last executing test programs:

5m3.426356688s ago: executing program 3 (id=7736):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000040000000400000004000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000080)='ext4_remove_blocks\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0xa08000, &(0x7f0000000240), 0xfe, 0x56b, &(0x7f00000003c0)="$eJzs3U1vG0UfAPD/Om99e56mUlUBBxSpB4pKnSbhpUgcyhFBRSW4FyvZRlWcuoqdqgmVaA/00guqQAhRCfEBuHOs+AJ8ikpQqUJVBAcuQeusWze2Ezd144B/P2mTmd1xZsa7M/6v184GMLAmsh+FiJcj4qsk4nDTtuHIN05slFt7dH02W5JYX//kjySSfF2jfJL/PphnXoqIX76MOFlorbe6srpQKpfTpTw/WVu8MlldWT11abE0n86nl6dnZs68NTP97jtv96yvr5//67uP731w5vbxtW9/enDkThJn41C+rbkfz+FGc2YiJvLnZCTObio41YPK9pKk3w1gR4bycT4S2RxwOIbyUQ/8930REevAgEqMfxhQjTigcW7fo/Pgf42H72+cALX2f3jjvZHYVz83OrCWPHVmlJ3vjveg/qyOn3+/eydbonfvQwBs68bNiDg9PNw6/yX5/Ldzp7sos7kO8x/snntZ/PNGu/in8Dj+iTbxz8E2Y3cnth//hQdtHpb06l3qLP57r238+/ii1fhQnvtfPeYbSS5eKqfZ3Pb/iDgRI2NZfqvrOWfW7q932tYc/2VLVn8jFszb8WB47OnHzJVqpefpc7OHNyNeaY1/h57M//vqse7m/Z89H+e7rONYevfVTtu27/+Ltf5jxGtt9/+TK1rJ1tcnJ+vHw2TjqGj1561jv3aqv9/9z/b/ga37P540X6+tPnsdP+z7O+20bafH/2jyaT09mq+7VqrVlqYiRpOPWtdPP3lsI98on/X/xPGt5792x//+iPisy/7fOnqrY9G9sP/nnmn/P3vi/oeff9+p/u72/5v11Il8TTfzX7cNfJ7nDgAAAAAAAPaaQkQciqRQfJwuFIrFjc93HI0DhXKlWjt5sbJ8eS7q35Udj5FC40r34abPQ0zln4dt5Kc35Wci4khEfD20v54vzlbKc/3uPAAAAAAAAAAAAAAAAAAAAOwRYx2+/5/5bejpsvl/BB/d/VYCL4xbfsPg2nb89+JOT8Ce5PUfBtcOxv83L6IdwO7z+g8DaqTfDQD6yes/DC7jHwaX8Q+Dy/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp/7ly2rK89uj6b5eeuriwvVK6emkurC8XF5dnibGXpSnG+Upkvp8XZyuJ2f69cqVyZmo7la5O1tFqbrK6sXlisLF+uXbi0WJpPL6TuNgQAAAAAAAAAAAAAAAAAAACtqiurC6VyOV2SkNhRYrjLwmPR96YOTOJ2D0Z3nycmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjyTwAAAP//4fE1qw==")
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x5c0c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
lsetxattr$trusted_overlay_redirect(&(0x7f0000000a40)='./file1\x00', &(0x7f0000000a80), &(0x7f0000000ac0)='./file1\x00', 0x8, 0x2)
rename(0x0, &(0x7f00000000c0)='./file1\x00')

4m58.868336467s ago: executing program 3 (id=7746):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "bc4c4244873398a4dbaf40fcee141d15bb69638f747e05bea3129ab81b02447352b404f793053d889e68b293719907746b342a8c2048fa4cda276a840c397fcd"}, 0x48, 0xfffffffffffffffe)
keyctl$setperm(0x5, 0x0, 0x30925)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x6}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000340)={0x0, r1}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x15, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x4, &(0x7f00000002c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@i_version}]}, 0x6, 0x5fd, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvzCYxaaNpRcQWxYCHFqRpUotVL7b1YA8FC/Yg4qGhSWro9gdNCrYWTMGDgoKIV5Fe/Ae8S+/eRFBvnoUqUlFQ6crszrabZDfdttmdNPP5wGTnvZnd9747eZn3dvJ2Aiit8exHGrEj4taJJGKsZdtoNDaO5/vd/OPKyWxJolZ78/ckkjyvuX+SP27NE8MR8f3hiMcrq8tduHT59HS11vBBxN7FM+f3Lly6vGf+zPSp2VOzZ6f2vbT/wOTLU/un1iXOrfnjkaNvPP3ph+++OPdDdU8SB+P44PszsSKO9TIe43ErD7E1fyAiDmQrbd6Xh80mCKHUKvnv42BEPBljUamnGsZi/pNCKwf0VK0SUQNKKtH+oaSa/YDm2L67cfDxHvdK+ufGocYAaHX8A43PRmK4PjbacjNpGRk1PtvYtg7lZ2X8d2Xnl9kSyz6H+Pv20RlYh3I6WboaEU+1iz+p121bPdIs/nTZWD+JiMmIGMrr99oD1CFpWe/F5zBruZf4W49DGhEH88cs//B9lj++It3v+AEop+uH8hP5Upa6c/7L+h7N/k+06f+Mtjl33Y+iz3+d+3/N8/1wvd+TruiHZX2WY+1fcnBlxi8fH/m8U/mt/b9sycpv9gX74cbViJ0r4v8oCzbv/2TxJ22Of7bLiYPdlfH6j78d6bSt6Phr1yJ2tR3/3OmVZmtrXJ/cOzdfnZ1s/GxbxrffvfN1p/KLjj87/ls6xN9y/NOVz8vek/NdlvHNsWtnOm0bvWv86a9DSWO8OZTnvDe9uHhhKmIoOZrv0pK/b+26NPdpvkYW/+7n2rf/Zb//V5e/zkjzT2YXzr91+manbfdz/FsuJt+qdVmHTrL4Z+5+/Fe1/yzvsy7L+Ovti8902rZW/CMPEhgAAAAAAACUUFq/BpukE7fX03RiojFf9onYklbPLSw+P3fu4tmZiN31/4ccTJtXusca6SRLT+X/D9tM71uRfiEitkfEF5WRenri5LnqTNHBAwAAAAAAAAAAAAAAAAAAwAaxNZ//37xP9Z+Vxvx/oCR6eYM5YGPT/qG86u1/1S2egDJw/ofy0v6hvLR/KC/tH8pL+4fy0v6hvLR/KC/tHwAAAAA2pe3PXv85iYilV0bqS2Yo32ZGEGxug0VXAChMpegKAIW5felfZx9Kp6v+/z/5lwP2vjpAAZJ2mfXOQW3txn+97TMBAAAAAAAAAAAAgB7YtaPz/H9zg2FzM+0PyusB5v/76gB4yPnqfygvY3zgbrP4hzttMP8fAAAAAAAAAAAAAPpmtL4k6UQ+F3g00nRiIuLRiNgWg8ncfHV2MiIei4ifKoOPZOmpoisNAAAAAAAAAAAAAAAAAAAAm8zCpcunp6vV2QutK/+uytncK827oPahrFfjHp8VSf/flpGIKPyg9GxloCUniVjKjvyGqNiFhdgY1aivFPyHCQAAAAAAAAAAAAAAAAAASqhl7nF7O7/qc40AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoP/u3P+/dytFxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJz+DwAA///LLUAr")
r5 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd2c, 0xfffffffd, {0x60, 0x0, 0x0, r7, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_ingress={0xc}, @TCA_RATE={0x6, 0x5, {0x3, 0x9}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x44080)
r8 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_SUBMITURB(r8, 0x8038550a, &(0x7f0000000400)=@urb_type_interrupt={0x1, {0x1, 0x1}, 0x0, 0x60, 0x0, 0x0, 0xc, 0x0, 0x3f, 0x5, 0x5f8480, 0x0})
unshare(0x62040200)

4m53.729401904s ago: executing program 3 (id=7749):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
syslog(0x4, 0xfffffffffffffffc, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00'}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00'}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100)={[{@noblock_validity}, {@stripe={'stripe', 0x3d, 0x2}}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x71d}}, {@abort}]}, 0x1, 0x610, &(0x7f0000000a40)="$eJzs3c9rFGcfAPDvTH6avO+bKC+8rz3UQCkKrYmJWqQUau5F7I9/IDVRxGgkSaFRwQjtsfTSQ6GnHmr/i1borfTQaw+9F0FK8VCL1C2zOxs3m93Nz/3h7ucDa+aZmczznTXfPM88eWY2gJ41kf2TRhyNiJtJxFjFtv7IN06U9nv8x51L2SuJQuH935O4czdZrzxWkn8dzb/577FIfk4jjvRtrXdl7da1ucXFheW8PLV6/ebUytqtk1evz11ZuLJwY+aNmXNnz5w9N31qX+c3UGPdN189Taa//fVCEufjWR5bdl7V+w3tq+bsPZuIQsmTyvXZ+3pun8fuFH+OlX9OnkuqV9CxLud5m+XJ/2Is+ir+N8fi03fbGhzQVIUkym0U0HOSOvn/42yj3wzDTYsHaJVyP6B8bV/rOnirtMm9EqAVHs2WBqRKuT8QEeX87y+NDcZwcWxg5HGyaZwniYj9jcyVZHX89MOFT7JX1BmHA5pj/V55lLu6/U+KuTkew8XSyON0c/6vFwpp3hPI1r+3x/onqsryH1pn/V5E/D9v/wdjx/mf5rlbzv8P91i//AcAAAAAAICD82A2Il6vNf8v3Zj/M1hj/s9oRJw/gPq3//tf+jBfSKp2HTyA6qGnPZqNeKvm/N+NOb7jfXnp38X5ALeTy1cXF05FxH8i4kQMDGXl6arjVs4QPvnZkS/r1V85/y97ZfWX5wLmR3rYX3Uj7vzc6tx+zxuIeHQv4qXi/N9j+ZrN83+y9j+p0f5n+X1zh3UcefX+xXrbts9/oFkKX0ccr9n+P+9uJ42fzzFV7A9MlXsFW718+/Pv6tVfnf9NOEWgjqz9H2mc/0NJ5fN6VnZ3/Owi/fRaf6He9r32/weTD/qiYhDg47nV1eXpiMHkna3rZ3YXM3SrPB+ORZ4vWf6feKXx+N9G/78iDw9FxPoO6hveZrv+P7RPlv/zjdv/8c3t/+4XZu6Pf1+v/os7av/PFNv0E/ka439QaevzOHaaoG0JFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABecGlE/CuSdHJjOU0nJyNGI+K/MZIuLq2svnZ56aMb89m2iPEYSMuf9DtWKiflz/8fryjPVJVPR8ThiPii71CxPHlpaXG+3ScPAAAAAAAAAAAAAAAAAAAAHWK0eM9/Yaj6/v/Mb33tjg5ouv78q3yH3tO/5+8sDB1oIEDL7T3/gRdYds2/i/wfaGYsQBvUz/8nTwtFLQ0HaCH9f+hde8x/fy6ALqD9h161wzG94WbHAbSD9h8AAAAAALrK4WMPfkkiYv3NQ8VXZjDfZrI/dLe03QEAbWMOL/Su/qV2RwC0i2t8INlY+qvmzf71Z/8nzQkIAAAAAAAAAAAAANji+FH3/0Ovanz/v7n90M0a3P9fK/k9LgC6SP2P/tD2Q7dzjQ9s19q7/x8AAAAAAAAAAAAAOsDwrWtzi4sLyytrL97C250Rxu4W1uc6IoxdLBTuRjTe51lzah+IiE55E5ZXsmhaVVf5ERxtPOU2/14CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2/BMAAP//cdEbCg==")

4m50.186566777s ago: executing program 3 (id=7752):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x3a)
sendmmsg$inet6(r3, &(0x7f0000000800)=[{{&(0x7f00000004c0)={0xa, 0x4e22, 0x0, @dev={0xfe, 0x80, '\x00', 0x10}, 0xa}, 0x1c, &(0x7f0000000440), 0x0, 0x0, 0x28}}], 0x1, 0x20040000)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000c80)={'lo\x00'})
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000000)={0xd, 0x8, 0x2, 0x3})
r8 = getpid()
sched_setscheduler(r8, 0x1, &(0x7f0000000100)=0x5)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000240)={'\x00', 0x5, 0x2, 0x800, 0x536, 0xfffffffffffffffa, r0})
geteuid()
sendmsg$nl_route_sched(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000600)={0x0}}, 0x4)

4m48.658185421s ago: executing program 3 (id=7758):
mkdir(0x0, 0x0)
mkdir(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x11, &(0x7f0000000480)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x8}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xf9818920}}, @exit, @ldst={0x0, 0x1, 0x0, 0x4, 0xa, 0x80, 0xfffffffffffffffc}, @ldst={0x0, 0x0, 0x1, 0x1, 0x0, 0x40, 0x10}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @alu={0x4, 0x0, 0xb, 0x9, 0x7, 0xfffffffffffffff0}]}, &(0x7f0000000100)='GPL\x00', 0x9, 0x1000, &(0x7f0000000a40)=""/4096, 0x41100, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0xa, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000280)=[0x1, 0x1], &(0x7f0000000300)=[{0x4, 0x5, 0xf, 0x7}], 0x10, 0xe}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x0, 0x6, 0x1fc}})
unshare(0x2040400)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x38, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)

4m45.642930706s ago: executing program 3 (id=7763):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000e5b7030000000700008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3000000, &(0x7f00000003c0)={[{@nolazytime}, {@orlov}, {@acl}, {@norecovery}, {@nojournal_checksum}, {@journal_dev={'journal_dev', 0x3d, 0x5}}]}, 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W9rJHcdAPDvTLJp7i41WxU5C7bFVu6K3m7S2DaKtBVEHxXU+jzGZBNCNtmQ3dRLKJriCxBEVPAF+ETwBQjSlyDCgT4XFUX0Th/qjczuRPNnN1mSTfbcfD4w2d9v/n2/vyE7O39+zARwbb0QEW9FxFhEvBwR08X4tBgW8sp+Z75HD99byocksuydvyWRFOMO1pXXxyPiVmeRmIyIr38l4lvJybjN3b31xXq9tl3Uq62NrWpzd+/e2sbiam21tjk3N/va/Ovzr87PZIULtbMcEW986U8/+v7PvvzGrz7z7d8v/OXud/K0vvCxTt4RsXShAD101l1qb4sD+TbavoxgQ5K3pzQ27CwAAOhHfoz/4Yj4ZPv4fzrG2kdzAAAAwCjJ3pyKfyURGQAAADCy0oiYiiStFH0BpiJNK5VOH96Pxs203mi2Pr3S2NlczqdFlKOUrqzVazNFX+FylJK8Plv0sT2ov3KsPhcRz0TED6dvtOuVpUZ9edgXPwAAAOCauPX80fP/f06n7TIAAAAwYso9KwAAAMCocMoPAAAAo8/5PwAAAIy0r779dj5kB+/xXn53d2e98e695VpzvbKxs1RZamxvVVYbjdX2M/s2zlpfvdHY+mxs7tyvtmrNVrW5u7ew0djZbC2sHXkFNgAAAHCFnnn+g98lEbH/+RvtIYrnAAIc8cdhJwAM0tiwEwCGZnzYCQBDUzpzDnsIGHXJGdNPdt7pXCuMX19OPgAAwODd+fjJ+/8TxbSzrw0A/8/09QGA68fdPbi+SuftAXh70JkAw/KhzsdTvab3fHhHH/f/O9cYsuxciQEAAAMz1R6StFIcp09FmlYqEU+3XwtQSlbW6rWZ4vzgt9Olp/L6bHvJ5Mw+wwAAAAAAAAAAAAAAAAAAAAAAAABAR5YlkQEAAAAjLSL9c9J+mn/EnemXpo5eHTj21q+fvvPj+4ut1vZsxETy9+l81EREtH5SjH8l80oAAAAAeAJ0ztOLz9lhZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn08L2lg+Eq4/71ixFR7hZ/PCbbn5NRioib/0hi/NBySUSMDSD+/vsRcbtb/CQeZ1lWLrLoFv/GJccvtzdN9/hpRNwaQHy4zj7I9z9vdfv+pfFC+7P792+8GC6q9/4v/e/+b6zH/ufpY/Venn3wi2rP+O9HPDveff9zED/pxD8SIq+82Gcbv/mNvb2uEw6tslv8w7GqrY2tanN3797axuJqbbW2OTc3+9r86/Ovzs9UV9bqteJv1zA/+MQvH5/W/ps94pePtv/E9n+pr9Zn8e8H9x9+pFMpdYt/98Xuv7+3e8RPi9++TxXlfPqdg/J+p3zYcz//zXOntX+5R/snz2j/3b7aH597+Wvf+0PXKSe2BgBwFZq7e+uL9Xpt+5TCZB/zXHHhzScjjQEW4slIY1iF7Lud/8eLreeCi58oZBdZfDwGkMbEie/pWJx3hUnEfr6uPv8hAQCAEfO/g/7T7iABAAAAAAAAAAAAAAAAAAAAl+mcjyWbjIi+Zz4ec384TQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONV/AgAA//8FStFZ")
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socket$unix(0x1, 0x5, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20004804)
syz_usb_connect$uac1(0x2, 0x71, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000008c0)=ANY=[@ANYBLOB="24000000190001000000000000c3b2000a0000000002c800000000"], 0x24}, 0x1, 0x0, 0x0, 0x40080}, 0x0)

4m27.227899413s ago: executing program 32 (id=7763):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000e5b7030000000700008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3000000, &(0x7f00000003c0)={[{@nolazytime}, {@orlov}, {@acl}, {@norecovery}, {@nojournal_checksum}, {@journal_dev={'journal_dev', 0x3d, 0x5}}]}, 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W9rJHcdAPDvTLJp7i41WxU5C7bFVu6K3m7S2DaKtBVEHxXU+jzGZBNCNtmQ3dRLKJriCxBEVPAF+ETwBQjSlyDCgT4XFUX0Th/qjczuRPNnN1mSTfbcfD4w2d9v/n2/vyE7O39+zARwbb0QEW9FxFhEvBwR08X4tBgW8sp+Z75HD99byocksuydvyWRFOMO1pXXxyPiVmeRmIyIr38l4lvJybjN3b31xXq9tl3Uq62NrWpzd+/e2sbiam21tjk3N/va/Ovzr87PZIULtbMcEW986U8/+v7PvvzGrz7z7d8v/OXud/K0vvCxTt4RsXShAD101l1qb4sD+TbavoxgQ5K3pzQ27CwAAOhHfoz/4Yj4ZPv4fzrG2kdzAAAAwCjJ3pyKfyURGQAAADCy0oiYiiStFH0BpiJNK5VOH96Pxs203mi2Pr3S2NlczqdFlKOUrqzVazNFX+FylJK8Plv0sT2ov3KsPhcRz0TED6dvtOuVpUZ9edgXPwAAAOCauPX80fP/f06n7TIAAAAwYso9KwAAAMCocMoPAAAAo8/5PwAAAIy0r779dj5kB+/xXn53d2e98e695VpzvbKxs1RZamxvVVYbjdX2M/s2zlpfvdHY+mxs7tyvtmrNVrW5u7ew0djZbC2sHXkFNgAAAHCFnnn+g98lEbH/+RvtIYrnAAIc8cdhJwAM0tiwEwCGZnzYCQBDUzpzDnsIGHXJGdNPdt7pXCuMX19OPgAAwODd+fjJ+/8TxbSzrw0A/8/09QGA68fdPbi+SuftAXh70JkAw/KhzsdTvab3fHhHH/f/O9cYsuxciQEAAAMz1R6StFIcp09FmlYqEU+3XwtQSlbW6rWZ4vzgt9Olp/L6bHvJ5Mw+wwAAAAAAAAAAAAAAAAAAAAAAAABAR5YlkQEAAAAjLSL9c9J+mn/EnemXpo5eHTj21q+fvvPj+4ut1vZsxETy9+l81EREtH5SjH8l80oAAAAAeAJ0ztOLz9lhZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn08L2lg+Eq4/71ixFR7hZ/PCbbn5NRioib/0hi/NBySUSMDSD+/vsRcbtb/CQeZ1lWLrLoFv/GJccvtzdN9/hpRNwaQHy4zj7I9z9vdfv+pfFC+7P792+8GC6q9/4v/e/+b6zH/ufpY/Venn3wi2rP+O9HPDveff9zED/pxD8SIq+82Gcbv/mNvb2uEw6tslv8w7GqrY2tanN3797axuJqbbW2OTc3+9r86/Ovzs9UV9bqteJv1zA/+MQvH5/W/ps94pePtv/E9n+pr9Zn8e8H9x9+pFMpdYt/98Xuv7+3e8RPi9++TxXlfPqdg/J+p3zYcz//zXOntX+5R/snz2j/3b7aH597+Wvf+0PXKSe2BgBwFZq7e+uL9Xpt+5TCZB/zXHHhzScjjQEW4slIY1iF7Lud/8eLreeCi58oZBdZfDwGkMbEie/pWJx3hUnEfr6uPv8hAQCAEfO/g/7T7iABAAAAAAAAAAAAAAAAAAAAl+mcjyWbjIi+Zz4ec384TQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONV/AgAA//8FStFZ")
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socket$unix(0x1, 0x5, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20004804)
syz_usb_connect$uac1(0x2, 0x71, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000008c0)=ANY=[@ANYBLOB="24000000190001000000000000c3b2000a0000000002c800000000"], 0x24}, 0x1, 0x0, 0x0, 0x40080}, 0x0)

55.129559789s ago: executing program 1 (id=8238):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x17c, 0x19, 0x1, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x200}}, [@tmpl={0xc4, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast}, {{@in=@loopback, 0x0, 0x6c}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x32}, 0x0, 0x2}, {{@in6=@local, 0x4d4, 0x33}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x342c}]}]}, 0x17c}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x18)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r2, 0x0, 0x14, &(0x7f0000000000)=0xfffffffe, 0x4)
sendto$inet(r2, &(0x7f0000000100)="1ce0", 0xffeb, 0x0, &(0x7f0000001100)={0x2, 0x0, @private}, 0x10)
recvmmsg(r2, &(0x7f00000007c0)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x10100, 0x0)
r3 = io_uring_setup(0x117d, &(0x7f00000003c0)={0x0, 0x190a, 0x8000, 0x2, 0x5})
io_uring_register$IORING_UNREGISTER_RING_FDS(r3, 0x15, &(0x7f0000003880)=[{0x1, 0x0, 0x0, &(0x7f0000003680)=[{&(0x7f0000002680)=""/4096, 0x1000}], &(0x7f00000036c0)=[0x9, 0x40, 0x4, 0x0]}, {0x1, 0x0, 0x0, &(0x7f0000003800)=[{&(0x7f0000003700)=""/212, 0xd4}], &(0x7f0000003840)=[0x4, 0x9, 0xfffffffffffffff7]}], 0x2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRESOCT=r2], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x1000)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1038, 0x1410, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x5, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r6, 0x0, 0x0)
syz_usb_control_io$hid(r6, &(0x7f0000000280)={0x24, &(0x7f0000000300)={0x0, 0x24, 0x1c, {0x1c, 0x11, "98e7c6dde4263d3db71c093cce367bb457fe88370a0c28a5d8ca"}}, 0x0, 0x0, 0x0}, 0x0)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xc, 0x2031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x7, 0x4, 0xa58, 0x2}, 0x48)
mlock(&(0x7f0000002000/0x2000)=nil, 0x2000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
sendto$inet6(r5, &(0x7f0000000340)="5a5a807af6fbc2a7cf88aab41d00f3813cb2d712e91511c67b88dbc31494fe3be9c81e5dd78c58e72a5ff4eaba396bb5cec4c14f36df4663575f926fd15ded860e0fd2705cceeb52e2a3e30d69e89c105a8f95635d64d7e8e7ac642dce4261d47af4f165326ac2ad7d9b42f98d30", 0x6e, 0x800, 0x0, 0x0)
memfd_create(&(0x7f0000000080)='GPL\x00', 0x7)
sendmsg$key(0xffffffffffffffff, 0x0, 0x8000)

51.826251089s ago: executing program 1 (id=8247):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x7}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01090000000000000f478e"])
r6 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0x0, 0x1, 0x10000, 0x0, 0x4002004c8, 0x1000, 0x0, 0x1fd, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8c], 0xeeee8000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x60, 0x4000}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x20010, 0x284a0}}}}}}]}, 0x48}, 0x1, 0xd, 0x0, 0x480c5}, 0x0)

49.245762458s ago: executing program 1 (id=8253):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x14, 0x4, 0x8, 0x6, 0x4, 0x1}, 0x50)
setpriority(0x1, 0x0, 0x900000000000000)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r5, &(0x7f0000000280), &(0x7f0000001840)=@udp6}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r6], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [], 0x6b}})

47.262161838s ago: executing program 1 (id=8256):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4000, &(0x7f0000000300)={[{@grpid}, {@barrier_val={'barrier', 0x3d, 0x3ff}}, {@stripe={'stripe', 0x3d, 0x7}}, {@grpid}, {@data_ordered}, {@stripe={'stripe', 0x3d, 0xf62}}, {@max_batch_time={'max_batch_time', 0x3d, 0x200000}}, {@dax_always}]}, 0xd, 0x5f6, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvbH40aapJi6j1YBdEWtAmTdpKEQ/tVUqoP/DixdiktXbbhiaiqUJTqBdBvIgInjxYwT9Ci732pCB48OJJCkWlR8GV2cyk2exufmyTbOx8PrDNzHsz8950882befvebACFVU7/KUXsjYjpJGIwmV/M644ss7yw3b2/PzqdvpKoVl/7M4kkS8u3T7KfA9nOfRHx049J7OlqLHdm7sr5iUpl6nK2PjJ7YXpkZu7KwXMXJs5OnZ26OPbC2LGjR44eGz3U1nldbZJ28vq77w9+Mv7mN1/9k4x++9t4Esfj5WzDpecREb+U2iq1XjnKtf+TpDFr4NgGHH876Mp+T5a+xUl3ByvEuuTvX09EPBGD0RX337zB+PiVjlYO2FTVJKIKFFQi/qGg8uuA/N5+2X1wbMR9MLA93T2x0AHQGP/dC32D0VfrG9h5L4ml3TpJRLTXM1dvV0TcvjV+/cyt8evR2A8HbKL5axHxZLP4T2rxPxR9MVSL/1Jd/KfXBaeyn2n6q22Wv7yruDH+D7d5ZGA1C/Hft2L8R4v4f2tJ/L/dZvnl+4vv9NfFf3+7pwQAAAAAAACFdfNERDzf7PP/0uL4n2gy/mcgIo5vQPnlZeuNn/+X7mxAMUATd09EvNR0/G8pH/071JUtPVIbD9CTnDlXmToUEY9GxIHo2ZGuj65QxsFP93zZKq+cjf/LX2n5t7OxgFk97nTvqN9ncmJ24kHPG4i4ey3iqabjf5PF9j9p0v6nfw+m11jGnmdvnGqVt3r8A5ul+nXE/qbt//2nViQrP59jpHY9MJJfFTR6+sPPvm9Vfrvx7xET8ODS9n/nyvE/lCx9Xs/M+ss4PNddbZXX7vV/b/J67ZEzvVnaBxOzs5dHI3qTk11pal362PrrDA+jPB7yeEnj/8AzK/f/Nbv+74+I+WXHTv6qn1Oce/zfgd9b1cf1P3ROGv+T62r/178wdmPoh1blr639P1Jr6w9kKfr/YMEXeZj21qc3RuFiQNdlbXV9AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBhUIqIXZGUhheXS6Xh4YiBiHgsdpYql2Zmnztz6b2Lk2le7fv/S/k3/Q4urCf59/8PLVkfW7Z+OCJ2R8TnXf219eHTlyqTnT55AAAAAAAAAAAAAAAAAAAA2CYGWsz/T/3R1enaAZuuu9MVADqmSfz/3Il6AFtP+w/FJf6huMQ/FJf4h+IS/1Bc4h+KS/xDcYl/AAAAAAB4qOzed/PXJCLmX+yvvVK9WV5PR2sGbLZSpysAdIxH/EBxGfoDxeUeH0hWye9rudNqe65k+vQD7AwAAAAAAAAAAAAAhbN/r/n/UFTm/0Nxmf8PxZXP/9/X4XoAW889PhCrzORvOv9/1b0AAAAAAAAAAAAAgI00M3fl/ESlMnV5Ixd2xBo3/m4zSm934Y3tUY2tXKhWq1fT34LtUp//+UI+FH6LS++OtW2cz/Vb25E79zcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACo918AAAD//x99I+M=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
getpgrp(0xffffffffffffffff)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x2, 0x800, 0x7ff)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x18)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
r5 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r5, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r5, 0x0, r5, &(0x7f0000000240)='./file0\x00', 0x0)
unlink(&(0x7f0000000280)='./file1\x00')

46.263678813s ago: executing program 1 (id=8263):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = dup(r0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0xa)
r5 = dup(r4)
r6 = open(&(0x7f0000000140)='./file1\x00', 0x109cc2, 0x40)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d1)
write$UHID_DESTROY(r1, &(0x7f0000000700), 0x2f)
r7 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r7, @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f28bd421850000008200000095"], 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc03}, 0x94)
sync()
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x20000000000001a9, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff7}, 0x94)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1e, 0x4, 0x7f, 0x8, 0x0, 0xffffffffffffffff, 0x4000000}, 0x50)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000d40)=ANY=[@ANYBLOB="180000000000e3ff000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000e00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r9}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r10 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r10, 0x0, 0xfc, 0x7ffffffe, &(0x7f0000000d40)={0xa, 0x4e24, 0x1, @mcast2, 0x9}, 0x1c)
syz_clone(0x102800, &(0x7f0000000180)="7e48f44985e2ff0919bfafe41a70e681239ae340960f6406ac9b631f470783c11f977eab04d8f55b0507a7e028c6a21cda398357b2fc1089392a5bfc5ae66a81f012fd03942a37f8bc0b9fc50c272cd6b95f19a163065a4bcc835789d3fb", 0x5e, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000280)="e8040051b390c0e15f0992886d652ca966392a6dfd11786cbbcdc9e7b7fcf183bb191d681c6345f13eef82146a1e869c0e090dc1f4624f4f55297b99aa5fbf0393d28d4bb683dd716831632b3215ed9653dcdd105546c5180208fe3cc85f51295cb5920b1e6f7f975903309460daae0d9e4f692ad298fe9d986d7152aa9bc19bff81260751d3b11df784fe6ea4061553616a0e20ce25f9004bed45b0986ffe8fee0ea49d54cc655cc3c9b2d843929e54cdfdcefc1810a4f6d37938c7d03cbe3a63822a440934398b82055cfc77445babad4805354570c26a9c5e56a891be401e25742b5560396f2dd35e96c0273e9fa29e71883213a4ff533b8a")

44.176355334s ago: executing program 1 (id=8268):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="01000000420b00000600000008"], 0x48)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x80, 0x40)
sched_setaffinity(0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f00000001c0)={0x0, 0x1, 0xffffffffffffffff, 0x0, 0x80000})
r2 = fcntl$getown(r0, 0x9)
prlimit64(r2, 0x5, &(0x7f0000000000)={0x51, 0x9}, &(0x7f0000000140))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e22}, 0x21)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0xaf4, 0x0)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x8001, 0x0, r0}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8000, r6}, 0x38)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x20088a, &(0x7f00000005c0)={[{@usrquota}, {@usrjquota, 0x22}, {@noauto_da_alloc}, {@lazytime}, {@usrjquota}, {@grpjquota, 0x22}, {@init_itable}, {@jqfmt_vfsold}, {@noblock_validity}, {@nobarrier}, {@bh}, {@stripe={'stripe', 0x3d, 0x100000000}}, {@user_xattr}, {@barrier}, {@usrjquota_path={'usrjquota', 0x3d, './file0'}}, {@stripe={'stripe', 0x3d, 0x200}}]}, 0xfe, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==")

28.994856533s ago: executing program 33 (id=8268):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="01000000420b00000600000008"], 0x48)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x80, 0x40)
sched_setaffinity(0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f00000001c0)={0x0, 0x1, 0xffffffffffffffff, 0x0, 0x80000})
r2 = fcntl$getown(r0, 0x9)
prlimit64(r2, 0x5, &(0x7f0000000000)={0x51, 0x9}, &(0x7f0000000140))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e22}, 0x21)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0xaf4, 0x0)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x8001, 0x0, r0}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8000, r6}, 0x38)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x20088a, &(0x7f00000005c0)={[{@usrquota}, {@usrjquota, 0x22}, {@noauto_da_alloc}, {@lazytime}, {@usrjquota}, {@grpjquota, 0x22}, {@init_itable}, {@jqfmt_vfsold}, {@noblock_validity}, {@nobarrier}, {@bh}, {@stripe={'stripe', 0x3d, 0x100000000}}, {@user_xattr}, {@barrier}, {@usrjquota_path={'usrjquota', 0x3d, './file0'}}, {@stripe={'stripe', 0x3d, 0x200}}]}, 0xfe, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==")

21.126335341s ago: executing program 5 (id=8312):
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000240)=ANY=[], 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(0x0, 0x0, 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r3}, 0x18)
creat(&(0x7f0000000280)='./bus\x00', 0xa0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0)
unshare(0x2040400)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

19.098547792s ago: executing program 6 (id=8314):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x20000510)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8)
connect$inet6(r5, &(0x7f0000000100)={0xa, 0x0, 0x5, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r5, &(0x7f0000002ac0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="8252", 0x2}], 0x1}}], 0x1, 0x4000c000)
sendto$inet6(r5, &(0x7f0000000300), 0x16, 0x1100, 0x0, 0xfffffffffffffdfd)
socket$key(0xf, 0x3, 0x2)

19.097961792s ago: executing program 2 (id=8315):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xffffffffffffffa8, &(0x7f0000000000)=0x1002)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x48)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000140)='./file2\x00', 0x2001004c, &(0x7f0000000a00)=ANY=[@ANYRES16=0x0, @ANYRES8, @ANYRES8=0x0, @ANYBLOB="b71fe84fda50cf6fbefac5a5891d03a05027c0e6658ea94f09636160112a47b688552b72051bf0111daffbe0adef82589ee2fac726c31d20f98aa1f9761873cd604dab0d22b4b321f4c20044c5a8e018b51e52342814e4c33a7f4807781862b524b303c604203d95ef2f4feb698f5a4f3983ca0adeae0088c2e16969e9000a6a9d85bf9d4ee333cfeb763ad6506f66797f154f0923a63f106d908d1cf2a884e57ab63950b9883c40449a94847df80ca39e9394f8de077bfd7f0c81e773fe8ad33c339a0f92997d172adcde0c53c97cce8a0f42c862a0c88c9a25ccf6799b85dadc245f608d", @ANYRES8], 0xfe, 0x1518, &(0x7f0000000d80)="$eJzs3AuYjtX6MPB1r7UehqS3SQ7Dutf98KbBMkmSQ0IOSZIkSU4JSZMkCYkhp6QhCTlOmhyGkBymMWmcz4eckyZbmiQJySlZ38Vub7uv/W/v/7f39/e/9ty/61rXrPt93nu99zP3XPOu55lr3u96jqrXon7tZkQk/iXw5y9JQogYIcQwIcR1QohACFEptlLspeP5FCT9ay/C/r0eTrvaFbCrifufu3H/czfuf+7G/c/duP+5G/c/d+P+527cf8Zys22zi13PI/cOvv+fm/H7/3+QnPKTv9pQ/sZe/40U7n/uxv3P3bj/uRv3P3fj/udu3P//fLX+4Bj3P3fj/jOWm/31XvAF7/3/gvvRPP5nx9X++WOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxljuc9VdoIcRf5le7LsYYY4wxxhhjjP37+LxXuwLGGGOMMcYYY4z9/wdCCiW0CEQekVfEiHwiv7hGFBDXioLiOhER14tYcYMoJG4UhUURUVQUE3GiuCghjEBhBYlQlBSlRFTcJEqLm0W8KCPKinLCifIiQdwiKohbRUVxm6gkbheVxR2iiqgqqonq4k5RQ9wlaopaora4W9QRdUU9UV/cIxqIe0VDcZ9oJO4XjcUDool4UDQVD4lm4mHRXDwiWohHRUvxmGglWos2oq1o9/+U/5LoK14W/UR/kSQGiIHiFTFIDBZDxFAxTLwqhovXxAjxukgWI8Uo8YYYLd4UY8RbYqwYJ8aLt8UEMVFMEpPFFDFVpIh3xDTxrkgV74npYoaYKWaJNDFbzBHvi7linpgvPhALxIdioVgkFoslIl18JDLEUpEpPhbLxCciSywXK8RKsUqsFmvEWrFOrBcbxEaxSWwWW8RWsU18KraLHWKn2CV2iz1ir/hM7BOfi/3iC5Etvvxv5p/5v/J7gQABEiRo0JAH8kAMxEB+yA8FoAAUhIIQgQjEQiwUgkJQGApDUSgKcRAHJaAEICAQEJSEkhCFKJSG0hAP8VAWyoIDBwmQABXgVqgIFaESVILKUBmqQFWoCtWhOtSAGlATakJtqA11oA7Ug3pwD9wD90JDaAiNoBE0hsbQBJpAU2gKzaAZNIfm0AJaQEtoCa2gFbSBNtAO2kF7aA8doAN0gk7QGTpDF+gCiZAIXaErdINu0B26Qw/oAT2hJ/SC3tAbXoKX4GV4GfpDHTkABsJAGASDYAgMhaHwKgyH1+A1eB2SYSSMgjfgDXgTxsBpGAvjYDyMhxpyIkyCyUByKqRACkyDaZAKqTAdZsAMmAVpMBvmwByYC/NgHnwAC+BD+BAWwSJYAumQDhmwFDIhE5bBGciC5bACVsIqWA2rYC2sg7WwATbCBtgMm2ErbIVP4VPYATtgF+yCPbAHPoPP4HP4HJIhG7LhAByAg3AQDsEhyIEcOAyH4QgcgaNwFI7BMTgOJ+AknIBTcApOwxk4C2fhPJyHC/BC3DfN95RZnyzkJVpqmUfmkTEyRuaX+WUBWUAWlAVlREZkrIyVhWQhWVgWlkVlURkn42QJWUKiREkylCVlSRmVUVlalpbxMl6WlWWlk04myARZQVaQFWVFWUneLivLO2QVWVV2dNVldVlDdnI1ZS1ZW9aWdWRdWU/Wl/VlA9lANpQNZSPZSDaWjWUT+aBsKgfAEHhYXupMCzkSWspR0Eq2lm1kW/kmPC7byzHQQXaUneSTchyMhS6yvUuUz8iuchJ0k8/JyfC87CGnQk/5ouwle8s+8iXZV3Zw/WR/OR0GyIFyFgySg+UQOVTOhbryUsfqyddlshwpR8k35BJ4U46Rb8mxcpwcL9+WE+REOUlOllPkVJki35HT5LsyVb4np8sZcqacJdPkbDlHvi/nynlyvvxALpAfyoVykVwsl8h0+ZHMkEtlpvxYLpOfyCy5XK6QK+UquVqukWvlOrlebpAb5Sa5WW6RW+U2+ancLnfInXKX3C33yL3yM7lPfi73yy9ktvxSHpB/kgflV/KQ/FrmyG/kYfmtPCK/k0fl9/KY/EEelyfkSfmjPCV/kqflGXlWnpPn5c/ygvxFXpReCgVKKqW0ClQelVfFqHwqv7pGFVDXqoLqOhVR16tYdYMqpG5UhVURVVQVU3GquCqhjEJlFalQlVSlVFTdpEqrm1W8KqPKqnLKqfIqQd2iKqhbVUV1m6qkbleV1R2qiqqqqqnq6k5VQ92laqpaqra6W9VRdVU9VV/doxqoe1VDdZ9qpO5XjdUDqol6UDVVD6lm6mHVXD2iWqhHVUv1mGqlWqs2qq1qpx5X7dUTqoPqqDqpJ1Vn9ZTqop5WieoZ1VU9q7qp51R39bzqoV5QPdWLqpfqrfqoX9RF5VU/1V8lqQFqoHpFDVKD1RA1VA1Tr6rh6jU1Qr2uktVINUq9oUarN9UY9ZYaq8ap8eptNUFNVJPUZDVFTVUp6h01Tb2rUtV7arqaoWaqWSpNzVZDfl1p/j+R/+7fyR9x+dW3qm3qU7Vd7VA71S61W+1Re9VetU/tU/vVfpWtstUBdUAdVAfVIXVI5agcdVgdVkfUEXVUHVXH1DF1XJ1Q59SP6pT6SZ1WZ9QZdU6dV+fVhV+/B0KDllpprQOdR+fVMTqfzq+v0QX0tbqgvk5H9PU6Vt+gC+kbdWFdRBfVxXScLq5LaKNRW0061CV1KR3VN+nS+mYdr8vosrqcdrq8TtC3/Mv5/6i+drqdbq/b6w66g+6kO+nOurPuorvoRJ2ou+quupvuprvr7rqH7qF76p66l+6l++g+uq/uq/vpfjpJJ+mB+hU9SA/WQ/RQPUy/qofr4XqEHqGTdbIepUfp0Xq0HqPH6LF6rB6vx+sJeoKepCfpKXqKTtEpepqeplN1qp6up+uZeqZO02l6jp6j5+q5er6erxfoBXqhXqgX68U6XafrDJ2hM3WmXqaX6Sy9XC/XK/VKvVqv1mv1Wr1er9cb9Ua9WW/WWXqb3qa36+16p96pd+vdeq/eq/fpfXq/3q+zdbY+oA/og/qgPqQP6Rydow/rw/qIPqKP6qP6mD6mj+vj+qQ+qU/pU/q0Pq3P6rP6vD6vL+gL+qK+eGnbF8hABjrQQZ4gTxATxAT5g/xBgaBAUDAoGESCSBAbxAaFghuDwkGRoGhQLIgLigclAhNgYAMKwqBkUCqIBjcFpYObg/igTFA2KBe4oHyQENwSVAhuDSoGtwWVgtuDysEdQZWgalAtqB7cGdQI7gpqBrWC2sHdQZ2g7l/+DhXcGzQM7gsaBfcHjYMHgibBg0HT4KGgWfBw0Dx4JGgRPBq0DB4LWgWtgzZB26DdP7t+UC+oH9wTNPjD9b0/XeQJ18/0N0lmgBloXjGDzGAzxAw1w8yrZrh5zYwwr5tkM9KMMm+Y0eZNM8a8ZcaacWa8edtMMBPNJDPZTDFTTYp5x0wz75pU856ZbmaYmWaWSTOzzRzzvplr5pn55gOzwHxoFppFZrFZYtLNRybDLDWZ5mOzzHxissxys8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMp2a72WF2ml1mt9lj9prPzD7zudlvvjDZ5ktzwPzJHDRfmUPma5NjvjGHzbfmiPnOHDXfm2PmB3PcnDAnzY/mlPnJnDZnzFlzzpw3P5sL5hdz0fhLm/tLb++oUWMezIMxGIP5MT8WwAJYEAtiBCMYi7FYCAthYSyMRbEoxmEclsASeAkhYUksiVGMYmksjfEYj2WxLDp0mIAJWAErYEWsiJWwElbGylgFq2A1rIZ34p14F96FtbAW3o13Y12si/WxPjbABtgQG2IjbISNsTE2wSbYFJtiM2yGzbE5tsAW2BJbYitshW2wDbbDdtge22MH7ICdsBN2xs7YBbtgIiZiV+yK3bAbdsfu2AN7YE/sib2wF/bBPtgX+2K/c/0wCZNwIA7EQTgIh+AQHIbDcDgOxxE4ApMxGUfhKByNo3EMjsGxOA7H49s4ASfiJJyMU3AqpmAKTsNpmIqpOB2n40yciWmYhnNwDs7FuTgf5+MCXIALcSEuxsWYjumYgRmYiZm4DJdhFmbhClyBq3AVrsE1uA7X4QbcgJtwE27BLbgNt+F23I47cSfuxt24F/fiPtyH+3E/ZmM2HsADeBAP4iE8hDmYg4fxMB7BI3gUj+IxPIbH8TiexJN4Ck/haTyNZ/Esnsef8QL+ghfRY4yVIr+9xhaw19qC9jobY/PZv42L2mI2zha3JayxhW2R38RorY23ZWxZW846W94m2Ft+F1exVW01W93eaWvYu2zN38UN7L22ob3PNrL32/r2nt/Eje0Dtol91Da1j9lmtrVtbtvaFvZR29I+ZlvZ1raNbWs726dsF/u0TbTP2K722d/FGXapXWfX2w12o91nP7dn7Tl7xH5nz9ufbT/b3w6zr9rh9jU7wr5ukxuN/G1sR9rx9m07wU60k+xkO8VO/V08086yaXa2nWPft3PtvN/F6fYju8Bm2oV2kV1sl1yOL9WUaT+2y+wnNssutyvsSrvKrrZr7Nq/1rrSbrZb7Fa7135mt9sddqfdZXfbPZfjS+ex335hs+2X9rD91h60X9lD9qjNsd9cji+d31H7vT1mf7DH7Ql70v5oT9mf7Gl75vL5Xzr3H+0v9qL1VhCQJEWaAspDeSmG8lF+uoYK0LVUkK6jCF1PsXQDFaIbqTAVoaJUjOKoOJUgQ0iWiEIqSaUoSjdRabqZ4qkMlaVy5Kg8JdAtVIFupYp0G1Wi26ky3UFVqCpVo+p0J9Wgu6gm1aLadDfVobpUj+rTPdSA7qWGdB81ovupMT1ATehBakoPUTN6mJrTI9SCHqWW9Bi1otbUhtpSO3qc2tMT1IE6Uid6kjrTU9SFnqZEeoa60rPUjZ6j7vQ89aAXqCe9SL2oN/Whl6gvvUz9qD8l0QAaSK/QIBpMQ2goDaNXaTi9RiPodUqmkTSK3qDR9CaNobdoLI2j8fQ2TaCJNIkm0xSaSin0Dk2jdymV3qPpNINm0ixKo9k0h96nuTSP5tMHtIA+pIW0iBbTEkqnjyiDllImfUzL6BPKouW0glbSKlpNa2gtraP1tIE20ibaTFtoK22jT2k77aCdtIt20x7aS5/RPvqc9tMXlE1f0gH6Ex2kr+gQfU059A0dpm/pCH1HR+l7OkY/0HE6QSfpRzpFP9FpOkNn6Rydp5/pAv1CF8mTCCGUoQp1GIR5wrxhTJgvzB9eExYIrw0LhteFkfD6MDa8ISwU3hgWDouERcNiYVxYPCwRmhBDG1IYhiXDUmE0vCksHd4cxodlwrJhudCF5cOE8JawQnhrWDG8LawU3h5WDu8Iq4RVw0fvrx7eGdYI7wprhrXC2uHdYZ2wblgvrB/eEzYI7w0bhveFjcL7w4rhA2GT8MGwafhQ2Cx8OGwePhK2CB8NW4aPha3C1mGbsG3YLnw8bB8+EXYIO4adwifDzuFTYZfw6TAxfCbsGj77D48nhQPCgeEr4Suh9/epxdEl0fToR9GM6NJoZvTj6LLoJ9Gs6PLoiujK6Kro6uia6Nrouuj66Iboxuim6ObolujWqPf18woHTjrltAtcHpfXxbh8Lr+7xhVw17qC7joXcde7WHeDK+RudIVdEVfUFXNxrrgr4YxDZx250JV0pVzU3eRKu5tdvCvjyrpyzrnyLsG1de1cO9fePeE6uI6uk3vSPemeck+5p93T7hnX1T3rurnnXHf3vOvhXnAvuBddL9fb9XEvub7uZdfP9XdJLskNdAPdIDfIDXFD8vy6B3Mj3AiX7JLdKDfKjXaj3Rg3xo11Y914N95NcBPcJDfJTXFTXIpLcdPcNJfqUt10N93NdDNdmktzc9wcN9fNdfPdfLcgfoFb6Ba6xW6xS3fpLsNluEyX6Za5ZS7LZbkVboVb5Va5NW6NW+fWuQ1ug9vkNrktbovb5ra57W672+l2ut1ut9vr9rp9bp/b7/a7bJftDrgD7qA76A65r12O+8Yddt+6I+47d9R97465H9xxd8KddD+6U+4nd9qdcWfdOXfe/ewuuF/cReddSuSdyLTIu5HUyHuR6ZEZkZmRWZG0yOzInMj7kbmReZH5kQ8iCyIfRhZGFkUWR5ZE0iMfRTIiSyOZkY8jyyKfRLIiyyMrIisjqyKrI94X3x76kr6Uj/qbfGl/s4/3ZXxZX847X94n+Ft8BX+rr+hv85X87b6yv8NX8VV9Nf+Yb+Vb+za+rW/nH/ft/RO+g+/oO/knfWf/lO/in/aJ/hnf1T/ru/nnfHf/vO/hX/A9/Yu+l+/t+/iXfF//su/n+/skP8AP9K/4QX6wH+KH+mH+VT/cv+ZH+Nd9sh/pR/k3/Gj/ph/j3/Jj/Tg/3r/tJ/iJfpKf7Kf4qT7Fv+On+Xd9qn/PT/cz/Ew/y6f52X6Of9/P9fP8fP+BX+A/9Av9Ir/YL/Hp/iOf4Zf6TP+xX+Y/8Vl+uV/hV/pVfrVf49f6dX693+A3+k1+s9/it/pt/lO/3e/wO/0uv9vv8Xv9Z36f/9zv91/4bP+lP+D/5A/6r/wh/7XP8d/4w/5bf8R/54/67/0x/4M/7k/4k/5Hf8r/5E/7M/6sP+fP+5/9Bf+Lv8j/s8YYY4wx9k9JPfTHxwf8ncfkr+OSgUKIa3cUy/nb41oIsanwn+eDZVzniBDimf49H/7LqFMnKSnp1+dmKRGUWiSEiFzJv3wZ8mu8XHQST4lE0VFU+Lv1DZa9z9MfrA/HvY/eLkT+v8mJEVfiK+vf+l+s//iT4zMqh2djf7v+hV/3m5fqjy4SIr7UlZx84kp8Zf2K/8X6Rdr/Uf1ZSuT7KkWIDn+TU0Bcia+snyCeEM+KxN88kzHGGGOMMcYY+7PBslr3f3D9efn6PE5fDi8/nFf8Nf6H1+eMMcYYY4wxxhi7+p7v3efpxxMTO3bnCU94wpO/Tq72bybGGGOMMcbYv9uVTf/VroQxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu9/ic+TuxqnyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2fAAAA///9QkNA")
chdir(0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
truncate(&(0x7f0000000040)='./file0\x00', 0x1b1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0600000004000000008000005c00000000000000", @ANYRES32, @ANYBLOB="0000e5ffffffffffff", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
socket$netlink(0x10, 0x3, 0x8000000004)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001ec0), 0xffffffffffffffff)
sendmsg$TIPC_NL_PUBL_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={0x44, r4, 0xf03, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x30, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0xfffffffffffffff6}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_FLAG, @TIPC_NLA_CON_FLAG={0x8}]}]}]}, 0x44}}, 0x0)
setreuid(0x0, 0x0)

19.097246212s ago: executing program 5 (id=8317):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r6}, 0x18)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000340), 0x4, 0x241, &(0x7f00000009c0)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0xe501, 0x3, 0x2a8, 0x138, 0x6affffff, 0x3403000b, 0x0, 0x7, 0x210, 0x230, 0x230, 0x210, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'veth1_to_team\x00'}, 0x0, 0xf0, 0x138, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x7f510100, 0x4, 0x0, 0x0, 0x0, 0x2}}, @common=@unspec=@time={{0x38}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x308)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002440)=ANY=[@ANYBLOB="38000000200001000000000000000000020000000000000000000000140003006c6f"], 0x38}}, 0x0)
r7 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000000080)='net/igmp\x00')
preadv(r8, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/85, 0x55}], 0x1, 0xfffffffb, 0xa)
renameat(r7, &(0x7f0000000240)='./file0\x00', r8, &(0x7f0000000280)='./file0\x00')
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
add_key$fscrypt_v1(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xffffffffffffffff)
syz_io_uring_setup(0x31c5, &(0x7f0000000140)={0x0, 0xd73c, 0x2}, &(0x7f00000001c0), &(0x7f00000003c0))

16.982497273s ago: executing program 4 (id=8319):
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000240)=ANY=[], 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(0x0, 0x0, 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r3}, 0x18)
creat(&(0x7f0000000280)='./bus\x00', 0xa0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0)
unshare(0x2040400)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

16.873403516s ago: executing program 2 (id=8320):
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000240)=ANY=[], 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(0x0, 0x0, 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r3}, 0x18)
creat(&(0x7f0000000280)='./bus\x00', 0xa0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0)
unshare(0x2040400)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

16.632989019s ago: executing program 6 (id=8322):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x14, 0x4, 0x8, 0x6, 0x4, 0x1}, 0x50)
setpriority(0x1, 0x0, 0x900000000000000)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r5, 0x0, &(0x7f0000000000)=""/82}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r6], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [], 0x6b}})

16.55373135s ago: executing program 5 (id=8323):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000480)=@abs={0x0, 0x0, 0x8004e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffff05850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r4}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000c00)={0x1, 0x58, &(0x7f0000000380)}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x1e, r5, 0xfffffffffffffffe, r5, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000300)=[{0x0}], 0x1, 0x0, 0x0, 0x800}, 0x20004011)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="8b", 0x1}], 0x1}, 0x0)

15.93410359s ago: executing program 2 (id=8324):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x202, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d00000085"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = userfaultfd(0x801)
syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000000000)='./file1\x00', 0x8, &(0x7f0000001f40)=ANY=[@ANYBLOB="757466382c696f636861727365743d69736f9f4aef976226965347811987af9013383835392d36b0ce6fe84a", @ANYRESHEX=0x0, @ANYBLOB=',iocharset=euc-jp,errors=remount-ro,namecase=1,iocharset=iso8859-13,dmask=00000000000000000000001,time_offset=0x0000000000000006,errors=remount-ro,\x00'], 0x1, 0x152b, &(0x7f0000000a00)="$eJzs3AmYjtXbAPD7Puc8Y0zS2yTLcM65H95kOSZJsiTJkiRJkmRLSJrkLwmJIVvSkIRkGZJlCMkyMWns+74kJEmTJCHZkvNdir/66r8vvuub+3ddzzXnfs9zn+c87/0+8yyzfNN5SI1GNas2ICL4l+AvX5IBIBYABgDANQAQAEDZ+LLxF/pzSkz+1zbC/r0eSrvSM2BXEtc/e+P6Z29c/+yN65+9cf2zN65/9sb1z964/oxlZ5umFbiWl+y78PP/7IzP//+PZJUa88WaUtd3AYj5e1O4/tkb1///reDvWYnrn71x/bOr2Cs9AfZ/AB//2UGOv9jD9c/euP6MZWdX+vnzf36Rf7UfItnhPfgr+88YY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjP0XnPaXKQC41L7S82KMMcYYY4wxxti/j89xpWfAGGOMMcYYY4yx/zwEARIUBBADOSAWckIcCAC4GnLDNRCBayEeroM8cD3khXyQHwpAAhSEQqDBgAWCEApDEYjCDVAUboRiUBxKQElwUAoS4SYoDTdDGbgFysKtUA5ug/JQASpCJbgdKsMdUAXuhKpwF1SD6lADasLdUAvugdpwL9SB+6Au3A/14AGoDw9CA3gIGsLD0AgegcbwKDSBptAMmkOLfyr/BegOL0IP6AnJ0At6w0vQB/pCP+gPA+BlGAivwCB4FVJgMAyB12AovA7D4A0YDiNgJLwJo+AtGA1jYCyMg1QYDxPgbZgI78AkmAxTYCqkwTSYDu/CDJgJs+A9mA3vwxyYC/NgPqTDB7AAFkIGfAiL4CPIhMWwBJbCMlgOK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A474GPYCZ/ALtgNe/5cv38k/9Sv8j+FvdAFAQEFClSoMAZjMBZjMQ7jMBfmwtyYGyMYwXiMxzyYB/NiXsyP+TEBE7AQFkKDBgkJC2NhjGIUi2JRLIbFsASWQIcOEzERS+PNWAbLYFksi+WwHJbHClgBK2ElrIyVsQpWwapYFathNayBNfBuvBt7YW2sjXWwDtbFupceT2EDbIANsSE2wkbYGBtjE2yCzbAZtsAW2BJbYitshW2wDbbFttgO22ESJmF7bI8dsAN2xI7YCTthZ+yMXbArds16IQfgi/gi9sRqohf2xt7YB1Ny9MP+2B9fxoH4Cr6Cr2IKDsYh+Bq+hq/jMDyJw3EEjsSRWFm8haNxDJIYh6mYihNwAk7EiTgJJ+NknIppOA2n43ScgTNxJr6Hs/F9fB/n4lycj+mYjgtwIWZgBi7CU5iJi3EJLsVluByX4UpchStxDa7FNbge1+NG3IibcTNuxa24Hbfjx6gA8BPcjbsxBffiXtyH+3A/7scDeACzMAsP4kE8hIfwMB7GI3gEj+IxPI7H8ASewJN4Ck/jaTyLZ/EcPpfwVcOPi69OAXGBEkrEiBgRK2JFnIgTuUQukVvkFhEREfEiXuQReURekVfkF/lFgkgQhUQhYYQRJMIYABBRERVFRVFRTBQTJUQJ4YQTiSJRlBalRRlRRpQVt4py4jZRXlQQrV0lUUlUFm1cFXGnqCqqimqiuqghaoqaopaoJWqL2qKOqCPqirqinnhA1Be9sB8+JC5UppEYjI3FEGwimgp58QhoKYZhK9FatBFPiBE4HNuJli5JPC3ai9HYQfxJjMFnRScxDjuL50UX0VV0Ey+I7qKV6yF6iknYS/QWU7GP6Cv6if5iBlYX7+HsnDXEqyJFDBZDxGtiPr4uhok3xHAxQowUb4pR4i0xWowRY8U4kSrGiwnibTFRvCMmicliipgq0sQ0MV28K2aImWKWeE/MFu+LOWKumCfmi3TxgVggFooM8aFYJD4SmWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrvYIT4WO8UnYpfYLfaIT8Ve8ZnYJz4X+8UX4oD4UmSJr8RB8bU4JL4Rh8W34oj4ThwVx8Rx8b04IX4QJ8UpcVqcEWfFj+Kc+EmcF16ARCmklEoGMkbmkLEyp4yTV8lcMrj47l4r4+V1Mo+8XuaV+WR+WUAmyIKykNTSSCtJhrKwLCKj8gZZVN4oi8nisoQsKZ0sJRPlTbK0vFmWkbfIsvJWWU7eJsvLCrKirCRvl5XlHRIiv2yjmqwua8ia8m6ZDPfI2vJeWUfeJ+vK+2U9+YCsLx+UDeRDsqF8WDaSj8jG8lHZRDaVzWRz2UI+JlvKx2Ur2Vq2kU/ItvJJ2U4+JZPk07K99Bc/Is/KTvI52Vk+L7vIrrKb/Emel172kD0l9ALZW74k+8i+sp/sLwfIl+VA+YocJF+VKXKwHCJfk0Pl63KYfEMOlyPkSPmmHCXfkqPlGDlWjpOpcrycIN+WE+U7cpKcLKfIqTJNTpP9Lo40S8q/mf/2r/MvnHrlNDno561vlJvkZrlFbpXb5Ha5Q34sd8qdcpfcJffIPXKv3Cv3yX1yv9wvD8gDMktmyYPyoDwkD8nD8rA8Io/Io/KYPCO/lyfkD/KkPCVPyTPyrDwrz118D0ChEkoqpQIVo3KoWJVTxamrVC51tcqtrlERda2KV9epPOp6lVflU/lVAZWgCqpCSiujrCIVqsKqiIqqG/DiB0aVUCWVU6VUorrpH8lXRdWNqpgq/pv8S/NL/gvza6FaqJaqpWqlWqk2qo1qq9qqdqqdSlJJqr1qrzqoDqqj6qg6qU6qs+qsuqguqpvqprqr7qqH6qGSVbLqrV5SfVRf1U/1VwPUy2qgGqgGqUEqRaWoIWqIGqqGqmFqmBquhquRaqQapUap0Wq0GqvGqlSVqiaoCWqimqgmqUlqipqi0lSamq6mqxlqhpqlZqnZaraao+aoeWqeSlfpaoFaoDJUhlqkFqlMtVgtVkvVUrVcLVcr1Uq1Wq1Wa9VatV6tV5lqk9qktqgtapvapnaoHWqn2ql2qV1qj9qj9qq9ap/ap/ar/eqAOqCyVJY6qA6qQ+qQOqwOqyPqiDqqjqrj6rg6oU6ok+qkOq1Oq7PqrDqnzqnz6ryCQIAIRKACFcQEMUFsEBvEBXFBriBXkDvIHUSCSBAfxAd5guuDvEG+IH9QIEgICgaFAh2YwAbiYtGjwQ1B0eDGoFhQPCgRlAxcUCpIDG4KSgc3B2WCW4Kywa1BueC2oHxQIagYVApuDyoHdwRVgjuDqsFdQbWgelAjqBncHdQK7glqB/cGdYL7grrB/UG94IGgfvBg0CB4KGgYPBw0Ch4JGgePBk2CpkGzoHnQ4t86vvcn8z3ueuieOln30r31S7qP7qv76f56gH5ZD9Sv6EH6VZ2iB+sh+jU9VL+uh+k39HA9Qo/Ub+pR+i09Wo/RY/U4narH6wn6bT1Rv6Mn6cl6ip6q0/Q0PV2/q2fomXqWfk/P1u/rOXqunqfn63T9gV6gF+oM/aFepD/SmXqxXqKX6mV6uV6hV+pVerVeo9fqdXq93qA36k16s96it+pterveoT/WO/UnepferffoT/Ve/Znepz/X+/UX+oD+Umfpr/RB/bU+pL/Rh/W3+oj+Th/Vx/Rx/b0+oX/QJ/UpfVqf0Wf1j/qc/kmf1/7Cxf2F07tRRpkYE2NiTayJM3Eml8llcpvcJmIiJt7Emzwmj8lr8pr8Jr9JMAmmkClkLiBDprApbKImaoqaoqaYKWZKmBLGGWcSTaIpbUqbMqaMKWvKmnKmnClvypuKpqK53dxu7jB3mDvNneYuc5epbqqbmqamqWVqmdqmtqlj6pi6pq6pZ+qZ+qa+aWAamIamoWlkGpnGprFpYpqYZqaZaWFamJampWllWpk2po1pa9qadqadSTJJpr1pbzqYDqaj6Wg6mU6ms+lsupguppvpZrqb7qaH6WGSTbLpbXqbPqaP6Wf6mQFmgBloBppBZpBJMSlmiBlihpqhZpgZZoabEWbkhQtV85YZbcaYsWacSTWpZoKZYCaaiWaSmWSmmCkmzaSZ6Wa6mWFmmFlmlpltZps5Zo6ZZ+aZdJNuFpgFJsNkmEVmkck0mWaJWWKWmWVmhVlhVplVZo1ZY9bBOrPBbDCbzCazxWwx28w2s8PsMDvNTrPL7DJ7zB6z1+w1+8w+s9/sNwfMAZNlssxBc9AcMofMYXPYHDFHzFFz1Bw3x80Jc8KcNCfNaXPanDX5Lp4vvYm1OW2cvcrmslfb3PYa+7/j/LaATbAFbSGrbV6b7zexsdYWs8VtCVvSOlvKJtqbfheXtxVsRVvJ3m4r2ztsld/Ftew9tra919ax99ma9u7fxHXt/baefcTWRwSwTW1D29w2so/YxvZR28Q2tc1sc9vWPmnb2adskn3atrfP/C5eYBfaVXa1XWPX2l12tz1tz9hD9ht71v5oe9iedoB92Q60r9hB9lWbYgf/Lh5p37Sj7Ft2tB1jx9pxv4un2Kk2zU6z0+27doad+bs43X5gZ9sMO8fOtfPs/J/jC3PKsB/aRfYjm2kDWGKX2mV2uV1hV/55rkvtervBbrQ77Sd2i91qt9ntdselC2G72+6xn9q99jN70H5t99sv7AF72GbZr36OL+zfYfutPWK/s0ftMXvcfm9P2B/UpewL+/69/cmet94CIQFJUhRQDOWgWMpJcXQV5aKrKTddQxG6luLpOspD11Neykf5qQAlUEEqRJoMWSIKqTAVoSjdQJemV4JKkqNSlEg3UWm6mcrQLVSWbqVydBuVpwpUkSrR7VSZ7qAqdCdVpbuoGlWnGlST7qZadA/VpnupDt1Hdel+qkcPUH16kBrQQ9SQHqZG9Ag1pkepCTWlZtScWtBj1JIep1bUmtrQE9SWnqR29BQl0dPUnp6hDvQn6kjPUid6jjrT89SFulI3eoG604vUg3pSMvWi3vQS9aG+1I/60wB6mQbSKzSIXqUUGkxD6DUaSq/TMHqDhtMIGklv0ih6i0bTGBpL4yiVxtMEepsm0js0iSbTFJpKaTSNptO7NINm0ix6j2bT+zSH5tI8mk/p9AEtoIWUQR/SIvqIMmkxLaGltIyW0wpaSatoNa2htbSO1tMG2kibaDNtoa20jbbTDvqYdtIntIt20x76lPbSZ7SPPqf99AUdoC8pi76ig/Q1HaJv6DB963vSd3SUjtFx+p5O0A90kk7RaTpDZ+lHOkc/0XnyBCGGIpShCoMwJswRxoY5w7jwqjBXeHWYO7wmjITXhvHhdWGe8Powb5gvzB8WCBPCgmGhUIcmtCGFYVg4LBJGwxvCouGNYbGweFgiLBm6sFSYGN4Ulg5vDsuEt4Rlw1vDcuFtYfmwQvjIfZXC28PK4R1hlfDOsGp4V1gtrB7WCGuGd4e1wnvC2uG9YZ3wvrBMeH9YL3wgrB8+GDYIHwobhg+HjcJHwsbho2GTsGnYLGwetggfC1uGj4etwtZhm/CJsG34ZNgufCpMCp8O24fP/Nx//8K/3J8c9gp7hy+FL4Xe3yvnRedH06MfRBdEF0Yzoh9GF0U/imZGF0eXRJdGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGva+ZAxw64aRTLnAxLoeLdTldnLvK5XJXu9zuGhdx17p4d53L4653eV0+l98VcAmuoCvktDPOOnKhK+yKuKi7wRV1N7pirrgr4Uo650q5RNfctXAtXEv3uGvlWrs27gn3hHvSPemeck+5p11794zr4P7kOrpnXSf3nHvOPe+6uK6um3vBdXfjc/9yTCa73q636+P6uH6unxvgBriBbqAb5Aa5FJfihrghbqgb6oa5YW64G+5GupFulBvlRrvRbqwb61JdqpvgJriJbqKb5Ca5KW6KS3Npbrqb7ma4Ga7yzF+2MsfNcfPcPJfu0t0Cd+GaMcMtcotcpst0S9wSt8wtcyvcCrfKrXJr3Bq3zq1zG9wGt8ltclvcFrfNbXM73A630+10u/w1vwzq9rp9bp/b7/a7A+5Ll+W+cgfd1+6Q+8Yddt+6I+47d9Qdc8fd9+6E+8GddKfcaXfGnXU/unPuJ3feeZcaGR+ZEHk7MjHyTmRSZHJkSmRqJC0yLTI98m5kRmRmZFbkvcjsyPuROZG5kXmR+ZH0yAeRBZGFkYzIh5FFkY8imZHFkSWRpZFlkeUR7wtuCX1hX8RH/Q2+qL/RF/PFfQlf0jtfyif6m3xpf7Mv42/xZf2tvpy/zZf3FXxF/6hv4pv6Zr65b+Ef8y39476Vb+3b+Cd8W/+kb+ef8kn+ad/eP+M7+D/5jv5Z38k/5zv7530X39V38y/47v5F38P39Mm+l+/tX/J9fF/fz/f3A/zLfqB/xQ/yr/oUP9gP8a/5of51P8y/4Yf7EX5kzJt+1KVbZBjnU/14P8G/7Sf6d/wkP9lP8VN9mp/mp/t3/Qw/08/y7/nZ/n0/x8/18/x8n+4/8Av8Qp/hP/SL/Ec+0y++9FDSr/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3e/wH/ud/hO/y+/2e/ynfq//zO/zn/v9/gt/wH/ps/xX/qD/2h/y3/jD/lt/xH/nj/pj/rj/3p/wP/iT/pQ/7c/4s/5Hf87/5M/z36wxxhhjjP1dxl9uit/2/PI4v9cf5IhfrdwbAK7eWiDr1/0XrijX5f2l3VcktI0AwNM9Oz90aalWLTk5+eK6mRKCInMBLv0k6IIYuBwvhjbwJCRBayj9h/PvK7qepb8xfvRWgLhf5cTC5fjy+J8DYPIfjP/YEyMXlAtPx/+V8ecCFCtyOScnXI4XQ5ufn6+0hjJ/Yf75Wv6N+ef8IhWg1a9ycsHl+PL8E+FxeAaSfrMmY4wxxhhjjDH2i76iYsdL95+XfuPzj+7PE9TlnBxwOf5b9+eMMcYYY4wxxhi78p7t2u2px5KSWnf8xxtV/qmsv7vRGP5TI3PjDxveA1x6RQHAvzggwIWG/G/uxeb/yrZSLh46/7tr2RkfwP+NUv7zjbF/fuUKf2NijDHGGGOM/dtdvvr/7evqSk2IMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLhv4b/1fsSu8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9TwAAAP//HmP+kg==")
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40), 0x24, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r5, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_JOIN_GROUP(r5, 0x0, 0x2a, 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, &(0x7f0000000240)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000140)=0x1, 0x4)

15.93342387s ago: executing program 4 (id=8325):
syz_usb_connect(0x6, 0x0, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x45, &(0x7f0000000700)="ff02810900000000000000000000e6e5846bc8cf97f1c330227275b706fdbc39b522caa330066e8f418749264fbbcdfdbefacd34e4f62701db04000000db442ef040d8b4b638c81ce2c16888f5769f7645439d4e7161b304efa3525b3aff2be069bb37007cb61c08b1b3dd3be806080d8f5e357dc4e3988816bd507de41c253793f74e5153a4898943594f0945987957a714dac1ac17dd883701ec03e3e26c7cb584aeebc6511dde9b3c46e10aa6bc", 0xaf)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x85, 0x85, 0x3, [@const={0xe, 0x0, 0x0, 0xa, 0x4}, @ptr={0x2}, @datasec={0x6, 0x4, 0x0, 0xf, 0x1, [{0x4, 0x9, 0x4}, {0x4, 0xffffffff, 0x5}, {0x3, 0x5, 0x3}, {0x5, 0x10, 0x8}], 'k'}, @enum64={0x5, 0x3, 0x0, 0x13, 0x0, 0x5, [{0xa, 0x7, 0x4}, {0x2, 0x2, 0x5}, {0x4, 0x2, 0x3}]}]}, {0x0, [0x0]}}, &(0x7f00000000c0)=""/115, 0xa3, 0x73, 0x0, 0x5b}, 0x28)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
syz_io_uring_setup(0x1113, &(0x7f0000000280)={0x0, 0xb44a, 0x0, 0x0, 0x21e}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file0\x00', 0x10552, &(0x7f00000005c0)=ANY=[@ANYRES64=r5, @ANYRESDEC, @ANYRES64, @ANYRES32, @ANYRESHEX=0x0, @ANYRESOCT=r4, @ANYRESHEX], 0x0, 0x11ff, &(0x7f0000001280)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
fchownat(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)={0x1c, r7, 0x9c3fa077fa966179, 0x4, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

15.580825775s ago: executing program 6 (id=8326):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
gettid()
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000300))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000280)={'syztnl2\x00', 0x0})
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@const={0x7, 0x0, 0x0, 0xa, 0x4}]}, {0x0, [0x2e, 0x30, 0x30, 0x2e]}}, &(0x7f0000000a00)=""/4096, 0x2a, 0x1000, 0x1, 0x40}, 0x28)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r7=>0x0})
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000600)=@bloom_filter={0x1e, 0xc013, 0x4, 0x1, 0x190, 0x1, 0x91, '\x00', r7, r5, 0x3, 0x5, 0x1, 0xf}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone(0x40100000, 0x0, 0x0, 0x0, 0x0, 0x0)

15.531278816s ago: executing program 5 (id=8327):
mkdir(0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
unshare(0x24020400)
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000"], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r5, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6, 0x0, 0x0, 0x8000000}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r5, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)

9.365169059s ago: executing program 0 (id=8328):
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000240)=ANY=[], 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(0x0, 0x0, 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r3}, 0x18)
creat(&(0x7f0000000280)='./bus\x00', 0xa0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0)
unshare(0x2040400)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

8.703704039s ago: executing program 0 (id=8329):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xffffffffffffffa8, &(0x7f0000000000)=0x1002)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x48)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000140)='./file2\x00', 0x2001004c, &(0x7f0000000a00)=ANY=[@ANYRES16=0x0, @ANYRES8, @ANYRES8=0x0, @ANYBLOB="b71fe84fda50cf6fbefac5a5891d03a05027c0e6658ea94f09636160112a47b688552b72051bf0111daffbe0adef82589ee2fac726c31d20f98aa1f9761873cd604dab0d22b4b321f4c20044c5a8e018b51e52342814e4c33a7f4807781862b524b303c604203d95ef2f4feb698f5a4f3983ca0adeae0088c2e16969e9000a6a9d85bf9d4ee333cfeb763ad6506f66797f154f0923a63f106d908d1cf2a884e57ab63950b9883c40449a94847df80ca39e9394f8de077bfd7f0c81e773fe8ad33c339a0f92997d172adcde0c53c97cce8a0f42c862a0c88c9a25ccf6799b85dadc245f608d", @ANYRES8], 0xfe, 0x1518, &(0x7f0000000d80)="$eJzs3AuYjtX6MPB1r7UehqS3SQ7Dutf98KbBMkmSQ0IOSZIkSU4JSZMkCYkhp6QhCTlOmhyGkBymMWmcz4eckyZbmiQJySlZ38Vub7uv/W/v/7f39/e/9ty/61rXrPt93nu99zP3XPOu55lr3u96jqrXon7tZkQk/iXw5y9JQogYIcQwIcR1QohACFEptlLspeP5FCT9ay/C/r0eTrvaFbCrifufu3H/czfuf+7G/c/duP+5G/c/d+P+527cf8Zys22zi13PI/cOvv+fm/H7/3+QnPKTv9pQ/sZe/40U7n/uxv3P3bj/uRv3P3fj/udu3P//fLX+4Bj3P3fj/jOWm/31XvAF7/3/gvvRPP5nx9X++WOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxljuc9VdoIcRf5le7LsYYY4wxxhhjjP37+LxXuwLGGGOMMcYYY4z9/wdCCiW0CEQekVfEiHwiv7hGFBDXioLiOhER14tYcYMoJG4UhUURUVQUE3GiuCghjEBhBYlQlBSlRFTcJEqLm0W8KCPKinLCifIiQdwiKohbRUVxm6gkbheVxR2iiqgqqonq4k5RQ9wlaopaora4W9QRdUU9UV/cIxqIe0VDcZ9oJO4XjcUDool4UDQVD4lm4mHRXDwiWohHRUvxmGglWos2oq1o9/+U/5LoK14W/UR/kSQGiIHiFTFIDBZDxFAxTLwqhovXxAjxukgWI8Uo8YYYLd4UY8RbYqwYJ8aLt8UEMVFMEpPFFDFVpIh3xDTxrkgV74npYoaYKWaJNDFbzBHvi7linpgvPhALxIdioVgkFoslIl18JDLEUpEpPhbLxCciSywXK8RKsUqsFmvEWrFOrBcbxEaxSWwWW8RWsU18KraLHWKn2CV2iz1ir/hM7BOfi/3iC5Etvvxv5p/5v/J7gQABEiRo0JAH8kAMxEB+yA8FoAAUhIIQgQjEQiwUgkJQGApDUSgKcRAHJaAEICAQEJSEkhCFKJSG0hAP8VAWyoIDBwmQABXgVqgIFaESVILKUBmqQFWoCtWhOtSAGlATakJtqA11oA7Ug3pwD9wD90JDaAiNoBE0hsbQBJpAU2gKzaAZNIfm0AJaQEtoCa2gFbSBNtAO2kF7aA8doAN0gk7QGTpDF+gCiZAIXaErdINu0B26Qw/oAT2hJ/SC3tAbXoKX4GV4GfpDHTkABsJAGASDYAgMhaHwKgyH1+A1eB2SYSSMgjfgDXgTxsBpGAvjYDyMhxpyIkyCyUByKqRACkyDaZAKqTAdZsAMmAVpMBvmwByYC/NgHnwAC+BD+BAWwSJYAumQDhmwFDIhE5bBGciC5bACVsIqWA2rYC2sg7WwATbCBtgMm2ErbIVP4VPYATtgF+yCPbAHPoPP4HP4HJIhG7LhAByAg3AQDsEhyIEcOAyH4QgcgaNwFI7BMTgOJ+AknIBTcApOwxk4C2fhPJyHC/BC3DfN95RZnyzkJVpqmUfmkTEyRuaX+WUBWUAWlAVlREZkrIyVhWQhWVgWlkVlURkn42QJWUKiREkylCVlSRmVUVlalpbxMl6WlWWlk04myARZQVaQFWVFWUneLivLO2QVWVV2dNVldVlDdnI1ZS1ZW9aWdWRdWU/Wl/VlA9lANpQNZSPZSDaWjWUT+aBsKgfAEHhYXupMCzkSWspR0Eq2lm1kW/kmPC7byzHQQXaUneSTchyMhS6yvUuUz8iuchJ0k8/JyfC87CGnQk/5ouwle8s+8iXZV3Zw/WR/OR0GyIFyFgySg+UQOVTOhbryUsfqyddlshwpR8k35BJ4U46Rb8mxcpwcL9+WE+REOUlOllPkVJki35HT5LsyVb4np8sZcqacJdPkbDlHvi/nynlyvvxALpAfyoVykVwsl8h0+ZHMkEtlpvxYLpOfyCy5XK6QK+UquVqukWvlOrlebpAb5Sa5WW6RW+U2+ancLnfInXKX3C33yL3yM7lPfi73yy9ktvxSHpB/kgflV/KQ/FrmyG/kYfmtPCK/k0fl9/KY/EEelyfkSfmjPCV/kqflGXlWnpPn5c/ygvxFXpReCgVKKqW0ClQelVfFqHwqv7pGFVDXqoLqOhVR16tYdYMqpG5UhVURVVQVU3GquCqhjEJlFalQlVSlVFTdpEqrm1W8KqPKqnLKqfIqQd2iKqhbVUV1m6qkbleV1R2qiqqqqqnq6k5VQ92laqpaqra6W9VRdVU9VV/doxqoe1VDdZ9qpO5XjdUDqol6UDVVD6lm6mHVXD2iWqhHVUv1mGqlWqs2qq1qpx5X7dUTqoPqqDqpJ1Vn9ZTqop5WieoZ1VU9q7qp51R39bzqoV5QPdWLqpfqrfqoX9RF5VU/1V8lqQFqoHpFDVKD1RA1VA1Tr6rh6jU1Qr2uktVINUq9oUarN9UY9ZYaq8ap8eptNUFNVJPUZDVFTVUp6h01Tb2rUtV7arqaoWaqWSpNzVZDfl1p/j+R/+7fyR9x+dW3qm3qU7Vd7VA71S61W+1Re9VetU/tU/vVfpWtstUBdUAdVAfVIXVI5agcdVgdVkfUEXVUHVXH1DF1XJ1Q59SP6pT6SZ1WZ9QZdU6dV+fVhV+/B0KDllpprQOdR+fVMTqfzq+v0QX0tbqgvk5H9PU6Vt+gC+kbdWFdRBfVxXScLq5LaKNRW0061CV1KR3VN+nS+mYdr8vosrqcdrq8TtC3/Mv5/6i+drqdbq/b6w66g+6kO+nOurPuorvoRJ2ou+quupvuprvr7rqH7qF76p66l+6l++g+uq/uq/vpfjpJJ+mB+hU9SA/WQ/RQPUy/qofr4XqEHqGTdbIepUfp0Xq0HqPH6LF6rB6vx+sJeoKepCfpKXqKTtEpepqeplN1qp6up+uZeqZO02l6jp6j5+q5er6erxfoBXqhXqgX68U6XafrDJ2hM3WmXqaX6Sy9XC/XK/VKvVqv1mv1Wr1er9cb9Ua9WW/WWXqb3qa36+16p96pd+vdeq/eq/fpfXq/3q+zdbY+oA/og/qgPqQP6Rydow/rw/qIPqKP6qP6mD6mj+vj+qQ+qU/pU/q0Pq3P6rP6vD6vL+gL+qK+eGnbF8hABjrQQZ4gTxATxAT5g/xBgaBAUDAoGESCSBAbxAaFghuDwkGRoGhQLIgLigclAhNgYAMKwqBkUCqIBjcFpYObg/igTFA2KBe4oHyQENwSVAhuDSoGtwWVgtuDysEdQZWgalAtqB7cGdQI7gpqBrWC2sHdQZ2g7l/+DhXcGzQM7gsaBfcHjYMHgibBg0HT4KGgWfBw0Dx4JGgRPBq0DB4LWgWtgzZB26DdP7t+UC+oH9wTNPjD9b0/XeQJ18/0N0lmgBloXjGDzGAzxAw1w8yrZrh5zYwwr5tkM9KMMm+Y0eZNM8a8ZcaacWa8edtMMBPNJDPZTDFTTYp5x0wz75pU856ZbmaYmWaWSTOzzRzzvplr5pn55gOzwHxoFppFZrFZYtLNRybDLDWZ5mOzzHxissxys8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMp2a72WF2ml1mt9lj9prPzD7zudlvvjDZ5ktzwPzJHDRfmUPma5NjvjGHzbfmiPnOHDXfm2PmB3PcnDAnzY/mlPnJnDZnzFlzzpw3P5sL5hdz0fhLm/tLb++oUWMezIMxGIP5MT8WwAJYEAtiBCMYi7FYCAthYSyMRbEoxmEclsASeAkhYUksiVGMYmksjfEYj2WxLDp0mIAJWAErYEWsiJWwElbGylgFq2A1rIZ34p14F96FtbAW3o13Y12si/WxPjbABtgQG2IjbISNsTE2wSbYFJtiM2yGzbE5tsAW2BJbYitshW2wDbbDdtge22MH7ICdsBN2xs7YBbtgIiZiV+yK3bAbdsfu2AN7YE/sib2wF/bBPtgX+2K/c/0wCZNwIA7EQTgIh+AQHIbDcDgOxxE4ApMxGUfhKByNo3EMjsGxOA7H49s4ASfiJJyMU3AqpmAKTsNpmIqpOB2n40yciWmYhnNwDs7FuTgf5+MCXIALcSEuxsWYjumYgRmYiZm4DJdhFmbhClyBq3AVrsE1uA7X4QbcgJtwE27BLbgNt+F23I47cSfuxt24F/fiPtyH+3E/ZmM2HsADeBAP4iE8hDmYg4fxMB7BI3gUj+IxPIbH8TiexJN4Ck/haTyNZ/Esnsef8QL+ghfRY4yVIr+9xhaw19qC9jobY/PZv42L2mI2zha3JayxhW2R38RorY23ZWxZW846W94m2Ft+F1exVW01W93eaWvYu2zN38UN7L22ob3PNrL32/r2nt/Eje0Dtol91Da1j9lmtrVtbtvaFvZR29I+ZlvZ1raNbWs726dsF/u0TbTP2K722d/FGXapXWfX2w12o91nP7dn7Tl7xH5nz9ufbT/b3w6zr9rh9jU7wr5ukxuN/G1sR9rx9m07wU60k+xkO8VO/V08086yaXa2nWPft3PtvN/F6fYju8Bm2oV2kV1sl1yOL9WUaT+2y+wnNssutyvsSrvKrrZr7Nq/1rrSbrZb7Fa7135mt9sddqfdZXfbPZfjS+ex335hs+2X9rD91h60X9lD9qjNsd9cji+d31H7vT1mf7DH7Ql70v5oT9mf7Gl75vL5Xzr3H+0v9qL1VhCQJEWaAspDeSmG8lF+uoYK0LVUkK6jCF1PsXQDFaIbqTAVoaJUjOKoOJUgQ0iWiEIqSaUoSjdRabqZ4qkMlaVy5Kg8JdAtVIFupYp0G1Wi26ky3UFVqCpVo+p0J9Wgu6gm1aLadDfVobpUj+rTPdSA7qWGdB81ovupMT1ATehBakoPUTN6mJrTI9SCHqWW9Bi1otbUhtpSO3qc2tMT1IE6Uid6kjrTU9SFnqZEeoa60rPUjZ6j7vQ89aAXqCe9SL2oN/Whl6gvvUz9qD8l0QAaSK/QIBpMQ2goDaNXaTi9RiPodUqmkTSK3qDR9CaNobdoLI2j8fQ2TaCJNIkm0xSaSin0Dk2jdymV3qPpNINm0ixKo9k0h96nuTSP5tMHtIA+pIW0iBbTEkqnjyiDllImfUzL6BPKouW0glbSKlpNa2gtraP1tIE20ibaTFtoK22jT2k77aCdtIt20x7aS5/RPvqc9tMXlE1f0gH6Ex2kr+gQfU059A0dpm/pCH1HR+l7OkY/0HE6QSfpRzpFP9FpOkNn6Rydp5/pAv1CF8mTCCGUoQp1GIR5wrxhTJgvzB9eExYIrw0LhteFkfD6MDa8ISwU3hgWDouERcNiYVxYPCwRmhBDG1IYhiXDUmE0vCksHd4cxodlwrJhudCF5cOE8JawQnhrWDG8LawU3h5WDu8Iq4RVw0fvrx7eGdYI7wprhrXC2uHdYZ2wblgvrB/eEzYI7w0bhveFjcL7w4rhA2GT8MGwafhQ2Cx8OGwePhK2CB8NW4aPha3C1mGbsG3YLnw8bB8+EXYIO4adwifDzuFTYZfw6TAxfCbsGj77D48nhQPCgeEr4Suh9/epxdEl0fToR9GM6NJoZvTj6LLoJ9Gs6PLoiujK6Kro6uia6Nrouuj66Iboxuim6ObolujWqPf18woHTjrltAtcHpfXxbh8Lr+7xhVw17qC7joXcde7WHeDK+RudIVdEVfUFXNxrrgr4YxDZx250JV0pVzU3eRKu5tdvCvjyrpyzrnyLsG1de1cO9fePeE6uI6uk3vSPemeck+5p93T7hnX1T3rurnnXHf3vOvhXnAvuBddL9fb9XEvub7uZdfP9XdJLskNdAPdIDfIDXFD8vy6B3Mj3AiX7JLdKDfKjXaj3Rg3xo11Y914N95NcBPcJDfJTXFTXIpLcdPcNJfqUt10N93NdDNdmktzc9wcN9fNdfPdfLcgfoFb6Ba6xW6xS3fpLsNluEyX6Za5ZS7LZbkVboVb5Va5NW6NW+fWuQ1ug9vkNrktbovb5ra57W672+l2ut1ut9vr9rp9bp/b7/a7bJftDrgD7qA76A65r12O+8Yddt+6I+47d9R97465H9xxd8KddD+6U+4nd9qdcWfdOXfe/ewuuF/cReddSuSdyLTIu5HUyHuR6ZEZkZmRWZG0yOzInMj7kbmReZH5kQ8iCyIfRhZGFkUWR5ZE0iMfRTIiSyOZkY8jyyKfRLIiyyMrIisjqyKrI94X3x76kr6Uj/qbfGl/s4/3ZXxZX847X94n+Ft8BX+rr+hv85X87b6yv8NX8VV9Nf+Yb+Vb+za+rW/nH/ft/RO+g+/oO/knfWf/lO/in/aJ/hnf1T/ru/nnfHf/vO/hX/A9/Yu+l+/t+/iXfF//su/n+/skP8AP9K/4QX6wH+KH+mH+VT/cv+ZH+Nd9sh/pR/k3/Gj/ph/j3/Jj/Tg/3r/tJ/iJfpKf7Kf4qT7Fv+On+Xd9qn/PT/cz/Ew/y6f52X6Of9/P9fP8fP+BX+A/9Av9Ir/YL/Hp/iOf4Zf6TP+xX+Y/8Vl+uV/hV/pVfrVf49f6dX693+A3+k1+s9/it/pt/lO/3e/wO/0uv9vv8Xv9Z36f/9zv91/4bP+lP+D/5A/6r/wh/7XP8d/4w/5bf8R/54/67/0x/4M/7k/4k/5Hf8r/5E/7M/6sP+fP+5/9Bf+Lv8j/s8YYY4wx9k9JPfTHxwf8ncfkr+OSgUKIa3cUy/nb41oIsanwn+eDZVzniBDimf49H/7LqFMnKSnp1+dmKRGUWiSEiFzJv3wZ8mu8XHQST4lE0VFU+Lv1DZa9z9MfrA/HvY/eLkT+v8mJEVfiK+vf+l+s//iT4zMqh2djf7v+hV/3m5fqjy4SIr7UlZx84kp8Zf2K/8X6Rdr/Uf1ZSuT7KkWIDn+TU0Bcia+snyCeEM+KxN88kzHGGGOMMcYY+7PBslr3f3D9efn6PE5fDi8/nFf8Nf6H1+eMMcYYY4wxxhi7+p7v3efpxxMTO3bnCU94wpO/Tq72bybGGGOMMcbYv9uVTf/VroQxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu9/ic+TuxqnyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2fAAAA///9QkNA")
chdir(0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
truncate(&(0x7f0000000040)='./file0\x00', 0x1b1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="06000000040000000080", @ANYRES32, @ANYBLOB="0000e5ffffffffffffff0000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
socket$netlink(0x10, 0x3, 0x8000000004)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001ec0), 0xffffffffffffffff)
sendmsg$TIPC_NL_PUBL_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={0x44, r4, 0xf03, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x30, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0xfffffffffffffff6}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_FLAG, @TIPC_NLA_CON_FLAG={0x8}]}]}]}, 0x44}}, 0x0)
setreuid(0x0, 0x0)

7.591735345s ago: executing program 2 (id=8330):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d00000085000000080000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f00000000c0)={'lo\x00', {0x2, 0x4e21, @broadcast}})
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000005640)={[{@noblock_validity}, {}, {@errors_remount}, {@sb={'sb', 0x3d, 0x4}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@dioread_lock}, {@usrjquota_path={'usrjquota', 0x3d, './file2'}}, {@dax}, {@nomblk_io_submit}, {@auto_da_alloc}, {@stripe={'stripe', 0x3d, 0x6}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x20000000000000a1}}]}, 0x1, 0x570, &(0x7f0000000800)="$eJzs3c9rHFUcAPDvbJL+SKtNoRT1IIEerNRumsQfFYTWo2ixoPe6JNNQsumW7KY0sdD2YC9epAgiFsQ/wLvH4j/gX1HQQpES9OAlMpvZdttk83Prbp3PByZ5b97svnn75r39zs4sG0BhjWZ/ShGvRsQ3ScShtrLByAtHV7dbfnR9KluSWFn57M8kknxda/sk/38gz7wSEb9+FXGitLbe+uLSbKVaTefz/Fhj7spYfXHp5KW5ykw6k16emJw8/c7kxPvvvdu1tr55/u/vP7330emvjy1/9/ODw3eSOBsH87L2duzCzfbMaIzmr8lQnH1mw/EuVNZPkl7vADsykI/zocjmgEMxkI964P/vRkSsAAWVGP9QUK04oHVu36Xz4BfGww9XT4DWtn9w9bOR2Nc8NxpeTp46M8rOd0e6UH9Wxy9/3L2TLbHJ5xA3ulAfQMvNWxFxanBw7fyX5PPfzp1qfni8sWfrKNr7D/TSvSz+eWu9+Kf0OP6JdeKfA+uM3Z3YfPyXHnShmo6y+O+DdePfx1PXyECee6kZ8w0lFy9V01MR8XJEHI+hvVl+o+s5p5fvr3Qqa4//siWrvxUL5vvxYHDv04+ZrjQqu2lzu4e3Il57Ev8msWb+39eMdZ/t/+z1OL/FOo6md1/vVLZ5+9t1PwJe+SnijXX7/8kVrWTj65NjzeNhrHVUrPXX7aO/dap/e+3vvqz/hzdu/0jSfr22vv06ftz3T9qpbKfH/57k82Z6T77uWqXRmB+P2JN8snb9xJPHtvKt7bP2Hz+28fy33vG/PyK+2GL7bx+53XHTfuj/6W31//YT9z/+8odO9W+t/99upo7na7Yy/211B3fz2gEAAAAAAEC/KUXEwUhK5cfpUqlcXr2/40gMl6q1euPExdrC5elofld2JIZKrSvdh9ruhxjP0sPZM67mJ/L7Y1vlkxFxOCK+HdjfzJenatXpXjceAAAAAAAAAAAAAAAAAAAA+sSBDt//z/w+0Ou9A547P/kNxbXp+O/GLz0Bfcn7PxSX8Q/FZfxDcRn/UFzGPxSX8Q/FZfxDcRn/AAAAAAAAAAAAAAAAAAAAAAAAAAAA0FXnz53LlpXlR9ensvz01cWF2drVk9NpfbY8tzBVnqrNXynP1Goz1bQ8VZvb7PmqtdqV8YlYuDbWSOuNsfri0oW52sLlxoVLc5WZ9EI69J+0CgAAAAAAAAAAAAAAAAAAAF4s9cWl2Uq1ms5LdEycib7YjR0nks16+Ux+MOyoisHeN1DiOSR6PDEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJt/AwAA//9edTPB")
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)

7.589949785s ago: executing program 5 (id=8331):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$bt_hci(r4, 0x29, 0x1, 0x0, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = creat(&(0x7f0000000540)='./file0\x00', 0x0)
close(r5)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r6, 0x107, 0xd, 0x0, 0x0)
process_mrelease(r5, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0xc044)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f00000012c0)=@raw={'raw\x00', 0xc01, 0x3, 0x238, 0x0, 0x5002004a, 0x0, 0xf0, 0x0, 0x1a0, 0x3c8, 0x3c8, 0x1a0, 0x3c8, 0x3, 0x0, {[{{@ip={@remote, @loopback, 0x0, 0x0, 'batadv_slave_0\x00', 'ip6gre0\x00', {0xff}, {}, 0x11}, 0x60, 0xa8, 0xf0, 0x0, {}, [@common=@unspec=@statistic={{0x38}, {0x1, 0x1, 0x8, 0xe2, 0x3, {0x9}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@multicast1, 'wg2\x00'}}}, {{@uncond, 0x0, 0x70, 0xb0}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "53f99237f41c832fc8969da1f2b7a86ddedeb7587f1590839a7a3acebc0f"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x298)

7.587642845s ago: executing program 4 (id=8332):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000340)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x280008a, &(0x7f00000007c0)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c696f636861727365743d64656661756c742c756e695f786c6174653d302c6e6f6e756d7461696c3d302c757466383d302c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030322c726f6469722c73686f72866e616d653d6d697865642c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c7569643d", @ANYRESHEX=0x0, @ANYBLOB=',uni_xlate=0,utf8=0,shortname=mixed,uni_xlate=0,shortname=winnt,\x00'], 0x96, 0x2a9, &(0x7f0000000500)="$eJzs3T9ra2UYAPDnpGkSdEgEJxE8oINTabu6pEgLxUxKBnXQYluQJggtFPyDsZOri6OriyC4+SVc/AaCq+BmwcKRk5xjkt40N+m9ae+f32/p2/c8z3ue9/QtpcN58vGr/ZPDNI4vvvojGo0kKu1ox2USrahE6ZuY0v4uAICn2WWWxd/ZyDJ5SUQ0VlcWALBCS//9/2XlJQEAK/be+x+8s9Pp7L6bpo3Y63973s3/s8+/jq7vHMen0Yuj2IxmXEVk/xuN97IsG1TTXCve6A/Ou3lm/6PfivV3/ooY5m9FM1rDqen8/c7uVjoykT/I63ihuH87z9+OZrw84/77nd3tGfnRrcWbr0/UvxHN+P2T+Cx6cTgsYpQflYivt9L07ez7f778MC8vz08G5936MG4sW7vjHw0AAAAAAAAAAAAAAAAAAAAAAM+wjaJ3Tj2G/XvyqaL/ztpV/s16pKXWdH+eUX5SLnStP9Agix/K/jybaZpmReA4vxqvVKN6P7sGAAAAAAAAAAAAAAAAAACAJ8vZ51+cHPR6R6ePZVB2Ayhf67/tOu2JmddifnB9fK9KMZyzcqyVMUnE3DLyTSxc879F24PbPbqXbqr5p58XXufHh++9GKwvEPOIg/J0nRwks59hPcqZRnlIfp2MqcWC96rddClb6vjVZl5qLr332ovDwWBOTCTzCnvrz9GTK2aS67uoDZ/qzPT1YjCRPh3TWPw8578pD0h06wAAAAAAAAAAAAAAAAAAgJUav/Q74+LF3NRKVl9ZWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwp8af/7/EYFAkLxBci9Oze94iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz4H/AgAA///uD2MO")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x10, 0x3, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
dup(0xffffffffffffffff)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_newrule={0x1c, 0x20, 0x301, 0x70bd29, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a}}, 0x1c}}, 0x0)
io_setup(0x281, &(0x7f0000000100)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000a00)=[&(0x7f0000001900)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xb7, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x90}, [@ldst={0x6, 0x0, 0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x47}, 0x48)

7.28547541s ago: executing program 0 (id=8333):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r2, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000340)="8450446ea5afad5574193bb4dce58b21195052303ad0a83c3fb2cad9caec1c10f8e4c51060faab934cb4c23de4136a62025aa260e37a063deec7df339be9686ff98e48ccae47d9546c3cb86b5abf6af3ada073f9f96c916e86be72e65f00cf0cd366f086b861915e", 0x68}], 0x1}}], 0x1, 0x4400c800)
sendto$inet6(r2, &(0x7f0000000300), 0x16, 0x3b00, 0x0, 0xfffffffffffffdfd)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r5 = dup(r4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='rss_stat\x00', r6}, 0x10)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00007fd000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil)
madvise(&(0x7f00003c1000/0x1000)=nil, 0xdfc3efff, 0x15)
mount$9p_fd(0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r5}})
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r3}, 0x10)

7.093201093s ago: executing program 6 (id=8334):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f0000000000)={{&(0x7f0000ffd000/0x2000)=nil, 0x2000}, 0x1})
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7b}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x94f, &(0x7f0000000300)={0x0, 0x100d27d, 0x100}, &(0x7f0000000080)=<r3=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
ptrace$getregset(0x4204, r4, 0x6, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, 0x0)
syz_mount_image$vfat(&(0x7f0000000540), &(0x7f0000000040)='./file1\x00', 0xa18c14, &(0x7f0000000340)={[{@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_winnt}, {@fat=@codepage={'codepage', 0x3d, '1251'}}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@uni_xlateno}, {@numtail}, {@shortname_lower}, {@shortname_mixed}, {@shortname_winnt}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'koi8-ru'}}]}, 0x81, 0x29b, &(0x7f0000000580)="$eJzs3c9qK1UYAPBv0iRNVEgWrkRwQBeuwr33CW6QChezUrLQjV5sC5KEQgMB/2Dsyr3gynfwHXwAN76BC5eCO7sQR5KZSdI0bY3EVOrvt5kvc74v509OWyjMyUevjgbHZ+PTiy9+jkYjicrTeBqXSbSjEqWvAgB4SC6zLH7LcnflVqMeEVmreFXZw/AAgH/BNn//AYCH4b33P3in2+sdvZumjYjR15N+Evk1b++exicxjJN4FK34IyJbyOOXnvWOopqm5T8DJs3oR4w+/LF43f01Yl7/OFrRXq+vF1npXLwxmk76s55n11q8kER0syRPeRKteDkiq0XxJvnl7We9oyfp9fro1+PN178rxv/nSXSiFT99HGcxjOP5Wyzrv3ycpm9l3/7+eT6DfkQynfQP53lL2cFePhAAAAAAAAAAAAAAAAAAAAAAAP4XOulCe/X8nPI0wE5nc/uN5wMVJ/xMV87XeZSmaXmMz6Rfi7y+Gq9Uo3p/MwcAAAAAAAAAAAAAAAAAAID/jvGnnw2eD4cn51eCH7JZ0Lw1Zz2ortwpH+u/u2pzMPg+YvuqvxPEQTG0YXKti6Rs2kFfh9skNzd1GpWb1rA6jHzw32w/sNd2NcFbg3J3DZ4ncUdyY/MmWdl15TY8HydbbMhsw9Id3FhV39Hc6y/+0/LmxoWazbi2WMyrVY3ZJ7lyp7bjn5Q1yc5/9wAAAAAAAAAAAAAAAAAAAFctH/qNX641XtzLkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg75bf/78Ior1+Zz2YFsXzO5Xbkw/Pxxu6be95mgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxwfwUAAP//5OlVhQ==")
io_uring_enter(r2, 0xcb, 0x44464f, 0x1, 0x0, 0x0)
io_uring_enter(r2, 0x1815, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/bus/input/devices\x00', 0x0, 0x0)
lseek(r7, 0xc6c3, 0x3)

6.931145605s ago: executing program 0 (id=8335):
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000240)=ANY=[], 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(0x0, 0x0, 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r3}, 0x18)
creat(&(0x7f0000000280)='./bus\x00', 0xa0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0)
unshare(0x2040400)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

3.747066453s ago: executing program 5 (id=8336):
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000e00)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
io_setup(0x8, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000845, 0x0, 0x0)
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x4}, 0x6)
write$bt_hci(r4, &(0x7f00000002c0)=ANY=[], 0x138)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0xa02000000000000, 0x60, &(0x7f0000000480)={'filter\x00', 0xb001, 0x2, 0x3c8, 0x0, 0x1f8, 0x1f8, 0x2e0, 0x2e0, 0x2e0, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @dev={0xac, 0x14, 0x14, 0x21}, @dev={0xac, 0x14, 0x14, 0x15}, 0x1}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418)
request_key(&(0x7f0000002740)='asymmetric\x00', &(0x7f0000002780)={'syz', 0x3}, &(0x7f00000027c0)=',*[\\/&)\x00', 0xffffffffffffffff)

3.745883143s ago: executing program 0 (id=8337):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f0000000000)=0x800, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000240)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000300)='%pS    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280)={r5}, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000400008500000061000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000480)={r6, 0x18000000000002a0, 0x33, 0x0, &(0x7f00000005c0)="b9ff03076003008cb89e08f086dda253e4ccc7ba55fcaf90a177d64e30a24c63fb40a8a952e62f310bdb5579151eb81e3b3346", 0x0, 0xfe2, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.744944223s ago: executing program 6 (id=8338):
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000040)={'tunl0\x00', 0x0})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000200)={'erspan0\x00', &(0x7f0000000140)={'sit0\x00', 0x0, 0x8000, 0x8000, 0x5, 0x4, {{0x13, 0x4, 0x2, 0x6, 0x4c, 0x67, 0x0, 0xc2, 0x2f, 0x0, @local, @multicast1, {[@timestamp_addr={0x44, 0x1c, 0x81, 0x1, 0x7, [{@initdev={0xac, 0x1e, 0x7d, 0x0}, 0x1}, {@local, 0x4}, {@broadcast, 0xffffda34}]}, @lsrr={0x83, 0xf, 0xb7, [@initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0xb}, @loopback]}, @generic={0x82, 0x2}, @generic={0x83, 0xb, "cfdbcb196b99f18a36"}]}}}}})
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioprio_get$pid(0x1, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
unshare(0x78000100)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
close(r3)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000100)=@pppol2tp={0x18, 0x1, {0x0, r5, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x16}}, 0x2, 0x2, 0x4, 0x1}}, 0x26)
ioctl$PPPIOCGL2TPSTATS(r5, 0x80487436, &(0x7f0000005280))
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)

3.698604694s ago: executing program 4 (id=8339):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e22, 0x7fffffff, @dev={0xfe, 0x80, '\x00', 0x13}, 0xffffff7f}, 0x1c)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x33, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000ddff00850000008600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r5}, 0x10)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffffd3)
bpf$MAP_CREATE(0x700000000000000, &(0x7f0000000180)=@base={0xe, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5}, 0x50)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x40000, 0x100a8}}}}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x5}]}, 0x50}}, 0x40080)

3.28449536s ago: executing program 2 (id=8340):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x0, 0x0})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000000))
setreuid(0xee00, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
socket$packet(0x11, 0x2, 0x300)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x5c, 0x10, 0x401, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x78}, @IFLA_BR_PRIORITY={0x6, 0x6, 0x1}, @IFLA_BR_PRIORITY={0x6, 0x6, 0x8}]}}}, @IFLA_WEIGHT={0x8, 0xf, 0x10000}, @IFLA_WEIGHT={0x8, 0xf, 0x101}]}, 0x5c}}, 0x48000)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioprio_get$uid(0x3, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)

1.95362768s ago: executing program 6 (id=8341):
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000240)=ANY=[], 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(0x0, 0x0, 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r3}, 0x18)
creat(&(0x7f0000000280)='./bus\x00', 0xa0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0)
unshare(0x2040400)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

1.28139414s ago: executing program 0 (id=8342):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x202, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d00000085"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = userfaultfd(0x801)
syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000000000)='./file1\x00', 0x8, &(0x7f0000001f40)=ANY=[@ANYBLOB="757466382c696f636861727365743d69736f9f4aef976226965347811987af9013383835392d36b0ce6fe84a", @ANYRESHEX=0x0, @ANYBLOB=',iocharset=euc-jp,errors=remount-ro,namecase=1,iocharset=iso8859-13,dmask=00000000000000000000001,time_offset=0x0000000000000006,errors=remount-ro,\x00'], 0x1, 0x152b, &(0x7f0000000a00)="$eJzs3AmYjtXbAPD7Puc8Y0zS2yTLcM65H95kOSZJsiTJkiRJkmRLSJrkLwmJIVvSkIRkGZJlCMkyMWns+74kJEmTJCHZkvNdir/66r8vvuub+3ddzzXnfs9zn+c87/0+8yyzfNN5SI1GNas2ICL4l+AvX5IBIBYABgDANQAQAEDZ+LLxF/pzSkz+1zbC/r0eSrvSM2BXEtc/e+P6Z29c/+yN65+9cf2zN65/9sb1z964/oxlZ5umFbiWl+y78PP/7IzP//+PZJUa88WaUtd3AYj5e1O4/tkb1///reDvWYnrn71x/bOr2Cs9AfZ/AB//2UGOv9jD9c/euP6MZWdX+vnzf36Rf7UfItnhPfgr+88YY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjP0XnPaXKQC41L7S82KMMcYYY4wxxti/j89xpWfAGGOMMcYYY4yx/zwEARIUBBADOSAWckIcCAC4GnLDNRCBayEeroM8cD3khXyQHwpAAhSEQqDBgAWCEApDEYjCDVAUboRiUBxKQElwUAoS4SYoDTdDGbgFysKtUA5ug/JQASpCJbgdKsMdUAXuhKpwF1SD6lADasLdUAvugdpwL9SB+6Au3A/14AGoDw9CA3gIGsLD0AgegcbwKDSBptAMmkOLfyr/BegOL0IP6AnJ0At6w0vQB/pCP+gPA+BlGAivwCB4FVJgMAyB12AovA7D4A0YDiNgJLwJo+AtGA1jYCyMg1QYDxPgbZgI78AkmAxTYCqkwTSYDu/CDJgJs+A9mA3vwxyYC/NgPqTDB7AAFkIGfAiL4CPIhMWwBJbCMlgOK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A474GPYCZ/ALtgNe/5cv38k/9Sv8j+FvdAFAQEFClSoMAZjMBZjMQ7jMBfmwtyYGyMYwXiMxzyYB/NiXsyP+TEBE7AQFkKDBgkJC2NhjGIUi2JRLIbFsASWQIcOEzERS+PNWAbLYFksi+WwHJbHClgBK2ElrIyVsQpWwapYFathNayBNfBuvBt7YW2sjXWwDtbFupceT2EDbIANsSE2wkbYGBtjE2yCzbAZtsAW2BJbYitshW2wDbbFttgO22ESJmF7bI8dsAN2xI7YCTthZ+yMXbArds16IQfgi/gi9sRqohf2xt7YB1Ny9MP+2B9fxoH4Cr6Cr2IKDsYh+Bq+hq/jMDyJw3EEjsSRWFm8haNxDJIYh6mYihNwAk7EiTgJJ+NknIppOA2n43ScgTNxJr6Hs/F9fB/n4lycj+mYjgtwIWZgBi7CU5iJi3EJLsVluByX4UpchStxDa7FNbge1+NG3IibcTNuxa24Hbfjx6gA8BPcjbsxBffiXtyH+3A/7scDeACzMAsP4kE8hIfwMB7GI3gEj+IxPI7H8ASewJN4Ck/jaTyLZ/EcPpfwVcOPi69OAXGBEkrEiBgRK2JFnIgTuUQukVvkFhEREfEiXuQReURekVfkF/lFgkgQhUQhYYQRJMIYABBRERVFRVFRTBQTJUQJ4YQTiSJRlBalRRlRRpQVt4py4jZRXlQQrV0lUUlUFm1cFXGnqCqqimqiuqghaoqaopaoJWqL2qKOqCPqirqinnhA1Be9sB8+JC5UppEYjI3FEGwimgp58QhoKYZhK9FatBFPiBE4HNuJli5JPC3ai9HYQfxJjMFnRScxDjuL50UX0VV0Ey+I7qKV6yF6iknYS/QWU7GP6Cv6if5iBlYX7+HsnDXEqyJFDBZDxGtiPr4uhok3xHAxQowUb4pR4i0xWowRY8U4kSrGiwnibTFRvCMmicliipgq0sQ0MV28K2aImWKWeE/MFu+LOWKumCfmi3TxgVggFooM8aFYJD4SmWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrvYIT4WO8UnYpfYLfaIT8Ve8ZnYJz4X+8UX4oD4UmSJr8RB8bU4JL4Rh8W34oj4ThwVx8Rx8b04IX4QJ8UpcVqcEWfFj+Kc+EmcF16ARCmklEoGMkbmkLEyp4yTV8lcMrj47l4r4+V1Mo+8XuaV+WR+WUAmyIKykNTSSCtJhrKwLCKj8gZZVN4oi8nisoQsKZ0sJRPlTbK0vFmWkbfIsvJWWU7eJsvLCrKirCRvl5XlHRIiv2yjmqwua8ia8m6ZDPfI2vJeWUfeJ+vK+2U9+YCsLx+UDeRDsqF8WDaSj8jG8lHZRDaVzWRz2UI+JlvKx2Ur2Vq2kU/ItvJJ2U4+JZPk07K99Bc/Is/KTvI52Vk+L7vIrrKb/Emel172kD0l9ALZW74k+8i+sp/sLwfIl+VA+YocJF+VKXKwHCJfk0Pl63KYfEMOlyPkSPmmHCXfkqPlGDlWjpOpcrycIN+WE+U7cpKcLKfIqTJNTpP9Lo40S8q/mf/2r/MvnHrlNDno561vlJvkZrlFbpXb5Ha5Q34sd8qdcpfcJffIPXKv3Cv3yX1yv9wvD8gDMktmyYPyoDwkD8nD8rA8Io/Io/KYPCO/lyfkD/KkPCVPyTPyrDwrz118D0ChEkoqpQIVo3KoWJVTxamrVC51tcqtrlERda2KV9epPOp6lVflU/lVAZWgCqpCSiujrCIVqsKqiIqqG/DiB0aVUCWVU6VUorrpH8lXRdWNqpgq/pv8S/NL/gvza6FaqJaqpWqlWqk2qo1qq9qqdqqdSlJJqr1qrzqoDqqj6qg6qU6qs+qsuqguqpvqprqr7qqH6qGSVbLqrV5SfVRf1U/1VwPUy2qgGqgGqUEqRaWoIWqIGqqGqmFqmBquhquRaqQapUap0Wq0GqvGqlSVqiaoCWqimqgmqUlqipqi0lSamq6mqxlqhpqlZqnZaraao+aoeWqeSlfpaoFaoDJUhlqkFqlMtVgtVkvVUrVcLVcr1Uq1Wq1Wa9VatV6tV5lqk9qktqgtapvapnaoHWqn2ql2qV1qj9qj9qq9ap/ap/ar/eqAOqCyVJY6qA6qQ+qQOqwOqyPqiDqqjqrj6rg6oU6ok+qkOq1Oq7PqrDqnzqnz6ryCQIAIRKACFcQEMUFsEBvEBXFBriBXkDvIHUSCSBAfxAd5guuDvEG+IH9QIEgICgaFAh2YwAbiYtGjwQ1B0eDGoFhQPCgRlAxcUCpIDG4KSgc3B2WCW4Kywa1BueC2oHxQIagYVApuDyoHdwRVgjuDqsFdQbWgelAjqBncHdQK7glqB/cGdYL7grrB/UG94IGgfvBg0CB4KGgYPBw0Ch4JGgePBk2CpkGzoHnQ4t86vvcn8z3ueuieOln30r31S7qP7qv76f56gH5ZD9Sv6EH6VZ2iB+sh+jU9VL+uh+k39HA9Qo/Ub+pR+i09Wo/RY/U4narH6wn6bT1Rv6Mn6cl6ip6q0/Q0PV2/q2fomXqWfk/P1u/rOXqunqfn63T9gV6gF+oM/aFepD/SmXqxXqKX6mV6uV6hV+pVerVeo9fqdXq93qA36k16s96it+pterveoT/WO/UnepferffoT/Ve/Znepz/X+/UX+oD+Umfpr/RB/bU+pL/Rh/W3+oj+Th/Vx/Rx/b0+oX/QJ/UpfVqf0Wf1j/qc/kmf1/7Cxf2F07tRRpkYE2NiTayJM3Eml8llcpvcJmIiJt7Emzwmj8lr8pr8Jr9JMAmmkClkLiBDprApbKImaoqaoqaYKWZKmBLGGWcSTaIpbUqbMqaMKWvKmnKmnClvypuKpqK53dxu7jB3mDvNneYuc5epbqqbmqamqWVqmdqmtqlj6pi6pq6pZ+qZ+qa+aWAamIamoWlkGpnGprFpYpqYZqaZaWFamJampWllWpk2po1pa9qadqadSTJJpr1pbzqYDqaj6Wg6mU6ms+lsupguppvpZrqb7qaH6WGSTbLpbXqbPqaP6Wf6mQFmgBloBppBZpBJMSlmiBlihpqhZpgZZoabEWbkhQtV85YZbcaYsWacSTWpZoKZYCaaiWaSmWSmmCkmzaSZ6Wa6mWFmmFlmlpltZps5Zo6ZZ+aZdJNuFpgFJsNkmEVmkck0mWaJWWKWmWVmhVlhVplVZo1ZY9bBOrPBbDCbzCazxWwx28w2s8PsMDvNTrPL7DJ7zB6z1+w1+8w+s9/sNwfMAZNlssxBc9AcMofMYXPYHDFHzFFz1Bw3x80Jc8KcNCfNaXPanDX5Lp4vvYm1OW2cvcrmslfb3PYa+7/j/LaATbAFbSGrbV6b7zexsdYWs8VtCVvSOlvKJtqbfheXtxVsRVvJ3m4r2ztsld/Ftew9tra919ax99ma9u7fxHXt/baefcTWRwSwTW1D29w2so/YxvZR28Q2tc1sc9vWPmnb2adskn3atrfP/C5eYBfaVXa1XWPX2l12tz1tz9hD9ht71v5oe9iedoB92Q60r9hB9lWbYgf/Lh5p37Sj7Ft2tB1jx9pxv4un2Kk2zU6z0+27doad+bs43X5gZ9sMO8fOtfPs/J/jC3PKsB/aRfYjm2kDWGKX2mV2uV1hV/55rkvtervBbrQ77Sd2i91qt9ntdselC2G72+6xn9q99jN70H5t99sv7AF72GbZr36OL+zfYfutPWK/s0ftMXvcfm9P2B/UpewL+/69/cmet94CIQFJUhRQDOWgWMpJcXQV5aKrKTddQxG6luLpOspD11Neykf5qQAlUEEqRJoMWSIKqTAVoSjdQJemV4JKkqNSlEg3UWm6mcrQLVSWbqVydBuVpwpUkSrR7VSZ7qAqdCdVpbuoGlWnGlST7qZadA/VpnupDt1Hdel+qkcPUH16kBrQQ9SQHqZG9Ag1pkepCTWlZtScWtBj1JIep1bUmtrQE9SWnqR29BQl0dPUnp6hDvQn6kjPUid6jjrT89SFulI3eoG604vUg3pSMvWi3vQS9aG+1I/60wB6mQbSKzSIXqUUGkxD6DUaSq/TMHqDhtMIGklv0ih6i0bTGBpL4yiVxtMEepsm0js0iSbTFJpKaTSNptO7NINm0ix6j2bT+zSH5tI8mk/p9AEtoIWUQR/SIvqIMmkxLaGltIyW0wpaSatoNa2htbSO1tMG2kibaDNtoa20jbbTDvqYdtIntIt20x76lPbSZ7SPPqf99AUdoC8pi76ig/Q1HaJv6DB963vSd3SUjtFx+p5O0A90kk7RaTpDZ+lHOkc/0XnyBCGGIpShCoMwJswRxoY5w7jwqjBXeHWYO7wmjITXhvHhdWGe8Powb5gvzB8WCBPCgmGhUIcmtCGFYVg4LBJGwxvCouGNYbGweFgiLBm6sFSYGN4Ulg5vDsuEt4Rlw1vDcuFtYfmwQvjIfZXC28PK4R1hlfDOsGp4V1gtrB7WCGuGd4e1wnvC2uG9YZ3wvrBMeH9YL3wgrB8+GDYIHwobhg+HjcJHwsbho2GTsGnYLGwetggfC1uGj4etwtZhm/CJsG34ZNgufCpMCp8O24fP/Nx//8K/3J8c9gp7hy+FL4Xe3yvnRedH06MfRBdEF0Yzoh9GF0U/imZGF0eXRJdGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGva+ZAxw64aRTLnAxLoeLdTldnLvK5XJXu9zuGhdx17p4d53L4653eV0+l98VcAmuoCvktDPOOnKhK+yKuKi7wRV1N7pirrgr4Uo650q5RNfctXAtXEv3uGvlWrs27gn3hHvSPemeck+5p11794zr4P7kOrpnXSf3nHvOPe+6uK6um3vBdXfjc/9yTCa73q636+P6uH6unxvgBriBbqAb5Aa5FJfihrghbqgb6oa5YW64G+5GupFulBvlRrvRbqwb61JdqpvgJriJbqKb5Ca5KW6KS3Npbrqb7ma4Ga7yzF+2MsfNcfPcPJfu0t0Cd+GaMcMtcotcpst0S9wSt8wtcyvcCrfKrXJr3Bq3zq1zG9wGt8ltclvcFrfNbXM73A630+10u/w1vwzq9rp9bp/b7/a7A+5Ll+W+cgfd1+6Q+8Yddt+6I+47d9Qdc8fd9+6E+8GddKfcaXfGnXU/unPuJ3feeZcaGR+ZEHk7MjHyTmRSZHJkSmRqJC0yLTI98m5kRmRmZFbkvcjsyPuROZG5kXmR+ZH0yAeRBZGFkYzIh5FFkY8imZHFkSWRpZFlkeUR7wtuCX1hX8RH/Q2+qL/RF/PFfQlf0jtfyif6m3xpf7Mv42/xZf2tvpy/zZf3FXxF/6hv4pv6Zr65b+Ef8y39476Vb+3b+Cd8W/+kb+ef8kn+ad/eP+M7+D/5jv5Z38k/5zv7530X39V38y/47v5F38P39Mm+l+/tX/J9fF/fz/f3A/zLfqB/xQ/yr/oUP9gP8a/5of51P8y/4Yf7EX5kzJt+1KVbZBjnU/14P8G/7Sf6d/wkP9lP8VN9mp/mp/t3/Qw/08/y7/nZ/n0/x8/18/x8n+4/8Av8Qp/hP/SL/Ec+0y++9FDSr/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3e/wH/ud/hO/y+/2e/ynfq//zO/zn/v9/gt/wH/ps/xX/qD/2h/y3/jD/lt/xH/nj/pj/rj/3p/wP/iT/pQ/7c/4s/5Hf87/5M/z36wxxhhjjP1dxl9uit/2/PI4v9cf5IhfrdwbAK7eWiDr1/0XrijX5f2l3VcktI0AwNM9Oz90aalWLTk5+eK6mRKCInMBLv0k6IIYuBwvhjbwJCRBayj9h/PvK7qepb8xfvRWgLhf5cTC5fjy+J8DYPIfjP/YEyMXlAtPx/+V8ecCFCtyOScnXI4XQ5ufn6+0hjJ/Yf75Wv6N+ef8IhWg1a9ycsHl+PL8E+FxeAaSfrMmY4wxxhhjjDH2i76iYsdL95+XfuPzj+7PE9TlnBxwOf5b9+eMMcYYY4wxxhi78p7t2u2px5KSWnf8xxtV/qmsv7vRGP5TI3PjDxveA1x6RQHAvzggwIWG/G/uxeb/yrZSLh46/7tr2RkfwP+NUv7zjbF/fuUKf2NijDHGGGOM/dtdvvr/7evqSk2IMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLhv4b/1fsSu8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9TwAAAP//HmP+kg==")
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40), 0x24, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r5, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_JOIN_GROUP(r5, 0x0, 0x2a, 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, &(0x7f0000000240)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000140)=0x1, 0x4)

1.281069241s ago: executing program 4 (id=8343):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xffffffffffffffa8, &(0x7f0000000000)=0x1002)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x48)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000140)='./file2\x00', 0x2001004c, &(0x7f0000000a00)=ANY=[@ANYRES16=0x0, @ANYRES8, @ANYRES8=0x0, @ANYBLOB="b71fe84fda50cf6fbefac5a5891d03a05027c0e6658ea94f09636160112a47b688552b72051bf0111daffbe0adef82589ee2fac726c31d20f98aa1f9761873cd604dab0d22b4b321f4c20044c5a8e018b51e52342814e4c33a7f4807781862b524b303c604203d95ef2f4feb698f5a4f3983ca0adeae0088c2e16969e9000a6a9d85bf9d4ee333cfeb763ad6506f66797f154f0923a63f106d908d1cf2a884e57ab63950b9883c40449a94847df80ca39e9394f8de077bfd7f0c81e773fe8ad33c339a0f92997d172adcde0c53c97cce8a0f42c862a0c88c9a25ccf6799b85dadc245f608d", @ANYRES8], 0xfe, 0x1518, &(0x7f0000000d80)="$eJzs3AuYjtX6MPB1r7UehqS3SQ7Dutf98KbBMkmSQ0IOSZIkSU4JSZMkCYkhp6QhCTlOmhyGkBymMWmcz4eckyZbmiQJySlZ38Vub7uv/W/v/7f39/e/9ty/61rXrPt93nu99zP3XPOu55lr3u96jqrXon7tZkQk/iXw5y9JQogYIcQwIcR1QohACFEptlLspeP5FCT9ay/C/r0eTrvaFbCrifufu3H/czfuf+7G/c/duP+5G/c/d+P+527cf8Zys22zi13PI/cOvv+fm/H7/3+QnPKTv9pQ/sZe/40U7n/uxv3P3bj/uRv3P3fj/udu3P//fLX+4Bj3P3fj/jOWm/31XvAF7/3/gvvRPP5nx9X++WOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxljuc9VdoIcRf5le7LsYYY4wxxhhjjP37+LxXuwLGGGOMMcYYY4z9/wdCCiW0CEQekVfEiHwiv7hGFBDXioLiOhER14tYcYMoJG4UhUURUVQUE3GiuCghjEBhBYlQlBSlRFTcJEqLm0W8KCPKinLCifIiQdwiKohbRUVxm6gkbheVxR2iiqgqqonq4k5RQ9wlaopaora4W9QRdUU9UV/cIxqIe0VDcZ9oJO4XjcUDool4UDQVD4lm4mHRXDwiWohHRUvxmGglWos2oq1o9/+U/5LoK14W/UR/kSQGiIHiFTFIDBZDxFAxTLwqhovXxAjxukgWI8Uo8YYYLd4UY8RbYqwYJ8aLt8UEMVFMEpPFFDFVpIh3xDTxrkgV74npYoaYKWaJNDFbzBHvi7linpgvPhALxIdioVgkFoslIl18JDLEUpEpPhbLxCciSywXK8RKsUqsFmvEWrFOrBcbxEaxSWwWW8RWsU18KraLHWKn2CV2iz1ir/hM7BOfi/3iC5Etvvxv5p/5v/J7gQABEiRo0JAH8kAMxEB+yA8FoAAUhIIQgQjEQiwUgkJQGApDUSgKcRAHJaAEICAQEJSEkhCFKJSG0hAP8VAWyoIDBwmQABXgVqgIFaESVILKUBmqQFWoCtWhOtSAGlATakJtqA11oA7Ug3pwD9wD90JDaAiNoBE0hsbQBJpAU2gKzaAZNIfm0AJaQEtoCa2gFbSBNtAO2kF7aA8doAN0gk7QGTpDF+gCiZAIXaErdINu0B26Qw/oAT2hJ/SC3tAbXoKX4GV4GfpDHTkABsJAGASDYAgMhaHwKgyH1+A1eB2SYSSMgjfgDXgTxsBpGAvjYDyMhxpyIkyCyUByKqRACkyDaZAKqTAdZsAMmAVpMBvmwByYC/NgHnwAC+BD+BAWwSJYAumQDhmwFDIhE5bBGciC5bACVsIqWA2rYC2sg7WwATbCBtgMm2ErbIVP4VPYATtgF+yCPbAHPoPP4HP4HJIhG7LhAByAg3AQDsEhyIEcOAyH4QgcgaNwFI7BMTgOJ+AknIBTcApOwxk4C2fhPJyHC/BC3DfN95RZnyzkJVpqmUfmkTEyRuaX+WUBWUAWlAVlREZkrIyVhWQhWVgWlkVlURkn42QJWUKiREkylCVlSRmVUVlalpbxMl6WlWWlk04myARZQVaQFWVFWUneLivLO2QVWVV2dNVldVlDdnI1ZS1ZW9aWdWRdWU/Wl/VlA9lANpQNZSPZSDaWjWUT+aBsKgfAEHhYXupMCzkSWspR0Eq2lm1kW/kmPC7byzHQQXaUneSTchyMhS6yvUuUz8iuchJ0k8/JyfC87CGnQk/5ouwle8s+8iXZV3Zw/WR/OR0GyIFyFgySg+UQOVTOhbryUsfqyddlshwpR8k35BJ4U46Rb8mxcpwcL9+WE+REOUlOllPkVJki35HT5LsyVb4np8sZcqacJdPkbDlHvi/nynlyvvxALpAfyoVykVwsl8h0+ZHMkEtlpvxYLpOfyCy5XK6QK+UquVqukWvlOrlebpAb5Sa5WW6RW+U2+ancLnfInXKX3C33yL3yM7lPfi73yy9ktvxSHpB/kgflV/KQ/FrmyG/kYfmtPCK/k0fl9/KY/EEelyfkSfmjPCV/kqflGXlWnpPn5c/ygvxFXpReCgVKKqW0ClQelVfFqHwqv7pGFVDXqoLqOhVR16tYdYMqpG5UhVURVVQVU3GquCqhjEJlFalQlVSlVFTdpEqrm1W8KqPKqnLKqfIqQd2iKqhbVUV1m6qkbleV1R2qiqqqqqnq6k5VQ92laqpaqra6W9VRdVU9VV/doxqoe1VDdZ9qpO5XjdUDqol6UDVVD6lm6mHVXD2iWqhHVUv1mGqlWqs2qq1qpx5X7dUTqoPqqDqpJ1Vn9ZTqop5WieoZ1VU9q7qp51R39bzqoV5QPdWLqpfqrfqoX9RF5VU/1V8lqQFqoHpFDVKD1RA1VA1Tr6rh6jU1Qr2uktVINUq9oUarN9UY9ZYaq8ap8eptNUFNVJPUZDVFTVUp6h01Tb2rUtV7arqaoWaqWSpNzVZDfl1p/j+R/+7fyR9x+dW3qm3qU7Vd7VA71S61W+1Re9VetU/tU/vVfpWtstUBdUAdVAfVIXVI5agcdVgdVkfUEXVUHVXH1DF1XJ1Q59SP6pT6SZ1WZ9QZdU6dV+fVhV+/B0KDllpprQOdR+fVMTqfzq+v0QX0tbqgvk5H9PU6Vt+gC+kbdWFdRBfVxXScLq5LaKNRW0061CV1KR3VN+nS+mYdr8vosrqcdrq8TtC3/Mv5/6i+drqdbq/b6w66g+6kO+nOurPuorvoRJ2ou+quupvuprvr7rqH7qF76p66l+6l++g+uq/uq/vpfjpJJ+mB+hU9SA/WQ/RQPUy/qofr4XqEHqGTdbIepUfp0Xq0HqPH6LF6rB6vx+sJeoKepCfpKXqKTtEpepqeplN1qp6up+uZeqZO02l6jp6j5+q5er6erxfoBXqhXqgX68U6XafrDJ2hM3WmXqaX6Sy9XC/XK/VKvVqv1mv1Wr1er9cb9Ua9WW/WWXqb3qa36+16p96pd+vdeq/eq/fpfXq/3q+zdbY+oA/og/qgPqQP6Rydow/rw/qIPqKP6qP6mD6mj+vj+qQ+qU/pU/q0Pq3P6rP6vD6vL+gL+qK+eGnbF8hABjrQQZ4gTxATxAT5g/xBgaBAUDAoGESCSBAbxAaFghuDwkGRoGhQLIgLigclAhNgYAMKwqBkUCqIBjcFpYObg/igTFA2KBe4oHyQENwSVAhuDSoGtwWVgtuDysEdQZWgalAtqB7cGdQI7gpqBrWC2sHdQZ2g7l/+DhXcGzQM7gsaBfcHjYMHgibBg0HT4KGgWfBw0Dx4JGgRPBq0DB4LWgWtgzZB26DdP7t+UC+oH9wTNPjD9b0/XeQJ18/0N0lmgBloXjGDzGAzxAw1w8yrZrh5zYwwr5tkM9KMMm+Y0eZNM8a8ZcaacWa8edtMMBPNJDPZTDFTTYp5x0wz75pU856ZbmaYmWaWSTOzzRzzvplr5pn55gOzwHxoFppFZrFZYtLNRybDLDWZ5mOzzHxissxys8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMp2a72WF2ml1mt9lj9prPzD7zudlvvjDZ5ktzwPzJHDRfmUPma5NjvjGHzbfmiPnOHDXfm2PmB3PcnDAnzY/mlPnJnDZnzFlzzpw3P5sL5hdz0fhLm/tLb++oUWMezIMxGIP5MT8WwAJYEAtiBCMYi7FYCAthYSyMRbEoxmEclsASeAkhYUksiVGMYmksjfEYj2WxLDp0mIAJWAErYEWsiJWwElbGylgFq2A1rIZ34p14F96FtbAW3o13Y12si/WxPjbABtgQG2IjbISNsTE2wSbYFJtiM2yGzbE5tsAW2BJbYitshW2wDbbDdtge22MH7ICdsBN2xs7YBbtgIiZiV+yK3bAbdsfu2AN7YE/sib2wF/bBPtgX+2K/c/0wCZNwIA7EQTgIh+AQHIbDcDgOxxE4ApMxGUfhKByNo3EMjsGxOA7H49s4ASfiJJyMU3AqpmAKTsNpmIqpOB2n40yciWmYhnNwDs7FuTgf5+MCXIALcSEuxsWYjumYgRmYiZm4DJdhFmbhClyBq3AVrsE1uA7X4QbcgJtwE27BLbgNt+F23I47cSfuxt24F/fiPtyH+3E/ZmM2HsADeBAP4iE8hDmYg4fxMB7BI3gUj+IxPIbH8TiexJN4Ck/haTyNZ/Esnsef8QL+ghfRY4yVIr+9xhaw19qC9jobY/PZv42L2mI2zha3JayxhW2R38RorY23ZWxZW846W94m2Ft+F1exVW01W93eaWvYu2zN38UN7L22ob3PNrL32/r2nt/Eje0Dtol91Da1j9lmtrVtbtvaFvZR29I+ZlvZ1raNbWs726dsF/u0TbTP2K722d/FGXapXWfX2w12o91nP7dn7Tl7xH5nz9ufbT/b3w6zr9rh9jU7wr5ukxuN/G1sR9rx9m07wU60k+xkO8VO/V08086yaXa2nWPft3PtvN/F6fYju8Bm2oV2kV1sl1yOL9WUaT+2y+wnNssutyvsSrvKrrZr7Nq/1rrSbrZb7Fa7135mt9sddqfdZXfbPZfjS+ex335hs+2X9rD91h60X9lD9qjNsd9cji+d31H7vT1mf7DH7Ql70v5oT9mf7Gl75vL5Xzr3H+0v9qL1VhCQJEWaAspDeSmG8lF+uoYK0LVUkK6jCF1PsXQDFaIbqTAVoaJUjOKoOJUgQ0iWiEIqSaUoSjdRabqZ4qkMlaVy5Kg8JdAtVIFupYp0G1Wi26ky3UFVqCpVo+p0J9Wgu6gm1aLadDfVobpUj+rTPdSA7qWGdB81ovupMT1ATehBakoPUTN6mJrTI9SCHqWW9Bi1otbUhtpSO3qc2tMT1IE6Uid6kjrTU9SFnqZEeoa60rPUjZ6j7vQ89aAXqCe9SL2oN/Whl6gvvUz9qD8l0QAaSK/QIBpMQ2goDaNXaTi9RiPodUqmkTSK3qDR9CaNobdoLI2j8fQ2TaCJNIkm0xSaSin0Dk2jdymV3qPpNINm0ixKo9k0h96nuTSP5tMHtIA+pIW0iBbTEkqnjyiDllImfUzL6BPKouW0glbSKlpNa2gtraP1tIE20ibaTFtoK22jT2k77aCdtIt20x7aS5/RPvqc9tMXlE1f0gH6Ex2kr+gQfU059A0dpm/pCH1HR+l7OkY/0HE6QSfpRzpFP9FpOkNn6Rydp5/pAv1CF8mTCCGUoQp1GIR5wrxhTJgvzB9eExYIrw0LhteFkfD6MDa8ISwU3hgWDouERcNiYVxYPCwRmhBDG1IYhiXDUmE0vCksHd4cxodlwrJhudCF5cOE8JawQnhrWDG8LawU3h5WDu8Iq4RVw0fvrx7eGdYI7wprhrXC2uHdYZ2wblgvrB/eEzYI7w0bhveFjcL7w4rhA2GT8MGwafhQ2Cx8OGwePhK2CB8NW4aPha3C1mGbsG3YLnw8bB8+EXYIO4adwifDzuFTYZfw6TAxfCbsGj77D48nhQPCgeEr4Suh9/epxdEl0fToR9GM6NJoZvTj6LLoJ9Gs6PLoiujK6Kro6uia6Nrouuj66Iboxuim6ObolujWqPf18woHTjrltAtcHpfXxbh8Lr+7xhVw17qC7joXcde7WHeDK+RudIVdEVfUFXNxrrgr4YxDZx250JV0pVzU3eRKu5tdvCvjyrpyzrnyLsG1de1cO9fePeE6uI6uk3vSPemeck+5p93T7hnX1T3rurnnXHf3vOvhXnAvuBddL9fb9XEvub7uZdfP9XdJLskNdAPdIDfIDXFD8vy6B3Mj3AiX7JLdKDfKjXaj3Rg3xo11Y914N95NcBPcJDfJTXFTXIpLcdPcNJfqUt10N93NdDNdmktzc9wcN9fNdfPdfLcgfoFb6Ba6xW6xS3fpLsNluEyX6Za5ZS7LZbkVboVb5Va5NW6NW+fWuQ1ug9vkNrktbovb5ra57W672+l2ut1ut9vr9rp9bp/b7/a7bJftDrgD7qA76A65r12O+8Yddt+6I+47d9R97465H9xxd8KddD+6U+4nd9qdcWfdOXfe/ewuuF/cReddSuSdyLTIu5HUyHuR6ZEZkZmRWZG0yOzInMj7kbmReZH5kQ8iCyIfRhZGFkUWR5ZE0iMfRTIiSyOZkY8jyyKfRLIiyyMrIisjqyKrI94X3x76kr6Uj/qbfGl/s4/3ZXxZX847X94n+Ft8BX+rr+hv85X87b6yv8NX8VV9Nf+Yb+Vb+za+rW/nH/ft/RO+g+/oO/knfWf/lO/in/aJ/hnf1T/ru/nnfHf/vO/hX/A9/Yu+l+/t+/iXfF//su/n+/skP8AP9K/4QX6wH+KH+mH+VT/cv+ZH+Nd9sh/pR/k3/Gj/ph/j3/Jj/Tg/3r/tJ/iJfpKf7Kf4qT7Fv+On+Xd9qn/PT/cz/Ew/y6f52X6Of9/P9fP8fP+BX+A/9Av9Ir/YL/Hp/iOf4Zf6TP+xX+Y/8Vl+uV/hV/pVfrVf49f6dX693+A3+k1+s9/it/pt/lO/3e/wO/0uv9vv8Xv9Z36f/9zv91/4bP+lP+D/5A/6r/wh/7XP8d/4w/5bf8R/54/67/0x/4M/7k/4k/5Hf8r/5E/7M/6sP+fP+5/9Bf+Lv8j/s8YYY4wx9k9JPfTHxwf8ncfkr+OSgUKIa3cUy/nb41oIsanwn+eDZVzniBDimf49H/7LqFMnKSnp1+dmKRGUWiSEiFzJv3wZ8mu8XHQST4lE0VFU+Lv1DZa9z9MfrA/HvY/eLkT+v8mJEVfiK+vf+l+s//iT4zMqh2djf7v+hV/3m5fqjy4SIr7UlZx84kp8Zf2K/8X6Rdr/Uf1ZSuT7KkWIDn+TU0Bcia+snyCeEM+KxN88kzHGGGOMMcYY+7PBslr3f3D9efn6PE5fDi8/nFf8Nf6H1+eMMcYYY4wxxhi7+p7v3efpxxMTO3bnCU94wpO/Tq72bybGGGOMMcbYv9uVTf/VroQxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu9/ic+TuxqnyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2fAAAA///9QkNA")
chdir(0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
truncate(&(0x7f0000000040)='./file0\x00', 0x1b1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="06000000040000000080", @ANYRES32, @ANYBLOB="0000e5ffffffffffffff0000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
socket$netlink(0x10, 0x3, 0x8000000004)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001ec0), 0xffffffffffffffff)
sendmsg$TIPC_NL_PUBL_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={0x44, r4, 0xf03, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x30, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0xfffffffffffffff6}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_FLAG, @TIPC_NLA_CON_FLAG={0x8}]}]}]}, 0x44}}, 0x0)
setreuid(0x0, 0x0)

70.382329ms ago: executing program 2 (id=8344):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b000000000000000000000000000400000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000da06f76992669d5e03eb05c5c54ad02c86ff3a24bbd088ab6f14c89e9f8de9a437b48baa02ec70552b5593f01291682679d176ce89cf6b37f395a8b43cc4634884514c977ca52ec233978c9a763df4d49589b90b269b46e23034eba4379ece9ac76d27bdd8e1888cef6ce1f49d074960c7d533de56275f5a7525d581d4df33aecda36e76fd051d2086e27922749e0512e04765e7b4ab49c20a2e0094fe99174f7e30f3869757844f81b74e56d6164a525bea2c64bb8b45089c50cb647cc88f7b4450378bce9a74362292e0f9a8b464f63538871181"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[], 0x48)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
process_vm_writev(0x0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000540)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@mblk_io_submit}, {@bh}, {@auto_da_alloc}, {@barrier}, {@test_dummy_encryption}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)
fdatasync(r2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000000300))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r4, 0x4008af00, &(0x7f0000000080)=0x200000000)
r5 = dup2(r4, r4)
preadv2(r5, &(0x7f0000000880)=[{&(0x7f0000000100)=""/199, 0xc7}], 0x1, 0x7, 0x3, 0x1)
openat(r5, 0x0, 0x2384, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)

0s ago: executing program 4 (id=8345):
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000400)={0xa})
syz_emit_ethernet(0x9a, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=@framed={{}, [@printk={@lx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r6}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0)
ioctl$BTRFS_IOC_GET_FEATURES(r6, 0x80189439, &(0x7f0000000180))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
epoll_pwait(r0, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0)

kernel console output (not intermixed with test programs):

s leftover after parsing attributes in process `syz.4.7848'.
[ 2016.066801][T27034] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7852'.
[ 2017.302644][T27045] overlayfs: failed to clone upperpath
[ 2017.559709][T27048] overlayfs: failed to clone upperpath
[ 2018.674991][T27058] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7857'.
[ 2021.665931][T27065] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7860'.
[ 2022.743397][T27076] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7863'.
[ 2023.470742][T27083] overlayfs: failed to clone upperpath
[ 2024.205351][T27084] netlink: 32 bytes leftover after parsing attributes in process `syz.1.7865'.
[ 2029.584485][T27111] xt_CT: No such helper "netbios-ns"
[ 2031.038281][T27136] loop5: detected capacity change from 0 to 256
[ 2031.062288][T27136] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[ 2031.096575][T27137] overlayfs: failed to resolve './file1': -2
[ 2031.135674][T27136] netlink: 32 bytes leftover after parsing attributes in process `syz.5.7875'.
[ 2033.111463][T27160] overlayfs: failed to clone upperpath
[ 2033.756376][   T28] audit: type=1107 audit(2000001233.870:7329): pid=27161 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[ 2033.770392][T27165] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7881'.
[ 2033.995992][T27173] loop5: detected capacity change from 0 to 256
[ 2034.042965][T27173] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[ 2034.191179][T27173] netlink: 32 bytes leftover after parsing attributes in process `syz.5.7885'.
[ 2034.501964][T27175] overlayfs: failed to clone upperpath
[ 2035.105586][T27180] loop5: detected capacity change from 0 to 8192
[ 2037.854988][T27186] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7890'.
[ 2038.333716][T27192] loop5: detected capacity change from 0 to 1024
[ 2038.340596][T27192] EXT4-fs: quotafile must be on filesystem root
[ 2038.576182][T27196] overlayfs: failed to resolve './file1': -2
[ 2038.980893][T27200] netlink: 68 bytes leftover after parsing attributes in process `syz.1.7894'.
[ 2039.262936][T27204] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7893'.
[ 2040.033545][T27218] overlayfs: failed to resolve './file1': -2
[ 2040.074191][   T28] audit: type=1107 audit(2000001240.170:7330): pid=27210 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[ 2040.356042][T27220] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7899'.
[ 2040.365176][T27220] netlink: 40 bytes leftover after parsing attributes in process `syz.0.7899'.
[ 2040.380502][T27220] netlink: 40 bytes leftover after parsing attributes in process `syz.0.7899'.
[ 2040.424431][T27224] futex_wake_op: syz.2.7901 tries to shift op by -1; fix this program
[ 2041.052564][T27232] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[ 2042.032327][T27237] syz.0.7902[27237] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2042.032699][T27237] syz.0.7902[27237] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2042.706423][T27244] overlayfs: failed to resolve './file1': -2
[ 2043.616057][T27245] netlink: 32 bytes leftover after parsing attributes in process `syz.1.7903'.
[ 2045.302966][   T28] audit: type=1107 audit(2000001248.417:7331): pid=27257 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[ 2045.317203][T27259] overlayfs: failed to clone lowerpath
[ 2045.323908][T27259] overlayfs: failed to clone upperpath
[ 2046.660144][T27273] overlayfs: failed to resolve './file1': -2
[ 2047.794098][T27287] netlink: 'syz.0.7917': attribute type 27 has an invalid length.
[ 2047.943038][T27288] device 
31ªX¹¦D left promiscuous mode
[ 2047.973585][T27288] device veth1_macvtap left promiscuous mode
[ 2048.005154][T27288] device veth1_macvtap entered promiscuous mode
[ 2048.011834][T27288] device 
31ªX¹¦D entered promiscuous mode
[ 2048.032112][T27297] overlayfs: failed to clone upperpath
[ 2048.063696][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): macsec1: link becomes ready
[ 2048.071955][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2048.150325][T27303] loop5: detected capacity change from 0 to 256
[ 2048.291408][T27303] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[ 2048.424400][T27303] netlink: 32 bytes leftover after parsing attributes in process `syz.5.7920'.
[ 2048.472012][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2048.501515][T27305] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7921'.
[ 2048.633745][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2048.773015][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2048.928443][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2048.954950][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 2048.973460][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2048.984604][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 2049.003639][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2049.018304][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2049.043953][T21778] bridge0: port 1(batadv_slave_0) entered blocking state
[ 2049.051085][T21778] bridge0: port 1(batadv_slave_0) entered forwarding state
[ 2049.114306][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2049.157232][T27304] syz.4.7918[27304] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2049.157326][T27304] syz.4.7918[27304] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2049.157373][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2049.172703][T27309] loop5: detected capacity change from 0 to 128
[ 2049.181861][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2049.204925][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2049.213340][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2049.222033][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2049.232554][T27309] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 2049.235057][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2049.248546][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2049.258025][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2049.267293][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2049.275890][T27309] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 2049.276007][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[ 2049.291884][T27309] ext4 filesystem being mounted at /27/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 2049.293056][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[ 2049.310904][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth5: link becomes ready
[ 2049.349371][   T28] audit: type=1400 audit(2000001252.467:7332): avc:  denied  { create } for  pid=27308 comm="syz.5.7922" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1
[ 2049.372606][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth4: link becomes ready
[ 2049.399647][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth7: link becomes ready
[ 2049.494766][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth6: link becomes ready
[ 2049.517720][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth9: link becomes ready
[ 2049.722312][   T28] audit: type=1400 audit(2000001252.807:7333): avc:  denied  { write } for  pid=27308 comm="syz.5.7922" name="file0" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1
[ 2049.851722][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth8: link becomes ready
[ 2049.874928][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth11: link becomes ready
[ 2049.894094][   T28] audit: type=1400 audit(2000001252.807:7334): avc:  denied  { open } for  pid=27308 comm="syz.5.7922" path="/27/mnt/file0" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1
[ 2049.946259][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth10: link becomes ready
[ 2049.958395][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth13: link becomes ready
[ 2049.966174][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth12: link becomes ready
[ 2049.973935][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth15: link becomes ready
[ 2049.981815][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth14: link becomes ready
[ 2049.989953][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth17: link becomes ready
[ 2049.998292][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth16: link becomes ready
[ 2050.049279][T26762] EXT4-fs (loop5): unmounting filesystem.
[ 2050.050333][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2050.063400][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2050.071975][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth19: link becomes ready
[ 2050.088960][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth18: link becomes ready
[ 2050.154697][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth21: link becomes ready
[ 2050.207850][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth20: link becomes ready
[ 2050.217914][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth23: link becomes ready
[ 2050.227820][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): veth22: link becomes ready
[ 2050.235619][T21778] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2050.305082][T27325] loop5: detected capacity change from 0 to 16
[ 2050.405238][T27325] erofs: (device loop5): mounted with root inode @ nid 36.
[ 2050.426939][T27325] erofs: (device loop5): z_erofs_readahead: readahead error at page 2 @ nid 89
[ 2050.439648][T27325] erofs: (device loop5): z_erofs_readahead: readahead error at page 1 @ nid 89
[ 2050.448728][T27325] erofs: (device loop5): z_erofs_readahead: readahead error at page 0 @ nid 89
[ 2050.457852][T27325] erofs: (device loop5): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 89
[ 2050.467621][T27325] erofs: (device loop5): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 89
[ 2050.477252][T27325] erofs: (device loop5): z_erofs_read_folio: failed to read, err [-117]
[ 2050.558655][T27328] fuse: Bad value for 'fd'
[ 2050.730477][T27332] overlayfs: failed to clone upperpath
[ 2055.294785][T27354] xt_bpf: check failed: parse error
[ 2055.427868][T27355] loop5: detected capacity change from 0 to 512
[ 2055.435084][T27355] EXT4-fs: Ignoring removed orlov option
[ 2056.143715][T27355] EXT4-fs (loop5): 1 orphan inode deleted
[ 2056.149929][T27355] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 2056.159277][T27355] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2056.169769][T23272] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 2056.188106][T27350] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7929'.
[ 2056.193924][T23272] EXT4-fs error (device loop5): ext4_release_dquot:6837: comm kworker/u4:7: Failed to release dquot type 1
[ 2056.279890][   T28] audit: type=1107 audit(2000001259.397:7335): pid=27352 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[ 2059.071740][T26762] EXT4-fs (loop5): unmounting filesystem.
[ 2060.341893][T27394] netlink: 'syz.4.7942': attribute type 27 has an invalid length.
[ 2060.370460][T27394] bridge0: port 1(
31ªX¹¦D) entered disabled state
[ 2060.413014][   T28] audit: type=1326 audit(2000001263.527:7336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27392 comm="syz.4.7942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f0818e929 code=0x7ffc0000
[ 2060.526282][   T28] audit: type=1326 audit(2000001263.557:7337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27392 comm="syz.4.7942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2f0818e929 code=0x7ffc0000
[ 2060.585763][T27399] overlayfs: failed to clone upperpath
[ 2060.653606][   T28] audit: type=1326 audit(2000001263.557:7338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27392 comm="syz.4.7942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f0818e929 code=0x7ffc0000
[ 2060.692562][   T28] audit: type=1326 audit(2000001263.557:7339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27392 comm="syz.4.7942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2f0818e929 code=0x7ffc0000
[ 2060.719002][   T28] audit: type=1326 audit(2000001263.557:7340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27392 comm="syz.4.7942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f0818e929 code=0x7ffc0000
[ 2060.745589][   T28] audit: type=1326 audit(2000001263.557:7341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27392 comm="syz.4.7942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2f0818e929 code=0x7ffc0000
[ 2060.771858][   T28] audit: type=1326 audit(2000001263.557:7342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27392 comm="syz.4.7942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f0818e929 code=0x7ffc0000
[ 2060.807880][   T28] audit: type=1326 audit(2000001263.557:7343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27392 comm="syz.4.7942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2f0818e929 code=0x7ffc0000
[ 2060.878077][T27394] device bridge8 left promiscuous mode
[ 2060.891594][T27394] device veth29 left promiscuous mode
[ 2060.916460][T27396] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 2061.255258][T27396] bridge0: port 1(
31ªX¹¦D) entered blocking state
[ 2061.261832][T27396] bridge0: port 1(
31ªX¹¦D) entered forwarding state
[ 2061.277178][T27396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge8: link becomes ready
[ 2061.301833][   T28] kauditd_printk_skb: 8 callbacks suppressed
[ 2061.303724][T27404] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 2061.318673][T27404] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[ 2061.335457][   T28] audit: type=1326 audit(2000001264.417:7352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27392 comm="syz.4.7942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2f0812ab19 code=0x7ffc0000
[ 2061.361074][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[ 2061.372300][   T28] audit: type=1326 audit(2000001264.417:7353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27392 comm="syz.4.7942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f0818e929 code=0x7ffc0000
[ 2061.375462][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2061.398782][   T28] audit: type=1326 audit(2000001264.417:7354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27392 comm="syz.4.7942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f0818e929 code=0x7ffc0000
[ 2061.428512][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2061.437486][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2061.446579][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2061.455397][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[ 2061.463725][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 2061.472466][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[ 2061.481059][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 2061.498316][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 2061.508503][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2061.517532][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 2061.526574][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2061.536168][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2061.545067][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2061.553650][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2061.562535][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2061.646790][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2061.655309][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2062.353461][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2062.362784][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2062.372567][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2062.384678][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2062.802906][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2062.811528][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2062.820974][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): vlan3: link becomes ready
[ 2062.828703][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[ 2062.836740][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[ 2062.845092][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth5: link becomes ready
[ 2062.852933][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth4: link becomes ready
[ 2062.953034][T27421] overlayfs: failed to clone upperpath
[ 2062.997210][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth7: link becomes ready
[ 2063.018353][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth6: link becomes ready
[ 2063.111858][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth9: link becomes ready
[ 2063.135968][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth8: link becomes ready
[ 2063.143614][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth11: link becomes ready
[ 2063.154293][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth10: link becomes ready
[ 2063.164335][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth13: link becomes ready
[ 2063.172012][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth12: link becomes ready
[ 2063.194473][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth15: link becomes ready
[ 2063.214282][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth14: link becomes ready
[ 2063.224409][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2063.254344][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2063.264630][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth17: link becomes ready
[ 2063.314500][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth16: link becomes ready
[ 2063.333053][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth19: link becomes ready
[ 2063.342567][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth18: link becomes ready
[ 2063.350626][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth21: link becomes ready
[ 2063.986513][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth20: link becomes ready
[ 2064.015615][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth23: link becomes ready
[ 2064.023867][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth22: link becomes ready
[ 2064.031944][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth25: link becomes ready
[ 2064.032541][T27423] netlink: 68 bytes leftover after parsing attributes in process `syz.0.7948'.
[ 2064.039903][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth24: link becomes ready
[ 2064.266866][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth27: link becomes ready
[ 2064.853392][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth26: link becomes ready
[ 2064.957992][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth29: link becomes ready
[ 2064.966220][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth28: link becomes ready
[ 2064.974607][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2065.156439][T27432] netlink: 9 bytes leftover after parsing attributes in process `syz.2.7959'.
[ 2065.167206][T27432] bridge0: port 1(
30ªX¹¦D) entered disabled state
[ 2065.176883][T27433] netlink: 5 bytes leftover after parsing attributes in process `syz.2.7959'.
[ 2065.186391][T27433] 1ªX¹¦D: renamed from 
30ªX¹¦D
[ 2065.199581][T27433] bridge0: port 1(
31ªX¹¦D) entered blocking state
[ 2065.206230][T27433] bridge0: port 1(
31ªX¹¦D) entered forwarding state
[ 2065.216859][T27433] A link change request failed with some changes committed already. Interface 
31ªX¹¦D may have been left with an inconsistent configuration, please check.
[ 2065.415270][T27450] loop5: detected capacity change from 0 to 512
[ 2065.430121][T27450] EXT4-fs: Ignoring removed mblk_io_submit option
[ 2065.442165][T27450] EXT4-fs: Ignoring removed bh option
[ 2065.449431][T27450] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2065.461070][T27450] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 2065.476597][T27450] EXT4-fs (loop5): 1 truncate cleaned up
[ 2065.483344][T27450] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 2066.724164][    C1] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[ 2067.659393][T26762] EXT4-fs (loop5): unmounting filesystem.
[ 2067.666309][T27459] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 2067.675467][T27459] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 2067.685943][T27459] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 2067.703054][T27459] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2067.713936][T27459] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[ 2067.723509][T27459] device vti0 left promiscuous mode
[ 2067.774756][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth21: link becomes ready
[ 2067.793478][T23272] IPv6: ADDRCONF(NETDEV_CHANGE): veth20: link becomes ready
[ 2069.915324][T27483] overlayfs: failed to clone upperpath
[ 2071.082011][T27503] netlink: 9 bytes leftover after parsing attributes in process `syz.5.7965'.
[ 2071.092410][T27503] device gretap0 entered promiscuous mode
[ 2071.251616][T27503] netlink: 5 bytes leftover after parsing attributes in process `syz.5.7965'.
[ 2071.262392][T27503] 0ªX¹¦D: renamed from gretap0
[ 2071.384674][T27503] device 
30ªX¹¦D left promiscuous mode
[ 2071.390941][T27503] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[ 2072.760934][T27519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7972'.
[ 2072.859710][T27505] overlayfs: failed to clone upperpath
[ 2076.691209][T27535] netlink: 32 bytes leftover after parsing attributes in process `syz.1.7976'.
[ 2076.953159][T27540] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 2078.211192][T27546] block device autoloading is deprecated and will be removed.
[ 2078.517795][T27548] netlink: 40 bytes leftover after parsing attributes in process `syz.2.7986'.
[ 2078.527498][T27553] netlink: 'syz.1.7981': attribute type 27 has an invalid length.
[ 2078.568205][T27553] bridge2: port 1(veth0_to_bond) entered disabled state
[ 2078.591279][   T28] audit: type=1326 audit(2000001281.707:7355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27552 comm="syz.1.7981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27ff18e929 code=0x7ffc0000
[ 2078.635706][   T28] audit: type=1326 audit(2000001281.727:7356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27552 comm="syz.1.7981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27ff18e929 code=0x7ffc0000
[ 2078.882990][   T28] audit: type=1326 audit(2000001281.737:7357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27552 comm="syz.1.7981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f27ff18e929 code=0x7ffc0000
[ 2078.907022][   T28] audit: type=1326 audit(2000001281.737:7358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27552 comm="syz.1.7981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27ff18e929 code=0x7ffc0000
[ 2078.954499][   T28] audit: type=1326 audit(2000001281.737:7359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27552 comm="syz.1.7981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27ff18e929 code=0x7ffc0000
[ 2078.978510][   T28] audit: type=1326 audit(2000001281.967:7360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27552 comm="syz.1.7981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f27ff18e929 code=0x7ffc0000
[ 2079.024137][   T28] audit: type=1326 audit(2000001282.007:7361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27552 comm="syz.1.7981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27ff18e929 code=0x7ffc0000
[ 2079.094074][   T28] audit: type=1326 audit(2000001282.007:7362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27552 comm="syz.1.7981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27ff18e929 code=0x7ffc0000
[ 2079.133448][T27570] overlayfs: failed to clone upperpath
[ 2079.144086][   T28] audit: type=1326 audit(2000001282.057:7363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27552 comm="syz.1.7981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f27ff18e929 code=0x7ffc0000
[ 2079.168221][   T28] audit: type=1326 audit(2000001282.057:7364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27552 comm="syz.1.7981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27ff18e929 code=0x7ffc0000
[ 2079.592773][T27553] bridge8: port 2(veth15) entered disabled state
[ 2079.599277][T27553] bridge8: port 1(ip6gretap0) entered disabled state
[ 2079.846378][T27592] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7988'.
[ 2080.362798][T27556] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 2080.397271][T27556] device 
30ªX¹¦D left promiscuous mode
[ 2080.705375][T27556] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 2080.731285][T27556] device dummy0 left promiscuous mode
[ 2084.504139][T27610] netlink: 32 bytes leftover after parsing attributes in process `syz.2.7993'.
[ 2085.602419][T27556] device veth0_vlan left promiscuous mode
[ 2085.609067][T27556] device veth0_vlan entered promiscuous mode
[ 2085.616295][T27556] device 
30ªX¹¦D entered promiscuous mode
[ 2085.623433][T27556] device dummy0 entered promiscuous mode
[ 2085.642592][T27556] bridge8: port 1(ip6gretap0) entered blocking state
[ 2085.649356][T27556] bridge8: port 1(ip6gretap0) entered forwarding state
[ 2086.010830][T27556] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[ 2086.064296][T27572] IPv6: Can't replace route, no match found
[ 2086.071266][T27595] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7989'.
[ 2086.237315][T27604] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 2086.247047][T27604] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 2086.295546][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): macsec1: link becomes ready
[ 2086.512201][T27627] xt_CT: No such helper "pptp"
[ 2086.556908][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2086.933736][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): macsec2: link becomes ready
[ 2087.112908][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2087.121427][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2087.130258][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2087.139538][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2087.213042][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[ 2087.410307][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 2087.419191][  T944] bridge2: port 1(veth0_to_bond) entered blocking state
[ 2087.426455][  T944] bridge2: port 1(veth0_to_bond) entered forwarding state
[ 2087.464347][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[ 2087.493162][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 2087.513368][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 2087.533615][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2087.543704][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 2087.555395][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2087.563864][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2087.572663][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2087.581452][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2087.590089][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2087.598900][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2087.615573][T27635] overlayfs: failed to clone upperpath
[ 2087.621502][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2087.639201][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2087.661133][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2087.699730][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2087.716579][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2087.731900][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan.0001: link becomes ready
[ 2087.740757][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan.4: link becomes ready
[ 2087.750287][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2087.758017][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[ 2087.765633][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[ 2087.773255][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth5: link becomes ready
[ 2087.780174][T27641] loop5: detected capacity change from 0 to 40427
[ 2087.781110][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth4: link becomes ready
[ 2087.794975][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth7: link becomes ready
[ 2087.803756][T27641] F2FS-fs (loop5): Unrecognized mount option "j1fmt=vfsv1" or missing value
[ 2087.815317][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth6: link becomes ready
[ 2087.824847][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth9: link becomes ready
[ 2087.832490][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth8: link becomes ready
[ 2087.840438][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth11: link becomes ready
[ 2087.849104][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth10: link becomes ready
[ 2087.864495][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2087.882442][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2087.910672][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth13: link becomes ready
[ 2087.929274][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth12: link becomes ready
[ 2087.954997][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): bridge8: link becomes ready
[ 2088.202218][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth15: link becomes ready
[ 2088.210281][  T944] bridge8: port 2(veth15) entered blocking state
[ 2088.216670][  T944] bridge8: port 2(veth15) entered forwarding state
[ 2088.223861][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth14: link becomes ready
[ 2088.231943][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth17: link becomes ready
[ 2088.247233][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth16: link becomes ready
[ 2088.579957][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth19: link becomes ready
[ 2088.620986][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth18: link becomes ready
[ 2088.628824][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth21: link becomes ready
[ 2088.636707][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): veth20: link becomes ready
[ 2088.644622][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): bridge2: link becomes ready
[ 2088.953354][T27659] loop5: detected capacity change from 0 to 256
[ 2089.088456][T27659] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[ 2089.230105][T27659] netlink: 32 bytes leftover after parsing attributes in process `syz.5.8005'.
[ 2089.315788][T27670] netlink: 'syz.2.8008': attribute type 27 has an invalid length.
[ 2089.342570][T27670] bridge0: port 1(
31ªX¹¦D) entered disabled state
[ 2089.385372][   T28] kauditd_printk_skb: 11 callbacks suppressed
[ 2089.385389][   T28] audit: type=1326 audit(2000001292.507:7376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.2.8008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57ea98e929 code=0x7ffc0000
[ 2089.432799][   T28] audit: type=1326 audit(2000001292.537:7377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.2.8008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f57ea98e929 code=0x7ffc0000
[ 2089.469565][   T28] audit: type=1326 audit(2000001292.537:7378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.2.8008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57ea98e929 code=0x7ffc0000
[ 2089.522746][   T28] audit: type=1326 audit(2000001292.537:7379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.2.8008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57ea98e929 code=0x7ffc0000
[ 2089.554594][T27670] bridge7: port 2(veth1) entered disabled state
[ 2089.561086][T27670] bridge7: port 1(ip6gretap1) entered disabled state
[ 2089.607190][   T28] audit: type=1326 audit(2000001292.537:7380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.2.8008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57ea98e929 code=0x7ffc0000
[ 2089.648952][   T28] audit: type=1326 audit(2000001292.537:7381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.2.8008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57ea98e929 code=0x7ffc0000
[ 2089.687774][T27669] IPv6: Can't replace route, no match found
[ 2089.694964][T27671] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8007'.
[ 2089.727782][T27672] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 2089.748446][   T28] audit: type=1326 audit(2000001292.537:7382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.2.8008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57ea98e929 code=0x7ffc0000
[ 2089.790172][   T28] audit: type=1326 audit(2000001292.537:7383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.2.8008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57ea98e929 code=0x7ffc0000
[ 2089.821110][T27672] device veth1_macvtap left promiscuous mode
[ 2089.834773][   T28] audit: type=1326 audit(2000001292.537:7384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.2.8008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57ea98e929 code=0x7ffc0000
[ 2089.852276][T27672] device veth1_macvtap entered promiscuous mode
[ 2089.858995][   T28] audit: type=1326 audit(2000001292.537:7385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.2.8008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57ea98e929 code=0x7ffc0000
[ 2089.893876][T27672] bridge0: port 1(
31ªX¹¦D) entered blocking state
[ 2089.900518][T27672] bridge0: port 1(
31ªX¹¦D) entered forwarding state
[ 2089.923178][T27672] bridge7: port 1(ip6gretap1) entered blocking state
[ 2089.929966][T27672] bridge7: port 1(ip6gretap1) entered forwarding state
[ 2089.971300][T27672] IPv6: ADDRCONF(NETDEV_CHANGE): bridge10: link becomes ready
[ 2089.992174][T13473] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 2090.003428][T13473] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 2090.021986][T13473] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[ 2090.042139][T13473] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[ 2090.059033][T13473] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 2090.078166][T13473] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[ 2090.092874][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[ 2090.101552][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2090.114960][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2090.125688][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2090.136360][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2090.158401][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[ 2090.175522][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 2090.203465][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 2090.227573][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2090.236584][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 2090.245716][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2090.254536][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2090.263185][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2090.272000][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2090.280889][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2090.289628][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2090.298249][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2090.306761][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2090.315247][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2090.324684][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2090.333496][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2090.344143][  T288] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[ 2090.357706][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2090.366404][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2090.378382][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2090.388163][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): vlan3: link becomes ready
[ 2090.397659][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[ 2090.407504][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[ 2090.416690][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth5: link becomes ready
[ 2090.426468][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth4: link becomes ready
[ 2090.472820][  T288] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[ 2090.643006][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2090.655176][T27606] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 2090.715438][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth7: link becomes ready
[ 2090.799463][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth6: link becomes ready
[ 2090.899250][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): bridge7: link becomes ready
[ 2090.963047][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2091.016451][  T288] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 2091.017853][  T471] bridge7: port 2(veth1) entered blocking state
[ 2091.030288][  T471] bridge7: port 2(veth1) entered forwarding state
[ 2091.515384][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2091.523185][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth9: link becomes ready
[ 2091.531093][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth8: link becomes ready
[ 2091.538873][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth11: link becomes ready
[ 2091.546749][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth10: link becomes ready
[ 2091.555055][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth13: link becomes ready
[ 2091.562853][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth12: link becomes ready
[ 2091.577717][  T471] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2091.595144][T27684] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8011'.
[ 2091.706889][T27692] fuse: Bad value for 'fd'
[ 2094.181077][T27721] netlink: 'syz.4.8020': attribute type 4 has an invalid length.
[ 2094.262834][T27721] netlink: 'syz.4.8020': attribute type 4 has an invalid length.
[ 2094.808149][T27730] syz.2.8032[27730] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2094.808230][T27730] syz.2.8032[27730] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2096.948466][T27729] xt_bpf: check failed: parse error
[ 2098.804940][T27743] overlayfs: failed to clone upperpath
[ 2100.072377][T27755] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8023'.
[ 2101.284105][    C0] ip6_tnl_xmit_ctl: 2 callbacks suppressed
[ 2101.284126][    C0] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[ 2101.924081][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 2103.641529][T27791] overlayfs: failed to clone upperpath
[ 2105.954774][T27805] overlayfs: failed to clone upperpath
[ 2105.958900][T27809] netlink: 96 bytes leftover after parsing attributes in process `syz.0.8034'.
[ 2109.249136][T27842] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8045'.
[ 2111.092376][T27853] overlayfs: failed to clone upperpath
[ 2112.636642][   T28] kauditd_printk_skb: 9 callbacks suppressed
[ 2112.636663][   T28] audit: type=1400 audit(2000001570.951:7395): avc:  denied  { write } for  pid=27858 comm="syz.5.8053" path="socket:[80362]" dev="sockfs" ino=80362 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2116.374182][T27895] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8060'.
[ 2116.644108][    C0] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[ 2116.672598][T27896] 9pnet_fd: Insufficient options for proto=fd
[ 2117.089881][T27905] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8063'.
[ 2117.376926][T27908] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8065'.
[ 2117.925123][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 2118.594883][T27926] netlink: 32 bytes leftover after parsing attributes in process `syz.4.8068'.
[ 2119.207557][T27930] 9pnet_fd: Insufficient options for proto=fd
[ 2119.902246][   T28] audit: type=1400 audit(2000001579.041:7396): avc:  denied  { shutdown } for  pid=27940 comm="syz.5.8073" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2119.924954][T27941] I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 2119.966819][T27941] FAT-fs (loop11): unable to read boot sector
[ 2120.353990][T27949] loop5: detected capacity change from 0 to 128
[ 2120.473877][T27949] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 2120.483684][T27949] ext4 filesystem being mounted at /60/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 2121.582410][T26762] EXT4-fs (loop5): unmounting filesystem.
[ 2121.629595][T27959] netlink: 'syz.5.8076': attribute type 27 has an invalid length.
[ 2121.646246][T27962] overlayfs: failed to clone upperpath
[ 2121.658504][T27959] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2121.665865][T27959] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2121.685794][   T28] audit: type=1326 audit(2000001580.831:7397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27955 comm="syz.4.8077" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2f0818e929 code=0x0
[ 2121.757034][   T28] audit: type=1326 audit(2000001580.901:7398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27956 comm="syz.5.8076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca9b8e929 code=0x7ffc0000
[ 2121.764959][T27957] netlink: 'syz.4.8077': attribute type 27 has an invalid length.
[ 2121.781173][   T28] audit: type=1326 audit(2000001580.901:7399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27956 comm="syz.5.8076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca9b8e929 code=0x7ffc0000
[ 2121.781211][   T28] audit: type=1326 audit(2000001580.901:7400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27956 comm="syz.5.8076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3ca9b8e929 code=0x7ffc0000
[ 2121.781246][   T28] audit: type=1326 audit(2000001580.901:7401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27956 comm="syz.5.8076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca9b8e929 code=0x7ffc0000
[ 2121.781273][   T28] audit: type=1326 audit(2000001580.901:7402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27956 comm="syz.5.8076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca9b8e929 code=0x7ffc0000
[ 2121.781299][   T28] audit: type=1326 audit(2000001580.901:7403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27956 comm="syz.5.8076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ca9b8e929 code=0x7ffc0000
[ 2121.916763][   T28] audit: type=1326 audit(2000001580.901:7404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27956 comm="syz.5.8076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca9b8e929 code=0x7ffc0000
[ 2121.940975][   T28] audit: type=1326 audit(2000001580.901:7405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27956 comm="syz.5.8076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca9b8e929 code=0x7ffc0000
[ 2121.969386][T27957] bridge0: port 1(
31ªX¹¦D) entered disabled state
[ 2122.135177][T27971] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 2122.200032][T27971] bridge0: port 1(
31ªX¹¦D) entered blocking state
[ 2122.206621][T27971] bridge0: port 1(
31ªX¹¦D) entered forwarding state
[ 2122.216225][T27971] IPv6: ADDRCONF(NETDEV_CHANGE): bridge8: link becomes ready
[ 2122.227510][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2122.236719][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2122.246370][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 2122.255586][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 2122.264502][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2122.272855][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2122.281595][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2122.290330][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2122.299345][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2122.307784][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2122.317522][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2122.326863][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2122.336630][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[ 2122.344576][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth4: link becomes ready
[ 2122.352432][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth6: link becomes ready
[ 2122.361145][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth8: link becomes ready
[ 2122.369554][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth10: link becomes ready
[ 2122.377859][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth12: link becomes ready
[ 2122.386697][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth14: link becomes ready
[ 2122.394848][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2122.402721][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth16: link becomes ready
[ 2122.411297][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth18: link becomes ready
[ 2122.419441][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth20: link becomes ready
[ 2122.427212][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth22: link becomes ready
[ 2122.435277][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth24: link becomes ready
[ 2122.443148][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth26: link becomes ready
[ 2122.451033][T20549] IPv6: ADDRCONF(NETDEV_CHANGE): veth28: link becomes ready
[ 2122.468961][T27959] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 2122.523659][T27981] overlayfs: failed to clone upperpath
[ 2122.527368][T27959] device veth1_macvtap left promiscuous mode
[ 2122.538436][T27959] device veth1_macvtap entered promiscuous mode
[ 2122.548221][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2122.572309][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2122.587785][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2122.598140][ T2464] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2122.605232][ T2464] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2122.613031][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2122.621567][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2122.630517][ T2464] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2122.637610][ T2464] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2122.647061][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2122.690348][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[ 2122.699151][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 2122.712787][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[ 2122.721348][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 2122.729615][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 2122.737788][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2122.747426][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 2122.757602][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2122.829815][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2122.893634][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2122.965250][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2123.012104][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2123.020827][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2123.029128][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2123.037460][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2123.053061][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2123.073594][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2123.090978][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2123.109096][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2123.126550][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2123.144364][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2123.161197][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2123.407132][T28001] overlayfs: './bus' not a directory
[ 2123.932086][T28009] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8088'.
[ 2124.110737][T28014] overlayfs: failed to clone upperpath
[ 2124.445238][T28020] overlayfs: failed to resolve './file0': -2
[ 2125.806464][T28029] overlayfs: failed to clone upperpath
[ 2128.607711][T28040] loop5: detected capacity change from 0 to 256
[ 2128.773152][T28040] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[ 2128.786183][T28040] exFAT-fs (loop5): bogus allocation bitmap size(need : 2, cur : 17179869186)
[ 2133.545222][   T28] kauditd_printk_skb: 19 callbacks suppressed
[ 2133.545244][   T28] audit: type=1400 audit(2000001590.661:7425): avc:  denied  { write } for  pid=28039 comm="syz.5.8094" name="file2" dev="loop5" ino=1048628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 2133.660276][   T28] audit: type=1400 audit(2000001590.661:7426): avc:  denied  { open } for  pid=28039 comm="syz.5.8094" path="/65/file2/file2" dev="loop5" ino=1048628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 2133.775411][T28073] syz.2.8100[28073] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2133.775519][T28073] syz.2.8100[28073] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2133.834318][T28065] xt_CT: No such helper "pptp"
[ 2133.902450][T28079] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8101'.
[ 2134.307633][   T28] audit: type=1326 audit(2000001593.431:7427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28070 comm="syz.5.8104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca9b8e929 code=0x7ffc0000
[ 2134.365897][   T28] audit: type=1326 audit(2000001593.431:7428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28070 comm="syz.5.8104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca9b8e929 code=0x7ffc0000
[ 2134.408356][   T28] audit: type=1326 audit(2000001593.431:7429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28070 comm="syz.5.8104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3ca9b8e929 code=0x7ffc0000
[ 2134.526080][   T28] audit: type=1326 audit(2000001593.431:7430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28070 comm="syz.5.8104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca9b8e929 code=0x7ffc0000
[ 2134.554177][   T28] audit: type=1326 audit(2000001593.431:7431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28070 comm="syz.5.8104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca9b8e929 code=0x7ffc0000
[ 2134.953615][   T28] audit: type=1400 audit(2000001594.091:7432): avc:  denied  { name_bind } for  pid=28076 comm="syz.2.8105" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[ 2135.028474][   T28] audit: type=1400 audit(2000001594.121:7433): avc:  denied  { bpf } for  pid=28068 comm="syz.1.8102" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2135.051417][T28074] overlayfs: failed to clone upperpath
[ 2135.084468][   T28] audit: type=1400 audit(2000001594.121:7434): avc:  denied  { prog_load } for  pid=28068 comm="syz.1.8102" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2135.280977][T28091] loop5: detected capacity change from 0 to 128
[ 2137.834946][T28117] loop5: detected capacity change from 0 to 512
[ 2139.016521][   T28] kauditd_printk_skb: 20 callbacks suppressed
[ 2139.016603][   T28] audit: type=1400 audit(2000001598.161:7455): avc:  denied  { write } for  pid=28111 comm="syz.2.8114" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[ 2139.186366][T28117] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 2139.195531][T28117] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2139.213062][   T28] audit: type=1400 audit(2000001598.211:7456): avc:  denied  { ioctl } for  pid=28099 comm="syz.0.8111" path="socket:[80650]" dev="sockfs" ino=80650 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 2139.245223][T28122] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8111'.
[ 2139.246402][   T28] audit: type=1400 audit(2000001598.341:7457): avc:  denied  { mount } for  pid=28108 comm="syz.5.8113" name="/" dev="loop5" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 2139.255885][T28122] device bridge0 entered promiscuous mode
[ 2139.282129][T28122] IPv6: ADDRCONF(NETDEV_CHANGE): macsec2: link becomes ready
[ 2139.289683][T28122] bridge0: port 2(macsec2) entered blocking state
[ 2139.296187][T28122] bridge0: port 2(macsec2) entered disabled state
[ 2139.515230][T28122] device bridge0 left promiscuous mode
[ 2139.965993][T26762] EXT4-fs (loop5): unmounting filesystem.
[ 2140.484070][   T28] audit: type=1400 audit(2000001599.101:7458): avc:  denied  { unmount } for  pid=26762 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 2141.428518][   T28] audit: type=1400 audit(2000001600.041:7459): avc:  denied  { mounton } for  pid=28130 comm="syz.2.8119" path="/1524/file0" dev="tmpfs" ino=8262 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 2141.484160][   T28] audit: type=1400 audit(2000001600.561:7460): avc:  denied  { create } for  pid=28138 comm="syz.2.8120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 2141.515804][   T28] audit: type=1400 audit(2000001600.561:7461): avc:  denied  { bind } for  pid=28138 comm="syz.2.8120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 2141.605392][   T28] audit: type=1400 audit(2000001600.561:7462): avc:  denied  { setopt } for  pid=28138 comm="syz.2.8120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 2141.724325][T28147] xt_CT: No such helper "pptp"
[ 2143.553182][   T28] audit: type=1400 audit(2000001601.201:7463): avc:  denied  { append } for  pid=28140 comm="syz.5.8117" name="001" dev="devtmpfs" ino=182 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 2144.875687][   T28] audit: type=1400 audit(2000001602.951:7464): avc:  denied  { mount } for  pid=28145 comm="syz.1.8121" name="/" dev="configfs" ino=13798 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[ 2144.925358][T28159] loop5: detected capacity change from 0 to 512
[ 2144.956627][   T28] audit: type=1400 audit(2000001603.031:7465): avc:  denied  { search } for  pid=28145 comm="syz.1.8121" name="/" dev="configfs" ino=13798 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 2144.991851][T28159] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[ 2145.003358][T28159] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2
[ 2145.013956][T28159] EXT4-fs (loop5): 1 truncate cleaned up
[ 2145.028239][T28159] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 2145.040495][T28163] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8126'.
[ 2145.092567][   T28] audit: type=1400 audit(2000001604.231:7466): avc:  denied  { create } for  pid=28158 comm="syz.5.8125" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 2145.126256][T28163] bridge0: port 2(vlan1) entered blocking state
[ 2145.145218][T28163] bridge0: port 2(vlan1) entered disabled state
[ 2145.153366][   T28] audit: type=1400 audit(2000001604.261:7467): avc:  denied  { setopt } for  pid=28158 comm="syz.5.8125" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 2145.181470][   T28] audit: type=1400 audit(2000001604.291:7468): avc:  denied  { bind } for  pid=28158 comm="syz.5.8125" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 2145.202066][   T28] audit: type=1400 audit(2000001604.321:7469): avc:  denied  { create } for  pid=28162 comm="syz.0.8126" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 2145.243049][   T28] audit: type=1400 audit(2000001604.381:7470): avc:  denied  { unlink } for  pid=284 comm="syz-executor" name="file0" dev="tmpfs" ino=8786 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 2146.107638][T26762] EXT4-fs (loop5): unmounting filesystem.
[ 2147.374397][    C0] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[ 2148.004312][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 2148.405642][T28182] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8131'.
[ 2148.518210][T28187] overlayfs: failed to resolve './file1': -2
[ 2148.627580][   T28] audit: type=1400 audit(2000001607.721:7471): avc:  denied  { create } for  pid=28189 comm="syz.2.8133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 2150.256330][   T28] audit: type=1400 audit(2000001609.401:7472): avc:  denied  { write } for  pid=28204 comm="syz.1.8134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 2150.280932][T28205] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8134'.
[ 2150.307552][   T28] audit: type=1400 audit(2000001609.431:7473): avc:  denied  { unlink } for  pid=28191 comm="syz.5.8129" name="#40" dev="tmpfs" ino=436 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 2150.354457][   T28] audit: type=1400 audit(2000001609.491:7474): avc:  denied  { create } for  pid=28207 comm="syz.0.8136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 2150.514380][   T28] audit: type=1400 audit(2000001609.621:7475): avc:  denied  { bind } for  pid=28207 comm="syz.0.8136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 2150.822444][   T28] audit: type=1400 audit(2000001609.961:7476): avc:  denied  { write } for  pid=28212 comm="syz.2.8137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 2150.861089][   T28] audit: type=1400 audit(2000001609.991:7477): avc:  denied  { nlmsg_write } for  pid=28212 comm="syz.2.8137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 2151.275238][T28226] overlayfs: failed to clone upperpath
[ 2152.745839][   T28] audit: type=1400 audit(2000001611.891:7478): avc:  denied  { write } for  pid=28235 comm="syz.0.8143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 2153.406625][   T28] audit: type=1400 audit(2000001611.891:7479): avc:  denied  { read } for  pid=28235 comm="syz.0.8143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 2153.802174][T28245] overlayfs: failed to clone upperpath
[ 2154.170175][   T28] audit: type=1400 audit(2000001613.311:7480): avc:  denied  { setopt } for  pid=28249 comm="syz.2.8147" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 2154.224394][   T28] audit: type=1400 audit(2000001613.341:7481): avc:  denied  { write } for  pid=28249 comm="syz.2.8147" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 2154.337320][T28252] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8145'.
[ 2154.636041][T28257] overlayfs: failed to clone upperpath
[ 2156.382853][   T28] kauditd_printk_skb: 1 callbacks suppressed
[ 2156.382880][   T28] audit: type=1400 audit(2000001615.471:7483): avc:  denied  { create } for  pid=28256 comm="syz.1.8149" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 2158.513296][T28285] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 2158.522594][T28285] F2FS-fs (loop1): Unable to read 1th superblock
[ 2158.529213][T28285] I/O error, dev loop1, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 2158.538524][T28285] F2FS-fs (loop1): Unable to read 2th superblock
[ 2160.659905][   T28] audit: type=1400 audit(2000001619.801:7484): avc:  denied  { mount } for  pid=28299 comm="syz.5.8159" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 2160.923553][T28308] futex_wake_op: syz.4.8160 tries to shift op by -1; fix this program
[ 2166.914566][   T28] audit: type=1400 audit(2000001624.141:7485): avc:  denied  { create } for  pid=28321 comm="syz.4.8165" anonclass=[userfaultfd] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 2168.229109][   T28] audit: type=1400 audit(2000001624.571:7486): avc:  denied  { ioctl } for  pid=28321 comm="syz.4.8165" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=81975 ioctlcmd=0xaa00 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 2168.631348][T28350] overlayfs: failed to clone upperpath
[ 2169.057380][T28351] hub 6-0:1.0: USB hub found
[ 2169.062443][T28351] hub 6-0:1.0: 1 port detected
[ 2169.729272][T28363] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8174'.
[ 2169.852534][   T28] audit: type=1400 audit(2000001628.141:7487): avc:  denied  { mount } for  pid=28347 comm="syz.5.8170" name="/" dev="ramfs" ino=82018 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[ 2169.890373][   T28] audit: type=1400 audit(2000001628.201:7488): avc:  denied  { write } for  pid=28347 comm="syz.5.8170" name="001" dev="devtmpfs" ino=179 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 2170.164335][   T28] audit: type=1400 audit(2000001628.231:7489): avc:  denied  { create } for  pid=28353 comm="syz.2.8172" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 2170.396237][   T28] audit: type=1400 audit(2000001628.541:7490): avc:  denied  { getopt } for  pid=28353 comm="syz.2.8172" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 2171.150874][T28379] netlink: 32 bytes leftover after parsing attributes in process `syz.4.8178'.
[ 2173.864525][   T28] audit: type=1400 audit(2000001632.781:7491): avc:  denied  { ioctl } for  pid=28386 comm="syz.5.8180" path="socket:[82070]" dev="sockfs" ino=82070 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 2174.114754][T28396] overlayfs: failed to clone upperpath
[ 2176.207256][T28411] overlayfs: failed to clone upperpath
[ 2176.734168][T28412] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8186'.
[ 2176.917322][T28417] overlayfs: failed to clone upperpath
[ 2176.924989][T28416] futex_wake_op: syz.1.8187 tries to shift op by -1; fix this program
[ 2178.775954][   T28] audit: type=1400 audit(2000001636.911:7492): avc:  denied  { read write } for  pid=28418 comm="syz.5.8190" name="fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 2178.801729][   T28] audit: type=1400 audit(2000001636.911:7493): avc:  denied  { open } for  pid=28418 comm="syz.5.8190" path="/dev/fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 2179.007799][   T28] audit: type=1400 audit(2000000000.000:7494): avc:  denied  { read write } for  pid=28430 comm="syz.5.8194" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2179.039820][   T28] audit: type=1400 audit(2000000000.000:7495): avc:  denied  { open } for  pid=28430 comm="syz.5.8194" path="/dev/raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2179.818380][T28441] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8193'.
[ 2180.649279][T28443] netlink: 9 bytes leftover after parsing attributes in process `syz.1.8192'.
[ 2180.992825][T28443] netlink: 5 bytes leftover after parsing attributes in process `syz.1.8192'.
[ 2181.002401][T28443] 1ªX¹¦D: renamed from 
30ªX¹¦D
[ 2181.018672][T28443] A link change request failed with some changes committed already. Interface 
31ªX¹¦D may have been left with an inconsistent configuration, please check.
[ 2181.147743][   T28] audit: type=1400 audit(2000000000.000:7496): avc:  denied  { ioctl } for  pid=28430 comm="syz.5.8194" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2181.884343][T28450] syz.2.8196[28450] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2181.884419][T28450] syz.2.8196[28450] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2183.085491][   T28] audit: type=1400 audit(2000000000.280:7497): avc:  denied  { create } for  pid=28435 comm="syz.2.8195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 2183.168624][   T28] audit: type=1400 audit(2000000000.290:7498): avc:  denied  { setopt } for  pid=28435 comm="syz.2.8195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 2183.189004][   T28] audit: type=1400 audit(2000000000.300:7499): avc:  denied  { bind } for  pid=28435 comm="syz.2.8195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 2183.262884][  T288] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 2183.271057][   T28] audit: type=1400 audit(2000000000.300:7500): avc:  denied  { name_bind } for  pid=28435 comm="syz.2.8195" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[ 2183.282085][T28467] fuse: Bad value for 'fd'
[ 2183.293700][   T28] audit: type=1400 audit(2000000000.300:7501): avc:  denied  { node_bind } for  pid=28435 comm="syz.2.8195" saddr=fe88::3 src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[ 2183.319201][   T28] audit: type=1400 audit(2000000003.200:7502): avc:  denied  { create } for  pid=28444 comm="syz.2.8196" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 2183.339089][   T28] audit: type=1400 audit(2000000003.300:7503): avc:  denied  { ioctl } for  pid=28444 comm="syz.2.8196" path="socket:[81067]" dev="sockfs" ino=81067 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 2184.194267][   T28] kauditd_printk_skb: 7 callbacks suppressed
[ 2184.194286][   T28] audit: type=1400 audit(2000000005.100:7511): avc:  denied  { read } for  pid=28464 comm="syz.1.8200" path="socket:[82192]" dev="sockfs" ino=82192 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 2184.335924][   T28] audit: type=1400 audit(2000000005.270:7512): avc:  denied  { setattr } for  pid=28465 comm="syz.0.8202" name="NETLINK" dev="sockfs" ino=82189 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 2184.442393][T28485] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8206'.
[ 2184.488001][   T28] audit: type=1326 audit(2000000005.490:7513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28459 comm="syz.4.8201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f0818e929 code=0x7fc00000
[ 2184.582616][T28489] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=28489 comm=syz.1.8206
[ 2184.665263][T28492] overlayfs: failed to clone upperpath
[ 2185.054016][T28497] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8208'.
[ 2185.199405][T28504] loop5: detected capacity change from 0 to 512
[ 2185.229232][T28504] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 2185.285825][T28504] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 2185.314381][T28504] Quota error (device loop5): do_check_range: Getting block 196613 out of range 1-5
[ 2185.324335][T28504] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[ 2185.333806][T28504] EXT4-fs error (device loop5): ext4_acquire_dquot:6801: comm syz.5.8209: Failed to acquire dquot type 1
[ 2185.364814][T28504] EXT4-fs (loop5): 1 truncate cleaned up
[ 2185.371492][T28504] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 2186.245026][T28510] netlink: 20 bytes leftover after parsing attributes in process `syz.2.8211'.
[ 2186.443587][T26762] EXT4-fs (loop5): unmounting filesystem.
[ 2186.601166][T28517] overlayfs: failed to clone upperpath
[ 2187.921870][T28544] loop5: detected capacity change from 0 to 512
[ 2187.939223][T28544] EXT4-fs: Ignoring removed bh option
[ 2188.241411][T28544] ext4: Bad value for 'stripe'
[ 2188.251804][T28542] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8219'.
[ 2188.373616][T28549] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8221'.
[ 2188.638745][T28553] bridge0: port 1(
31ªX¹¦D) entered blocking state
[ 2188.645581][T28553] bridge0: port 1(
31ªX¹¦D) entered disabled state
[ 2191.871808][T28564] overlayfs: failed to clone upperpath
[ 2192.815150][   T28] audit: type=1400 audit(2000000013.820:7514): avc:  denied  { name_bind } for  pid=28566 comm="syz.2.8227" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[ 2193.014119][   T28] audit: type=1400 audit(2000000014.020:7515): avc:  denied  { getopt } for  pid=28562 comm="syz.1.8225" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 2193.035725][T28580] overlayfs: failed to clone upperpath
[ 2194.335498][T28596] overlayfs: failed to clone upperpath
[ 2194.999567][   T28] audit: type=1400 audit(2000000015.350:7516): avc:  denied  { mount } for  pid=28588 comm="syz.5.8232" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[ 2195.023323][   T28] audit: type=1400 audit(2000000015.990:7517): avc:  denied  { unmount } for  pid=26762 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[ 2195.049200][T28604] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8234'.
[ 2195.060789][T28604] bridge0: port 2(vlan1) entered blocking state
[ 2195.067293][T28604] bridge0: port 2(vlan1) entered disabled state
[ 2195.265779][T28615] loop5: detected capacity change from 0 to 256
[ 2195.276931][T28616] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8237'.
[ 2195.290229][T28615] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[ 2195.305285][   T28] audit: type=1400 audit(2000000016.310:7518): avc:  denied  { mount } for  pid=28602 comm="syz.5.8235" name="/" dev="loop5" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 2195.340741][T28615] netlink: 32 bytes leftover after parsing attributes in process `syz.5.8235'.
[ 2195.927699][   T28] audit: type=1400 audit(2000000016.930:7519): avc:  denied  { unmount } for  pid=26762 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 2196.174377][   T28] audit: type=1400 audit(2000000017.140:7520): avc:  denied  { write } for  pid=28624 comm="syz.5.8241" name="udplite" dev="proc" ino=4026533109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[ 2198.024161][   T28] audit: type=1400 audit(2000000019.010:7521): avc:  denied  { read } for  pid=28635 comm="syz.5.8244" dev="nsfs" ino=4026533087 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 2198.068844][T28643] overlayfs: failed to clone upperpath
[ 2198.075612][T28640] overlayfs: missing 'lowerdir'
[ 2198.129194][   T28] audit: type=1400 audit(2000000019.010:7522): avc:  denied  { open } for  pid=28635 comm="syz.5.8244" path="net:[4026533087]" dev="nsfs" ino=4026533087 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 2198.497935][   T28] audit: type=1400 audit(2000000019.460:7523): avc:  denied  { ioctl } for  pid=28644 comm="syz.0.8246" path="socket:[82356]" dev="sockfs" ino=82356 ioctlcmd=0x89f1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 2200.007336][T28657] overlayfs: failed to clone upperpath
[ 2201.269262][T28668] loop5: detected capacity change from 0 to 256
[ 2201.276462][   T28] audit: type=1400 audit(2000000021.970:7524): avc:  denied  { write } for  pid=28661 comm="syz.2.8250" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 2201.312592][T28668] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[ 2201.461296][T28668] netlink: 32 bytes leftover after parsing attributes in process `syz.5.8251'.
[ 2203.125189][T28691] fuse: Bad value for 'fd'
[ 2203.187747][T28692] overlayfs: failed to clone upperpath
[ 2203.196795][T28693] overlayfs: failed to clone upperpath
[ 2203.603678][T28697] overlayfs: failed to clone upperpath
[ 2203.838858][T28699] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8261'.
[ 2203.848000][T28699] device 
31ªX¹¦D left promiscuous mode
[ 2203.855169][T28699] bridge0: port 1(
31ªX¹¦D) entered disabled state
[ 2203.862768][   T28] audit: type=1326 audit(2000000024.860:7525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28688 comm="syz.5.8259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca9b8e929 code=0x7fc00000
[ 2203.930901][   T28] audit: type=1400 audit(2000000024.930:7526): avc:  denied  { create } for  pid=28705 comm="syz.1.8263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[ 2203.954123][   T28] audit: type=1400 audit(2000000024.960:7527): avc:  denied  { write } for  pid=28705 comm="syz.1.8263" path="socket:[81398]" dev="sockfs" ino=81398 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[ 2206.071614][T28726] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8267'.
[ 2208.625050][T28755] overlayfs: failed to clone upperpath
[ 2208.631955][   T28] audit: type=1400 audit(2000000029.410:7528): avc:  denied  { accept } for  pid=28749 comm="syz.0.8274" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[ 2209.122159][T28762] loop5: detected capacity change from 0 to 1024
[ 2209.129622][T28762] EXT4-fs: quotafile must be on filesystem root
[ 2210.086179][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 2210.094298][    C0] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[ 2211.586442][   T28] audit: type=1400 audit(2000000032.590:7529): avc:  denied  { create } for  pid=28757 comm="syz.5.8276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2212.111041][   T28] audit: type=1400 audit(2000000032.590:7530): avc:  denied  { bind } for  pid=28757 comm="syz.5.8276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2213.580859][   T28] audit: type=1400 audit(2000000033.680:7531): avc:  denied  { read } for  pid=28765 comm="syz.5.8279" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2213.603760][   T28] audit: type=1400 audit(2000000033.680:7532): avc:  denied  { open } for  pid=28765 comm="syz.5.8279" path="/dev/kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2213.699966][   T28] audit: type=1400 audit(2000000033.820:7533): avc:  denied  { ioctl } for  pid=28765 comm="syz.5.8279" path="/dev/kvm" dev="devtmpfs" ino=83 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2213.969742][T28785] overlayfs: failed to clone upperpath
[ 2214.144422][   T28] audit: type=1400 audit(2000000035.120:7534): avc:  denied  { setattr } for  pid=28782 comm="syz.5.8282" name="/" dev="incremental-fs" ino=634 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 2214.721382][T28790] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 2214.730766][T28790] F2FS-fs (loop5): Unable to read 1th superblock
[ 2214.737617][T28790] I/O error, dev loop5, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 2214.746892][T28790] F2FS-fs (loop5): Unable to read 2th superblock
[ 2215.506026][T28795] loop5: detected capacity change from 0 to 512
[ 2215.858090][T28795] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 2215.872127][T28795] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[ 2215.889792][T28795] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.8284: invalid indirect mapped block 4278190080 (level 0)
[ 2215.905581][T28795] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.8284: invalid indirect mapped block 1 (level 1)
[ 2215.990250][T28795] EXT4-fs (loop5): 1 truncate cleaned up
[ 2215.998897][T28795] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 2216.009008][T28795] EXT4-fs (loop5): unmounting filesystem.
[ 2216.072251][   T28] audit: type=1400 audit(2000000037.070:7535): avc:  denied  { read } for  pid=28791 comm="syz.5.8284" name="msr" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 2216.095696][   T28] audit: type=1400 audit(2000000037.070:7536): avc:  denied  { open } for  pid=28791 comm="syz.5.8284" path="/dev/cpu/0/msr" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 2216.144556][T28802] loop5: detected capacity change from 0 to 128
[ 2216.193114][T28802] syz.5.8284: attempt to access beyond end of device
[ 2216.193114][T28802] loop5: rw=2049, sector=145, nr_sectors = 896 limit=128
[ 2216.238862][T28795] syz.5.8284: attempt to access beyond end of device
[ 2216.238862][T28795] loop5: rw=524288, sector=217, nr_sectors = 112 limit=128
[ 2216.282355][T28805] overlayfs: failed to clone upperpath
[ 2216.287846][T28795] syz.5.8284: attempt to access beyond end of device
[ 2216.287846][T28795] loop5: rw=524288, sector=345, nr_sectors = 128 limit=128
[ 2216.302337][T28795] syz.5.8284: attempt to access beyond end of device
[ 2216.302337][T28795] loop5: rw=0, sector=345, nr_sectors = 8 limit=128
[ 2216.383695][T28795] syz.5.8284: attempt to access beyond end of device
[ 2216.383695][T28795] loop5: rw=0, sector=345, nr_sectors = 8 limit=128
[ 2216.405796][T20549] kworker/u4:0: attempt to access beyond end of device
[ 2216.405796][T20549] loop5: rw=1, sector=329, nr_sectors = 16 limit=128
[ 2216.523563][T28809] overlayfs: failed to clone upperpath
[ 2217.618045][T28819] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8290'.
[ 2218.741542][T28826] loop5: detected capacity change from 0 to 128
[ 2219.495144][T28832] overlayfs: failed to clone upperpath
[ 2219.836805][T28830] tty tty30: ldisc open failed (-12), clearing slot 29
[ 2220.029196][T28845] overlayfs: failed to clone upperpath
[ 2220.765858][T28848] loop5: detected capacity change from 0 to 256
[ 2221.141477][T28848] exFAT-fs (loop5): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[ 2221.210428][   T28] audit: type=1400 audit(2000000042.190:7537): avc:  denied  { mounton } for  pid=28835 comm="syz.5.8296" path="/107/file1/file0" dev="loop5" ino=1048632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 2221.402746][T28856] loop5: detected capacity change from 0 to 256
[ 2221.475847][   T28] audit: type=1400 audit(2000000042.410:7538): avc:  denied  { mounton } for  pid=28850 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[ 2221.592071][T28858] overlayfs: failed to clone upperpath
[ 2221.603771][T28850] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2221.611071][T28850] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2221.624540][T28850] device bridge_slave_0 entered promiscuous mode
[ 2221.645135][T28850] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2221.654323][T28850] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2221.705236][T28850] device bridge_slave_1 entered promiscuous mode
[ 2221.983513][T28850] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2221.990637][T28850] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2221.998088][T28850] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2222.005248][T28850] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2222.056830][T23273] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2222.067794][T23273] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2222.110070][T28867] xt_CT: No such helper "netbios-ns"
[ 2222.132719][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2222.142188][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2222.158146][   T28] audit: type=1400 audit(2000000043.100:7539): avc:  denied  { mount } for  pid=28864 comm="syz.0.8301" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[ 2222.376732][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2222.387389][  T944] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2222.394511][  T944] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2222.407704][   T28] audit: type=1400 audit(2000000043.410:7540): avc:  denied  { read write } for  pid=28868 comm="syz.5.8303" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[ 2222.434391][  T944] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2222.442784][  T944] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2222.449886][  T944] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2222.472894][   T28] audit: type=1400 audit(2000000043.440:7541): avc:  denied  { open } for  pid=28868 comm="syz.5.8303" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[ 2222.567481][T28850] device veth0_vlan entered promiscuous mode
[ 2222.579641][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2222.588005][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2222.596128][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2222.606242][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2222.618046][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2222.628044][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2222.663294][T28874] overlayfs: failed to clone upperpath
[ 2222.683529][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2222.911346][   T28] audit: type=1400 audit(2000000043.910:7542): avc:  denied  { connect } for  pid=28868 comm="syz.5.8303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 2222.934188][   T28] audit: type=1400 audit(2000000043.910:7543): avc:  denied  { ioctl } for  pid=28868 comm="syz.5.8303" path="socket:[82778]" dev="sockfs" ino=82778 ioctlcmd=0x7452 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 2222.959796][   T28] audit: type=1400 audit(2000000043.910:7544): avc:  denied  { write } for  pid=28868 comm="syz.5.8303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 2222.982905][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2222.999953][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2223.007683][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2223.028059][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2223.039686][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2223.117362][T28850] device veth1_macvtap entered promiscuous mode
[ 2223.130474][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2223.142531][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2223.155417][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2223.284005][    C1] ------------[ cut here ]------------
[ 2223.289604][    C1] refcount_t: addition on 0; use-after-free.
[ 2223.295761][    C1] WARNING: CPU: 1 PID: 28879 at lib/refcount.c:25 refcount_warn_saturate+0x104/0x1a0
[ 2223.305264][    C1] Modules linked in:
[ 2223.309179][    C1] CPU: 1 PID: 28879 Comm: syz.0.8304 Tainted: G        W          6.1.141-syzkaller-00036-g7011769d221c #0
[ 2223.320610][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2223.330702][    C1] RIP: 0010:refcount_warn_saturate+0x104/0x1a0
[ 2223.336902][    C1] Code: 05 01 48 c7 c7 e0 a1 a9 85 e8 38 fb dd fe 0f 0b eb df e8 6f b5 0c ff c6 05 cf ab 0b 05 01 48 c7 c7 20 a1 a9 85 e8 1c fb dd fe <0f> 0b eb c3 e8 53 b5 0c ff c6 05 b4 ab 0b 05 01 48 c7 c7 80 a1 a9
[ 2223.356537][    C1] RSP: 0000:ffffc900001b0820 EFLAGS: 00010246
[ 2223.362629][    C1] RAX: 1cd427d81e5bba00 RBX: 0000000000000002 RCX: ffff88814640e540
[ 2223.368230][T28880] overlayfs: failed to clone upperpath
[ 2223.370654][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[ 2223.384151][    C1] RBP: ffffc900001b0830 R08: dffffc0000000000 R09: fffff52000036081
[ 2223.392207][    C1] R10: fffff52000036081 R11: 1ffff92000036080 R12: ffffc900001b09b8
[ 2223.400231][    C1] R13: dffffc0000000000 R14: 0000000000000002 R15: ffff888125b6b000
[ 2223.408266][    C1] FS:  00007fb5632316c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 2223.417244][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2223.423862][    C1] CR2: 000000110c2eebc1 CR3: 000000010824a000 CR4: 00000000003506a0
[ 2223.431901][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2223.439922][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2223.448007][    C1] Call Trace:
[ 2223.451304][    C1]  <IRQ>
[ 2223.454189][    C1]  tipc_crypto_xmit+0x1822/0x2220
[ 2223.459231][    C1]  ? __cfi_tipc_crypto_xmit+0x10/0x10
[ 2223.464643][    C1]  ? skb_clone+0x228/0x380
[ 2223.469121][    C1]  tipc_crypto_clone_msg+0x9b/0x160
[ 2223.474366][    C1]  tipc_crypto_xmit+0x1992/0x2220
[ 2223.479413][    C1]  ? __irq_exit_rcu+0x52/0xf0
[ 2223.484177][    C1]  ? __cfi_tipc_crypto_xmit+0x10/0x10
[ 2223.489575][    C1]  ? __copy_skb_header+0x49f/0x630
[ 2223.494752][    C1]  tipc_bearer_xmit_skb+0x226/0x380
[ 2223.499980][    C1]  ? __skb_clone+0x47a/0x790
[ 2223.504618][    C1]  ? __cfi_tipc_bearer_xmit_skb+0x10/0x10
[ 2223.510373][    C1]  ? skb_clone+0x228/0x380
[ 2223.512500][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2223.514823][    C1]  tipc_disc_timeout+0x6a2/0x830
[ 2223.514855][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 2223.514882][    C1]  ? __kasan_check_write+0x14/0x20
[ 2223.538405][    C1]  ? _raw_spin_lock+0x8e/0xe0
[ 2223.543129][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[ 2223.548400][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 2223.553893][    C1]  call_timer_fn+0x46/0x2a0
[ 2223.555149][T23273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2223.558448][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 2223.572114][    C1]  __run_timers+0x639/0x9a0
[ 2223.576735][    C1]  ? calc_index+0x200/0x200
[ 2223.581352][    C1]  ? kvm_sched_clock_read+0x18/0x40
[ 2223.586634][    C1]  run_timer_softirq+0x6a/0xf0
[ 2223.591444][    C1]  handle_softirqs+0x1d7/0x600
[ 2223.596461][    C1]  __irq_exit_rcu+0x52/0xf0
[ 2223.600987][    C1]  irq_exit_rcu+0x9/0x10
[ 2223.605287][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 2223.610944][    C1]  </IRQ>
[ 2223.613871][    C1]  <TASK>
[ 2223.616838][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 2223.622837][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x1/0x60
[ 2223.628942][    C1] Code: fb e8 23 00 00 00 48 8b 3d 4c 2a 02 06 48 89 de e8 d4 9f 43 00 5b 5d c3 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 <48> 89 e5 48 8b 45 08 65 48 8b 0d 40 76 92 7e 65 8b 15 41 76 92 7e
[ 2223.648615][    C1] RSP: 0000:ffffc90006037430 EFLAGS: 00000297
[ 2223.654700][    C1] RAX: 0000000000000002 RBX: dffffc0000000000 RCX: 0000000000000003
[ 2223.662686][    C1] RDX: ffffffff8236b659 RSI: ffffffff871754e0 RDI: 0000000000000001
[ 2223.670761][    C1] RBP: ffffc90006037648 R08: ffff88814640e540 R09: 0000000000000002
[ 2223.678766][    C1] R10: 000000000000000a R11: 0000000000000002 R12: 1ffff11026d9bff0
[ 2223.686763][    C1] R13: ffff888136cdff80 R14: 0000000000000001 R15: 1ffff92000c06e90
[ 2223.694773][    C1]  ? selinux_socket_sock_rcv_skb+0x129/0x7c0
[ 2223.700773][    C1]  ? selinux_socket_sock_rcv_skb+0x2c5/0x7c0
[ 2223.706837][    C1]  ? __cfi_selinux_socket_sock_rcv_skb+0x10/0x10
[ 2223.713190][    C1]  ? release_firmware_map_entry+0x194/0x194
[ 2223.719146][    C1]  ? avc_has_perm+0x158/0x240
[ 2223.723845][    C1]  ? __kasan_check_read+0x11/0x20
[ 2223.728910][    C1]  ? schedule+0xd4/0x170
[ 2223.733273][    C1]  ? schedule_timeout+0xa6/0x2e0
[ 2223.738256][    C1]  ? __cfi_schedule_timeout+0x10/0x10
[ 2223.743653][    C1]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 2223.749487][    C1]  ? prepare_to_wait_exclusive+0x191/0x1d0
[ 2223.755334][    C1]  security_sock_rcv_skb+0x7c/0xb0
[ 2223.760453][    C1]  sk_filter_trim_cap+0x125/0x700
[ 2223.765501][    C1]  ? __cfi_autoremove_wake_function+0x10/0x10
[ 2223.771591][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[ 2223.776817][    C1]  ? __kasan_check_read+0x11/0x20
[ 2223.781888][    C1]  unix_dgram_sendmsg+0x926/0x16d0
[ 2223.787043][    C1]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[ 2223.792609][    C1]  ? __perf_event_task_sched_in+0x188/0x1d0
[ 2223.798532][    C1]  ? __cfi___perf_event_task_sched_in+0x10/0x10
[ 2223.804823][    C1]  ? security_socket_sendmsg+0x93/0xb0
[ 2223.810292][    C1]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[ 2223.815862][    C1]  ____sys_sendmsg+0x5a9/0x990
[ 2223.820646][    C1]  ? __kasan_check_write+0x14/0x20
[ 2223.825816][    C1]  ? __sys_sendmsg_sock+0x40/0x40
[ 2223.830856][    C1]  ? __schedule+0xb8f/0x14e0
[ 2223.835480][    C1]  ? import_iovec+0x7c/0xb0
[ 2223.840034][    C1]  ___sys_sendmsg+0x21c/0x290
[ 2223.844741][    C1]  ? __sys_sendmsg+0x270/0x270
[ 2223.849518][    C1]  ? futex_unqueue+0x132/0x160
[ 2223.854318][    C1]  ? __kasan_check_write+0x14/0x20
[ 2223.859482][    C1]  ? _raw_spin_lock_irqsave+0xb0/0x110
[ 2223.864986][    C1]  ? __fdget+0x19c/0x220
[ 2223.869261][    C1]  __sys_sendmmsg+0x274/0x460
[ 2223.873935][    C1]  ? __cfi___sys_sendmmsg+0x10/0x10
[ 2223.879185][    C1]  ? bpf_trace_run2+0x104/0x250
[ 2223.884066][    C1]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2223.889356][    C1]  __x64_sys_sendmmsg+0xa0/0xb0
[ 2223.894317][    C1]  x64_sys_call+0x3f5/0x9a0
[ 2223.898853][    C1]  do_syscall_64+0x4c/0xa0
[ 2223.903264][    C1]  ? clear_bhb_loop+0x30/0x80
[ 2223.907982][    C1]  ? clear_bhb_loop+0x30/0x80
[ 2223.912677][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2223.918592][    C1] RIP: 0033:0x7fb56238e929
[ 2223.923020][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2223.942650][    C1] RSP: 002b:00007fb563231038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2223.951089][    C1] RAX: ffffffffffffffda RBX: 00007fb5625b5fa0 RCX: 00007fb56238e929
[ 2223.959113][    C1] RDX: 0000000000000651 RSI: 0000200000000000 RDI: 0000000000000004
[ 2223.967115][    C1] RBP: 00007fb562410b39 R08: 0000000000000000 R09: 0000000000000000
[ 2223.975111][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2223.983103][    C1] R13: 0000000000000000 R14: 00007fb5625b5fa0 R15: 00007ffd1c281828
[ 2223.991110][    C1]  </TASK>
[ 2223.994164][    C1] ---[ end trace 0000000000000000 ]---
[ 2223.999706][    C1] ------------[ cut here ]------------
[ 2224.005168][    C1] refcount_t: underflow; use-after-free.
[ 2224.010890][    C1] WARNING: CPU: 1 PID: 28879 at lib/refcount.c:28 refcount_warn_saturate+0x120/0x1a0
[ 2224.020374][    C1] Modules linked in:
[ 2224.024297][    C1] CPU: 1 PID: 28879 Comm: syz.0.8304 Tainted: G        W          6.1.141-syzkaller-00036-g7011769d221c #0
[ 2224.035673][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2224.045748][    C1] RIP: 0010:refcount_warn_saturate+0x120/0x1a0
[ 2224.051898][    C1] Code: 05 01 48 c7 c7 20 a1 a9 85 e8 1c fb dd fe 0f 0b eb c3 e8 53 b5 0c ff c6 05 b4 ab 0b 05 01 48 c7 c7 80 a1 a9 85 e8 00 fb dd fe <0f> 0b eb a7 e8 37 b5 0c ff c6 05 95 ab 0b 05 01 48 c7 c7 c0 a0 a9
[ 2224.071511][    C1] RSP: 0000:ffffc900001b0820 EFLAGS: 00010246
[ 2224.077618][    C1] RAX: 1cd427d81e5bba00 RBX: 0000000000000003 RCX: ffff88814640e540
[ 2224.085663][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[ 2224.093652][    C1] RBP: ffffc900001b0830 R08: dffffc0000000000 R09: fffff520000360a5
[ 2224.101681][    C1] R10: fffff520000360a5 R11: 1ffff920000360a4 R12: 00000000c0000000
[ 2224.109690][    C1] R13: dffffc0000000000 R14: 0000000000000003 R15: ffff888125b6b000
[ 2224.117693][    C1] FS:  00007fb5632316c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 2224.126637][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2224.133236][    C1] CR2: 000000110c2eebc1 CR3: 000000010824a000 CR4: 00000000003506a0
[ 2224.141248][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2224.149256][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2224.157249][    C1] Call Trace:
[ 2224.160537][    C1]  <IRQ>
[ 2224.163375][    C1]  tipc_crypto_xmit+0x195e/0x2220
[ 2224.168430][    C1]  ? __cfi_tipc_crypto_xmit+0x10/0x10
[ 2224.173820][    C1]  ? skb_clone+0x228/0x380
[ 2224.178264][    C1]  tipc_crypto_clone_msg+0x9b/0x160
[ 2224.183487][    C1]  tipc_crypto_xmit+0x1992/0x2220
[ 2224.188532][    C1]  ? __irq_exit_rcu+0x52/0xf0
[ 2224.193408][    C1]  ? __cfi_tipc_crypto_xmit+0x10/0x10
[ 2224.198808][    C1]  ? __copy_skb_header+0x49f/0x630
[ 2224.203990][    C1]  tipc_bearer_xmit_skb+0x226/0x380
[ 2224.209208][    C1]  ? __skb_clone+0x47a/0x790
[ 2224.213814][    C1]  ? __cfi_tipc_bearer_xmit_skb+0x10/0x10
[ 2224.219656][    C1]  ? skb_clone+0x228/0x380
[ 2224.224104][    C1]  tipc_disc_timeout+0x6a2/0x830
[ 2224.229041][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 2224.234522][    C1]  ? __kasan_check_write+0x14/0x20
[ 2224.239656][    C1]  ? _raw_spin_lock+0x8e/0xe0
[ 2224.244452][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[ 2224.249670][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 2224.255181][    C1]  call_timer_fn+0x46/0x2a0
[ 2224.259786][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 2224.265271][    C1]  __run_timers+0x639/0x9a0
[ 2224.269805][    C1]  ? calc_index+0x200/0x200
[ 2224.274345][    C1]  ? kvm_sched_clock_read+0x18/0x40
[ 2224.279581][    C1]  run_timer_softirq+0x6a/0xf0
[ 2224.284367][    C1]  handle_softirqs+0x1d7/0x600
[ 2224.289151][    C1]  __irq_exit_rcu+0x52/0xf0
[ 2224.293648][    C1]  irq_exit_rcu+0x9/0x10
[ 2224.297939][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 2224.303593][    C1]  </IRQ>
[ 2224.306556][    C1]  <TASK>
[ 2224.309495][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 2224.315495][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x1/0x60
[ 2224.321587][    C1] Code: fb e8 23 00 00 00 48 8b 3d 4c 2a 02 06 48 89 de e8 d4 9f 43 00 5b 5d c3 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 <48> 89 e5 48 8b 45 08 65 48 8b 0d 40 76 92 7e 65 8b 15 41 76 92 7e
[ 2224.341321][    C1] RSP: 0000:ffffc90006037430 EFLAGS: 00000297
[ 2224.347524][    C1] RAX: 0000000000000002 RBX: dffffc0000000000 RCX: 0000000000000003
[ 2224.355604][    C1] RDX: ffffffff8236b659 RSI: ffffffff871754e0 RDI: 0000000000000001
[ 2224.363584][    C1] RBP: ffffc90006037648 R08: ffff88814640e540 R09: 0000000000000002
[ 2224.371579][    C1] R10: 000000000000000a R11: 0000000000000002 R12: 1ffff11026d9bff0
[ 2224.379589][    C1] R13: ffff888136cdff80 R14: 0000000000000001 R15: 1ffff92000c06e90
[ 2224.387595][    C1]  ? selinux_socket_sock_rcv_skb+0x129/0x7c0
[ 2224.393606][    C1]  ? selinux_socket_sock_rcv_skb+0x2c5/0x7c0
[ 2224.399620][    C1]  ? __cfi_selinux_socket_sock_rcv_skb+0x10/0x10
[ 2224.405988][    C1]  ? release_firmware_map_entry+0x194/0x194
[ 2224.411889][    C1]  ? avc_has_perm+0x158/0x240
[ 2224.416680][    C1]  ? __kasan_check_read+0x11/0x20
[ 2224.421754][    C1]  ? schedule+0xd4/0x170
[ 2224.426024][    C1]  ? schedule_timeout+0xa6/0x2e0
[ 2224.430979][    C1]  ? __cfi_schedule_timeout+0x10/0x10
[ 2224.436365][    C1]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 2224.442225][    C1]  ? prepare_to_wait_exclusive+0x191/0x1d0
[ 2224.448064][    C1]  security_sock_rcv_skb+0x7c/0xb0
[ 2224.453198][    C1]  sk_filter_trim_cap+0x125/0x700
[ 2224.458341][    C1]  ? __cfi_autoremove_wake_function+0x10/0x10
[ 2224.464553][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[ 2224.469759][    C1]  ? __kasan_check_read+0x11/0x20
[ 2224.474826][    C1]  unix_dgram_sendmsg+0x926/0x16d0
[ 2224.479962][    C1]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[ 2224.485527][    C1]  ? __perf_event_task_sched_in+0x188/0x1d0
[ 2224.491433][    C1]  ? __cfi___perf_event_task_sched_in+0x10/0x10
[ 2224.497706][    C1]  ? security_socket_sendmsg+0x93/0xb0
[ 2224.503213][    C1]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[ 2224.508873][    C1]  ____sys_sendmsg+0x5a9/0x990
[ 2224.513654][    C1]  ? __kasan_check_write+0x14/0x20
[ 2224.518887][    C1]  ? __sys_sendmsg_sock+0x40/0x40
[ 2224.524048][    C1]  ? __schedule+0xb8f/0x14e0
[ 2224.528682][    C1]  ? import_iovec+0x7c/0xb0
[ 2224.533182][    C1]  ___sys_sendmsg+0x21c/0x290
[ 2224.537880][    C1]  ? __sys_sendmsg+0x270/0x270
[ 2224.542663][    C1]  ? futex_unqueue+0x132/0x160
[ 2224.547565][    C1]  ? __kasan_check_write+0x14/0x20
[ 2224.552703][    C1]  ? _raw_spin_lock_irqsave+0xb0/0x110
[ 2224.558202][    C1]  ? __fdget+0x19c/0x220
[ 2224.562482][    C1]  __sys_sendmmsg+0x274/0x460
[ 2224.567185][    C1]  ? __cfi___sys_sendmmsg+0x10/0x10
[ 2224.572399][    C1]  ? bpf_trace_run2+0x104/0x250
[ 2224.577280][    C1]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2224.582582][    C1]  __x64_sys_sendmmsg+0xa0/0xb0
[ 2224.587452][    C1]  x64_sys_call+0x3f5/0x9a0
[ 2224.591969][    C1]  do_syscall_64+0x4c/0xa0
[ 2224.596399][    C1]  ? clear_bhb_loop+0x30/0x80
[ 2224.601086][    C1]  ? clear_bhb_loop+0x30/0x80
[ 2224.605792][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2224.611716][    C1] RIP: 0033:0x7fb56238e929
[ 2224.616157][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2224.635799][    C1] RSP: 002b:00007fb563231038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2224.644241][    C1] RAX: ffffffffffffffda RBX: 00007fb5625b5fa0 RCX: 00007fb56238e929
[ 2224.652228][    C1] RDX: 0000000000000651 RSI: 0000200000000000 RDI: 0000000000000004
[ 2224.660245][    C1] RBP: 00007fb562410b39 R08: 0000000000000000 R09: 0000000000000000
[ 2224.668324][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2224.676317][    C1] R13: 0000000000000000 R14: 00007fb5625b5fa0 R15: 00007ffd1c281828
[ 2224.684325][    C1]  </TASK>
[ 2224.687337][    C1] ---[ end trace 0000000000000000 ]---
[ 2224.692866][    C1] ------------[ cut here ]------------
[ 2224.698332][    C1] refcount_t: saturated; leaking memory.
[ 2224.704079][    C1] WARNING: CPU: 1 PID: 28879 at lib/refcount.c:22 refcount_warn_saturate+0x158/0x1a0
[ 2224.713537][    C1] Modules linked in:
[ 2224.717447][    C1] CPU: 1 PID: 28879 Comm: syz.0.8304 Tainted: G        W          6.1.141-syzkaller-00036-g7011769d221c #0
[ 2224.728839][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2224.738929][    C1] RIP: 0010:refcount_warn_saturate+0x158/0x1a0
[ 2224.745122][    C1] Code: 05 01 48 c7 c7 c0 a0 a9 85 e8 e4 fa dd fe 0f 0b eb 8b e8 1b b5 0c ff c6 05 7a ab 0b 05 01 48 c7 c7 c0 a0 a9 85 e8 c8 fa dd fe <0f> 0b e9 6c ff ff ff e8 fc b4 0c ff c6 05 5f ab 0b 05 01 48 c7 c7
[ 2224.764755][    C1] RSP: 0000:ffffc900001b09e0 EFLAGS: 00010246
[ 2224.770842][    C1] RAX: 1cd427d81e5bba00 RBX: 0000000000000001 RCX: ffff88814640e540
[ 2224.778839][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[ 2224.786839][    C1] RBP: ffffc900001b09f0 R08: dffffc0000000000 R09: fffff520000360dd
[ 2224.794826][    C1] R10: fffff520000360dd R11: 1ffff920000360dc R12: ffffc900001b0ba0
[ 2224.802808][    C1] R13: dffffc0000000000 R14: 0000000000000001 R15: ffff888145558c00
[ 2224.810800][    C1] FS:  00007fb5632316c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 2224.819761][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2224.826366][    C1] CR2: 000000110c2eebc1 CR3: 000000010824a000 CR4: 00000000003506a0
[ 2224.834365][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2224.842327][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2224.850419][    C1] Call Trace:
[ 2224.853742][    C1]  <IRQ>
[ 2224.856612][    C1]  tipc_crypto_xmit+0x1822/0x2220
[ 2224.861659][    C1]  ? __irq_exit_rcu+0x52/0xf0
[ 2224.866363][    C1]  ? __cfi_tipc_crypto_xmit+0x10/0x10
[ 2224.871757][    C1]  ? __copy_skb_header+0x49f/0x630
[ 2224.876906][    C1]  tipc_bearer_xmit_skb+0x226/0x380
[ 2224.882126][    C1]  ? __skb_clone+0x47a/0x790
[ 2224.886752][    C1]  ? __cfi_tipc_bearer_xmit_skb+0x10/0x10
[ 2224.892593][    C1]  ? skb_clone+0x228/0x380
[ 2224.897042][    C1]  tipc_disc_timeout+0x6a2/0x830
[ 2224.902045][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 2224.907550][    C1]  ? __kasan_check_write+0x14/0x20
[ 2224.912704][    C1]  ? _raw_spin_lock+0x8e/0xe0
[ 2224.917478][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[ 2224.922706][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 2224.928198][    C1]  call_timer_fn+0x46/0x2a0
[ 2224.932721][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 2224.938222][    C1]  __run_timers+0x639/0x9a0
[ 2224.942832][    C1]  ? calc_index+0x200/0x200
[ 2224.947354][    C1]  ? kvm_sched_clock_read+0x18/0x40
[ 2224.952573][    C1]  run_timer_softirq+0x6a/0xf0
[ 2224.957353][    C1]  handle_softirqs+0x1d7/0x600
[ 2224.962133][    C1]  __irq_exit_rcu+0x52/0xf0
[ 2224.966655][    C1]  irq_exit_rcu+0x9/0x10
[ 2224.970915][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 2224.976579][    C1]  </IRQ>
[ 2224.979521][    C1]  <TASK>
[ 2224.982446][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 2224.988453][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x1/0x60
[ 2224.994648][    C1] Code: fb e8 23 00 00 00 48 8b 3d 4c 2a 02 06 48 89 de e8 d4 9f 43 00 5b 5d c3 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 <48> 89 e5 48 8b 45 08 65 48 8b 0d 40 76 92 7e 65 8b 15 41 76 92 7e
[ 2225.014282][    C1] RSP: 0000:ffffc90006037430 EFLAGS: 00000297
[ 2225.020397][    C1] RAX: 0000000000000002 RBX: dffffc0000000000 RCX: 0000000000000003
[ 2225.028494][    C1] RDX: ffffffff8236b659 RSI: ffffffff871754e0 RDI: 0000000000000001
[ 2225.036502][    C1] RBP: ffffc90006037648 R08: ffff88814640e540 R09: 0000000000000002
[ 2225.044496][    C1] R10: 000000000000000a R11: 0000000000000002 R12: 1ffff11026d9bff0
[ 2225.052495][    C1] R13: ffff888136cdff80 R14: 0000000000000001 R15: 1ffff92000c06e90
[ 2225.060496][    C1]  ? selinux_socket_sock_rcv_skb+0x129/0x7c0
[ 2225.066549][    C1]  ? selinux_socket_sock_rcv_skb+0x2c5/0x7c0
[ 2225.072536][    C1]  ? __cfi_selinux_socket_sock_rcv_skb+0x10/0x10
[ 2225.078891][    C1]  ? release_firmware_map_entry+0x194/0x194
[ 2225.084828][    C1]  ? avc_has_perm+0x158/0x240
[ 2225.089512][    C1]  ? __kasan_check_read+0x11/0x20
[ 2225.094563][    C1]  ? schedule+0xd4/0x170
[ 2225.098827][    C1]  ? schedule_timeout+0xa6/0x2e0
[ 2225.103765][    C1]  ? __cfi_schedule_timeout+0x10/0x10
[ 2225.109174][    C1]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 2225.115109][    C1]  ? prepare_to_wait_exclusive+0x191/0x1d0
[ 2225.121001][    C1]  security_sock_rcv_skb+0x7c/0xb0
[ 2225.126162][    C1]  sk_filter_trim_cap+0x125/0x700
[ 2225.131210][    C1]  ? __cfi_autoremove_wake_function+0x10/0x10
[ 2225.137313][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[ 2225.142539][    C1]  ? __kasan_check_read+0x11/0x20
[ 2225.147600][    C1]  unix_dgram_sendmsg+0x926/0x16d0
[ 2225.152743][    C1]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[ 2225.158315][    C1]  ? __perf_event_task_sched_in+0x188/0x1d0
[ 2225.164238][    C1]  ? __cfi___perf_event_task_sched_in+0x10/0x10
[ 2225.170572][    C1]  ? security_socket_sendmsg+0x93/0xb0
[ 2225.176065][    C1]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[ 2225.181631][    C1]  ____sys_sendmsg+0x5a9/0x990
[ 2225.186431][    C1]  ? __kasan_check_write+0x14/0x20
[ 2225.191573][    C1]  ? __sys_sendmsg_sock+0x40/0x40
[ 2225.196652][    C1]  ? __schedule+0xb8f/0x14e0
[ 2225.201284][    C1]  ? import_iovec+0x7c/0xb0
[ 2225.205814][    C1]  ___sys_sendmsg+0x21c/0x290
[ 2225.210606][    C1]  ? __sys_sendmsg+0x270/0x270
[ 2225.215395][    C1]  ? futex_unqueue+0x132/0x160
[ 2225.220185][    C1]  ? __kasan_check_write+0x14/0x20
[ 2225.225322][    C1]  ? _raw_spin_lock_irqsave+0xb0/0x110
[ 2225.230811][    C1]  ? __fdget+0x19c/0x220
[ 2225.235078][    C1]  __sys_sendmmsg+0x274/0x460
[ 2225.239860][    C1]  ? __cfi___sys_sendmmsg+0x10/0x10
[ 2225.245086][    C1]  ? bpf_trace_run2+0x104/0x250
[ 2225.249985][    C1]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2225.255309][    C1]  __x64_sys_sendmmsg+0xa0/0xb0
[ 2225.260176][    C1]  x64_sys_call+0x3f5/0x9a0
[ 2225.264708][    C1]  do_syscall_64+0x4c/0xa0
[ 2225.269235][    C1]  ? clear_bhb_loop+0x30/0x80
[ 2225.273905][    C1]  ? clear_bhb_loop+0x30/0x80
[ 2225.278630][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2225.284586][    C1] RIP: 0033:0x7fb56238e929
[ 2225.288997][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2225.308625][    C1] RSP: 002b:00007fb563231038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2225.317074][    C1] RAX: ffffffffffffffda RBX: 00007fb5625b5fa0 RCX: 00007fb56238e929
[ 2225.325094][    C1] RDX: 0000000000000651 RSI: 0000200000000000 RDI: 0000000000000004
[ 2225.333076][    C1] RBP: 00007fb562410b39 R08: 0000000000000000 R09: 0000000000000000
[ 2225.341077][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2225.349106][    C1] R13: 0000000000000000 R14: 00007fb5625b5fa0 R15: 00007ffd1c281828
[ 2225.357105][    C1]  </TASK>
[ 2225.360133][    C1] ---[ end trace 0000000000000000 ]---
[ 2225.381145][   T28] audit: type=1400 audit(2000000046.380:7545): avc:  denied  { mounton } for  pid=28850 comm="syz-executor" path="/root/syzkaller.8l3znw/syz-tmp" dev="sda1" ino=2051 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 2225.426816][   T28] audit: type=1400 audit(2000000046.410:7546): avc:  denied  { mount } for  pid=28850 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 2225.464227][  T933] tipc: Disabling bearer <udp:syz2>
[ 2225.472544][  T933] tipc: Left network mode
[ 2225.495600][T28891] loop5: detected capacity change from 0 to 256
[ 2225.523023][T28891] FAT-fs (loop5): Directory bread(block 64) failed
[ 2225.534114][T28891] FAT-fs (loop5): Directory bread(block 65) failed
[ 2225.540807][T28891] FAT-fs (loop5): Directory bread(block 66) failed
[ 2225.549934][T28891] FAT-fs (loop5): Directory bread(block 67) failed
[ 2225.557865][  T933] ------------[ cut here ]------------
[ 2225.563377][  T933] refcount_t: saturated; leaking memory.
[ 2225.615196][T28891] FAT-fs (loop5): Directory bread(block 68) failed
[ 2225.624998][  T933] WARNING: CPU: 0 PID: 933 at lib/refcount.c:19 refcount_warn_saturate+0x13c/0x1a0
[ 2225.634536][  T933] Modules linked in:
[ 2225.638472][  T933] CPU: 0 PID: 933 Comm: kworker/u4:145 Tainted: G        W          6.1.141-syzkaller-00036-g7011769d221c #0
[ 2225.650096][  T933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2225.660215][  T933] Workqueue: netns cleanup_net
[ 2225.665016][  T933] RIP: 0010:refcount_warn_saturate+0x13c/0x1a0
[ 2225.671191][  T933] Code: 05 01 48 c7 c7 80 a1 a9 85 e8 00 fb dd fe 0f 0b eb a7 e8 37 b5 0c ff c6 05 95 ab 0b 05 01 48 c7 c7 c0 a0 a9 85 e8 e4 fa dd fe <0f> 0b eb 8b e8 1b b5 0c ff c6 05 7a ab 0b 05 01 48 c7 c7 c0 a0 a9
[ 2225.690862][  T933] RSP: 0018:ffffc9000e9877c0 EFLAGS: 00010246
[ 2225.697000][  T933] RAX: 419e375b7967f300 RBX: 0000000000000000 RCX: ffff888134633cc0
[ 2225.705198][  T933] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[ 2225.713181][  T933] RBP: ffffc9000e9877d0 R08: dffffc0000000000 R09: fffff52001d30e75
[ 2225.715647][T28891] FAT-fs (loop5): Directory bread(block 69) failed
[ 2225.721219][  T933] R10: fffff52001d30e75 R11: 1ffff92001d30e74 R12: 1ffff92001d30f04
[ 2225.735694][  T933] R13: ffffc9000e987840 R14: 0000000000000000 R15: ffff88810b89698c
[ 2225.743888][  T933] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 2225.752903][  T933] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2225.759530][  T933] CR2: 0000001b2dc1eff8 CR3: 0000000006e0f000 CR4: 00000000003506b0
[ 2225.767558][  T933] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2225.775562][  T933] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2225.783550][  T933] Call Trace:
[ 2225.786853][  T933]  <TASK>
[ 2225.789801][  T933]  nf_nat_masq_schedule+0x46b/0x4e0
[ 2225.795066][  T933]  ? __kasan_check_write+0x14/0x20
[ 2225.800277][  T933]  ? __cfi_device_cmp+0x10/0x10
[ 2225.805167][  T933]  ? masq_device_event+0xd0/0xd0
[ 2225.810124][  T933]  ? nfqnl_rcv_dev_event+0x441/0x470
[ 2225.815499][  T933]  ? rtnl_is_locked+0x15/0x20
[ 2225.820265][  T933]  masq_device_event+0x9b/0xd0
[ 2225.825288][  T933]  raw_notifier_call_chain+0xa1/0x110
[ 2225.830711][  T933]  dev_close_many+0x32d/0x4d0
[ 2225.835616][  T933]  ? __cfi_dev_close_many+0x10/0x10
[ 2225.840845][  T933]  ? wait_for_common+0x54c/0x620
[ 2225.846089][  T933]  ? __kasan_check_read+0x11/0x20
[ 2225.851159][  T933]  unregister_netdevice_many+0x439/0x1820
[ 2225.856927][  T933]  ? __cfi_unregister_netdevice_many+0x10/0x10
[ 2225.856978][T28891] FAT-fs (loop5): Directory bread(block 70) failed
[ 2225.863100][  T933]  ? unregister_netdevice_queue+0x1aa/0x360
[ 2225.863128][  T933]  ? __cfi_unregister_netdevice_queue+0x10/0x10
[ 2225.869819][T28891] FAT-fs (loop5): Directory bread(block 71) failed
[ 2225.875587][  T933]  ? rcu_barrier+0x7e/0x600
[ 2225.882029][T28891] FAT-fs (loop5): Directory bread(block 72) failed
[ 2225.888334][  T933]  ip6gre_exit_batch_net+0x5a8/0x5f0
[ 2225.893020][T28891] FAT-fs (loop5): Directory bread(block 73) failed
[ 2225.899371][  T933]  ? __cfi_ip6gre_exit_batch_net+0x10/0x10
[ 2225.899412][  T933]  ? __cfi_ip6gre_exit_batch_net+0x10/0x10
[ 2225.923161][  T933]  cleanup_net+0x62d/0xb00
[ 2225.927739][  T933]  ? __cfi_cleanup_net+0x10/0x10
[ 2225.932769][  T933]  ? pwq_dec_nr_in_flight+0x18c/0x3c0
[ 2225.938282][  T933]  process_one_work+0x71f/0xc40
[ 2225.943233][  T933]  worker_thread+0xa29/0x11f0
[ 2225.948018][  T933]  kthread+0x281/0x320
[ 2225.952144][  T933]  ? __cfi_worker_thread+0x10/0x10
[ 2225.957355][  T933]  ? __cfi_kthread+0x10/0x10
[ 2225.962026][  T933]  ret_from_fork+0x1f/0x30
[ 2225.966755][  T933]  </TASK>
[ 2225.969813][  T933] ---[ end trace 0000000000000000 ]---
[ 2227.721831][   T28] kauditd_printk_skb: 4 callbacks suppressed
[ 2227.721850][   T28] audit: type=1400 audit(2000000048.170:7551): avc:  denied  { sqpoll } for  pid=28894 comm="syz.4.8309" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 2227.749376][  T933] ------------[ cut here ]------------
[ 2227.755046][  T933] WARNING: CPU: 0 PID: 933 at lib/ref_tracker.c:77 ref_tracker_alloc+0x2ae/0x430
[ 2227.764297][  T933] Modules linked in:
[ 2227.768229][  T933] CPU: 0 PID: 933 Comm: kworker/u4:145 Tainted: G        W          6.1.141-syzkaller-00036-g7011769d221c #0
[ 2227.780264][  T933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2227.790642][  T933] Workqueue: netns cleanup_net
[ 2227.795697][  T933] RIP: 0010:ref_tracker_alloc+0x2ae/0x430
[ 2227.801670][  T933] Code: f9 e5 fe 48 bb 00 00 00 00 00 fc ff df 4c 8b 74 24 08 48 8b 7c 24 10 48 8b 74 24 18 e8 1b 47 66 02 31 c0 eb 6d e8 52 f9 e5 fe <0f> 0b 4d 85 e4 0f 85 09 fe ff ff 4c 8b 64 24 10 4d 8d 74 24 0c 4c
[ 2227.821364][  T933] RSP: 0018:ffffc9000e9876a0 EFLAGS: 00010293
[ 2227.827498][  T933] RAX: ffffffff8289fe1e RBX: dffffc0000000000 RCX: ffff888134633cc0
[ 2227.835518][  T933] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000e987760
[ 2227.843508][  T933] RBP: ffffc9000e9877d0 R08: dffffc0000000000 R09: ffffc9000e9876e0
[ 2227.851534][  T933] R10: fffff52001d30eec R11: 1ffff92001d30edc R12: ffff888145fafc38
[ 2227.859551][  T933] R13: ffff88810b8969a0 R14: 0000000000000cc0 R15: ffff88810b896990
[ 2227.867559][  T933] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 2227.876525][  T933] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2227.883131][  T933] CR2: 00007f7ea8780ab8 CR3: 00000001164c5000 CR4: 00000000003506b0
[ 2227.891142][  T933] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2227.899164][  T933] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2227.907217][  T933] Call Trace:
[ 2227.910511][  T933]  <TASK>
[ 2227.913506][  T933]  ? __cfi_ref_tracker_alloc+0x10/0x10
[ 2227.919019][  T933]  ? kasan_save_alloc_info+0x25/0x30
[ 2227.924345][  T933]  ? __kasan_kmalloc+0x95/0xb0
[ 2227.929134][  T933]  ? nf_nat_masq_schedule+0x238/0x4e0
[ 2227.934558][  T933]  ? kmalloc_trace+0x40/0xb0
[ 2227.939185][  T933]  nf_nat_masq_schedule+0x338/0x4e0
[ 2227.944505][  T933]  ? __kasan_check_write+0x14/0x20
[ 2227.949638][  T933]  ? __cfi_device_cmp+0x10/0x10
[ 2227.954519][  T933]  ? masq_device_event+0xd0/0xd0
[ 2227.959476][  T933]  ? nfqnl_rcv_dev_event+0x441/0x470
[ 2227.964809][  T933]  ? rtnl_is_locked+0x15/0x20
[ 2227.969519][  T933]  masq_device_event+0x9b/0xd0
[ 2227.974338][  T933]  raw_notifier_call_chain+0xa1/0x110
[ 2227.979745][  T933]  dev_close_many+0x32d/0x4d0
[ 2227.984457][  T933]  ? __cfi_dev_close_many+0x10/0x10
[ 2227.989676][  T933]  ? wait_for_common+0x54c/0x620
[ 2227.994768][  T933]  ? __kasan_check_read+0x11/0x20
[ 2227.999822][  T933]  unregister_netdevice_many+0x439/0x1820
[ 2228.005706][  T933]  ? __cfi_unregister_netdevice_many+0x10/0x10
[ 2228.011897][  T933]  ? unregister_netdevice_queue+0x1aa/0x360
[ 2228.017861][  T933]  ? __cfi_unregister_netdevice_queue+0x10/0x10
[ 2228.024150][  T933]  ? rcu_barrier+0x7e/0x600
[ 2228.028675][  T933]  ip6gre_exit_batch_net+0x5a8/0x5f0
[ 2228.034016][  T933]  ? __cfi_ip6gre_exit_batch_net+0x10/0x10
[ 2228.039850][  T933]  ? __cfi_ip6gre_exit_batch_net+0x10/0x10
[ 2228.045751][  T933]  cleanup_net+0x62d/0xb00
[ 2228.050192][  T933]  ? __cfi_cleanup_net+0x10/0x10
[ 2228.055165][  T933]  ? pwq_dec_nr_in_flight+0x18c/0x3c0
[ 2228.060562][  T933]  process_one_work+0x71f/0xc40
[ 2228.065443][  T933]  worker_thread+0xa29/0x11f0
[ 2228.070146][  T933]  kthread+0x281/0x320
[ 2228.074254][  T933]  ? __cfi_worker_thread+0x10/0x10
[ 2228.079391][  T933]  ? __cfi_kthread+0x10/0x10
[ 2228.084045][  T933]  ret_from_fork+0x1f/0x30
[ 2228.088490][  T933]  </TASK>
[ 2228.091523][  T933] ---[ end trace 0000000000000000 ]---
[ 2228.224450][   T28] audit: type=1400 audit(2000000049.100:7552): avc:  denied  { map } for  pid=28886 comm="syz.2.8316" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=81684 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 2228.881437][   T28] audit: type=1400 audit(2000000049.100:7553): avc:  denied  { read write } for  pid=28886 comm="syz.2.8316" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=81684 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 2229.143613][  T288] ------------[ cut here ]------------
[ 2229.149170][  T288] WARNING: CPU: 0 PID: 288 at lib/ref_tracker.c:110 ref_tracker_free+0x5de/0x7c0
[ 2229.158773][  T288] Modules linked in:
[ 2229.162867][  T288] CPU: 0 PID: 288 Comm: kworker/0:2 Tainted: G        W          6.1.141-syzkaller-00036-g7011769d221c #0
[ 2229.174288][  T288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2229.184602][  T288] Workqueue: events iterate_cleanup_work
[ 2229.190277][  T288] RIP: 0010:ref_tracker_free+0x5de/0x7c0
[ 2229.195969][  T288] Code: 85 e8 2e 70 5b 02 43 0f b6 04 2c 84 c0 4c 8b 74 24 08 0f 85 c9 01 00 00 41 8b 3f e8 dc e8 ff ff 4c 89 f6 eb 84 e8 62 f1 e5 fe <0f> 0b 4d 85 ff 0f 85 d3 fa ff ff 4c 8b 24 24 4d 8d 74 24 0c 4c 89
[ 2229.215869][  T288] RSP: 0018:ffffc9000db3fb20 EFLAGS: 00010293
[ 2229.222063][  T288] RAX: ffffffff828a060e RBX: 1ffff92001b67f68 RCX: ffff88810b8ad100
[ 2229.230091][  T288] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000db3fbe0
[ 2229.233295][  T933] bridge8: port 1(ip6gretap0) entered disabled state
[ 2229.238195][  T288] RBP: ffffc9000db3fc50 R08: dffffc0000000000 R09: ffffc9000db3fb60
[ 2229.253014][  T288] R10: fffff52001b67f7c R11: 1ffff92001b67f6c R12: ffff88810b8969a0
[ 2229.261088][  T288] R13: dffffc0000000000 R14: ffffc9000db3fb60 R15: ffff888145fafc38
[ 2229.269119][  T288] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 2229.278117][  T288] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2229.284929][  T288] CR2: 00007fb56320ff98 CR3: 000000011d483000 CR4: 00000000003506b0
[ 2229.292972][  T288] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2229.301029][  T288] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2229.309110][  T288] Call Trace:
[ 2229.312450][  T288]  <TASK>
[ 2229.315450][  T288]  ? __this_cpu_preempt_check+0x13/0x20
[ 2229.321064][  T288]  ? __cfi_ref_tracker_free+0x10/0x10
[ 2229.326580][  T288]  ? __cfi_device_cmp+0x10/0x10
[ 2229.331501][  T288]  ? __kasan_check_read+0x11/0x20
[ 2229.336690][  T288]  ? nf_ct_iterate_cleanup_net+0xe8/0x130
[ 2229.342466][  T288]  iterate_cleanup_work+0x105/0x1f0
[ 2229.347749][  T288]  ? __cfi_iterate_cleanup_work+0x10/0x10
[ 2229.353532][  T288]  ? __schedule+0xb8f/0x14e0
[ 2229.358311][  T288]  process_one_work+0x71f/0xc40
[ 2229.363207][  T288]  worker_thread+0xa29/0x11f0
[ 2229.369014][  T288]  kthread+0x281/0x320
[ 2229.373243][  T288]  ? __cfi_worker_thread+0x10/0x10
[ 2229.378423][  T288]  ? __cfi_kthread+0x10/0x10
[ 2229.383065][  T288]  ret_from_fork+0x1f/0x30
[ 2229.387581][  T288]  </TASK>
[ 2229.390684][  T288] ---[ end trace 0000000000000000 ]---
[ 2229.756253][  T933] device ip6gretap0 left promiscuous mode
[ 2229.762121][  T933] bridge8: port 1(ip6gretap0) entered disabled state
[ 2229.828783][T28904] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 2229.838215][T28904] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 2231.344734][T28935] netlink: 32 bytes leftover after parsing attributes in process `syz.4.8318'.
[ 2233.092438][T28931] loop5: detected capacity change from 0 to 128
[ 2233.111310][T28926] netlink: 32 bytes leftover after parsing attributes in process `syz.2.8315'.
[ 2233.137892][T28931] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 2233.147364][T28931] ext4 filesystem being mounted at /112/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 2233.160324][T28931] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 2233.231754][T28931] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8317'.
[ 2233.348948][T28950] overlayfs: failed to clone upperpath
[ 2233.565322][T26762] EXT4-fs (loop5): unmounting filesystem.
[ 2233.587237][T28951] overlayfs: failed to clone upperpath
[ 2234.675505][  T933] device veth15 left promiscuous mode
[ 2234.683037][  T933] bridge8: port 2(veth15) entered disabled state
[ 2234.741919][  T933] device veth0_to_bond left promiscuous mode
[ 2234.750805][  T933] bridge2: port 1(veth0_to_bond) entered disabled state
[ 2240.399067][   T28] audit: type=1400 audit(2000000059.860:7554): avc:  denied  { map } for  pid=28969 comm="syz.5.8327" path="socket:[81754]" dev="sockfs" ino=81754 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 2240.557235][  T933] device dummy0 left promiscuous mode
[ 2240.573609][  T933] device veth0_vlan left promiscuous mode
[ 2240.582626][   T28] audit: type=1400 audit(2000000059.860:7555): avc:  denied  { read } for  pid=28969 comm="syz.5.8327" path="socket:[81754]" dev="sockfs" ino=81754 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 2240.796172][T28987] overlayfs: failed to clone upperpath
[ 2241.641323][T28991] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8329'.
[ 2242.318860][T28982] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 2242.328259][T28982] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 2243.427684][T29014] overlayfs: failed to clone upperpath
[ 2243.993666][T29015] loop6: detected capacity change from 0 to 256
[ 2247.719352][T29036] device veth31 entered promiscuous mode
[ 2248.421423][   T28] audit: type=1400 audit(2000000069.420:7556): avc:  denied  { write } for  pid=29021 comm="syz.5.8336" path="socket:[83093]" dev="sockfs" ino=83093 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2249.091041][T29052] netlink: 32 bytes leftover after parsing attributes in process `syz.4.8343'.
[ 2250.346816][   T28] audit: type=1400 audit(2000000071.350:7557): avc:  denied  { block_suspend } for  pid=29057 comm="syz.4.8345" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2250.900802][  T933] ==================================================================
[ 2250.908922][  T933] BUG: KASAN: use-after-free in tcp_metrics_flush_all+0xd3/0x210
[ 2250.916758][  T933] Read of size 4 at addr ffff88810b89698c by task kworker/u4:145/933
[ 2250.924835][  T933] 
[ 2250.927168][  T933] CPU: 1 PID: 933 Comm: kworker/u4:145 Tainted: G        W          6.1.141-syzkaller-00036-g7011769d221c #0
[ 2250.938719][  T933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2250.948790][  T933] Workqueue: netns cleanup_net
[ 2250.953841][  T933] Call Trace:
[ 2250.957134][  T933]  <TASK>
[ 2250.960164][  T933]  __dump_stack+0x21/0x24
[ 2250.964524][  T933]  dump_stack_lvl+0xee/0x150
[ 2250.969153][  T933]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2250.974194][  T933]  ? __cfi__printk+0x8/0x8
[ 2250.978719][  T933]  ? tcp_metrics_flush_all+0xd3/0x210
[ 2250.984105][  T933]  print_address_description+0x71/0x210
[ 2250.989765][  T933]  print_report+0x4a/0x60
[ 2250.994113][  T933]  kasan_report+0x122/0x150
[ 2250.998661][  T933]  ? tcp_metrics_flush_all+0xd3/0x210
[ 2251.004232][  T933]  kasan_check_range+0x280/0x290
[ 2251.009202][  T933]  __kasan_check_read+0x11/0x20
[ 2251.014125][  T933]  tcp_metrics_flush_all+0xd3/0x210
[ 2251.019340][  T933]  ? __cfi_tcp_net_metrics_exit_batch+0x10/0x10
[ 2251.025601][  T933]  tcp_net_metrics_exit_batch+0x10/0x20
[ 2251.031160][  T933]  cleanup_net+0x62d/0xb00
[ 2251.035597][  T933]  ? __cfi_cleanup_net+0x10/0x10
[ 2251.040565][  T933]  ? pwq_dec_nr_in_flight+0x18c/0x3c0
[ 2251.045971][  T933]  process_one_work+0x71f/0xc40
[ 2251.050844][  T933]  worker_thread+0xa29/0x11f0
[ 2251.055543][  T933]  kthread+0x281/0x320
[ 2251.059713][  T933]  ? __cfi_worker_thread+0x10/0x10
[ 2251.064836][  T933]  ? __cfi_kthread+0x10/0x10
[ 2251.069439][  T933]  ret_from_fork+0x1f/0x30
[ 2251.073878][  T933]  </TASK>
[ 2251.076904][  T933] 
[ 2251.079250][  T933] Allocated by task 286:
[ 2251.083502][  T933]  kasan_set_track+0x4b/0x70
[ 2251.088121][  T933]  kasan_save_alloc_info+0x25/0x30
[ 2251.093258][  T933]  __kasan_slab_alloc+0x72/0x80
[ 2251.098127][  T933]  slab_post_alloc_hook+0x4f/0x2d0
[ 2251.103262][  T933]  kmem_cache_alloc+0x16e/0x330
[ 2251.108134][  T933]  copy_net_ns+0x145/0x5c0
[ 2251.112569][  T933]  create_new_namespaces+0x3a2/0x660
[ 2251.117872][  T933]  unshare_nsproxy_namespaces+0x120/0x170
[ 2251.123637][  T933]  ksys_unshare+0x4ac/0x7b0
[ 2251.128263][  T933]  __x64_sys_unshare+0x38/0x40
[ 2251.133058][  T933]  x64_sys_call+0x767/0x9a0
[ 2251.137576][  T933]  do_syscall_64+0x4c/0xa0
[ 2251.142010][  T933]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2251.147924][  T933] 
[ 2251.150267][  T933] Freed by task 933:
[ 2251.154177][  T933]  kasan_set_track+0x4b/0x70
[ 2251.158790][  T933]  kasan_save_free_info+0x31/0x50
[ 2251.163848][  T933]  ____kasan_slab_free+0x132/0x180
[ 2251.168983][  T933]  __kasan_slab_free+0x11/0x20
[ 2251.173767][  T933]  slab_free_freelist_hook+0xc2/0x190
[ 2251.179265][  T933]  kmem_cache_free+0x12d/0x300
[ 2251.184054][  T933]  cleanup_net+0xa58/0xb00
[ 2251.188497][  T933]  process_one_work+0x71f/0xc40
[ 2251.193368][  T933]  worker_thread+0xa29/0x11f0
[ 2251.198149][  T933]  kthread+0x281/0x320
[ 2251.202241][  T933]  ret_from_fork+0x1f/0x30
[ 2251.206681][  T933] 
[ 2251.209024][  T933] Last potentially related work creation:
[ 2251.214844][  T933]  kasan_save_stack+0x3a/0x60
[ 2251.219720][  T933]  __kasan_record_aux_stack+0xb6/0xc0
[ 2251.225118][  T933]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2251.231065][  T933]  insert_work+0x51/0x300
[ 2251.235516][  T933]  __queue_work+0x9b1/0xd30
[ 2251.240048][  T933]  delayed_work_timer_fn+0x61/0x80
[ 2251.245449][  T933]  call_timer_fn+0x46/0x2a0
[ 2251.249972][  T933]  __run_timers+0x667/0x9a0
[ 2251.254684][  T933]  run_timer_softirq+0xb8/0xf0
[ 2251.259472][  T933]  handle_softirqs+0x1d7/0x600
[ 2251.264263][  T933]  __irq_exit_rcu+0x52/0xf0
[ 2251.268878][  T933]  irq_exit_rcu+0x9/0x10
[ 2251.273155][  T933]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 2251.278818][  T933]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 2251.284822][  T933] 
[ 2251.287166][  T933] Second to last potentially related work creation:
[ 2251.293765][  T933]  kasan_save_stack+0x3a/0x60
[ 2251.298567][  T933]  __kasan_record_aux_stack+0xb6/0xc0
[ 2251.303986][  T933]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2251.309829][  T933]  insert_work+0x51/0x300
[ 2251.314206][  T933]  __queue_work+0x9b1/0xd30
[ 2251.318747][  T933]  delayed_work_timer_fn+0x61/0x80
[ 2251.323904][  T933]  call_timer_fn+0x46/0x2a0
[ 2251.328436][  T933]  __run_timers+0x667/0x9a0
[ 2251.332967][  T933]  run_timer_softirq+0xb8/0xf0
[ 2251.337759][  T933]  handle_softirqs+0x1d7/0x600
[ 2251.342555][  T933]  __irq_exit_rcu+0x52/0xf0
[ 2251.347079][  T933]  irq_exit_rcu+0x9/0x10
[ 2251.351339][  T933]  sysvec_call_function_single+0xa6/0xc0
[ 2251.357004][  T933]  asm_sysvec_call_function_single+0x1b/0x20
[ 2251.363149][  T933] 
[ 2251.365485][  T933] The buggy address belongs to the object at ffff88810b896900
[ 2251.365485][  T933]  which belongs to the cache net_namespace of size 4224
[ 2251.379819][  T933] The buggy address is located 140 bytes inside of
[ 2251.379819][  T933]  4224-byte region [ffff88810b896900, ffff88810b897980)
[ 2251.393210][  T933] 
[ 2251.395555][  T933] The buggy address belongs to the physical page:
[ 2251.402073][  T933] page:ffffea00042e2400 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88810b894600 pfn:0x10b890
[ 2251.413643][  T933] head:ffffea00042e2400 order:3 compound_mapcount:0 compound_pincount:0
[ 2251.421988][  T933] flags: 0x4000000000010200(slab|head|zone=1)
[ 2251.428088][  T933] raw: 4000000000010200 0000000000000000 dead000000000001 ffff8881002ac900
[ 2251.436867][  T933] raw: ffff88810b894600 0000000080070005 00000001ffffffff 0000000000000000
[ 2251.445446][  T933] page dumped because: kasan: bad access detected
[ 2251.451937][  T933] page_owner tracks the page as allocated
[ 2251.457648][  T933] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 286, tgid 286 (syz-executor), ts 25178328397, free_ts 24965125171
[ 2251.478856][  T933]  post_alloc_hook+0x1f5/0x210
[ 2251.483630][  T933]  prep_new_page+0x1c/0x110
[ 2251.488236][  T933]  get_page_from_freelist+0x2c7b/0x2cf0
[ 2251.493898][  T933]  __alloc_pages+0x19e/0x3a0
[ 2251.498509][  T933]  alloc_slab_page+0x6e/0xf0
[ 2251.503103][  T933]  new_slab+0x98/0x3d0
[ 2251.507169][  T933]  ___slab_alloc+0x6f6/0xb50
[ 2251.511915][  T933]  __slab_alloc+0x5e/0xa0
[ 2251.516261][  T933]  kmem_cache_alloc+0x1b0/0x330
[ 2251.521110][  T933]  copy_net_ns+0x145/0x5c0
[ 2251.525520][  T933]  create_new_namespaces+0x3a2/0x660
[ 2251.530809][  T933]  unshare_nsproxy_namespaces+0x120/0x170
[ 2251.536538][  T933]  ksys_unshare+0x4ac/0x7b0
[ 2251.541053][  T933]  __x64_sys_unshare+0x38/0x40
[ 2251.545911][  T933]  x64_sys_call+0x767/0x9a0
[ 2251.550415][  T933]  do_syscall_64+0x4c/0xa0
[ 2251.554830][  T933] page last free stack trace:
[ 2251.559584][  T933]  free_unref_page_prepare+0x742/0x750
[ 2251.565157][  T933]  free_unref_page+0x8f/0x530
[ 2251.569879][  T933]  free_compound_page+0x99/0xd0
[ 2251.574725][  T933]  destroy_large_folio+0x68/0xa0
[ 2251.579656][  T933]  __folio_put+0xd1/0xe0
[ 2251.583897][  T933]  skb_release_data+0x47f/0x890
[ 2251.588782][  T933]  napi_consume_skb+0x13d/0x2c0
[ 2251.593640][  T933]  net_rx_action+0x393/0xaa0
[ 2251.598227][  T933]  handle_softirqs+0x1d7/0x600
[ 2251.602991][  T933]  __irq_exit_rcu+0x52/0xf0
[ 2251.607495][  T933]  irq_exit_rcu+0x9/0x10
[ 2251.611730][  T933]  common_interrupt+0xbe/0xe0
[ 2251.616424][  T933]  asm_common_interrupt+0x27/0x40
[ 2251.621444][  T933] 
[ 2251.623759][  T933] Memory state around the buggy address:
[ 2251.629405][  T933]  ffff88810b896880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2251.637461][  T933]  ffff88810b896900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2251.645513][  T933] >ffff88810b896980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2251.653562][  T933]                       ^
[ 2251.657900][  T933]  ffff88810b896a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2251.665991][  T933]  ffff88810b896a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2251.674051][  T933] ==================================================================
[ 2251.682350][  T933] Disabling lock debugging due to kernel taint
[ 2251.684640][   T28] audit: type=1400 audit(2000000072.680:7558): avc:  denied  { read } for  pid=85 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 2251.731948][   T28] audit: type=1400 audit(2000000072.680:7559): avc:  denied  { search } for  pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 2251.753905][   T28] audit: type=1400 audit(2000000072.680:7560): avc:  denied  { append } for  pid=85 comm="syslogd" name="messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 2251.776548][   T28] audit: type=1400 audit(2000000072.680:7561): avc:  denied  { open } for  pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 2251.812976][   T28] audit: type=1400 audit(2000000072.690:7562): avc:  denied  { getattr } for  pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1