddN+7U+4Hd9qdcWfdOXfe/eguuJ/cReddcmRiZFLk7cjkyDuRKZGpkWmR6ZGUyIzIzMi7kVmR2ZE5kfcicyPvR+ZF5kcWRBZGUiMfRBZFFkfSIh9GlkQ+iqRHlkaWRZZHVkRWRrwvtC30RXxRH/U3+GL+Rl/cl/AlfSnvfGlfxt/ky/qbfTl/iy/vb/UV/G2+oq/kK/tHfTPf3LfwLX0r/5hv7R/3bXxb384/4dv7J30H/5RP8E/7jv4Z38n/zXf2z/ou/jnf1T/vu/nuvod/wff0L/pevrdP9H18X/+S7+f7+wF+oB/kX/aD/St+iH/VJ/mhfph/zQ/3r/sR/g0/0o/yo2Pe9GOyLpFhgk/2E/0k/7af7N/xU/xUP81P9yl+hp/p3/Wz/Gw/x7/n5/r3/Tw/3y/wC32q/8Av8ot9mv/QL/Ef+XS/NOumsV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mt/sdfqff5T/2u/0nfo/f6/f5T/1+/5k/4D/3B/0X/pD/0mf4r/xh/7U/4r/xR/23/pj/zh/3J/xJ/70/5X/wp/0Zf9af8+f9j/6C/8lf5L9ZY4wxxhj7l0y83BS/7fnldn6fP8gRv1q5LwBcvb1gxq/7M88oN+T7pd1fxLePAMDTvbs+lLXUqJGYmHhp3XQJQdH5AFmfBGX6+asHl+Kl0A6ehARoC2X/cP79Rffz9E/Gj94KkOtXObFwOb48/ucAmPgH4z/2xOhFFcKzcf+P8ecDFC96OScnXI6XQruf76+0hXL/YP75W/+T+ef8Ihmgza9ycsPl+PL8y8Dj8Awk/GZNxhhjjDHGGGPsF/1F5c5Z159Z3/j8o+vzeHU5Jwdcjv/Z9TljjDHGGGOMMcauvGe793jqsYSEtp3//Ua1/1LWv9xoCv9dI3PjDxveA2Q9ogDgPxwQILMh/8q92PqXbCvp0kvn77tWnPMB/M8o5Z/RuMIHJsYYY4wxxtif7vJJ/28fV1dqQowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWDb0V/w7sSu9j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtiV9n8CAAD//7wUAB0=")
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x1a9)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000000040)={'bridge0\x00', 0x0})
sendfile(r1, r0, 0x0, 0x20000023893)

10.252591373s ago: executing program 3 (id=514):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x5ac, 0x269, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x7, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x1000, 0x6, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x9, 0x3}}}}}]}}]}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x8, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r3, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0}, 0x0)
socket(0x10, 0x803, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r4 = socket$unix(0x1, 0x1, 0x0)
setsockopt$sock_int(r4, 0x1, 0x10, 0x0, 0x0)
setsockopt$SO_TIMESTAMP(r4, 0x1, 0x22, &(0x7f0000000140)=0x6, 0x4)
listen(r4, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="05000000010000000800000008"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@local, @in, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0xfffffffffffffffd}, {0x800, 0x0, 0x6, 0x20000000}}, {{@in=@multicast1, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3}}, 0xe8)
socket$key(0xf, 0x3, 0x2)

8.469096795s ago: executing program 0 (id=516):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}})

8.385895379s ago: executing program 1 (id=517):
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000500)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
clock_nanosleep(0xfffffff2, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0}, 0x18)

8.173575362s ago: executing program 0 (id=518):
request_key(0x0, 0x0, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a3a2a4e7417e941910c27d130b55ac2d5f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731250f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e5485f36e53c821cb5898685c055a367ea51b653eff6581710f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6603628606afadb04eee58f42f1853f2e8598a5e250e0f4c9a"], 0x1, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
truncate(&(0x7f0000000080)='./file1\x00', 0xf000)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x14f862, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x58e, &(0x7f0000000080)={[{@errors_remount}, {@lazytime}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x391}}, {@block_validity}, {@block_validity}, {@quota}, {@jqfmt_vfsv0}]}, 0x1, 0x459, &(0x7f0000000240)="$eJzs289vFFUcAPDvTFug/LAV8Qc/1CoaG3+0tKBy8KLRxIMmJl7wWNtCkEINrYkQomAMHg2Jd+PRxL/Ak16MejLxqndDQgwXkdOa2Z1hf3S3tMu2g+znkwx9b+YN7333zdt9M283gL41lv2TROyMiD8iYqSWbS4wVvtz4/qF2X+vX5hNolJ59++kWu6f6xdmi6LFeTvyzHgakX6exP429S6dO39qZmFh/myen1w+/eHk0rnzL5w8PXNi/sT8memjR48cnnr5pekXV558c/1x3p+1dd8niwf2vvnelbdnj115/5fvBor4W+LokbHVDj5dqfS4unLtakgngyU2hHXJxkDWXUPV8T8SA1HvvJF447NSGwdsqEquw+GLFeAelkTZLQDKUXzQZ/e/xbZ5s4/yXXu1dgOUxX0j32pHBiPNywy13N/20lhEHLt48+tsi415DgEA0OSHbP7zfLv5XxoPNZS7L18bGs3XUnZHxAMRsSciHoyoln04Ih5ZZ/2tiyQr5z/p1a4CW6Ns/vdKvrbVPP8rZn8xOpDndlXjH0qOn1yYP5S/JuMxtDXLT61Sx4+v//5lp2ON879sy+ov5oJ5O64Obm0+Z25meeZOYm507VLEvsF28Se3VgKSiNgbEfu6rOPks98e6HTs9vGvogfrTJVvIp6p9f/FaIm/kKy+Pjm5LRbmD00WV8VKv/52+Z1O9d9R/D2Q9f/2ttf/rfhHk8b12qX113H5zy863tNMdHX913dsyf9+PLO8fHYqYkvyVq3Rjfun6+cW+aJ8Fv/4wfbjf3fUX4n9EZFdxI9GxGMR8Xjed09ExJMRcbAlrsb7659fe+qDTvHfDf0/19L/o81FWvq/ntgSrXvaJwZO/fR98/9YT67t/e9INTWe71nL+99a2tXd1QwAAAD/P2lE7IwknbiVHk4nJmrf4d8T29OFxaXl544vfnRmrvYbgdEYSosnXSMNz0On8tv60Uu1/HSRz48fzp8bfzUwXM1PzC4uzJUdPPS5HSvGf1od/5m/BspuHbDh/F4L+lfD+E/KbAew+Xz+Q/8y/qF/tRn/w2W0A9h87T7/Py2hHcDmaxn/lv2gj7j/h/5l/EP/ahz/vgAAfWNpOG7/I/l2iW3RzVkS90wi0ruiGb1JJF2OgrUmdpYd4PoTZb8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9MZ/AQAA//8L+fEo")
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x80)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff85"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000400)={0x0, 0x0}, 0x10)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000200)='y', 0xf4240}], 0x1, 0x0, 0x0, 0x0)
timer_delete(0x0)

8.071893174s ago: executing program 2 (id=520):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001ac0)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
setuid(0x0)

7.815222711s ago: executing program 2 (id=521):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f0000000640)=0x13)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000021c0)={0xff01, 0xfe, 0x6, 0x5, 0x5, "ba6fe295663cad7b"})
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000006c0)=0xa)

7.704662758s ago: executing program 1 (id=522):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000002ac0), 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)

7.442484366s ago: executing program 2 (id=523):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000780), r4)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r4, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000007c0)={0x28, r5, 0x1, 0x70bd2b, 0x25dfdbff, {{}, {}, {0xc, 0x14, 'syz0\x00'}}}, 0x28}, 0x1, 0x0, 0x0, 0x2000c895}, 0x4000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r6 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
syz_read_part_table(0x635, &(0x7f0000000000)="$eJzs3D9oXeUbB/DvSe899yaFtr8fTl1SncViZ28NSHqpdKp061IVJFQc4lSx5Ea6mCGDg7NLEbLUumjo4KAt4iROoYNacRWkqNQiPXLuOfdPBEFsOwifz5Dzvs953vd5n5yTMSf8py2kmxTjYS+dJMdf/kvGZiYJ6df5Sapue+/czuqp01VVVUWdcz7dPPn5oetJOu2S/nSbqqo2ppOTufrB0o13i1F353Zd9ObWgTq82BzjSPL0wbI/3mZuh1TVvoP1HuXvgX/n2uBWUVwp29lTvzxYST76efXs7pmt966/2IY3ki+T+vm/U78Xk+y3cvHYhc54WD/lN+f3/bW5lLPI7HEvprPvDKMr68PtlcHa3iRwdLjz6WvP/X7sRqoT+arsLExuFLP9ymT08O3X/R+u3/7tS4O1veHlxemNJ97//xdZbid3qypH6pL/y/hPZ/kRVAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HG4NriVZDTcTtb2hr02unp298xWmeSFV/tt6Pj8qgPt9WIu3KmvG1lPfvgk3fmkov4xjiyku9LEvl+unhkPOpP6vcVmcGmwtje8v5TcefbB0WGzKjc/OzErtzHdeTfPt6N7VWM82fy7JtsS1eEm7+v78/0XnWR9uD2uf/nHotM0/HExmh5zIcnrvbzSNFPdK9u1f8zaAAAAAAAAAAAAAAAAAAAAgIeyeur0G3fb8fl+kp/eXqjHVa/5L/diqdiX/20vWTyZXO2nGK0kuf3Sb+U3h7a+az8dMEovoyQHP9w81y4p920w/URAkap8nJ3xT/wZAAD//8Wbezo=")
r9 = dup(r8)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x9000)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r8, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f0000000640)={0x0, 0xd000})
ioctl$KVM_NMI(r10, 0xae9a)
ioctl$KVM_RUN(r10, 0xae80, 0x0)

5.773308266s ago: executing program 3 (id=524):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

5.698549063s ago: executing program 5 (id=525):
mkdirat(0xffffffffffffff9c, 0x0, 0x100)
sched_setscheduler(0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000006c0)='net/route\x00')
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)={0x124, r5, 0x5, 0x0, 0x0, {{}, {@void, @val={0xc, 0x99, {0x200, 0x79}}}}, [@beacon=[@NL80211_ATTR_IE_PROBE_RESP={0xe4, 0x7f, [@rann={0x7e, 0x15, {{0x0, 0x4d}, 0x1, 0x2, @device_b, 0xfffffffe, 0x80, 0x5}}, @rann={0x7e, 0x15, {{0x1, 0x7}, 0x7, 0xff, @broadcast, 0x1, 0x0, 0x2}}, @preq={0x82, 0x20, {{0x1, 0x1, 0x1, 0x0, 0x1}, 0x7, 0xcd, 0x7f, @device_b, 0x5, @value=@broadcast, 0x33dc, 0x1}}, @perr={0x84, 0x8e, {0x28, 0x8, [{{0x0, 0x1}, @device_a, 0xbe1, @value, 0x25}, {{0x0, 0x1}, @device_b, 0x303c9bf7, @value=@broadcast, 0x2a}, {{}, @broadcast, 0x0, @void, 0x10}, {{}, @broadcast, 0x2, @void, 0x20}, {{0x0, 0x1}, @device_a, 0x2, @value=@broadcast, 0x30}, {{0x0, 0x1}, @broadcast, 0x5, @value=@device_b, 0x10}, {{0x0, 0x1}, @device_a, 0x8, @value=@broadcast, 0x2e}, {{0x0, 0x1}, @device_b, 0xffffffff, @value=@broadcast, 0x30}]}}]}], @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}, 0x124}}, 0x0)

5.264807583s ago: executing program 0 (id=526):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
r3 = open(&(0x7f00000000c0)='./file0\x00', 0x200, 0x40)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
setsockopt$packet_rx_ring(r4, 0x107, 0x5, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000500)="c0b40cc56a4aba3059d9cc40749e5c8ec3e402ed59b4eae733e4e767f419a66d49a51a05de717f971521674ec319455bfa8557695dd2993c12a98457b720b124ed76489721086049fe10c30f7b8de934ab13c686f0357e55d3ebcb99e5cfe507d6c4f8a8b1abc50447ff22455feb01439a2a9119aece4590d2baa2f1ded541213ca504a08838761931a80554c0e1a51c6d6fe44aa91aca3304e937b935835e9b1a0d42c5338df565704a0500000000000000000000005cf2825daabc9c248696e979d1b54a9f7dc384546ed4eb8c8b5232c8cd1cf017192719ee963925fde301e7d8dbffd3e14184cef9ae3366cc7815325b00", &(0x7f0000000340), 0xfe}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x34, 0x0, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0x8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x34}}, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r6, 0xc0182101, 0x0)
r7 = socket$inet6(0x10, 0x3, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e000000"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/12, @ANYRES32=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0, r3, 0x0, 0x3}, 0x18)
sendto$inet6(r7, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000000300)={<r9=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r6, 0x40182103, &(0x7f0000000180)={r9, 0x1, r6, 0x486, 0x80000})

4.93642462s ago: executing program 2 (id=527):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
symlink(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

4.63227922s ago: executing program 1 (id=528):
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, 0x0, 0x8084)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0xfff1}, {0x4}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}}, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000300)=0x14)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r5)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228671, 0x3, 0x25dfdbf8, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0xffe2, 0xe}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, {0x6, 0x0, 0x0, 0x8, 0x0, 0x1}}}}]}, 0x78}}, 0x0)

4.27314711s ago: executing program 3 (id=529):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r1)
sendmsg$NFC_CMD_GET_TARGET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0x1}, 0x14}}, 0x24004044)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r1)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r1)
sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r3, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4)

4.213514151s ago: executing program 5 (id=530):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r2, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text16={0x10, &(0x7f0000000500)="0f238926800300260f320fc7740026dbe266b80500000066b9000001000f01d9f0811a0008660f3800bef3a83e0fb1d5d870da", 0x33}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_CPUID2(r5, 0xc008ae91, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000000c0)={[0x0, 0x400000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3, 0x0, 0x0, 0x7, 0x6], 0x0, 0x80})
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x20000010}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.179076343s ago: executing program 2 (id=531):
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a3a2a4e7417e941910c27d130b55ac2d5f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731250f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e5485f36e53c821cb5898685c055a367ea51b653eff6581710f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6603628606afadb04eee58f42f1853f2e8598a5e250e0f4c9a"], 0x1, 0x1506, &(0x7f0000001580)="$eJzs3QuYjtXaOPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiQkp7D+19Ru2/trf5e9/7v92dee+3ddz/Wu+13PvZ613ntm3ud5rpl5v+s6vFaT2tUbEZH4l8CvDylCiBghxCAhRD4hRCCEKB9fPj67P4+ClH/tIOyP9XDa1Z4Bu5q4/jkb1z9n4/rnbFz/nI3rn7Nx/XM2rn/OxvVnLCfbOrPwdbzl3O1fv/8f8+sD3///D1Ik9997Fn73DL//52xc//82p/L8M3tz/f+bXPLe/3MZXP+cjeufs3H9czauf87G9c/ZuP6M5WRX+/4zb1d3u9pff4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGcoaz/jIthPitfbXnxRhjjDHGGGOMsT+Oz321Z8AYY4wxxhhjjLF/PxBSKKFFIHKJ3CJG5BGx4hoRJ64VeUU+ERHXiXhxvcgvbhAFREFRSBQWCaKIKCqMQGEFiVAUE8VFVNwoSoibRKIoKUqJ0sKJMiJJ3CzKiltEOXGrKC9uExXE7aKiqCQqiyriDlFV3CmqibtEdXG3qCFqilqitrhH1BH3irriPlFP3C/qiwdEA/GgaCgeEo3Ew6KxeEQ0EY+KpuIx0Uw0Fy1ES9Hq/yv/JdFTvCx6id4iRfQRfcUrop/oLwaIgWKQeFUMFq+JIeJ1MVQME8PFG2KEeFOMFG+JUWK0GCPeFmPFODFeTBATxSSRKt4Rk8W7Yop4T0wV08R0MUOkiZlilnhfzBZzxFzxgZgnPhTzxQKxUCwS6eIjsVgsERniY7FUfCIyxTKxXKwQK8UqsVqsEWvFOrFebBAbxSaxWWwRW8WnYpvYLnaInWKX2C32iM/EXvG52Ce+EFniy38y/8z/yO8GAgRIkKBBQy7IBTEQA7EQC3EQB3khL0QgAvEQD/khPxSAAlAICkECJEBRKAoICAQExaAYRCEKJaAEJEIilIJS4MBBEiRBWbgFykE5KA/loQJUgIpQCSpBFagCVaEqVINqUB2qQw2oAbWgFtwD98C9UBfqQj2oB/WhPjSABtAQGkIjaASNoTE0gSbQFJpCM2gGLaAFtIJW0BpaQxtoA+2gHbSH9tABOkAyJENH6AidoBN0hs7QBbpAV+gK3aA7dIeX4CV4GV6G3lBD9oG+0Bf6QT8YAANhILwKg+E1eA1eh6EwDIbDG/AGvAkj4TSMgtEwBsZAVTkOxsMEIDkJUiEVJsNkmAJTYCpMg2kwA9JgJsyCWTAb5sAc+ADmwYfwISyABbAI0iEdFsMSyIAMWApnIBOWwXJYASthFayENbAW1sB62ADrYRNsgi2wBT6FT2E7bIedsBN2w274DD6Dz+FzGApZkAX7YT8cgANwEA7CITgEh+EwHIEjcBSOwjE4BsfhBJyEE3AKTsFpOANn4Sych/NwAS7AJbiU/c0vs2mpZS6ZS8bIGBkrY2WcjJN5ZV4ZkREZL+NlfplfFpAFZCFZSCbIBFlUFpUoUZIMZTFZTEZlVJaQJWSiTJSlZCnppJNJMkmWlWVlOVlOlpe3yQrydllRVpJtXRVZRVaV7Vw1eZesLqvLGrKmrCVry9qyjqwj68q6sp6sJ+vL+rKBfFA2lH1gADwssyvTRA6DpnI4NJPNZQvZUr4Jj8vWciS0kW1lO/mkHA2joINs7ZLlM7KjHA+d5HNyAjwvu8hJ0FW+KLvJ7rKHfEn2lG1cL9lbToU+sq+cAf1kfzlADpSzoabMrlgt+bocKofJ4fINuQjelCPlW3KUHC3HyLflWDlOjpcT5EQ5SabKd+Rk+a6cIt+TU+U0OV3OkGlyppwl35ez5Rw5V34g58kP5Xy5QC6Ui2S6/EgulktkhvxYLpWfyEy5TC6XK+RKuUqulmvkWrlOrpcb5Ea5SW6WW+RW+ancJrfLHXKn3CV3yz3yM7lXfi73yS9klvxS7pd/kgfkV/Kg/Foekt/Iw/JbeUR+J4/K7+Ux+YM8Lk/Ik/JHeUr+JE/LM/KsPCfPy5/lBXlRXpJeCgVKKqW0ClQulVvFqDwqVl2j4tS1Kq/KpyLqOhWvrlf51Q2qgCqoCqnCKkEVUUWVUaisIhWqYqq4iqobVQl1k0pUJVUpVVo5VUYlqZtVWXWLKqduVeXVbaqCul1VVJVUZVVF3aGqqjtVNXWXqq7uVjVUTVVL1Vb3qDrqXlVX3afqqftVffWAaqAeVA3VQ6qRelg1Vo+oJupR1VQ9ppqp5qqFaqlaqcdVa/WEaqPaqnbqSdVePaU6qKdVsnpGdVTPqk7qOdVZPa+6qBdUV/Wi6qa6qx7qorqkvOqleqsU1Uf1Va+ofqq/GqAGqkHqVTVYvaaGqNfVUDVMDVdvqBHqTTVSvaVGqdFqjHpbjVXj1Hg1QU1Uk1SqekdNVu+qKeo9NVVNU9PVDJWmZqoBfx5p7j+Q/+7fyR/yy9G3qK3qU7VNbVc71E61S+1We9QetVftVfvUPpWlstR+tV8dUAfUQXVQHVKH1GF1WB1RR9RRdVQdU8fUcXVCnVM/qlPqJ3VanVFn1Dl1Xp1XF/78GggNWmqltQ50Lp1bx+g8OlZfo+P0tTqvzqcj+jodr6/X+fUNuoAuqAvpwjpBF9FFtdGorSYd6mK6uI7qG3UJfZNO1CV1KV1aO11GJ+mb/+X8K82vlW6lW+vWuo1uo9vpdrq9bq876A46WSfrjrqj7qQ76c66s+6iu+iuuqvuprvpHrqH7ql7ai+ESNEpuq9+RffT/fUAPVAP0q/qwXqwHqKH6KF6qB6uh+sReoQeqUfqUXqUHqPH6LF6rB6vx+uJeqJO1al6sp6sp+gpeqqeqqfr6TpNp+lZepaerWfruXqunqfn6fl6vl6oF+p0na4X68U6Q2fopXqpztTL9DK9Qq/Qq/QqvUav0ev0Or1Bb9Cb9CadqX/7Bc0deofepXfpPXqP3qv36n16n87SWXq/3q8P6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+qT+pQ+pU/r0/qsPqvP6/P6gr6gL+lL2ad9gQxkoAMd5ApyBTFBTBAbxAZxQVyQN8gbRIJIEB/EB/mDG4ICQcGgUFA4SAiKBEUDE2BgAwrCoFhQPIgGNwYlgpuCxKBkUCooHbigTJAU3ByUDW4JygW3BuWD24IKwe1BxaBSUDmoEtwRVA3uDKoFdwXVg7uDGkHNoFZQO7gnqBPcG9QN7gvqBfcH9YMHggbBg0HD4KGgUfBw0Dh4JGgSPBo0DR4LmgXNgxZBy6DVHzq+96cLPuF6md4mxfQxfc0rpp/pbwaYgWaQedUMNq+ZIeZ1M9QMM8PNG2aEedOMNG+ZUWa0GWPeNmPNODPeTDATzSSTat4xk827Zop5z0w108x0M8OkmZlmlnnfzDZzzFzzgZlnPjTzzQKz0Cwy6eYjs9gsMRnmY7PUfGIyzTKz3KwwK80qs9qsMWvNOrPebDAbzSaz2WwxW82nZpvZbnaYnWaX2W32mM/MXvO52We+MFnmS7Pf/MkcMF+Zg+Zrc8h8Yw6bb80R8505ar43x8wP5rg5YU6aH80p85M5bc6Ys+acOW9+NhfMRXPJ+OyT++y3d9SoMRfmwhiMwViMxTiMw7yYFyMYwXiMx/yYHwtgASyEhTABE7AoFsVshITFsBhGMYolsAQmYiKWwlLo0GESJmFZLIvlsByWx/JYAStgRayIlTH7euQOvBPvxLvwLrwb78aaWBNrY22sg3WwLtbFelgP62N9bIANsCE2xEbYCBtjY2yCTbApNsVm2AxbYAtsha2wNbbGNtgG22E7bI/tsQN2wGRMxo7YETthJ+yMnbELdsGu2BW7YTfsgT2wJ/bEXtgLUzAF+2Jf7If9cAAOwEE4CAfjYByCQ3AoDsXhOBxH4AgciSNxFI7GMfg2jsVxOB4n4ESchKmYipNxMk7BKTgVp+J0nI5pmIazcBbOxtk4F+fiPJyH83E+LsSFmI7puBgXYwZm4FJcipmYictxOa7ElbgaV+NaXIvrcT1uxI24GTfjVtyK23Ab7sAduAt34R7cg3txL+7DfZiFWbgf9+MBPIAH8SAewkN4GA/jETyCR/EoHsNjeByPw0k8iafwFJ7G03gWz+J5/Bkv4EW8hB5jbB4ba6+xcfZam9fmszE2T28hxF/iQrawTbBFbFFrbAFb8G9itNYm2pK2lC1tnS1jk+zNv4sr2kq2sq1i77BV7Z222u/iOvZeW9feZ+vZ+21te8/fxPXtA7aBfdQ2tI/ZRra5bWxb2ib2UdvUPmab2ea2hW1p29unbAf7tE22z9iO9tnfxYvtErvWrrPr7Qa7135uz9pz9oj9zp63P9tetrcdZF+1g+1rdoh93Q61w34Xj7Fv27F2nB1vJ9iJdtLv4ul2hk2zM+0s+76dbef8Lk63H9l5NsPOtwvsQrvolzh7Thn2Y7vUfmIz7TK73K6wK+0qu9qu+ctcV9hNdrPdYvfYz+w2u93usDvtLrv7lzh7HfvsFzbLfmkP22/tAfuVPWiP2kP2m1/i7PUdtd/bY/YHe9yesCftj/aU/cmetmd+WX/22n+0F+0l660gIEmKNAWUi3JTDOWhWLqG4uhaykv5KELXUTxdT/npBipABakQFaYEKkJFyRCSJaKQilFxitKNVIJuokQqSaWoNDkqQ0l0M5WlW6gc3Url6TaqQLdTRapElakK3UFV6U6qRndRdbqbalBNqkW16R6qQ/dSXbqP6tH9VJ8eoAb0IDWkh6gRPUyN6RFqQo9SU3qMmlFzakEtqRU9Tq3pCWpDbakdPUnt6SnqQE9TMj1DHelZ6kTPUWd6nrrQC9SVXqRu1J160EvUk16mXtSbUqgP9aVXqB/1pwE0kAbRqzSYXqMh9DoNpWE0nN6gEfQmjaS3aBSNpjH0No2lcTSeJtBEmkSp9A5NpndpCr1HU2kaTacZlEYzaRa9T7NpDs2lD2gefUjzaQEtpEWUTh/RYlpCGfQxLaVPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6lbbSddtBO2kW7aQ99Rnvpc9pHX1AWfUn76U90gL6ig/Q1HaJv6DB9S0foOzpK39Mx+oGO0wk6ST/SKfqJTtMZOkvn6Dz9TBfoIl0iTyKEUIYq1GEQ5hG5w5gwTxgbXhPGhdeGecN8YSS8LowPrw/zhzeEBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8MS4Q3hYlhybBUWDp0YZkwKbw5LBveEpYLbw3Lh7eFFcLbw4phpbByWCW8I6wa3hlWC+8Kq4d3hzXCmmGtsHZ4T1gnvDesG94X1gvvD8uFD4QNwgfDhuFDYaPw4bBx+EjYJHw0bBo+FjYLm4ctwpZhq/DxsHX4RNgmbBu2C58M24dPhR3Cp8Pk8JmwY/jsFftTwj5h3/CV8JXQ+/vUwuiiaHr0o+ji6JJoRvTj6NLoJ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd4+LctS6vy+ci7joX7653+d0NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6G10Jd5NLdCVdKVfaOVfGJbmWrpVr5Vq7J1wb19a1c0+6J91T7in3tHvaPeM6umddJ/ec6+yed13cC+4F96Lr5rq7Hu4l19O97Hq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPua3fIfeMOu2/dEfedO+q+d8fcD+64O+FOuh/dKfeTO+3OuLPunDvvfnYX3EV3yXmXGnknMjnybmRK5L3I1Mi0yPTIjEhaZGZkVuT9yOzInMjcyAeReZEPI/MjCyILI4si6ZGPIosjSyIZkY8jSyOfRDIjyyLLIysiKyOrIt4X2Rb6Yr64j/obfQl/k0/0JX0pX9o7X8Yn+Zt9WX+LL+dv9eX9bb6Cv91X9JV8Zf+Yb+ab+xa+pW/lH/et/RO+jW/r2/knfXv/lO/gn/bJ/hnf0T/rO/nnfGf/vO/iX/Bd/Yu+m+/ue/iXfE//su/le/sU38f39a/4fr6/H+AH+kH+VT/Yv+aH+Nf9UD/MD/dv+BH+TT/Sv+VH+dF+jH/bj/Xj/Hg/wU/0k3yqf8dP9u/6Kf49P9VP89P9DJ/mZ/pZ/n0/28/xc/0Hfp7/0M/3C/xCv8in+4/8Yr/EZ/iP/VL/ic/0y/xyv8Kv9Kv8ar/Gr/Xr/Hq/wW/0m/xmv8Vv9Z/6bX673+F3+l1+t9/jP/N7/ed+n//CZ/kv/X7/J3/Af+UP+q/9If+NP+y/9Uf8d/6o/94f8z/44/6EP+l/9Kf8T/60P+PP+nP+vP/ZX/AX/SX+mzXGGGOMsX+IukJ/n/8lR/653VcIce32wof+Z//GAr+2++dOaB8RQjzTu+vDv201aqSkpPx530wlguILhBCRy/m5xOV4mWgnnhLJoq0o+5f+mL86Vn/Z/TxdYfzobULE/lVOdv5v8eXxb/m76+8vx8274vgLhEgsfjknj7gcXx6/3P8yfsHWVxg/z1epQrT5q5w4cTm+PH6SeEI8K5L/Zk/GGGOMMcYYY+xX/WXlzle6vs2+Pk/Ql3Nyi8vx37s+Z4wxxhhjjDHG2H+W57v3ePrx5OS2nbnx72r4fL++1P8p8+EGN/6BxtX+ycQYY4wxxhj7o10+6b/aM2GMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxnKu/4t/J/bbsa70WYOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYf6v/FwAA//8MsDsX")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getpid()
umount2(&(0x7f0000000080)='.\x00', 0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x18)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)

3.85622138s ago: executing program 3 (id=532):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x0, 0x0, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$loop(0x0, 0x5749, 0x408882)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$KDSKBENT(0xffffffffffffffff, 0x4b47, &(0x7f00000002c0)={0x0, 0x0, 0x27f})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETCARRIER(r4, 0x400454e2, &(0x7f00000002c0))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="540000000906010800000900020073797a310000000005000100070000002c000780060004404e21000005000700ff0000000c000180080001400a0101010c00028008000140e000000200"/84], 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
ioctl$sock_bt_hci(r3, 0x800448d3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
r6 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r6, 0x8108551b, &(0x7f0000000000)={0x0, 0x3f00, "ec9fe44d4dbe56a65274d7c727e7e53c1bb714e315eeb406bfdd73835e57efa94b1a0275781c647aa7e3470c6028642b17832b10b386a6f73791011c26a9aa141f406e312295ee620a9a46577b9249b738fe7750bec83bf6ed5b67213fa7d6c0823fd154ed29ed7eff0d26ff199ee1ff379742c3f0b46caa357d70ee438f901d7645c3f87e4b21482b76f2ad8eaac090272081f98fd2e3e5a63e006204df635e731a5bfcf142f4529517454618de595cd179445b4bdbf698b9986356f0ebf7d25a57774ef474f86a3ad24ae9f0bf94b99e6b87de5f79d383d05bb32701daed400785a49788f08caecc9e0c48a3740bbe6e1c1fd400cfdfe756bcb7d08e36655c"})
ioctl$USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f00000001c0)=@urb_type_interrupt={0x1, {0x1, 0x1}, 0xfffffbff, 0x20, 0x0, 0x0, 0x8, 0x1, 0x0, 0x5, 0x3, 0x0})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x28, 0x2, 0x3, 0x401, 0x1000000, 0x0, {0x2, 0x0, 0x1}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x8}}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x2}}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000010}, 0x20040800)
sendmsg$IPSET_CMD_SAVE(r7, 0x0, 0x0)

2.963308726s ago: executing program 1 (id=533):
r0 = socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000300)={'syztnl0\x00', &(0x7f0000005a00)={'sit0\x00', <r4=>0x0, 0x8000, 0x7, 0x0, 0x4, {{0x14, 0x4, 0x2, 0x6, 0x50, 0x67, 0x0, 0xf3, 0x4, 0x0, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x30}, {[@lsrr={0x83, 0x1f, 0x1b, [@empty, @loopback, @broadcast, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @ssrr={0x89, 0xb, 0xd6, [@private=0xa010101, @loopback]}, @ssrr={0x89, 0xb, 0x47, [@initdev={0xac, 0x1e, 0x0, 0x0}, @empty]}, @noop, @ssrr={0x89, 0x3, 0xa6}, @end, @end]}}}}})
bpf$TOKEN_CREATE(0x24, &(0x7f0000000340)={0x0, r0}, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000005b00)={0xc, 0x5, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r4, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x101}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000000)=r5, 0x4)
socket(0x10, 0x3, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
r7 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x0, 0x0)
fchdir(r8)
mount$overlay(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x10800, &(0x7f0000000c00))
sendmsg$key(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000280)={0x2, 0xb, 0x3, 0x9, 0x2, 0x0, 0x70bd26, 0x25dfdbfe}, 0x10}}, 0x80)

2.521044494s ago: executing program 5 (id=534):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getpid()
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file6\x00', 0xa4)
unlinkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file6\x00', 0x200)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)

2.090917398s ago: executing program 2 (id=535):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xb, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f00000018c0)=ANY=[], 0xfd, 0x1501, &(0x7f0000001900)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXEEXOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//5g1V0w==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)

2.068399133s ago: executing program 5 (id=536):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000180), &(0x7f0000000200)='%pK    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0001000004"], 0x50)

1.983158132s ago: executing program 0 (id=537):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, 0x0, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5}, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_enter\x00', r6}, 0x10)
getitimer(0x2, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="9feb01001800000000000000b8000000b8000000070000000d00ed037b2de3d5c546320000080000047f0000000900000001000000070000000d00000004000000040000000500000005000000000000000c00000001000000760b00000c000000020000000000000005000000020000000100000000000000050000003c0000001000000000000000000000000000000000000003000000000500000003000000000000000a0000000000000c040000001000000000000001000000004e00590201000000000000020400000006000000000000100200000000211e2e5f5f00ae01f78106b2096df091a8a7c371bd60c5612060020ba8cc53f84037254c8ab3f6eccbee33f264eeded1a7515b200f6050a61fe257a5f0c3ef6176b30775b2b4e263911c6175"], 0x0, 0xd7, 0x0, 0x0, 0x1, 0x10000, @value}, 0x28)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0))

1.812485406s ago: executing program 1 (id=538):
r0 = gettid()
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000380))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000040000000800000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
pipe2(&(0x7f0000001440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r5, 0x0, r4, 0x0, 0x3, 0x0)
fcntl$setpipe(r3, 0x4, 0xfffffffffffff000)

567.124392ms ago: executing program 0 (id=539):
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e23, 0x400, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@getstats={0x1c, 0x5e, 0x201, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2}}, 0x1c}}, 0x0)
r2 = bpf$ITER_CREATE(0xb, 0x0, 0x0)
write$cgroup_int(r2, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
syz_clone(0x10eb22f000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x400}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
r7 = syz_open_procfs(0x0, &(0x7f0000000180)='net/arp\x00')
preadv(r7, &(0x7f00000001c0)=[{&(0x7f0000000280)=""/24, 0x18}], 0x1, 0x4f, 0x5)
prlimit64(0x0, 0xe, 0x0, 0x0)
fchdir(r6)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = inotify_init1(0x800)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$setown(r8, 0x8, r9)
syz_open_procfs(0x0, &(0x7f00000008c0)='wchan\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
syz_read_part_table(0x1051, &(0x7f0000000000)="$eJzsz8uNwkAQBNCa9WftIFbaMEiEfHA6RAY5WBo0xiYE4PDeqdTdKqnDR80lSdefStZaa9K/Nj9tkWmYW+qO6VgvKfU3ybBPlvuQsYUpSTlab3/PtNZl3A+3/uS/3dStsDtf3/QmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHy1RwAAAP//7rMRKg==")

404.961255ms ago: executing program 5 (id=540):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff})
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffc4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
close(r0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe15, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffff4b, 0x0}}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000880)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2}, 0x0, 0x0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r2, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a000900", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c0002800800040000000000060006"], 0x4c}}, 0x0)

404.487563ms ago: executing program 1 (id=541):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000b"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f0000000000)="1f8960da4165fefc7502a439f5ddd0f1b46ea59c", 0x14, 0x1, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000040)={'vlan0\x00', {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xffff, 0x0)
socket(0x200000100000011, 0x3, 0x3)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r4, &(0x7f00000001c0)={0x1f, @none, 0x1}, 0xa)
syz_open_procfs$namespace(0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)

71.146181ms ago: executing program 5 (id=542):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="646f74732c646f74732c646f74732c636865636b3d72656c617865642c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030302c6e6f646f74732c646f74732c6e6f646f74732c6e6f646f74732c636865636b3d7374726963742c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c646f74732c646f74732c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c6e6f646f74732c646f74732c666d61736b3d30303030303030303030303030303030303030303030322c6e6f646f74732c646f74732c666c7573682c6e6f646f74732c636865636b3d6e6f726d616c2c0079c7cebee7a0df8765ffc536c4e752679b645307d1bf097e07b8e261bb27d1bb80ee490fc501e4f230ddf1483b11ac5c39a93cfc3ba360037c79a9be063a3bf5015e3d6a8cad0e98ccb29619c51c44ec612fc7ff44fa8cf7759eada764c43ba9d602a958bd209ace3df01c3dae04baa94aedc5515da8160ae0", @ANYRESHEX], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup.cpu/syz0\x00', 0x1ff)

0s ago: executing program 3 (id=543):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000004c0)={0x79, 0x0, 0x3})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r2, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000000c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x3, 0x100000000000, 0x5]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000040)={0x0, 0x7000, 0x1})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

nted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   95.103608][ T5849] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.121536][ T5849] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.131012][ T5849] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.150530][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.162124][ T5931] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   95.162711][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.182495][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.193832][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.203932][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.216005][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.227548][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.261072][ T5858] veth0_macvtap: entered promiscuous mode
[   95.283476][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   95.298695][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.318899][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   95.331663][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.343199][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   95.358883][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.373110][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.404357][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.424739][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.449175][ T5858] veth1_macvtap: entered promiscuous mode
[   96.006653][ T5841] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.019658][ T5841] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.030911][ T5841] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.043859][ T5841] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.089403][ T1164] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.098028][ T5858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.113688][ T1164] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.121892][ T5858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.136718][ T5858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.153512][ T5858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.163846][ T5858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.174976][ T5858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.187983][ T5858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.198486][ T5858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.211312][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.239538][ T5858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.250156][ T5844] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   96.259878][ T5858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.270401][ T5858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.281178][ T5858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.291082][ T5858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.301809][ T5858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.311689][ T5858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.323102][ T5858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.335457][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.369966][ T5858] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.391160][ T5858] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.400122][ T5858] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.408907][ T5858] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.446645][ T5940] loop1: detected capacity change from 0 to 1024
[   96.575420][ T5848] Bluetooth: hci1: command tx timeout
[   96.612871][ T5942] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   96.654493][ T5848] Bluetooth: hci0: command tx timeout
[   96.659939][ T5848] Bluetooth: hci4: command tx timeout
[   96.667462][ T5847] Bluetooth: hci2: command tx timeout
[   96.672895][ T5847] Bluetooth: hci3: command tx timeout
[   96.745849][ T5942] No such timeout policy "syz0"
[   96.810650][ T1164] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.844789][ T1164] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.879895][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.910418][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.156927][ T5945] 8021q: VLANs not supported on ip6gre0
[   97.181219][ T2952] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.627936][ T2952] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.757949][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.770133][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.861683][ T5949] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   97.883728][ T2952] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.927232][ T2952] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.065762][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.073633][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.134629][ T5956] loop3: detected capacity change from 0 to 128
[   98.191424][ T5956] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   98.235770][ T5956] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  100.050871][ T5841] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  100.106116][ T5968] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9'.
[  100.153792][ T5972] loop4: detected capacity change from 0 to 128
[  100.225595][ T5970] FAULT_INJECTION: forcing a failure.
[  100.225595][ T5970] name failslab, interval 1, probability 0, space 0, times 1
[  100.246006][ T5972] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  100.286478][ T5972] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  100.313610][ T5970] CPU: 1 UID: 0 PID: 5970 Comm: syz.0.10 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  100.313638][ T5970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  100.313654][ T5970] Call Trace:
[  100.313662][ T5970]  <TASK>
[  100.313670][ T5970]  dump_stack_lvl+0x241/0x360
[  100.313714][ T5970]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.313743][ T5970]  ? __pfx__printk+0x10/0x10
[  100.313776][ T5970]  ? __pfx___might_resched+0x10/0x10
[  100.313806][ T5970]  should_fail_ex+0x424/0x570
[  100.313842][ T5970]  should_failslab+0xac/0x100
[  100.313874][ T5970]  __kmalloc_noprof+0xdf/0x4d0
[  100.313902][ T5970]  ? tomoyo_realpath_from_path+0xc2/0x5e0
[  100.313925][ T5970]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  100.313955][ T5970]  tomoyo_realpath_from_path+0xcf/0x5e0
[  100.313993][ T5970]  tomoyo_path_number_perm+0x245/0x790
[  100.314017][ T5970]  ? tomoyo_path_number_perm+0x215/0x790
[  100.314039][ T5970]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  100.314067][ T5970]  ? ksys_write+0x24e/0x2d0
[  100.314100][ T5970]  ? __lock_acquire+0xad5/0xd80
[  100.314145][ T5970]  ? __fget_files+0x2a/0x420
[  100.314166][ T5970]  ? __fget_files+0x2a/0x420
[  100.314189][ T5970]  ? __fget_files+0x2a/0x420
[  100.314215][ T5970]  security_file_ioctl+0xc6/0x2a0
[  100.314248][ T5970]  __se_sys_ioctl+0x46/0x160
[  100.314277][ T5970]  do_syscall_64+0xf3/0x230
[  100.314304][ T5970]  ? clear_bhb_loop+0x45/0xa0
[  100.314328][ T5970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.314347][ T5970] RIP: 0033:0x7fe7abd8d169
[  100.314370][ T5970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.314386][ T5970] RSP: 002b:00007fe7acbd3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  100.314407][ T5970] RAX: ffffffffffffffda RBX: 00007fe7abfa5fa0 RCX: 00007fe7abd8d169
[  100.314422][ T5970] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  100.314433][ T5970] RBP: 00007fe7acbd3090 R08: 0000000000000000 R09: 0000000000000000
[  100.314445][ T5970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.314456][ T5970] R13: 0000000000000000 R14: 00007fe7abfa5fa0 R15: 00007ffea3d20098
[  100.314487][ T5970]  </TASK>
[  100.541756][ T5970] ERROR: Out of memory at tomoyo_realpath_from_path.
[  101.580576][ T5858] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  104.039841][ T6001] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  104.229557][ T6004] loop3: detected capacity change from 0 to 256
[  104.774849][ T6004] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input6
[  105.176513][ T6017] loop4: detected capacity change from 0 to 128
[  105.336092][ T6017] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  105.677382][ T6017] ext4 filesystem being mounted at /3/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  108.042100][ T6036] loop1: detected capacity change from 0 to 32768
[  108.051540][ T6036] jfs: Unknown parameter 'qarset'
[  108.204093][ T5858] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  108.383420][ T6038] loop4: detected capacity change from 0 to 512
[  108.503978][ T6038] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  108.555368][ T6038] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  108.621101][ T6038] EXT4-fs error (device loop4): ext4_orphan_get:1390: inode #15: comm syz.4.27: iget: bad extended attribute block 512
[  108.634775][ T6027] loop3: detected capacity change from 0 to 32768
[  108.641962][ T6027] =======================================================
[  108.641962][ T6027] WARNING: The mand mount option has been deprecated and
[  108.641962][ T6027]          and is ignored by this kernel. Remove the mand
[  108.641962][ T6027]          option from the mount to silence this warning.
[  108.641962][ T6027] =======================================================
[  108.688898][ T6038] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.27: couldn't read orphan inode 15 (err -117)
[  108.719018][ T6038] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.851253][ T6027] JBD2: Ignoring recovery information on journal
[  109.164769][ T6048] Zero length message leads to an empty skb
[  109.885552][ T6027] JBD2: journal reset failed
[  109.903391][ T6027] (syz.3.25,6027,1):ocfs2_journal_load:1145 ERROR: Failed to load journal!
[  109.926870][ T6027] (syz.3.25,6027,0):ocfs2_check_volume:2373 ERROR: ocfs2 journal load failed! -4
[  109.940830][ T5858] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.254665][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  110.264512][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  110.405691][ T6056] netlink: 12 bytes leftover after parsing attributes in process `syz.4.30'.
[  110.418083][ T6056] orangefs_devreq_open: device cannot be opened in blocking mode
[  110.484477][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  110.504265][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c0!!!
[  111.295625][ T6045] loop2: detected capacity change from 0 to 32768
[  111.333721][ T6045] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.29 (6045)
[  111.591910][ T6045] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  111.769124][ T6045] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  112.494591][ T6045] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  112.495613][ T6045] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  112.569038][ T6045] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  112.609474][ T6045] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  112.744778][ T6045] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  112.808609][ T6045] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  112.846062][ T6086] loop1: detected capacity change from 0 to 1024
[  112.992989][ T6045] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  112.993350][ T6045] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  113.035049][ T6045] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  115.026944][ T6045] BTRFS error (device loop2): open_ctree failed: -12
[  116.692872][ T6118] FAULT_INJECTION: forcing a failure.
[  116.692872][ T6118] name failslab, interval 1, probability 0, space 0, times 0
[  116.706594][ T6118] CPU: 1 UID: 0 PID: 6118 Comm: syz.2.41 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  116.706621][ T6118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  116.706635][ T6118] Call Trace:
[  116.706643][ T6118]  <TASK>
[  116.706651][ T6118]  dump_stack_lvl+0x241/0x360
[  116.706700][ T6118]  ? __pfx_dump_stack_lvl+0x10/0x10
[  116.706732][ T6118]  ? __pfx__printk+0x10/0x10
[  116.706766][ T6118]  ? __pfx___might_resched+0x10/0x10
[  116.706797][ T6118]  should_fail_ex+0x424/0x570
[  116.706834][ T6118]  should_failslab+0xac/0x100
[  116.706868][ T6118]  __kmalloc_noprof+0xdf/0x4d0
[  116.706897][ T6118]  ? tomoyo_realpath_from_path+0xc2/0x5e0
[  116.706922][ T6118]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  116.706953][ T6118]  tomoyo_realpath_from_path+0xcf/0x5e0
[  116.706993][ T6118]  tomoyo_path_number_perm+0x245/0x790
[  116.707019][ T6118]  ? tomoyo_path_number_perm+0x215/0x790
[  116.707042][ T6118]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  116.707064][ T6118]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  116.707105][ T6118]  ? rcu_read_unlock_special+0x49b/0x570
[  116.707151][ T6118]  ? __rcu_read_unlock+0xa1/0x110
[  116.707170][ T6118]  ? __fget_files+0x2a/0x420
[  116.707196][ T6118]  ? __fget_files+0x2a/0x420
[  116.707235][ T6118]  security_file_ioctl+0xc6/0x2a0
[  116.707267][ T6118]  __se_sys_ioctl+0x46/0x160
[  116.707297][ T6118]  do_syscall_64+0xf3/0x230
[  116.707324][ T6118]  ? clear_bhb_loop+0x45/0xa0
[  116.707348][ T6118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.707368][ T6118] RIP: 0033:0x7f505bd8d169
[  116.707386][ T6118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.707402][ T6118] RSP: 002b:00007f5059bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  116.707423][ T6118] RAX: ffffffffffffffda RBX: 00007f505bfa6160 RCX: 00007f505bd8d169
[  116.707438][ T6118] RDX: 0000000000000000 RSI: 00000000c0403d08 RDI: 0000000000000005
[  116.707451][ T6118] RBP: 00007f5059bf6090 R08: 0000000000000000 R09: 0000000000000000
[  116.707463][ T6118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.707474][ T6118] R13: 0000000000000000 R14: 00007f505bfa6160 R15: 00007ffdf098d4c8
[  116.707506][ T6118]  </TASK>
[  116.707666][ T6118] ERROR: Out of memory at tomoyo_realpath_from_path.
[  119.751220][ T6151] loop1: detected capacity change from 0 to 1024
[  119.759088][ T6151] hfsplus: Unknown parameter '€'
[  121.348910][ T6163] netlink: 32 bytes leftover after parsing attributes in process `syz.1.54'.
[  121.414764][ T6163] gretap0: entered promiscuous mode
[  121.535668][ T6171] loop4: detected capacity change from 0 to 1024
[  121.708804][ T6174] loop1: detected capacity change from 0 to 1024
[  123.592582][ T6185] loop3: detected capacity change from 0 to 256
[  123.655334][ T6185] exfat: Unknown parameter 'appraise'
[  126.432420][ T6212] loop4: detected capacity change from 0 to 1024
[  127.504573][ T6203] loop3: detected capacity change from 0 to 1024
[  127.511605][ T6203] hfsplus: Unknown parameter '€'
[  127.780366][ T6222] loop2: detected capacity change from 0 to 128
[  128.190753][ T6230] netlink: 4 bytes leftover after parsing attributes in process `syz.1.69'.
[  129.516278][ T6222] EXT4-fs (loop2): Test dummy encryption mode enabled
[  129.686460][ T6222] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  129.786660][ T6222] ext4 filesystem being mounted at /11/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  129.800287][ T6245] loop0: detected capacity change from 0 to 16
[  129.826898][ T6245] erofs (device loop0): mounted with root inode @ nid 36.
[  131.353230][ T6222] fscrypt (loop2): Missing crypto API support for AES-256-CBC-CTS (API name: "cts(cbc(aes))")
[  131.568558][ T5853] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  131.608848][   T30] audit: type=1326 audit(1743893943.290:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7abd8d169 code=0x7ffc0000
[  131.927299][   T30] audit: type=1326 audit(1743893943.290:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7abd8d169 code=0x7ffc0000
[  131.954561][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  131.958292][   T30] audit: type=1326 audit(1743893943.470:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fe7abd8d169 code=0x7ffc0000
[  132.082372][   T30] audit: type=1326 audit(1743893943.640:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7abd8d169 code=0x7ffc0000
[  132.153227][   T30] audit: type=1326 audit(1743893943.640:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7abd8d169 code=0x7ffc0000
[  132.175167][    C1] vkms_vblank_simulate: vblank timer overrun
[  132.207879][   T30] audit: type=1326 audit(1743893943.710:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fe7abd8d169 code=0x7ffc0000
[  132.347050][   T30] audit: type=1326 audit(1743893943.710:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7abd8d169 code=0x7ffc0000
[  132.369736][   T30] audit: type=1326 audit(1743893943.710:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7abd8d169 code=0x7ffc0000
[  132.391629][    C1] vkms_vblank_simulate: vblank timer overrun
[  132.397742][   T30] audit: type=1326 audit(1743893943.710:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe7abd8d169 code=0x7ffc0000
[  132.536435][ T6268] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  132.622270][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  132.724843][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  132.827104][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  132.929434][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  133.075297][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  133.081822][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  133.450911][ T6275] loop3: detected capacity change from 0 to 1024
[  133.776089][ T6279] loop4: detected capacity change from 0 to 128
[  133.815178][ T6279] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  133.831373][ T6279] ext4 filesystem being mounted at /17/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  134.277595][ T6283] No such timeout policy "syz0"
[  134.978833][ T5858] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  135.678411][ T6290] FAULT_INJECTION: forcing a failure.
[  135.678411][ T6290] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  136.408538][ T6290] CPU: 0 UID: 0 PID: 6290 Comm: syz.3.83 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  136.408566][ T6290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  136.408578][ T6290] Call Trace:
[  136.408585][ T6290]  <TASK>
[  136.408593][ T6290]  dump_stack_lvl+0x241/0x360
[  136.408639][ T6290]  ? __pfx_dump_stack_lvl+0x10/0x10
[  136.408667][ T6290]  ? __pfx__printk+0x10/0x10
[  136.408706][ T6290]  should_fail_ex+0x424/0x570
[  136.408740][ T6290]  _copy_from_user+0x2d/0xb0
[  136.408765][ T6290]  io_submit_one+0xc3/0x18b0
[  136.408797][ T6290]  ? __lock_acquire+0xad5/0xd80
[  136.408822][ T6290]  ? __pfx_io_submit_one+0x10/0x10
[  136.408858][ T6290]  ? __might_fault+0xaa/0x120
[  136.408880][ T6290]  __se_sys_io_submit+0x17a/0x2e0
[  136.408913][ T6290]  ? __pfx___se_sys_io_submit+0x10/0x10
[  136.408933][ T6290]  ? ksys_write+0x275/0x2d0
[  136.408958][ T6290]  ? do_syscall_64+0xb6/0x230
[  136.408978][ T6290]  do_syscall_64+0xf3/0x230
[  136.408996][ T6290]  ? clear_bhb_loop+0x45/0xa0
[  136.409012][ T6290]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.409024][ T6290] RIP: 0033:0x7fa3af18d169
[  136.409040][ T6290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.409051][ T6290] RSP: 002b:00007fa3afffc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  136.409070][ T6290] RAX: ffffffffffffffda RBX: 00007fa3af3a5fa0 RCX: 00007fa3af18d169
[  136.409079][ T6290] RDX: 0000200000000780 RSI: 0000000000000020 RDI: 00007fa3affb2000
[  136.409088][ T6290] RBP: 00007fa3afffc090 R08: 0000000000000000 R09: 0000000000000000
[  136.409096][ T6290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.409104][ T6290] R13: 0000000000000000 R14: 00007fa3af3a5fa0 R15: 00007ffd9f371aa8
[  136.409123][ T6290]  </TASK>
[  136.694945][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  136.706099][ T6299] loop1: detected capacity change from 0 to 128
[  136.796849][ T6299] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  136.834872][ T6299] ext4 filesystem being mounted at /23/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  137.889888][ T6310] loop4: detected capacity change from 0 to 128
[  137.924581][ T5844] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  138.215368][ T6311] netlink: 32 bytes leftover after parsing attributes in process `syz.2.89'.
[  138.224303][ T6311] gretap0: entered promiscuous mode
[  138.723312][ T6310] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  138.772476][ T6310] ext4 filesystem being mounted at /20/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  140.760248][ T5858] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  141.914230][ T6334] loop1: detected capacity change from 0 to 4096
[  141.995577][ T6337] loop4: detected capacity change from 0 to 128
[  143.395222][ T6337] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  143.799967][ T6337] ext4 filesystem being mounted at /21/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  143.819250][ T6334] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.991689][ T6341] loop0: detected capacity change from 0 to 1024
[  144.026075][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.061156][ T6341] EXT4-fs: Ignoring removed nobh option
[  144.087559][ T6341] EXT4-fs: Ignoring removed bh option
[  144.132119][ T6343] loop3: detected capacity change from 0 to 128
[  144.236345][ T6341] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.417883][ T6350] No such timeout policy "syz0"
[  144.634603][ T6343] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  144.703848][ T6343] ext4 filesystem being mounted at /17/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  145.840854][ T5858] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  146.429038][ T5841] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  146.466118][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.562841][ T6368] loop4: detected capacity change from 0 to 128
[  146.597923][ T6368] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  146.639053][ T6368] ext4 filesystem being mounted at /22/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  148.021449][ T5858] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  149.888036][ T6395] FAULT_INJECTION: forcing a failure.
[  149.888036][ T6395] name failslab, interval 1, probability 0, space 0, times 0
[  149.901016][ T6395] CPU: 1 UID: 0 PID: 6395 Comm: syz.3.109 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  149.901043][ T6395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  149.901056][ T6395] Call Trace:
[  149.901064][ T6395]  <TASK>
[  149.901073][ T6395]  dump_stack_lvl+0x241/0x360
[  149.901112][ T6395]  ? __pfx_dump_stack_lvl+0x10/0x10
[  149.901144][ T6395]  ? __pfx__printk+0x10/0x10
[  149.901177][ T6395]  ? __lock_acquire+0xad5/0xd80
[  149.901205][ T6395]  ? __pfx___might_resched+0x10/0x10
[  149.901236][ T6395]  should_fail_ex+0x424/0x570
[  149.901273][ T6395]  should_failslab+0xac/0x100
[  149.901307][ T6395]  __kvmalloc_node_noprof+0x170/0x5a0
[  149.901340][ T6395]  ? io_sqe_buffers_register+0x176/0x840
[  149.901375][ T6395]  io_sqe_buffers_register+0x176/0x840
[  149.901410][ T6395]  ? __se_sys_io_uring_register+0x244/0x39b0
[  149.901440][ T6395]  ? __pfx___mutex_lock+0x10/0x10
[  149.901468][ T6395]  ? __pfx_io_sqe_buffers_register+0x10/0x10
[  149.901513][ T6395]  ? __fget_files+0x39d/0x420
[  149.901534][ T6395]  ? __fget_files+0x2a/0x420
[  149.901563][ T6395]  __se_sys_io_uring_register+0xe9d/0x39b0
[  149.901604][ T6395]  ? finish_task_switch+0x1e5/0x870
[  149.901622][ T6395]  ? lockdep_hardirqs_on+0x9d/0x150
[  149.901652][ T6395]  ? rcu_is_watching+0x15/0xb0
[  149.901680][ T6395]  ? trace_sched_exit_tp+0x3c/0x120
[  149.901701][ T6395]  ? __schedule+0x1ba6/0x5240
[  149.901727][ T6395]  ? __pfx___se_sys_io_uring_register+0x10/0x10
[  149.901770][ T6395]  ? preempt_schedule_irq+0xfe/0x1c0
[  149.901801][ T6395]  ? __pfx___schedule+0x10/0x10
[  149.901843][ T6395]  ? rcu_is_watching+0x15/0xb0
[  149.901870][ T6395]  ? trace_irq_disable+0x3b/0x120
[  149.901892][ T6395]  ? preempt_schedule_irq+0x145/0x1c0
[  149.901916][ T6395]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  149.901939][ T6395]  ? preempt_schedule_irq+0x145/0x1c0
[  149.901973][ T6395]  ? irqentry_exit+0x63/0x90
[  149.901996][ T6395]  ? lockdep_hardirqs_on+0x9d/0x150
[  149.902034][ T6395]  ? trace_irq_enable+0x2c/0x120
[  149.902061][ T6395]  do_syscall_64+0xf3/0x230
[  149.902088][ T6395]  ? clear_bhb_loop+0x45/0xa0
[  149.902112][ T6395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.902132][ T6395] RIP: 0033:0x7fa3af18d169
[  149.902150][ T6395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.902166][ T6395] RSP: 002b:00007fa3affdb038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  149.902187][ T6395] RAX: ffffffffffffffda RBX: 00007fa3af3a6080 RCX: 00007fa3af18d169
[  149.902202][ T6395] RDX: 00002000000002c0 RSI: 0000000000000000 RDI: 0000000000000008
[  149.902214][ T6395] RBP: 00007fa3affdb090 R08: 0000000000000000 R09: 0000000000000000
[  149.902226][ T6395] R10: 100000000000011a R11: 0000000000000246 R12: 0000000000000001
[  149.902239][ T6395] R13: 0000000000000000 R14: 00007fa3af3a6080 R15: 00007ffd9f371aa8
[  149.902270][ T6395]  </TASK>
[  150.186554][    C1] vkms_vblank_simulate: vblank timer overrun
[  150.330772][ T6397] FAULT_INJECTION: forcing a failure.
[  150.330772][ T6397] name failslab, interval 1, probability 0, space 0, times 0
[  150.344450][ T6397] CPU: 0 UID: 0 PID: 6397 Comm: syz.2.111 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  150.344478][ T6397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  150.344491][ T6397] Call Trace:
[  150.344499][ T6397]  <TASK>
[  150.344508][ T6397]  dump_stack_lvl+0x241/0x360
[  150.344547][ T6397]  ? __pfx_dump_stack_lvl+0x10/0x10
[  150.344579][ T6397]  ? __pfx__printk+0x10/0x10
[  150.344614][ T6397]  ? __pfx___might_resched+0x10/0x10
[  150.344645][ T6397]  should_fail_ex+0x424/0x570
[  150.344682][ T6397]  should_failslab+0xac/0x100
[  150.344716][ T6397]  __kmalloc_noprof+0xdf/0x4d0
[  150.344746][ T6397]  ? tomoyo_realpath_from_path+0xc2/0x5e0
[  150.344771][ T6397]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  150.344803][ T6397]  tomoyo_realpath_from_path+0xcf/0x5e0
[  150.344843][ T6397]  tomoyo_path_number_perm+0x245/0x790
[  150.344869][ T6397]  ? tomoyo_path_number_perm+0x215/0x790
[  150.344893][ T6397]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  150.344922][ T6397]  ? ksys_write+0x24e/0x2d0
[  150.344957][ T6397]  ? __lock_acquire+0xad5/0xd80
[  150.345001][ T6397]  ? __fget_files+0x2a/0x420
[  150.345023][ T6397]  ? __fget_files+0x2a/0x420
[  150.345048][ T6397]  ? __fget_files+0x2a/0x420
[  150.345076][ T6397]  security_file_ioctl+0xc6/0x2a0
[  150.345110][ T6397]  __se_sys_ioctl+0x46/0x160
[  150.345140][ T6397]  do_syscall_64+0xf3/0x230
[  150.345169][ T6397]  ? clear_bhb_loop+0x45/0xa0
[  150.345195][ T6397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.345215][ T6397] RIP: 0033:0x7f505bd8d169
[  150.345233][ T6397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.345250][ T6397] RSP: 002b:00007f505cb37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  150.345278][ T6397] RAX: ffffffffffffffda RBX: 00007f505bfa5fa0 RCX: 00007f505bd8d169
[  150.345294][ T6397] RDX: 0000200000000080 RSI: 00000000c028aa03 RDI: 0000000000000007
[  150.345307][ T6397] RBP: 00007f505cb37090 R08: 0000000000000000 R09: 0000000000000000
[  150.345320][ T6397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.345332][ T6397] R13: 0000000000000000 R14: 00007f505bfa5fa0 R15: 00007ffdf098d4c8
[  150.345364][ T6397]  </TASK>
[  150.345416][ T6397] ERROR: Out of memory at tomoyo_realpath_from_path.
[  150.936303][ T6401] loop0: detected capacity change from 0 to 4096
[  151.756677][  T918] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  151.832073][ T6401] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.852647][ T6401] fs-verity: sha256 using implementation "sha256-avx2"
[  151.976609][  T918] usb 5-1: Using ep0 maxpacket: 16
[  152.025126][  T918] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  152.211555][  T918] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  152.274282][  T918] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  152.354495][  T918] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  152.394285][  T918] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.515413][  T918] usb 5-1: config 0 descriptor??
[  152.636013][ T6414] sctp: failed to load transform for md5: -2
[  153.256971][ T6402] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  153.260481][  T918] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  153.322037][  T918] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  153.341296][  T918] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  153.349837][ T6423] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  153.374678][ T6402] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  153.424685][ T6423] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  153.430741][  T918] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  153.469635][  T918] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  153.500927][  T918] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  153.520610][ T6427] loop3: detected capacity change from 0 to 128
[  153.526739][  T918] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  153.553031][  T918] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  153.592521][  T918] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  153.604185][  T918] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  153.611453][  T918] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  153.623350][ T6427] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  153.639334][ T6427] ext4 filesystem being mounted at /21/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  153.663874][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.666148][  T918] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0001/input/input15
[  153.695493][  T918] microsoft 0003:045E:07DA.0001: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  153.717295][  T918] usb 5-1: USB disconnect, device number 2
[  154.098018][ T6436] FAULT_INJECTION: forcing a failure.
[  154.098018][ T6436] name failslab, interval 1, probability 0, space 0, times 0
[  154.111119][ T6436] CPU: 0 UID: 0 PID: 6436 Comm: syz.1.117 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  154.111145][ T6436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  154.111157][ T6436] Call Trace:
[  154.111165][ T6436]  <TASK>
[  154.111173][ T6436]  dump_stack_lvl+0x241/0x360
[  154.111211][ T6436]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.111241][ T6436]  ? __pfx__printk+0x10/0x10
[  154.111275][ T6436]  ? __pfx___might_resched+0x10/0x10
[  154.111307][ T6436]  should_fail_ex+0x424/0x570
[  154.111350][ T6436]  should_failslab+0xac/0x100
[  154.111383][ T6436]  __kmalloc_cache_noprof+0x73/0x370
[  154.111413][ T6436]  ? futex_lock_pi+0xa12/0xbf0
[  154.111439][ T6436]  futex_lock_pi+0xa12/0xbf0
[  154.111470][ T6436]  ? __pfx_futex_lock_pi+0x10/0x10
[  154.111517][ T6436]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  154.111551][ T6436]  ? __pfx_futex_wake_mark+0x10/0x10
[  154.111583][ T6436]  ? ksys_write+0x24e/0x2d0
[  154.111616][ T6436]  do_futex+0x2d7/0x5a0
[  154.111653][ T6436]  ? __pfx_do_futex+0x10/0x10
[  154.111680][ T6436]  ? __fget_files+0x2a/0x420
[  154.111710][ T6436]  __se_sys_futex+0x436/0x4c0
[  154.111748][ T6436]  ? __pfx___se_sys_futex+0x10/0x10
[  154.111788][ T6436]  ? __x64_sys_futex+0x21/0xf0
[  154.111822][ T6436]  do_syscall_64+0xf3/0x230
[  154.111850][ T6436]  ? clear_bhb_loop+0x45/0xa0
[  154.111875][ T6436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.111894][ T6436] RIP: 0033:0x7fa8c5b8d169
[  154.111912][ T6436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.111928][ T6436] RSP: 002b:00007fa8c69af038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  154.111949][ T6436] RAX: ffffffffffffffda RBX: 00007fa8c5da6160 RCX: 00007fa8c5b8d169
[  154.111964][ T6436] RDX: 0000000000000002 RSI: 000000000000018d RDI: 0000000000000000
[  154.111976][ T6436] RBP: 00007fa8c69af090 R08: 0000000000000000 R09: 0000000000000000
[  154.111988][ T6436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.112000][ T6436] R13: 0000000000000001 R14: 00007fa8c5da6160 R15: 00007ffc76a82a98
[  154.112031][ T6436]  </TASK>
[  155.744957][ T6442] loop1: detected capacity change from 0 to 512
[  156.360802][ T6442] EXT4-fs error (device loop1): ext4_orphan_get:1390: inode #15: comm syz.1.122: casefold flag without casefold feature
[  156.772010][ T6442] EXT4-fs error (device loop1): ext4_orphan_get:1395: comm syz.1.122: couldn't read orphan inode 15 (err -117)
[  156.858752][ T6442] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.067617][ T6442] capability: warning: `syz.1.122' uses deprecated v2 capabilities in a way that may be insecure
[  158.075607][ T5841] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  158.103894][ T6452] loop4: detected capacity change from 0 to 1024
[  158.110928][ T6452] hfsplus: Unknown parameter '€'
[  158.202256][ T6457] loop0: detected capacity change from 0 to 1024
[  158.214847][ T6457] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal
[  158.245070][ T6460] capability: warning: `syz.2.126' uses 32-bit capabilities (legacy support in use)
[  158.381253][ T6465] loop3: detected capacity change from 0 to 16
[  158.408188][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.438280][ T6465] erofs (device loop3): mounted with root inode @ nid 36.
[  158.485781][ T6465] erofs (device loop3): bogus lookback distance 1388 @ lcn 42 of nid 36
[  158.532429][ T6465] erofs (device loop3): failed to decompress -44 in[46, 4050] out[1851]
[  158.616914][ T6467] FAULT_INJECTION: forcing a failure.
[  158.616914][ T6467] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.630111][ T6467] CPU: 0 UID: 0 PID: 6467 Comm: syz.4.127 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  158.630137][ T6467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  158.630149][ T6467] Call Trace:
[  158.630157][ T6467]  <TASK>
[  158.630165][ T6467]  dump_stack_lvl+0x241/0x360
[  158.630222][ T6467]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.630253][ T6467]  ? __pfx__printk+0x10/0x10
[  158.630297][ T6467]  should_fail_ex+0x424/0x570
[  158.630334][ T6467]  _copy_from_user+0x2d/0xb0
[  158.630362][ T6467]  copy_msghdr_from_user+0xb3/0x580
[  158.630396][ T6467]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  158.630420][ T6467]  ? __fget_files+0x2a/0x420
[  158.630445][ T6467]  ? __fget_files+0x2a/0x420
[  158.630477][ T6467]  __sys_sendmsg+0x20a/0x360
[  158.630503][ T6467]  ? __pfx___sys_sendmsg+0x10/0x10
[  158.630583][ T6467]  ? do_syscall_64+0xb6/0x230
[  158.630614][ T6467]  do_syscall_64+0xf3/0x230
[  158.630642][ T6467]  ? clear_bhb_loop+0x45/0xa0
[  158.630667][ T6467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.630687][ T6467] RIP: 0033:0x7f49bed8d169
[  158.630705][ T6467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.630722][ T6467] RSP: 002b:00007f49bfb6c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  158.630744][ T6467] RAX: ffffffffffffffda RBX: 00007f49befa6160 RCX: 00007f49bed8d169
[  158.630759][ T6467] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000008
[  158.630772][ T6467] RBP: 00007f49bfb6c090 R08: 0000000000000000 R09: 0000000000000000
[  158.630784][ T6467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.630796][ T6467] R13: 0000000000000000 R14: 00007f49befa6160 R15: 00007ffe4e10c768
[  158.630829][ T6467]  </TASK>
[  159.026321][ T6465] erofs (device loop3): read error -117 @ 43 of nid 36
[  159.436464][ T6471] erofs (device loop3): bogus lookback distance 1388 @ lcn 42 of nid 36
[  159.713279][ T6471] erofs (device loop3): failed to decompress -44 in[46, 4050] out[1851]
[  160.364608][ T6476] loop4: detected capacity change from 0 to 32768
[  160.376826][ T6471] erofs (device loop3): read error -117 @ 43 of nid 36
[  160.516885][ T6483] loop1: detected capacity change from 0 to 128
[  160.645555][ T6483] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  161.651365][ T6483] ext4 filesystem being mounted at /32/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  162.287794][ T6476] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  162.763409][ T6499] loop0: detected capacity change from 0 to 128
[  162.854213][ T6503] FAULT_INJECTION: forcing a failure.
[  162.854213][ T6503] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  162.867513][ T6503] CPU: 1 UID: 0 PID: 6503 Comm: syz.3.134 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  162.867539][ T6503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  162.867551][ T6503] Call Trace:
[  162.867558][ T6503]  <TASK>
[  162.867566][ T6503]  dump_stack_lvl+0x241/0x360
[  162.867604][ T6503]  ? __pfx_dump_stack_lvl+0x10/0x10
[  162.867634][ T6503]  ? __pfx__printk+0x10/0x10
[  162.867676][ T6503]  should_fail_ex+0x424/0x570
[  162.867712][ T6503]  _copy_from_user+0x2d/0xb0
[  162.867739][ T6503]  io_submit_one+0xc3/0x18b0
[  162.867773][ T6503]  ? __lock_acquire+0xad5/0xd80
[  162.867800][ T6503]  ? __pfx_io_submit_one+0x10/0x10
[  162.867838][ T6503]  ? __might_fault+0xaa/0x120
[  162.867862][ T6503]  __se_sys_io_submit+0x17a/0x2e0
[  162.867896][ T6503]  ? __pfx___se_sys_io_submit+0x10/0x10
[  162.867924][ T6503]  ? ksys_write+0x275/0x2d0
[  162.867962][ T6503]  ? do_syscall_64+0xb6/0x230
[  162.867992][ T6503]  do_syscall_64+0xf3/0x230
[  162.868019][ T6503]  ? clear_bhb_loop+0x45/0xa0
[  162.868043][ T6503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.868062][ T6503] RIP: 0033:0x7fa3af18d169
[  162.868080][ T6503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.868096][ T6503] RSP: 002b:00007fa3affba038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  162.868117][ T6503] RAX: ffffffffffffffda RBX: 00007fa3af3a6160 RCX: 00007fa3af18d169
[  162.868131][ T6503] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 00007fa3aff99000
[  162.868145][ T6503] RBP: 00007fa3affba090 R08: 0000000000000000 R09: 0000000000000000
[  162.868157][ T6503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  162.868168][ T6503] R13: 0000000000000000 R14: 00007fa3af3a6160 R15: 00007ffd9f371aa8
[  162.868199][ T6503]  </TASK>
[  163.301839][ T6500] loop2: detected capacity change from 0 to 2048
[  163.309136][ T6500] EXT4-fs: Ignoring removed mblk_io_submit option
[  163.522122][ T5844] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  163.550449][ T6500] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.575316][    T9] Process accounting resumed
[  163.584499][ T6499] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  163.607399][   T36] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 234: padding at end of block bitmap is not set
[  163.702440][ T6499] ext4 filesystem being mounted at /21/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  163.712792][   T36] EXT4-fs (loop2): Remounting filesystem read-only
[  164.614655][ T6476] syz.4.130 (6476) used greatest stack depth: 18088 bytes left
[  164.693931][ T5849] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  164.856855][ T5858] ocfs2: Unmounting device (7,4) on (node local)
[  164.995235][ T6526] 
: renamed from bond0 (while UP)
[  165.103869][ T6520] loop1: detected capacity change from 0 to 40427
[  165.119113][ T6520] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  165.127091][ T6520] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  165.180082][ T6520] F2FS-fs (loop1): invalid crc value
[  165.271847][ T6520] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  165.279193][ T6520] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  165.442827][ T6526] loop0: detected capacity change from 0 to 4096
[  165.761778][ T6535] Invalid logical block size (5)
[  166.196909][   T30] audit: type=1804 audit(1743893977.450:11): pid=6535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.137" name="/newroot/33/bus/cgroup.stat" dev="loop1" ino=11 res=1 errno=0
[  167.096889][ T6526] Cannot load nls 
[  167.612445][ T6541] loop4: detected capacity change from 0 to 1024
[  167.623233][ T6541] hfsplus: Unknown parameter '€'
[  167.798881][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.810393][ T6062] kworker/u8:11: attempt to access beyond end of device
[  167.810393][ T6062] loop1: rw=1, sector=45096, nr_sectors = 16 limit=40427
[  167.879721][ T6544] FAULT_INJECTION: forcing a failure.
[  167.879721][ T6544] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.892869][ T6544] CPU: 1 UID: 0 PID: 6544 Comm: syz.3.141 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  167.892895][ T6544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  167.892906][ T6544] Call Trace:
[  167.892914][ T6544]  <TASK>
[  167.892922][ T6544]  dump_stack_lvl+0x241/0x360
[  167.892960][ T6544]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.892989][ T6544]  ? __pfx__printk+0x10/0x10
[  167.893031][ T6544]  should_fail_ex+0x424/0x570
[  167.893067][ T6544]  _copy_from_user+0x2d/0xb0
[  167.893103][ T6544]  do_ipt_set_ctl+0x736/0x1260
[  167.893135][ T6544]  ? __pfx___mutex_trylock_common+0x10/0x10
[  167.893164][ T6544]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  167.893207][ T6544]  ? __mutex_unlock_slowpath+0x229/0x800
[  167.893244][ T6544]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  167.893270][ T6544]  ? aa_sk_perm+0x96f/0xac0
[  167.893297][ T6544]  ? ksys_write+0x24e/0x2d0
[  167.893323][ T6544]  ? __pfx_aa_sk_perm+0x10/0x10
[  167.893348][ T6544]  nf_setsockopt+0x295/0x2c0
[  167.893382][ T6544]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  167.893410][ T6544]  do_sock_setsockopt+0x3b1/0x710
[  167.893447][ T6544]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  167.893476][ T6544]  ? __fget_files+0x2a/0x420
[  167.893501][ T6544]  ? __fget_files+0x39d/0x420
[  167.893520][ T6544]  ? __fget_files+0x2a/0x420
[  167.893549][ T6544]  __x64_sys_setsockopt+0x1ee/0x280
[  167.893588][ T6544]  do_syscall_64+0xf3/0x230
[  167.893615][ T6544]  ? clear_bhb_loop+0x45/0xa0
[  167.893640][ T6544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.893659][ T6544] RIP: 0033:0x7fa3af18d169
[  167.893676][ T6544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.893692][ T6544] RSP: 002b:00007fa3affba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  167.893713][ T6544] RAX: ffffffffffffffda RBX: 00007fa3af3a6160 RCX: 00007fa3af18d169
[  167.893728][ T6544] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006
[  167.893739][ T6544] RBP: 00007fa3affba090 R08: 0000000000000360 R09: 0000000000000000
[  167.893751][ T6544] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.893763][ T6544] R13: 0000000000000000 R14: 00007fa3af3a6160 R15: 00007ffd9f371aa8
[  167.893794][ T6544]  </TASK>
[  168.215369][ T6550] loop2: detected capacity change from 0 to 128
[  168.267714][ T6550] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  168.384317][ T5898] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  168.421485][ T6550] ext4 filesystem being mounted at /28/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  168.586223][ T6559] loop0: detected capacity change from 0 to 128
[  168.613073][ T6559] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  168.703038][ T6559] ext4 filesystem being mounted at /25/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  168.724373][ T5898] usb 5-1: device descriptor read/64, error -71
[  169.138419][ T5898] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  169.418645][ T5853] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  169.545338][ T5898] usb 5-1: device descriptor read/64, error -71
[  169.618024][ T6565] No such timeout policy "syz0"
[  170.114569][ T5898] usb usb5-port1: attempt power cycle
[  170.261999][ T5849] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  170.355694][ T6570] loop2: detected capacity change from 0 to 128
[  170.413700][ T6570] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  170.633722][ T6570] ext4 filesystem being mounted at /29/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  170.984420][ T5898] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  171.254656][ T5898] usb 5-1: device descriptor read/8, error -71
[  171.881119][    T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  171.999614][ T5853] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  172.764237][    T9] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  172.803677][    T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  173.202847][ T6590] loop1: detected capacity change from 0 to 1024
[  173.211663][ T6590] hfsplus: Unknown parameter '€'
[  173.242440][    T9] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  173.299207][ T6587] loop4: detected capacity change from 0 to 32768
[  173.306677][ T6587] jfs: Unknown parameter 'qarset'
[  173.373038][    T9] usb 1-1: config 1 has no interface number 1
[  173.449043][    T9] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  173.628095][ T6594] loop2: detected capacity change from 0 to 1024
[  173.653271][    T9] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  173.753403][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.783610][    T9] usb 1-1: Product: syz
[  173.833447][    T9] usb 1-1: Manufacturer: syz
[  173.859205][    T9] usb 1-1: SerialNumber: syz
[  174.286154][ T6599] loop1: detected capacity change from 0 to 4096
[  175.121401][ T6599] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.313765][   T30] audit: type=1800 audit(1743893987.860:12): pid=6599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.156" name="file3" dev="loop1" ino=16 res=0 errno=0
[  176.332915][    T9] usb 1-1: can't set config #1, error -71
[  176.383609][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.528018][    T9] usb 1-1: USB disconnect, device number 2
[  176.687500][ T6606] loop0: detected capacity change from 0 to 128
[  176.730541][ T6606] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  176.829039][ T6606] ext4 filesystem being mounted at /27/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  176.986197][ T6618] Malformed UNC in devname
[  176.986197][ T6618] 
[  177.014403][ T6618] CIFS: VFS: Malformed UNC in devname
[  177.096351][ T6617] loop4: detected capacity change from 0 to 1024
[  177.107309][ T6617] hfsplus: Unknown parameter '€'
[  177.414181][ T5855] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  177.748077][ T6623] No such timeout policy "syz0"
[  178.412715][ T5855] usb 3-1: Using ep0 maxpacket: 16
[  178.449451][ T5849] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  180.733468][ T5855] usb 3-1: device descriptor read/all, error -71
[  182.497514][ T6642] loop2: detected capacity change from 0 to 32768
[  182.506563][ T6642] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.167 (6642)
[  182.560367][ T6642] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  182.571100][ T6642] BTRFS info (device loop2): using crc32c (crc32c-x86_64) checksum algorithm
[  182.580131][ T6642] BTRFS info (device loop2): disk space caching is enabled
[  182.587882][ T6642] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  182.790082][ T6642] BTRFS info (device loop2): rebuilding free space tree
[  182.846827][ T6642] BTRFS info (device loop2): disabling free space tree
[  182.853885][ T6642] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  182.864303][ T6642] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  183.131907][ T6641] fs-verity: sha512 using implementation "sha512-avx2"
[  183.139909][ T6641] BTRFS info (device loop2): setting compat-ro feature flag for VERITY (0x4)
[  183.428786][ T5853] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  184.296149][ T6676] loop2: detected capacity change from 0 to 1024
[  185.259316][ T6681] loop4: detected capacity change from 0 to 128
[  185.273633][ T6683] loop3: detected capacity change from 0 to 128
[  185.550639][ T6681] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  185.845734][ T6683] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  185.902252][ T6683] ext4 filesystem being mounted at /29/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  186.000914][ T6681] ext4 filesystem being mounted at /36/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  186.460163][ T6693] loop2: detected capacity change from 0 to 128
[  186.569913][ T6693] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  186.663249][ T6693] ext4 filesystem being mounted at /34/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  186.746818][ T6697] No such timeout policy "syz0"
[  187.426252][ T5841] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  187.721069][ T5858] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  188.292569][ T6707] loop3: detected capacity change from 0 to 4096
[  189.994871][ T6707] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.759889][ T6717] loop4: detected capacity change from 0 to 32768
[  190.962535][ T6717] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.181 (6717)
[  191.419679][ T6717] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  191.431798][ T6717] BTRFS info (device loop4): using crc32c (crc32c-x86_64) checksum algorithm
[  191.441051][ T6717] BTRFS info (device loop4): disk space caching is enabled
[  191.448306][ T6717] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  191.532878][ T5853] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  191.557346][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.573580][ T6717] BTRFS info (device loop4): rebuilding free space tree
[  191.598957][ T6717] BTRFS info (device loop4): disabling free space tree
[  191.607283][ T6717] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  191.617407][ T6717] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  191.787447][ T6716] BTRFS info (device loop4): setting compat-ro feature flag for VERITY (0x4)
[  191.799658][ T6738] Malformed UNC in devname
[  191.799658][ T6738] 
[  191.806488][ T6738] CIFS: VFS: Malformed UNC in devname
[  192.251756][ T6745] loop3: detected capacity change from 0 to 1024
[  192.562507][ T5858] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  194.407542][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  194.413869][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  194.693822][ T6762] loop0: detected capacity change from 0 to 128
[  194.754465][   T30] audit: type=1804 audit(1743894005.750:13): pid=6751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.183" name="/newroot/35/file0" dev="fuse" ino=1 res=1 errno=0
[  194.861545][ T6760] loop4: detected capacity change from 0 to 32768
[  194.868882][ T6760] jfs: Unknown parameter 'qarset'
[  194.922359][ T6763] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.188'.
[  195.015245][ T6763] netlink: zone id is out of range
[  195.029834][ T6763] netlink: zone id is out of range
[  195.062093][ T6763] netlink: zone id is out of range
[  195.102293][ T6767] loop3: detected capacity change from 0 to 128
[  195.111162][ T6763] netlink: zone id is out of range
[  195.140650][ T6767] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  195.158136][ T6763] netlink: zone id is out of range
[  195.163432][ T6763] netlink: zone id is out of range
[  195.222844][ T6763] netlink: zone id is out of range
[  195.252790][ T6763] netlink: zone id is out of range
[  195.261532][ T6767] ext4 filesystem being mounted at /33/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  195.303429][ T6763] netlink: get zone limit has 8 unknown bytes
[  195.663280][ T6755] loop2: detected capacity change from 0 to 32768
[  195.897965][ T6773] No such timeout policy "syz0"
[  196.277786][ T6755] workqueue: Failed to create a rescuer kthread for wq "ocfs2_wq": -EINTR
[  196.277885][ T6755] (syz.2.183,6755,1):ocfs2_initialize_super:2226 ERROR: status = -12
[  196.366935][ T6755] (syz.2.183,6755,0):ocfs2_fill_super:1177 ERROR: status = -12
[  196.451273][ T5841] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  198.416581][ T6797] loop3: detected capacity change from 0 to 4096
[  198.965049][ T6787] loop0: detected capacity change from 0 to 32768
[  198.976341][ T6787] jfs: Unknown parameter 'qarset'
[  200.295523][ T6797] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.887052][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.047370][ T6806] Malformed UNC in devname
[  202.047370][ T6806] 
[  202.055105][ T6806] CIFS: VFS: Malformed UNC in devname
[  202.293383][ T6811] loop1: detected capacity change from 0 to 128
[  202.360714][ T6811] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  202.452330][ T6811] ext4 filesystem being mounted at /46/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  202.771111][ T6818] loop3: detected capacity change from 0 to 1024
[  204.734807][ T6820] No such timeout policy "syz0"
[  205.140043][ T6826] loop0: detected capacity change from 0 to 1024
[  205.485753][ T5844] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  208.674766][ T6845] loop3: detected capacity change from 0 to 32768
[  208.682226][ T6845] jfs: Unknown parameter 'qarset'
[  209.896650][ T6854] loop1: detected capacity change from 0 to 32768
[  209.903912][ T6854] jfs: Unknown parameter 'qarset'
[  210.530819][ T6864] loop1: detected capacity change from 0 to 1024
[  210.780691][ T6869] Malformed UNC in devname
[  210.780691][ T6869] 
[  210.787443][ T6869] CIFS: VFS: Malformed UNC in devname
[  212.055511][ T5856] Bluetooth: hci2: command 0x0406 tx timeout
[  212.061873][ T5856] Bluetooth: hci3: command 0x0406 tx timeout
[  212.068613][ T5843] Bluetooth: hci1: command 0x0406 tx timeout
[  212.075240][ T5856] Bluetooth: hci0: command 0x0406 tx timeout
[  213.602049][ T6888] overlayfs: missing 'lowerdir'
[  215.781989][ T6905] Invalid logical block size (5)
[  217.033021][ T6917] loop2: detected capacity change from 0 to 128
[  217.991582][ T6917] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  218.096270][ T6917] ext4 filesystem being mounted at /42/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  218.146067][ T6925] Malformed UNC in devname
[  218.146067][ T6925] 
[  218.152786][ T6925] CIFS: VFS: Malformed UNC in devname
[  218.415867][ T6927] loop1: detected capacity change from 0 to 1024
[  219.113236][ T6934] loop0: detected capacity change from 0 to 8
[  219.148949][ T5853] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  219.688520][ T6939] netlink: 4 bytes leftover after parsing attributes in process `syz.2.231'.
[  222.671068][ T6957] loop3: detected capacity change from 0 to 32768
[  222.681037][ T6957] jfs: Unknown parameter 'qarset'
[  223.311588][ T6959] loop0: detected capacity change from 0 to 40427
[  223.332352][ T6959] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  223.340195][ T6959] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  223.363923][ T6959] F2FS-fs (loop0): invalid crc value
[  223.663369][ T6960] loop2: detected capacity change from 0 to 32768
[  223.670951][ T6960] jfs: Unknown parameter 'qarset'
[  225.373075][ T6976] loop4: detected capacity change from 0 to 32768
[  225.380235][ T6976] jfs: Unknown parameter 'qarset'
[  225.593513][ T6959] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  225.601849][ T6959] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  225.951443][ T6984] Invalid logical block size (5)
[  225.958310][   T30] audit: type=1804 audit(1743894037.640:14): pid=6984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.236" name="/newroot/43/bus/cgroup.stat" dev="loop0" ino=11 res=1 errno=0
[  226.413201][ T6981] loop3: detected capacity change from 0 to 1024
[  226.459307][ T6061] kworker/u8:10: attempt to access beyond end of device
[  226.459307][ T6061] loop0: rw=1, sector=45096, nr_sectors = 16 limit=40427
[  227.368885][ T6989] loop1: detected capacity change from 0 to 1024
[  227.376125][ T6989] hfsplus: Unknown parameter '€'
[  229.932341][ T7010] loop1: detected capacity change from 0 to 32768
[  229.939444][ T7010] jfs: Unknown parameter 'qarset'
[  230.538817][ T7017] Malformed UNC in devname
[  230.538817][ T7017] 
[  230.545887][ T7017] CIFS: VFS: Malformed UNC in devname
[  233.550420][ T7030] loop0: detected capacity change from 0 to 32768
[  233.557562][ T7030] jfs: Unknown parameter 'qarset'
[  235.716852][ T7038] loop3: detected capacity change from 0 to 32768
[  235.723906][ T7038] jfs: Unknown parameter 'qarset'
[  237.100393][ T7049] loop1: detected capacity change from 0 to 1024
[  237.430463][ T7053] loop3: detected capacity change from 0 to 1024
[  237.586871][ T7053] hfsplus: Unknown parameter '€'
[  238.777523][ T7060] loop0: detected capacity change from 0 to 1024
[  242.900446][ T7084] loop1: detected capacity change from 0 to 128
[  243.270335][ T7091] loop0: detected capacity change from 0 to 32768
[  243.440297][ T7091] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.264 (7091)
[  243.957062][ T7091] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  243.967308][ T7091] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  243.976184][ T7091] BTRFS info (device loop0): disk space caching is enabled
[  243.983403][ T7091] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  244.963177][ T7097] loop3: detected capacity change from 0 to 32768
[  244.970352][ T7097] jfs: Unknown parameter 'qarset'
[  245.075416][ T7084] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  245.097205][ T7084] ext4 filesystem being mounted at /63/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  245.451796][ T7105] loop2: detected capacity change from 0 to 1024
[  245.685552][ T7091] BTRFS info (device loop0): rebuilding free space tree
[  245.700849][ T7091] BTRFS info (device loop0): disabling free space tree
[  245.707978][ T7091] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  245.717753][ T7091] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  245.887149][ T7121] No such timeout policy "syz0"
[  247.188770][ T5849] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  247.437545][ T5844] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  247.496508][ T7129] loop4: detected capacity change from 0 to 1024
[  247.840055][ T7135] loop1: detected capacity change from 0 to 2048
[  248.855658][ T7135] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.416251][ T7154] No such timeout policy "syz0"
[  251.299772][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.150809][ T7169] loop0: detected capacity change from 0 to 32768
[  253.158278][ T7169] jfs: Unknown parameter 'qarset'
[  253.370400][ T7172] loop4: detected capacity change from 0 to 32768
[  253.377560][ T7172] jfs: Unknown parameter 'qarset'
[  254.666028][ T7179] loop2: detected capacity change from 0 to 4096
[  254.689109][ T7179] EXT4-fs (loop2): Test dummy encryption mode enabled
[  255.690136][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  255.698197][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  255.719696][ T7179] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.731086][ T7204] loop1: detected capacity change from 0 to 128
[  256.204271][ T7204] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  256.298814][ T7204] ext4 filesystem being mounted at /67/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  257.805204][   T55] Bluetooth: hci4: command 0x0406 tx timeout
[  258.125772][ T5844] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  258.313574][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.420134][ T7218] loop0: detected capacity change from 0 to 2048
[  258.561536][ T7218] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.037542][ T7235] loop3: detected capacity change from 0 to 40427
[  260.151146][ T7235] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  260.159306][ T7235] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  260.617048][ T7235] F2FS-fs (loop3): invalid crc value
[  260.733608][ T7235] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  260.734935][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.744293][ T7235] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  260.789662][ T7237] loop4: detected capacity change from 0 to 32768
[  260.797215][ T7237] jfs: Unknown parameter 'qarset'
[  261.124017][ T7246] Invalid logical block size (5)
[  261.131284][   T30] audit: type=1804 audit(1743894072.810:15): pid=7246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.296" name="/newroot/55/bus/cgroup.stat" dev="loop3" ino=11 res=1 errno=0
[  262.717209][ T7257] loop2: detected capacity change from 0 to 128
[  263.210339][ T7257] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  263.493489][ T7257] ext4 filesystem being mounted at /55/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  265.273930][ T7277] loop4: detected capacity change from 0 to 1024
[  265.589205][ T5853] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  266.471570][ T7289] loop2: detected capacity change from 0 to 1024
[  266.478785][ T7289] hfsplus: Unknown parameter '€'
[  266.997038][ T7283] loop0: detected capacity change from 0 to 1024
[  267.097386][ T7283] hfsplus: Unknown parameter '€'
[  270.403096][ T7321] loop4: detected capacity change from 0 to 128
[  270.801943][ T7324] loop1: detected capacity change from 0 to 128
[  271.525939][ T7321] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  271.565877][ T7324] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  271.760792][ T7333] loop2: detected capacity change from 0 to 32768
[  271.768320][ T7333] jfs: Unknown parameter 'qarset'
[  271.826156][ T7321] ext4 filesystem being mounted at /67/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  272.364554][ T7324] ext4 filesystem being mounted at /75/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  274.736356][ T7342] No such timeout policy "syz0"
[  274.761713][ T5858] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  275.180163][ T5844] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  275.276308][ T7349] loop0: detected capacity change from 0 to 1024
[  276.386858][ T7362] loop2: detected capacity change from 0 to 128
[  276.473278][ T7362] EXT4-fs (loop2): Test dummy encryption mode enabled
[  276.539872][ T7362] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  276.601313][ T7362] ext4 filesystem being mounted at /60/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  277.859385][ T7362] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  279.253104][ T7391] loop1: detected capacity change from 0 to 128
[  279.355354][ T7391] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  279.441073][ T7391] ext4 filesystem being mounted at /79/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  279.609981][ T7362] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx"
[  279.683179][   T30] audit: type=1800 audit(1743894091.350:16): pid=7362 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.326" name="file1" dev="loop2" ino=13 res=0 errno=0
[  279.703470][    C0] vkms_vblank_simulate: vblank timer overrun
[  280.748937][ T5853] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  280.759242][ T7400] loop0: detected capacity change from 0 to 1024
[  280.812837][ T7400] hfsplus: Unknown parameter '€'
[  280.853824][ T7410] loop3: detected capacity change from 0 to 4096
[  281.057633][ T7410] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.329723][ T5844] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  281.500697][ T7415] loop4: detected capacity change from 0 to 128
[  281.810526][ T7415] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  281.996472][ T7415] ext4 filesystem being mounted at /69/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  284.098241][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.115927][ T7428] No such timeout policy "syz0"
[  284.618999][ T5858] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  285.965270][ T7443] loop4: detected capacity change from 0 to 128
[  286.316294][ T7443] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  286.542016][ T7443] ext4 filesystem being mounted at /70/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  286.907669][ T7456] loop1: detected capacity change from 0 to 4096
[  287.404269][ T7458] No such timeout policy "syz0"
[  288.063587][ T7456] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  289.267182][ T5858] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  290.217624][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.378968][ T7473] loop4: detected capacity change from 0 to 128
[  290.428691][ T7473] EXT4-fs (loop4): Test dummy encryption mode enabled
[  290.643090][ T7473] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  290.705739][ T7473] ext4 filesystem being mounted at /71/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  291.344264][   T30] audit: type=1800 audit(1743894103.010:17): pid=7473 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.346" name="file1" dev="loop4" ino=13 res=0 errno=0
[  291.560634][ T7483] loop1: detected capacity change from 0 to 1024
[  291.561593][ T7487] loop3: detected capacity change from 0 to 128
[  291.603523][ T7489] loop2: detected capacity change from 0 to 1024
[  291.610610][ T7489] hfsplus: Unknown parameter '€'
[  291.686838][ T7487] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  291.725567][ T5858] EXT4-fs error (device loop4): ext4_readdir:224: inode #11: comm syz-executor: path /71/mnt/lost+found: directory fails checksum at offset 0
[  291.807122][ T5858] EXT4-fs error (device loop4): ext4_readdir:224: inode #11: comm syz-executor: path /71/mnt/lost+found: directory fails checksum at offset 10240
[  291.834945][ T7487] ext4 filesystem being mounted at /65/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  291.931539][ T5858] EXT4-fs error (device loop4): ext4_readdir:224: inode #11: comm syz-executor: path /71/mnt/lost+found: directory fails checksum at offset 11264
[  292.011496][ T5858] EXT4-fs error (device loop4): ext4_empty_dir:3080: inode #11: comm syz-executor: Directory block failed checksum
[  292.027600][ T5858] EXT4-fs error (device loop4): ext4_readdir:224: inode #11: comm syz-executor: path /71/mnt/lost+found: directory fails checksum at offset 0
[  292.042890][ T5858] EXT4-fs error (device loop4): ext4_readdir:224: inode #11: comm syz-executor: path /71/mnt/lost+found: directory fails checksum at offset 10240
[  293.232183][ T5858] EXT4-fs error (device loop4): ext4_readdir:224: inode #11: comm syz-executor: path /71/mnt/lost+found: directory fails checksum at offset 11264
[  293.256565][ T7494] No such timeout policy "syz0"
[  293.479090][ T5858] EXT4-fs error (device loop4): ext4_empty_dir:3080: inode #11: comm syz-executor: Directory block failed checksum
[  293.532544][ T5858] EXT4-fs error (device loop4): ext4_readdir:224: inode #11: comm syz-executor: path /71/mnt/lost+found: directory fails checksum at offset 0
[  293.652074][ T5858] EXT4-fs error (device loop4): ext4_readdir:224: inode #11: comm syz-executor: path /71/mnt/lost+found: directory fails checksum at offset 10240
[  293.795311][ T5841] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  294.860459][ T7505] loop3: detected capacity change from 0 to 1024
[  295.774633][ T7516] loop1: detected capacity change from 0 to 4096
[  296.014140][ T7516] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.774249][ T5858] EXT4-fs error: 344 callbacks suppressed
[  296.774277][ T5858] EXT4-fs error (device loop4): ext4_readdir:224: inode #11: comm syz-executor: path /71/mnt/lost+found: directory fails checksum at offset 11264
[  297.714916][ T5858] EXT4-fs error (device loop4): ext4_empty_dir:3080: inode #11: comm syz-executor: Directory block failed checksum
[  298.084646][ T5858] EXT4-fs error (device loop4): ext4_readdir:224: inode #11: comm syz-executor: path /71/mnt/lost+found: directory fails checksum at offset 0
[  298.295589][ T7527] loop3: detected capacity change from 0 to 32768
[  298.302930][ T7527] jfs: Unknown parameter 'qarset'
[  298.413495][ T5858] EXT4-fs error (device loop4): ext4_readdir:224: inode #11: comm syz-executor: path /71/mnt/lost+found: directory fails checksum at offset 10240
[  298.447925][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.472033][ T5858] EXT4-fs error (device loop4): ext4_readdir:224: inode #11: comm syz-executor: path /71/mnt/lost+found: directory fails checksum at offset 11264
[  298.806310][ T5858] EXT4-fs error (device loop4): ext4_empty_dir:3080: inode #11: comm syz-executor: Directory block failed checksum
[  299.111178][ T5858] EXT4-fs error (device loop4): ext4_readdir:224: inode #11: comm syz-executor: path /71/mnt/lost+found: directory fails checksum at offset 0
[  299.147376][ T5858] EXT4-fs error (device loop4): ext4_readdir:224: inode #11: comm syz-executor: path /71/mnt/lost+found: directory fails checksum at offset 10240
[  299.180501][ T5858] EXT4-fs error (device loop4): ext4_readdir:224: inode #11: comm syz-executor: path /71/mnt/lost+found: directory fails checksum at offset 11264
[  299.371414][ T5858] EXT4-fs error (device loop4): ext4_empty_dir:3080: inode #11: comm syz-executor: Directory block failed checksum
[  299.381448][ T7538] loop2: detected capacity change from 0 to 128
[  299.539092][ T7538] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  299.679367][ T7538] ext4 filesystem being mounted at /69/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  301.184136][ T7550] No such timeout policy "syz0"
[  301.904138][ T7548] loop1: detected capacity change from 0 to 32768
[  301.915842][ T7548] jfs: Unknown parameter 'qarset'
[  302.139191][ T5853] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  302.679164][ T5858] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  303.466623][ T7561] loop3: detected capacity change from 0 to 128
[  303.604973][ T7561] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  303.888918][ T7561] ext4 filesystem being mounted at /70/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  304.518165][   T36] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.594331][ T7570] loop1: detected capacity change from 0 to 1024
[  304.603425][ T7570] hfsplus: Unknown parameter '€'
[  304.969063][ T7575] No such timeout policy "syz0"
[  305.498306][ T5841] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  305.760392][ T7581] loop0: detected capacity change from 0 to 128
[  305.916399][ T7581] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  305.948709][ T7581] ext4 filesystem being mounted at /66/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  306.042903][ T7579] loop3: detected capacity change from 0 to 40427
[  306.057812][ T7579] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  306.065977][ T7579] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  306.076874][   T36] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.077831][ T7579] F2FS-fs (loop3): invalid crc value
[  307.212569][ T7579] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  307.227827][ T7579] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  307.236300][ T5849] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  307.660508][ T7597] Invalid logical block size (5)
[  308.268093][   T30] audit: type=1804 audit(1743894119.350:18): pid=7597 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.377" name="/newroot/71/bus/cgroup.stat" dev="loop3" ino=11 res=1 errno=0
[  308.326586][   T36] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.367094][ T7599] loop0: detected capacity change from 0 to 128
[  308.567371][ T7599] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  308.604450][   T55] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  308.615251][ T7599] ext4 filesystem being mounted at /67/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  308.631043][   T55] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  308.643302][   T55] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  308.656168][   T36] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.667589][   T55] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  308.776583][   T55] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  309.096101][ T7604] No such timeout policy "syz0"
[  309.788023][ T5849] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  309.975390][ T7610] loop0: detected capacity change from 0 to 128
[  310.213915][ T7610] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  310.249740][ T7610] ext4 filesystem being mounted at /68/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  310.934528][   T55] Bluetooth: hci4: command tx timeout
[  311.071590][ T7615] loop1: detected capacity change from 0 to 32768
[  311.078730][ T7615] jfs: Unknown parameter 'qarset'
[  311.573917][ T7618] No such timeout policy "syz0"
[  312.008986][ T5849] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  312.136950][ T7622] loop3: detected capacity change from 0 to 1024
[  312.817719][   T36] bridge_slave_1: left allmulticast mode
[  312.834285][   T36] bridge_slave_1: left promiscuous mode
[  312.841195][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.359042][   T55] Bluetooth: hci4: command tx timeout
[  313.636185][   T36] bridge_slave_0: left allmulticast mode
[  313.672538][   T36] bridge_slave_0: left promiscuous mode
[  313.697976][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.946507][ T7643] loop3: detected capacity change from 0 to 128
[  313.970065][ T7643] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  314.286303][ T7643] ext4 filesystem being mounted at /73/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  315.005809][ T7650] loop1: detected capacity change from 0 to 128
[  315.209720][ T7654] No such timeout policy "syz0"
[  315.410333][   T55] Bluetooth: hci4: command tx timeout
[  315.587277][ T7650] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  315.635149][ T7650] ext4 filesystem being mounted at /94/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  317.064551][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  317.075876][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  317.455312][   T55] Bluetooth: hci4: command tx timeout
[  317.598741][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  317.679117][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  317.852341][   T36] bond0 (unregistering): Released all slaves
[  319.036087][ T5841] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  319.036497][ T7676] loop2: detected capacity change from 0 to 1024
[  319.060062][ T7676] hfsplus: Unknown parameter '€'
[  319.155804][ T7680] loop0: detected capacity change from 0 to 128
[  319.164641][ T5844] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  319.216597][ T7680] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  319.484798][ T7680] ext4 filesystem being mounted at /71/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  320.238824][ T7699] No such timeout policy "syz0"
[  320.742815][ T5849] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  321.001234][ T7705] loop2: detected capacity change from 0 to 2048
[  321.014498][ T7600] chnl_net:caif_netlink_parms(): no params data found
[  322.246493][ T7705] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  323.843822][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.170473][ T7736] loop2: detected capacity change from 0 to 4096
[  326.530322][ T7736] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  327.595582][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.581336][   T36] hsr_slave_0: left promiscuous mode
[  328.589963][ T7750] loop2: detected capacity change from 0 to 128
[  328.597278][   T36] hsr_slave_1: left promiscuous mode
[  328.619580][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  328.676862][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  328.730866][ T7750] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  328.825941][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  328.833413][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  328.861159][ T7750] ext4 filesystem being mounted at /79/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  328.917092][   T36] veth1_macvtap: left promiscuous mode
[  329.984814][ T7763] No such timeout policy "syz0"
[  330.283339][   T36] veth0_macvtap: left promiscuous mode
[  330.304405][   T36] veth1_vlan: left promiscuous mode
[  330.309914][   T36] veth0_vlan: left promiscuous mode
[  333.127896][ T7787] loop0: detected capacity change from 0 to 2048
[  333.385781][ T7787] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  333.659787][ T7794] netlink: 4 bytes leftover after parsing attributes in process `syz.1.411'.
[  334.549145][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.602145][ T7800] loop3: detected capacity change from 0 to 128
[  334.688216][ T7800] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  334.750322][ T7800] ext4 filesystem being mounted at /77/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  334.977954][ T7803] loop0: detected capacity change from 0 to 40427
[  334.995633][ T7803] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  335.003433][ T7803] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  335.014338][ T7803] F2FS-fs (loop0): invalid crc value
[  335.123216][ T7803] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  335.130504][ T7803] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  335.545998][ T7811] No such timeout policy "syz0"
[  336.001583][ T7813] Invalid logical block size (5)
[  336.401555][   T36] team0 (unregistering): Port device team_slave_1 removed
[  336.473376][   T36] team0 (unregistering): Port device team_slave_0 removed
[  336.565565][ T2952] kworker/u8:8: attempt to access beyond end of device
[  336.565565][ T2952] loop0: rw=1, sector=45096, nr_sectors = 16 limit=40427
[  337.160912][ T5853] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  338.194581][ T5841] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  338.495960][ T7600] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.401378][ T7600] bridge0: port 1(bridge_slave_0) entered disabled state
[  339.408856][ T7600] bridge_slave_0: entered allmulticast mode
[  339.418384][ T7600] bridge_slave_0: entered promiscuous mode
[  339.441279][ T7600] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.469270][ T7600] bridge0: port 2(bridge_slave_1) entered disabled state
[  339.620571][ T7600] bridge_slave_1: entered allmulticast mode
[  339.747344][ T7600] bridge_slave_1: entered promiscuous mode
[  340.674385][ T7839] loop1: detected capacity change from 0 to 32768
[  340.681740][ T7839] jfs: Unknown parameter 'qarset'
[  340.786317][ T7840] loop2: detected capacity change from 0 to 128
[  341.165250][ T7840] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  341.181614][ T7840] ext4 filesystem being mounted at /81/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  341.565828][ T7849] No such timeout policy "syz0"
[  342.189002][ T7600] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  343.011139][ T7600] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  343.048616][ T5853] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  343.246039][ T7860] loop1: detected capacity change from 0 to 1024
[  343.273943][ T7600] team0: Port device team_slave_0 added
[  343.313795][ T7600] team0: Port device team_slave_1 added
[  344.550039][ T7863] loop2: detected capacity change from 0 to 2048
[  344.798292][ T7863] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  345.093844][ T7879] netlink: 4 bytes leftover after parsing attributes in process `syz.0.424'.
[  345.830545][ T7878] loop1: detected capacity change from 0 to 1024
[  345.865952][ T7600] batman_adv: batadv0: Adding interface: batadv_slave_0
[  345.892845][ T7600] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  346.001810][ T7600] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  346.060839][ T7600] batman_adv: batadv0: Adding interface: batadv_slave_1
[  346.070308][ T7600] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  346.159564][ T7600] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  346.411191][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.475726][ T7600] hsr_slave_0: entered promiscuous mode
[  348.452344][ T7892] loop0: detected capacity change from 0 to 32768
[  348.459592][ T7892] jfs: Unknown parameter 'qarset'
[  348.580886][ T7600] hsr_slave_1: entered promiscuous mode
[  348.647573][ T7600] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  348.670830][ T7600] Cannot create hsr debugfs directory
[  349.989711][ T7902] loop2: detected capacity change from 0 to 128
[  351.533927][ T7902] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  351.566957][ T7910] loop3: detected capacity change from 0 to 128
[  351.581255][ T7902] ext4 filesystem being mounted at /84/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  351.612007][ T7910] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  351.716581][ T7910] ext4 filesystem being mounted at /79/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  353.312490][ T7919] No such timeout policy "syz0"
[  353.815980][ T5853] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  353.982727][ T7924] No such timeout policy "syz0"
[  354.234285][ T7921] loop0: detected capacity change from 0 to 2048
[  354.325871][ T7921] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  355.660427][ T5841] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  356.397036][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.630465][ T7600] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  357.794628][ T7600] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  357.806632][ T7951] loop3: detected capacity change from 0 to 4096
[  358.826136][ T7600] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  358.940223][ T7951] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.842071][ T7600] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  360.147476][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  362.268002][ T7600] 8021q: adding VLAN 0 to HW filter on device bond0
[  362.292178][ T7970] loop0: detected capacity change from 0 to 2048
[  362.398815][ T7600] 8021q: adding VLAN 0 to HW filter on device team0
[  362.572699][ T2952] bridge0: port 1(bridge_slave_0) entered blocking state
[  362.579857][ T2952] bridge0: port 1(bridge_slave_0) entered forwarding state
[  362.591296][ T2952] bridge0: port 2(bridge_slave_1) entered blocking state
[  362.598496][ T2952] bridge0: port 2(bridge_slave_1) entered forwarding state
[  362.636338][ T7970] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  363.512228][ T7984] loop3: detected capacity change from 0 to 1024
[  364.986742][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.770695][ T5847] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  367.783911][ T5847] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  367.794671][ T5847] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  367.805356][ T5847] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  367.815645][ T5847] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  368.149233][ T8033] mmap: syz.1.454 (8033) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  368.284507][ T5898] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  368.292829][ T8035] loop0: detected capacity change from 0 to 2048
[  368.466646][ T5898] usb 4-1: Using ep0 maxpacket: 16
[  368.478823][ T8035] Alternate GPT is invalid, using primary GPT.
[  368.505923][ T5898] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  368.524529][ T8035]  loop0: p1 p2 p3
[  368.530592][ T5898] usb 4-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  368.550493][ T5898] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  368.565073][ T5898] usb 4-1: Product: syz
[  368.569273][ T5898] usb 4-1: Manufacturer: syz
[  368.574358][ T5898] usb 4-1: SerialNumber: syz
[  368.582329][ T5898] usb 4-1: config 0 descriptor??
[  368.601563][ T5898] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  368.720573][ T5898] snd-usb-audio 4-1:0.0: probe with driver snd-usb-audio failed with error -2
[  368.778876][ T5893] udevd[5893]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  368.800779][ T5898] usb 4-1: USB disconnect, device number 2
[  368.940282][ T8012] loop2: detected capacity change from 0 to 40427
[  368.963161][ T8012] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  368.973281][ T8012] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  369.035818][ T8012] F2FS-fs (loop2): invalid crc value
[  369.059885][ T8018] chnl_net:caif_netlink_parms(): no params data found
[  369.240282][ T8012] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  369.251410][ T8012] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  369.934224][   T55] Bluetooth: hci5: command tx timeout
[  370.472740][ T8018] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.523700][ T8018] bridge0: port 1(bridge_slave_0) entered disabled state
[  370.550689][ T8018] bridge_slave_0: entered allmulticast mode
[  370.570358][ T8018] bridge_slave_0: entered promiscuous mode
[  370.573428][ T8077] loop0: detected capacity change from 0 to 512
[  370.611491][ T8018] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.627208][ T8077] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  370.635140][   T53] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  370.651715][ T8018] bridge0: port 2(bridge_slave_1) entered disabled state
[  370.679920][ T8018] bridge_slave_1: entered allmulticast mode
[  370.684907][ T8077] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  370.700985][ T8018] bridge_slave_1: entered promiscuous mode
[  370.731558][ T8077] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended
[  370.779371][ T8077] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  370.803624][ T8077] System zones: 0-2, 18-18, 34-34
[  370.827378][   T53] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  370.839856][ T8018] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  370.854168][   T53] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  370.873265][   T53] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  370.885249][ T5853] syz-executor: attempt to access beyond end of device
[  370.885249][ T5853] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  370.893158][   T53] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  370.909475][ T8077] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  370.917578][ T8018] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  370.940694][ T5853] CPU: 0 UID: 0 PID: 5853 Comm: syz-executor Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  370.940721][ T5853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  370.940739][ T5853] Call Trace:
[  370.940747][ T5853]  <TASK>
[  370.940756][ T5853]  dump_stack_lvl+0x241/0x360
[  370.940809][ T5853]  ? __pfx_dump_stack_lvl+0x10/0x10
[  370.940843][ T5853]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  370.940869][ T5853]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  370.940896][ T5853]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  370.940938][ T5853]  f2fs_handle_critical_error+0x392/0x5a0
[  370.940970][ T5853]  f2fs_write_end_io+0x563/0x790
[  370.941004][ T5853]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  370.941034][ T5853]  ? bio_endio+0x7e4/0x890
[  370.941058][ T5853]  ? bio_endio+0x82a/0x890
[  370.941084][ T5853]  __submit_merged_bio+0x2a9/0x710
[  370.941114][ T5853]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  370.941155][ T5853]  f2fs_submit_merged_write_cond+0x29f/0x380
[  370.941210][ T5853]  f2fs_write_data_pages+0x2f99/0x38d0
[  370.941283][ T5853]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  370.941370][ T5853]  ? do_raw_spin_unlock+0x13c/0x8b0
[  370.941428][ T5853]  ? __lock_acquire+0xad5/0xd80
[  370.941459][ T5853]  ? do_raw_spin_lock+0x151/0x370
[  370.941501][ T5853]  ? do_raw_spin_unlock+0x13c/0x8b0
[  370.941537][ T5853]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  370.941564][ T5853]  do_writepages+0x364/0x890
[  370.941599][ T5853]  ? __pfx_do_writepages+0x10/0x10
[  370.941621][ T5853]  ? __lock_acquire+0xad5/0xd80
[  370.941651][ T5853]  ? do_raw_spin_lock+0x151/0x370
[  370.941697][ T5853]  ? do_raw_spin_unlock+0x13c/0x8b0
[  370.941741][ T5853]  filemap_fdatawrite+0x1f2/0x2a0
[  370.941789][ T5853]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  370.941818][ T5853]  ? mlock_drain_local+0x79/0x490
[  370.941902][ T5853]  ? do_raw_spin_unlock+0x13c/0x8b0
[  370.941947][ T5853]  f2fs_sync_dirty_inodes+0x34f/0x860
[  370.941994][ T5853]  f2fs_write_checkpoint+0x857/0x1da0
[  370.942048][ T5853]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  370.942148][ T5853]  ? kill_f2fs_super+0x290/0x6d0
[  370.942182][ T5853]  kill_f2fs_super+0x2b8/0x6d0
[  370.942216][ T5853]  ? __pfx_kill_f2fs_super+0x10/0x10
[  370.942270][ T5853]  ? shrinker_free+0x2ca/0x3d0
[  370.942304][ T5853]  deactivate_locked_super+0xc4/0x130
[  370.942335][ T5853]  cleanup_mnt+0x422/0x4c0
[  370.942361][ T5853]  ? lockdep_hardirqs_on+0x9d/0x150
[  370.942394][ T5853]  task_work_run+0x251/0x310
[  370.942424][ T5853]  ? __pfx_task_work_run+0x10/0x10
[  370.942451][ T5853]  ? syscall_exit_to_user_mode+0xa3/0x340
[  370.942484][ T5853]  syscall_exit_to_user_mode+0x13f/0x340
[  370.942518][ T5853]  do_syscall_64+0x100/0x230
[  370.942547][ T5853]  ? clear_bhb_loop+0x45/0xa0
[  370.942574][ T5853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.942595][ T5853] RIP: 0033:0x7f505bd8e497
[  370.942615][ T5853] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  370.942633][ T5853] RSP: 002b:00007ffdf098c758 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  370.942655][ T5853] RAX: 0000000000000000 RBX: 00007f505be0e08c RCX: 00007f505bd8e497
[  370.942670][ T5853] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdf098c810
[  370.942683][ T5853] RBP: 00007ffdf098c810 R08: 0000000000000000 R09: 0000000000000000
[  370.942697][ T5853] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdf098d8a0
[  370.942711][ T5853] R13: 00007f505be0e08c R14: 000000000005a25e R15: 00007ffdf098d8e0
[  370.942750][ T5853]  </TASK>
[  370.942759][ T5853] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  370.954499][   T53] usb 2-1: SerialNumber: syz
[  371.055081][ T8077] EXT4-fs (loop0): 1 truncate cleaned up
[  371.086302][ T5853] CPU: 0 UID: 0 PID: 5853 Comm: syz-executor Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  371.086335][ T5853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  371.086350][ T5853] Call Trace:
[  371.086359][ T5853]  <TASK>
[  371.086369][ T5853]  dump_stack_lvl+0x241/0x360
[  371.086413][ T5853]  ? __pfx_dump_stack_lvl+0x10/0x10
[  371.086448][ T5853]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  371.086476][ T5853]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  371.086506][ T5853]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  371.086552][ T5853]  f2fs_handle_critical_error+0x392/0x5a0
[  371.086587][ T5853]  f2fs_write_end_io+0x563/0x790
[  371.086624][ T5853]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  371.086657][ T5853]  ? bio_endio+0x7e4/0x890
[  371.086683][ T5853]  ? bio_endio+0x82a/0x890
[  371.086711][ T5853]  __submit_merged_bio+0x2a9/0x710
[  371.086743][ T5853]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  371.086796][ T5853]  f2fs_submit_merged_write_cond+0x29f/0x380
[  371.086850][ T5853]  f2fs_write_data_pages+0x2f99/0x38d0
[  371.086929][ T5853]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  371.087025][ T5853]  ? do_raw_spin_unlock+0x13c/0x8b0
[  371.087087][ T5853]  ? __lock_acquire+0xad5/0xd80
[  371.087119][ T5853]  ? do_raw_spin_lock+0x151/0x370
[  371.087165][ T5853]  ? do_raw_spin_unlock+0x13c/0x8b0
[  371.087205][ T5853]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  371.087234][ T5853]  do_writepages+0x364/0x890
[  371.087273][ T5853]  ? __pfx_do_writepages+0x10/0x10
[  371.087308][ T5853]  ? __lock_acquire+0xad5/0xd80
[  371.087339][ T5853]  ? do_raw_spin_lock+0x151/0x370
[  371.087389][ T5853]  ? do_raw_spin_unlock+0x13c/0x8b0
[  371.087435][ T5853]  filemap_fdatawrite+0x1f2/0x2a0
[  371.087468][ T5853]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  371.087491][ T5853]  ? mlock_drain_local+0x79/0x490
[  371.087576][ T5853]  ? do_raw_spin_unlock+0x13c/0x8b0
[  371.087621][ T5853]  f2fs_sync_dirty_inodes+0x34f/0x860
[  371.087669][ T5853]  f2fs_write_checkpoint+0x857/0x1da0
[  371.087724][ T5853]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  371.087821][ T5853]  ? kill_f2fs_super+0x290/0x6d0
[  371.087855][ T5853]  kill_f2fs_super+0x2b8/0x6d0
[  371.087891][ T5853]  ? __pfx_kill_f2fs_super+0x10/0x10
[  371.087928][ T5853]  ? shrinker_free+0x2ca/0x3d0
[  371.087963][ T5853]  deactivate_locked_super+0xc4/0x130
[  371.087994][ T5853]  cleanup_mnt+0x422/0x4c0
[  371.088020][ T5853]  ? lockdep_hardirqs_on+0x9d/0x150
[  371.088053][ T5853]  task_work_run+0x251/0x310
[  371.088084][ T5853]  ? __pfx_task_work_run+0x10/0x10
[  371.088111][ T5853]  ? syscall_exit_to_user_mode+0xa3/0x340
[  371.088145][ T5853]  syscall_exit_to_user_mode+0x13f/0x340
[  371.088179][ T5853]  do_syscall_64+0x100/0x230
[  371.088209][ T5853]  ? clear_bhb_loop+0x45/0xa0
[  371.088236][ T5853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.088257][ T5853] RIP: 0033:0x7f505bd8e497
[  371.088277][ T5853] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  371.088296][ T5853] RSP: 002b:00007ffdf098c758 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  371.088319][ T5853] RAX: 0000000000000000 RBX: 00007f505be0e08c RCX: 00007f505bd8e497
[  371.088334][ T5853] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdf098c810
[  371.088348][ T5853] RBP: 00007ffdf098c810 R08: 0000000000000000 R09: 0000000000000000
[  371.088362][ T5853] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdf098d8a0
[  371.088376][ T5853] R13: 00007f505be0e08c R14: 000000000005a25e R15: 00007ffdf098d8e0
[  371.088415][ T5853]  </TASK>
[  371.088425][ T5853] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  371.171316][ T8077] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  371.697585][   T53] usb 2-1: 0:2 : does not exist
[  371.745683][   T53] usb 2-1: USB disconnect, device number 2
[  371.776110][ T8018] team0: Port device team_slave_0 added
[  371.863230][ T8018] team0: Port device team_slave_1 added
[  372.014116][   T55] Bluetooth: hci5: command tx timeout
[  372.051712][ T8080] netlink: 25 bytes leftover after parsing attributes in process `syz.3.461'.
[  372.070493][ T8080] gretap0: entered promiscuous mode
[  372.172947][ T8090] netlink: 45349 bytes leftover after parsing attributes in process `syz.3.461'.
[  372.498899][ T5893] udevd[5893]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  372.552324][ T8093] loop1: detected capacity change from 0 to 512
[  372.653154][ T8090] 0ªX¹¦Dö»: renamed from gretap0
[  372.687621][ T8090] 0ªX¹¦Dö»: left promiscuous mode
[  372.692811][ T8090] 0ªX¹¦Dö»: entered allmulticast mode
[  372.768981][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.783493][ T8018] batman_adv: batadv0: Adding interface: batadv_slave_0
[  372.810752][ T8018] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  372.839968][ T8093] EXT4-fs (loop1): failed to initialize system zone (-117)
[  372.874395][ T8093] EXT4-fs (loop1): mount failed
[  372.879336][ T8018] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  372.916345][ T8018] batman_adv: batadv0: Adding interface: batadv_slave_1
[  372.923328][ T8018] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  373.165377][ T8018] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  373.298711][ T8018] hsr_slave_0: entered promiscuous mode
[  373.315378][ T8018] hsr_slave_1: entered promiscuous mode
[  373.331308][ T8018] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  373.340134][ T8018] Cannot create hsr debugfs directory
[  374.094301][   T55] Bluetooth: hci5: command tx timeout
[  374.280350][ T8096] loop3: detected capacity change from 0 to 40427
[  374.310729][ T8096] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  374.370938][ T8096] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  375.305330][ T8096] F2FS-fs (loop3): invalid crc value
[  376.334645][   T55] Bluetooth: hci5: command tx timeout
[  377.313003][ T8096] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  377.340949][ T8096] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  377.535027][ T8161] loop0: detected capacity change from 0 to 512
[  377.552713][ T8161] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  377.589351][ T8165] loop2: detected capacity change from 0 to 1024
[  377.631815][ T8165] EXT4-fs: Ignoring removed nobh option
[  377.647144][ T8165] EXT4-fs: Ignoring removed bh option
[  377.667216][ T8018] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  377.677456][ T8161] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  377.705220][ T8165] EXT4-fs (loop2): can't mount with data_err=abort, fs mounted w/o journal
[  377.733460][ T8161] EXT4-fs (loop0): 1 truncate cleaned up
[  377.748087][ T8018] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  377.788506][ T8161] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  377.930167][ T8018] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  378.090635][ T8018] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  378.202221][ T8176] loop2: detected capacity change from 0 to 512
[  378.391007][ T8176] EXT4-fs (loop2): Test dummy encryption mode enabled
[  378.397962][ T8176] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  378.490721][ T8176] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a000c018, mo2=0002]
[  378.501985][ T8176] System zones: 1-12
[  378.532715][ T8176] EXT4-fs (loop2): 1 truncate cleaned up
[  378.549583][ T8176] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  378.670182][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  378.676778][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  379.042682][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.275072][ T8018] 8021q: adding VLAN 0 to HW filter on device bond0
[  379.359048][ T8018] 8021q: adding VLAN 0 to HW filter on device team0
[  379.516541][ T6061] bridge0: port 1(bridge_slave_0) entered blocking state
[  379.523764][ T6061] bridge0: port 1(bridge_slave_0) entered forwarding state
[  379.615654][ T8192] netlink: 25 bytes leftover after parsing attributes in process `syz.2.479'.
[  379.722481][ T8193] netlink: 45349 bytes leftover after parsing attributes in process `syz.2.479'.
[  380.270777][ T8193] 0ªX¹¦Dö»: renamed from gretap0
[  380.282703][ T8193] 0ªX¹¦Dö»: entered allmulticast mode
[  380.404154][ T6061] bridge0: port 2(bridge_slave_1) entered blocking state
[  380.411372][ T6061] bridge0: port 2(bridge_slave_1) entered forwarding state
[  380.530795][ T8018] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  382.994432][   T30] audit: type=1326 audit(1743894194.360:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.2.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f505bd8d169 code=0x7ffc0000
[  383.320691][ T8018] 8021q: adding VLAN 0 to HW filter on device batadv0
[  383.327929][   T30] audit: type=1326 audit(1743894194.360:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.2.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f505bd8d169 code=0x7ffc0000
[  383.386430][   T30] audit: type=1326 audit(1743894194.370:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.2.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f505bd8d169 code=0x7ffc0000
[  383.473047][   T30] audit: type=1326 audit(1743894194.370:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.2.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f505bd8d169 code=0x7ffc0000
[  383.515628][   T30] audit: type=1326 audit(1743894194.370:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.2.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f505bd8d169 code=0x7ffc0000
[  383.597826][   T30] audit: type=1326 audit(1743894194.370:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.2.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f505bd8d169 code=0x7ffc0000
[  383.707222][   T30] audit: type=1326 audit(1743894194.460:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.2.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f505bd8d169 code=0x7ffc0000
[  383.852859][   T30] audit: type=1326 audit(1743894194.460:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.2.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f505bd8d169 code=0x7ffc0000
[  383.947719][   T30] audit: type=1326 audit(1743894194.650:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.2.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7f505bd8d169 code=0x7ffc0000
[  384.018609][   T30] audit: type=1326 audit(1743894194.650:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.2.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f505bd8d169 code=0x7ffc0000
[  384.322796][ T8249] batadv_slave_1: entered promiscuous mode
[  384.351768][ T8249] netlink: 4 bytes leftover after parsing attributes in process `syz.1.488'.
[  384.420988][ T8018] veth0_vlan: entered promiscuous mode
[  384.466301][ T8018] veth1_vlan: entered promiscuous mode
[  384.486762][ T8249] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  384.558849][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.692189][ T5898] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  384.847767][ T8259] loop3: detected capacity change from 0 to 512
[  384.859241][ T8259] ext4: Bad value for 'resgid'
[  384.864162][ T8259] ext4: Bad value for 'resgid'
[  385.099244][ T8261] loop3: detected capacity change from 0 to 16
[  385.148089][ T5898] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  385.221963][ T5898] usb 3-1: New USB device found, idVendor=0582, idProduct=0000, bcdDevice= 0.00
[  385.297625][ T5898] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.619833][ T8261] erofs (device loop3): mounted with root inode @ nid 36.
[  385.636442][ T8249] batman_adv: batadv0: Removing interface: batadv_slave_1
[  386.142849][ T5898] snd-usb-audio 3-1:27.0: probe with driver snd-usb-audio failed with error -22
[  386.331207][ T6619] udevd[6619]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  386.610649][ T5898] usb 3-1: USB disconnect, device number 4
[  386.843683][ T8259] veth0_vlan: entered allmulticast mode
[  386.861917][ T8260] ªªªªªª: renamed from vlan0
[  387.064451][ T8018] veth0_macvtap: entered promiscuous mode
[  387.101570][ T8018] veth1_macvtap: entered promiscuous mode
[  387.192365][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  387.224096][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.254602][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  387.297477][ T8286] loop3: detected capacity change from 0 to 2048
[  387.304069][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.324912][ T8286] EXT4-fs: inline encryption not supported
[  387.330876][ T8286] EXT4-fs: Ignoring removed mblk_io_submit option
[  387.344089][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  387.387837][ T8286] ext4: Unknown parameter 'audit'
[  387.399215][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.435370][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  387.475421][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.515614][ T8018] batman_adv: batadv0: Interface activated: batadv_slave_0
[  387.563797][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.624414][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.652697][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.683549][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.708987][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.734105][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.765753][ T8018] batman_adv: batadv0: Interface activated: batadv_slave_1
[  387.765972][ T8301] loop2: detected capacity change from 0 to 512
[  387.818836][ T8018] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  387.854562][ T8301] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  387.878503][ T8018] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  387.904196][ T8018] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  387.921956][ T8301] EXT4-fs (loop2): orphan cleanup on readonly fs
[  387.931064][ T8018] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  387.943563][ T8301] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.494: Block bitmap for bg 0 marked uninitialized
[  387.992652][ T8301] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  388.035744][ T8301] EXT4-fs (loop2): 1 orphan inode deleted
[  388.043305][ T8301] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  388.217235][ T8301] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  388.324963][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  388.371390][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  388.397604][ T8301] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  389.176803][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  389.224431][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  389.300367][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.804763][ T8333] loop0: detected capacity change from 0 to 16
[  389.947196][ T8333] erofs (device loop0): mounted with root inode @ nid 36.
[  392.357091][ T8350] loop2: detected capacity change from 0 to 512
[  392.365704][ T8350] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  392.382060][ T8350] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  392.450723][ T8350] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[  392.477848][ T8350] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  392.505443][ T8350] System zones: 0-2, 18-18, 34-34
[  392.546920][ T8350] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  392.618070][ T8350] EXT4-fs (loop2): 1 truncate cleaned up
[  392.636917][ T8350] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  393.678703][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  395.769834][ T8394] loop0: detected capacity change from 0 to 256
[  395.857611][ T8394] exfat: Bad value for 'gid'
[  395.862264][ T8394] exfat: Bad value for 'gid'
[  396.583263][ T8399] xt_hashlimit: Unknown mode mask 100000, kernel too old?
[  397.564122][  T918] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  397.761508][  T918] usb 4-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[  397.788089][  T918] usb 4-1: config 0 interface 0 has no altsetting 0
[  397.809171][  T918] usb 4-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[  397.850429][  T918] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  397.923588][  T918] usb 4-1: config 0 descriptor??
[  397.948003][ T8419] loop0: detected capacity change from 0 to 256
[  397.993920][ T8420] loop5: detected capacity change from 0 to 128
[  398.066045][ T8419] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  398.183327][ T8419] exFAT-fs (loop0): error, data size is invalid(10)
[  398.193552][ T8420] syz.5.519: attempt to access beyond end of device
[  398.193552][ T8420] loop5: rw=2049, sector=145, nr_sectors = 8 limit=128
[  398.237193][ T8419] exFAT-fs (loop0): error, data size is invalid(10)
[  398.285323][ T8420] syz.5.519: attempt to access beyond end of device
[  398.285323][ T8420] loop5: rw=2049, sector=161, nr_sectors = 8 limit=128
[  398.427949][ T8420] syz.5.519: attempt to access beyond end of device
[  398.427949][ T8420] loop5: rw=2049, sector=177, nr_sectors = 8 limit=128
[  398.509506][ T8420] syz.5.519: attempt to access beyond end of device
[  398.509506][ T8420] loop5: rw=2049, sector=193, nr_sectors = 8 limit=128
[  398.578462][ T8420] syz.5.519: attempt to access beyond end of device
[  398.578462][ T8420] loop5: rw=2049, sector=209, nr_sectors = 8 limit=128
[  398.615554][ T8420] syz.5.519: attempt to access beyond end of device
[  398.615554][ T8420] loop5: rw=2049, sector=225, nr_sectors = 8 limit=128
[  398.632566][ T8420] syz.5.519: attempt to access beyond end of device
[  398.632566][ T8420] loop5: rw=2049, sector=241, nr_sectors = 8 limit=128
[  398.648660][ T8420] syz.5.519: attempt to access beyond end of device
[  398.648660][ T8420] loop5: rw=2049, sector=257, nr_sectors = 8 limit=128
[  398.663875][ T8420] syz.5.519: attempt to access beyond end of device
[  398.663875][ T8420] loop5: rw=2049, sector=273, nr_sectors = 8 limit=128
[  398.679198][ T8420] syz.5.519: attempt to access beyond end of device
[  398.679198][ T8420] loop5: rw=2049, sector=289, nr_sectors = 8 limit=128
[  398.997841][ T8440] loop2: detected capacity change from 0 to 2048
[  399.285627][ T8440]  loop2: p1 < > p3
[  399.299659][ T8440] loop2: p3 size 134217728 extends beyond EOD, truncated
[  399.963152][ T5214]  loop2: p1 < > p3
[  400.143253][ T5214] loop2: p3 size 134217728 extends beyond EOD, truncated
[  400.192160][  T918] usbhid 4-1:0.0: can't add hid device: -71
[  400.231982][  T918] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  400.334549][  T918] usb 4-1: USB disconnect, device number 3
[  400.657793][   T55] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  401.817614][ T6619] udevd[6619]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  401.822314][ T5893] udevd[5893]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  401.992393][ T8467] loop2: detected capacity change from 0 to 256
[  402.028429][ T8467] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  402.318419][ T8474] netlink: 12 bytes leftover after parsing attributes in process `syz.1.528'.
[  405.443497][ T8477] netlink: 64 bytes leftover after parsing attributes in process `syz.3.532'.
[  405.688107][ T8510] netlink: 8 bytes leftover after parsing attributes in process `syz.5.540'.
[  406.089176][ T8517] ------------[ cut here ]------------
[  406.094921][ T8517] do not call blocking ops when !TASK_RUNNING; state=1 set at [<ffffffff819c19fc>] prepare_to_wait_event+0x3ac/0x460
[  406.107428][ T8517] WARNING: CPU: 1 PID: 8517 at kernel/sched/core.c:8745 __might_sleep+0xb9/0xe0
[  406.116728][ T8517] Modules linked in:
[  406.120794][ T8517] CPU: 1 UID: 0 PID: 8517 Comm: syz.1.541 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  406.133415][ T8517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  406.144851][ T8517] RIP: 0010:__might_sleep+0xb9/0xe0
[  406.150097][ T8517] Code: b7 0e 01 90 42 80 3c 23 00 74 08 48 89 ef e8 3e 13 9b 00 48 8b 4d 00 48 c7 c7 e0 33 4a 8c 44 89 ee 48 89 ca e8 18 11 f0 ff 90 <0f> 0b 90 90 eb b5 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 70 ff ff ff
[  406.169930][ T8517] RSP: 0018:ffffc90002f0f988 EFLAGS: 00010246
[  406.176302][ T8517] RAX: ba0c972161f84300 RBX: 1ffff11004e102f1 RCX: 0000000000080000
[  406.184561][ T8517] RDX: ffffc9000e269000 RSI: 00000000000170be RDI: 00000000000170bf
[  406.192566][ T8517] RBP: ffff888027081788 R08: ffffffff81828012 R09: fffffbfff1d7a980
[  406.200677][ T8517] R10: dffffc0000000000 R11: fffffbfff1d7a980 R12: dffffc0000000000
[  406.208720][ T8517] R13: 0000000000000001 R14: 0000000000000242 R15: ffffffff8c4ad740
[  406.216767][ T8517] FS:  00007fa8c69af6c0(0000) GS:ffff88812508f000(0000) knlGS:0000000000000000
[  406.225772][ T8517] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  406.232368][ T8517] CR2: 000000110c320478 CR3: 0000000034d88000 CR4: 00000000003526f0
[  406.241523][ T8517] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  406.250494][ T8517] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  406.258536][ T8517] Call Trace:
[  406.261848][ T8517]  <TASK>
[  406.264850][ T8517]  __mutex_lock+0x12c/0x10c0
[  406.269476][ T8517]  ? preempt_schedule_thunk+0x16/0x30
[  406.274955][ T8517]  ? __ceph_open_session+0x471/0xa30
[  406.280274][ T8517]  ? _raw_spin_unlock_irqrestore+0x134/0x140
[  406.286323][ T8517]  ? __pfx___mutex_lock+0x10/0x10
[  406.291405][ T8517]  ? __up_read+0x2c4/0x6b0
[  406.295899][ T8517]  ? prepare_to_wait_event+0x3ac/0x460
[  406.301382][ T8517]  ? prepare_to_wait_event+0x40c/0x460
[  406.306905][ T8517]  __ceph_open_session+0x471/0xa30
[  406.312051][ T8517]  ? bdi_register_va+0x593/0x770
[  406.317097][ T8517]  ? __pfx___ceph_open_session+0x10/0x10
[  406.322772][ T8517]  ? __pfx_autoremove_wake_function+0x10/0x10
[  406.328941][ T8517]  ? sget_fc+0x960/0xa50
[  406.333219][ T8517]  ? __pfx_ceph_set_super+0x10/0x10
[  406.339587][ T8517]  ceph_get_tree+0xac4/0x17b0
[  406.345241][ T8517]  vfs_get_tree+0x90/0x2b0
[  406.349700][ T8517]  vfs_cmd_create+0xa0/0x1f0
[  406.354378][ T8517]  ? __se_sys_fsconfig+0xa14/0xf40
[  406.359582][ T8517]  __se_sys_fsconfig+0xa20/0xf40
[  406.364591][ T8517]  ? __pfx___se_sys_fsconfig+0x10/0x10
[  406.370096][ T8517]  ? __x64_sys_fsconfig+0x20/0xc0
[  406.375214][ T8517]  do_syscall_64+0xf3/0x230
[  406.379777][ T8517]  ? clear_bhb_loop+0x45/0xa0
[  406.384528][ T8517]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.390461][ T8517] RIP: 0033:0x7fa8c5b8d169
[  406.394973][ T8517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.414878][ T8517] RSP: 002b:00007fa8c69af038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  406.423427][ T8517] RAX: ffffffffffffffda RBX: 00007fa8c5da6160 RCX: 00007fa8c5b8d169
[  406.431520][ T8517] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006
[  406.440686][ T8517] RBP: 00007fa8c5c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  406.449714][ T8517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  406.458167][ T8517] R13: 0000000000000000 R14: 00007fa8c5da6160 R15: 00007ffc76a82a98
[  406.466544][ T8517]  </TASK>
[  406.469608][ T8517] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  406.476923][ T8517] CPU: 1 UID: 0 PID: 8517 Comm: syz.1.541 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  406.487982][ T8517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  406.498165][ T8517] Call Trace:
[  406.501483][ T8517]  <TASK>
[  406.504446][ T8517]  dump_stack_lvl+0x241/0x360
[  406.509191][ T8517]  ? __pfx_dump_stack_lvl+0x10/0x10
[  406.514438][ T8517]  ? __pfx__printk+0x10/0x10
[  406.519086][ T8517]  ? vscnprintf+0x5d/0x90
[  406.523478][ T8517]  panic+0x349/0x880
[  406.527425][ T8517]  ? __warn+0x174/0x4d0
[  406.531623][ T8517]  ? __pfx_panic+0x10/0x10
[  406.536094][ T8517]  __warn+0x344/0x4d0
[  406.540125][ T8517]  ? __might_sleep+0xb9/0xe0
[  406.544766][ T8517]  report_bug+0x2b3/0x500
[  406.549108][ T8517]  ? __might_sleep+0xb9/0xe0
[  406.553710][ T8517]  ? __might_sleep+0xb9/0xe0
[  406.558310][ T8517]  ? __might_sleep+0xbb/0xe0
[  406.562903][ T8517]  handle_bug+0x89/0x170
[  406.567165][ T8517]  exc_invalid_op+0x1a/0x50
[  406.571686][ T8517]  asm_exc_invalid_op+0x1a/0x20
[  406.576547][ T8517] RIP: 0010:__might_sleep+0xb9/0xe0
[  406.581792][ T8517] Code: b7 0e 01 90 42 80 3c 23 00 74 08 48 89 ef e8 3e 13 9b 00 48 8b 4d 00 48 c7 c7 e0 33 4a 8c 44 89 ee 48 89 ca e8 18 11 f0 ff 90 <0f> 0b 90 90 eb b5 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 70 ff ff ff
[  406.601405][ T8517] RSP: 0018:ffffc90002f0f988 EFLAGS: 00010246
[  406.607488][ T8517] RAX: ba0c972161f84300 RBX: 1ffff11004e102f1 RCX: 0000000000080000
[  406.615473][ T8517] RDX: ffffc9000e269000 RSI: 00000000000170be RDI: 00000000000170bf
[  406.623460][ T8517] RBP: ffff888027081788 R08: ffffffff81828012 R09: fffffbfff1d7a980
[  406.631531][ T8517] R10: dffffc0000000000 R11: fffffbfff1d7a980 R12: dffffc0000000000
[  406.639512][ T8517] R13: 0000000000000001 R14: 0000000000000242 R15: ffffffff8c4ad740
[  406.647501][ T8517]  ? __warn_printk+0x2a2/0x360
[  406.652285][ T8517]  ? __might_sleep+0xb8/0xe0
[  406.656888][ T8517]  __mutex_lock+0x12c/0x10c0
[  406.661499][ T8517]  ? preempt_schedule_thunk+0x16/0x30
[  406.666885][ T8517]  ? __ceph_open_session+0x471/0xa30
[  406.672185][ T8517]  ? _raw_spin_unlock_irqrestore+0x134/0x140
[  406.678183][ T8517]  ? __pfx___mutex_lock+0x10/0x10
[  406.683218][ T8517]  ? __up_read+0x2c4/0x6b0
[  406.687651][ T8517]  ? prepare_to_wait_event+0x3ac/0x460
[  406.693120][ T8517]  ? prepare_to_wait_event+0x40c/0x460
[  406.698596][ T8517]  __ceph_open_session+0x471/0xa30
[  406.703718][ T8517]  ? bdi_register_va+0x593/0x770
[  406.708683][ T8517]  ? __pfx___ceph_open_session+0x10/0x10
[  406.714329][ T8517]  ? __pfx_autoremove_wake_function+0x10/0x10
[  406.720412][ T8517]  ? sget_fc+0x960/0xa50
[  406.724667][ T8517]  ? __pfx_ceph_set_super+0x10/0x10
[  406.729886][ T8517]  ceph_get_tree+0xac4/0x17b0
[  406.734596][ T8517]  vfs_get_tree+0x90/0x2b0
[  406.739029][ T8517]  vfs_cmd_create+0xa0/0x1f0
[  406.743626][ T8517]  ? __se_sys_fsconfig+0xa14/0xf40
[  406.748753][ T8517]  __se_sys_fsconfig+0xa20/0xf40
[  406.753714][ T8517]  ? __pfx___se_sys_fsconfig+0x10/0x10
[  406.759196][ T8517]  ? __x64_sys_fsconfig+0x20/0xc0
[  406.764236][ T8517]  do_syscall_64+0xf3/0x230
[  406.768754][ T8517]  ? clear_bhb_loop+0x45/0xa0
[  406.773437][ T8517]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.779341][ T8517] RIP: 0033:0x7fa8c5b8d169
[  406.783764][ T8517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.803376][ T8517] RSP: 002b:00007fa8c69af038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  406.811799][ T8517] RAX: ffffffffffffffda RBX: 00007fa8c5da6160 RCX: 00007fa8c5b8d169
[  406.819797][ T8517] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006
[  406.827771][ T8517] RBP: 00007fa8c5c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  406.835748][ T8517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  406.843722][ T8517] R13: 0000000000000000 R14: 00007fa8c5da6160 R15: 00007ffc76a82a98
[  406.851715][ T8517]  </TASK>
[  406.855072][ T8517] Kernel Offset: disabled
[  406.859397][ T8517] Rebooting in 86400 seconds..