last executing test programs: 14m24.554441633s ago: executing program 32 (id=202): socket$can_raw(0x1d, 0x3, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x3) r1 = socket$inet(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x250, 0x0, 0xb, 0xd0e0011, 0x120, 0xc6, 0x1f8, 0x1d8, 0x190, 0x1f8, 0x1d8, 0x3, 0x0, {[{{@ip={@rand_addr, @broadcast, 0x0, 0x0, 'nr0\x00', '\x00', {}, {}, 0x1}, 0x0, 0x98, 0xe0, 0x2000000, {}, [@common=@icmp={{0x28}, {0x0, "0010"}}]}, @unspec=@CT0={0x48}}, {{@ip={@remote, @multicast1, 0x0, 0x0, 'bridge_slave_1\x00', 'virt_wifi0\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x20, 0x0, 0x0, 0x20000, 'syz1\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2b0) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x2}, 0x10) bind$tipc(0xffffffffffffffff, 0x0, 0x0) close(0xffffffffffffffff) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x14b040, 0x0) ioctl$ASHMEM_SET_SIZE(r3, 0x40087703, 0xfffffff3) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x12, r3, 0xcc840000) ioctl$ASHMEM_SET_NAME(r3, 0x40087708, &(0x7f0000000540)='\x00\x00\x03\x01\x00\x00\x00\x1f\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x02\x00g\x00\x00\x00\x80\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-\xac\x99\xb8\xd2\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc4\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b^:4\xeb\xd37\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0HdO\xb9\xa2\x1d\x13\x8fCha\xb3\x95wl},\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80Z\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9\x13f=\xbd\x03\xe8\xbex:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\x13\xba\x00|g]7\xdc\xe9=\"\xe4\xb3\x0f\xc6\x8f\x85fGGV&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\xf4[n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xd0d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146\'Z\x83H\xabF\x18<\x86h\x01=\x03\\\xc4\t\x8e/\x12\a\xdf\xe7zU\xcc\x02\x0e\xc1?\xeau\xb4\x84\x1b\xdaR-\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&@\x00\x00\x00rT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\xd7c\t(\xf2\x93\x8d\\\x91\xef\xab(Jck\xdf\xa3 \x16\x9bH=\x01\x7f\x02\x1dF3\x7f\xd15\xa8\xd2\x94\xa7\xe9\xbd\xdc\x16\xe1Z\x9c\xe3\xeb9\x8f\xfdC\x0e\xd3]\xb5\xfdB\\\xd2\xfe\xf6H\x8ai}kDM\xbd\xfcJ{T{@i/\xb7x\xef\x1f\xf0t\xf5\xaf\xb21F\x01\xe0\x86\xde\x88\xb8\x8f \xfc\xcd\xba\xea\x16\xc1J\xb7\xe3\x04m\x0e\xaf\xd6X\xba\x8a\xdb\xeda\x83.H\xe3\x86\x03\t\xcb\xdc\x80\xee\x0ec\x12\x8a\x92\x11\xb6\xcc#\x10\xec\xfd\xbb\xd3\\\xc8\x88\x04,\'\x14\xbf\x84\x16\xb3\x8f,6\xc6D\xae\xa1\xf9\xe7@\xac\xaa\x104\x8b\x8eQ8\x11\xa7|\x87\xe2\xccrj%\xc4r&\r\a\xa7\xda\xf5\'V\x89\xe6\xa4\x05\xde\xf5\xaa@\xec\xe2\xf6\xb5x\xa1w\n\xda\xf2\xd67\xc6%\x0f[sF\xb6\xaeS>\xe9^\xd4\xf03\xe9.\xc4\xd5\xe0\r\xa1Q\xa8\xf2\xa2`zs\'k\xd4pV\xab&%\xf8\x8a\x80\x9d\"\xf3\xcc\xd2i\xc8\xd8\xc6\xbeD\xda\x86?\xf9\x13\xe5L`R\xe8Vq\xa3\nD\x9f\xe4M\xe6\xab\xdd!=%\x06z$\x99\';O\xfc\xf0u\x83\v\x83\a8\xfe<\x9e\xa8\xfe\xca`D\x91\x81!QT$\x05T\x85\xd6\xe9!\xb9wfL\x12\xa8\xb0\xb0\x86\xc2\xa1\xf7\x05i\xf5\xf0\r\xe7h\xdaD\xcb\xd4\x87\x84\xe5\xc7r;.\xf0\xed\x17\x83Nn\xb7\x0f!u}J)\xa1\xa1\x16\xc5`Z,\xa3\xcf\xfdy\aH\x06\x14l\x92x\xdbB=\xcc\xcdf\xe5\x04=HQ\xeaE-v\x02\x0eY\x8e\xbf\xec\x16\xc4G\xea\x8bS\x8e\xd5f\xdcj\xe1\x86\xf9s\x90\xe5\xf9\x89\xc0\xf3\xcd;r4j]\x9b\xdf\xf5\xe9\x82\xe1\xdb\x11\xb3\b\xa2Y\xdb\\\xc1H\xc3\xcf\xb1W\xe9(\xee\x18\xca\xda\xf5p,\x16\xbc\x17\xfe\xd8\n\xe1\xa1&=+)\xf9Vd\x11\xf6hX\xbe\x85O=\xe2\x9f~I\xc4\"\xa9\xd9\x19\xa2\\\xb8>f\xe2Jh+u\x90\x13\x94\x12\xc8X\xd7\xb4\xf1JS0FN\xa0\xda\xb6ez`\x9a\xea\xcf^\xa5\x17{\v\xe8n\xe9 \xc0/D\t\x7f\xd8\xad\xf2e\xff\x8b\x16p\x0f\xe4\x1a/\xe1\x96\xd2\xae\x94\x0e5\xb0b+\xac\x14\xaa\xb0\xb7\xa5.\x15\x8a\xca\xb5~=D-\x90\xc1\xbf\x05\xb9\xd5\x86\xeb\xd2#\xda\xc132\'\xfc!%\x94\x1f\xbfL)\xc2c\xa8\xef\x152\x8d\xef\xde\xbe\xab\xf5g\x80\x02G-\xff\x06X+\xc1\xd3\xb1\xcdn\x15p\xdf\xd8.\x89\x95{\xb6+:`\x9c\xcf2\x01\x1d1\xf7\xe6\x7f\x1f\xf5\xb0\xb9\t2\x14\x81\x99\xb8@7y\xb4\xce\xf1]\a\x03y\xc5F\xfa\xae\xd1Ov7\xa7\xc1\xb2.~B\xe8@G\xd1\xd9R~\x1b\xf7\xa8\x86\xa7\xc1\b\x9ej\x01\xf4\xb7\xd2\x0e\xc2\x15S\x19\xd7\xd4\xe6\xaf!\xf8_\x8aEOp@>4\xd7\xcf\x11\xe0;\x99}QmE\xdd\xa69)Q\x9e\xb9\'\x97\x9b\xe7\xa4?Ed\x9c\x7fE\xba5\x90\xc07\x96S\x9d\xe1\x84\xfa\x1a\xd6\x9a\x15\xd1o \xc0\xd28\x01\xa7\x99\x85q\xbd\x80\x00\x00\x00\x00\x00\x00\x00H\x0f\xbbT\xd5\xb3\xf4\xcd<\x8a\x01\x19\xd0|B\f0\xf8i\xd3\x1bJke\t\x8b7Q\x1dQ&\x96H\x05\xec\x80\xf0\xab\x8f\x94{\x9d+\xefs\x1c\xfck\xf7q\x10\xf6\x16\xbc\xe7\x93\x0f\x7f\xcd\xa7b\xbe\x88\xcc\xb6^\x93\xa9P\xf3\xa3\xe4Az=\xe0+Q\x9e\xb5\x01\xb3\xc1\xa8P0+\xc9\xa1\xdbU~J$\xa4\x03\x11\x1aa~\x9du\x8f\x8d\xbcI\x85k\xa0\xae\xf6\xa0\x94r\xfb\xe3\xaa\xd4\xf0\x99\x06\xe1i\x1f\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x13\\\xb2+^\xe7G\x17\x03^\xd7g\xb9n\x8c2\xb3\x12\x91\x86b\t\xd0R\x01\xda$Y\x85\x02&\x95FC\xc8\xd9\x00\x00\x00\xb6u\xbb\n{\x90\xfd>\xd0-\xfa\xa9\xfd{\x95E\r\x81j\x12\xb7\xd0k\xc2\xdc\xcdK\xc1\xe6\xf7\xb8@\xe0D\x00'/1842) ioctl$ASHMEM_SET_NAME(r3, 0x40087707, 0x0) ioctl$ASHMEM_SET_NAME(r3, 0x40087707, &(0x7f00000016c0)='\x00\x00\b\x00\x00\x00\x00\x1f\x00x\x85\x1c \xf3\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b^:4\xeb\xd37\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\x00\x00\x00\x00b\x00\x00\x00\x00\x00\x00\x00\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\aOv$\xc8\"\a\xd7T\xfb\xfc\xfa\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\x13Y\x86\xd8\t\x00\x00\x00\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\xf4[n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\x89]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8CoB\xdc\xc26\x06\x10\x92\xc7\xa55\x9f\x04\x00*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03\xae\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84\x1b\xdaR-\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\xedo\x92\xae\r\x05\xfa\x99\x15\x87\x14\x13$\t\x01\x00\x00\x00\x00\x00\x00\x00\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\f\x03\xbb\x14\xa7\xda\x19M\xa3!\x95\xa0\x9a\x05\x06\x00\x00\x00\xf2\xd5\b^[D~\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00f\x8a\x9b\xe2\xa7k9\xd9`=}\t\x82\nw!y\x91\xbeM\xdck=\xcc\xef\x16vt\x1d\x1c\xa3\xee\x13\x16\xdbb0\b`/c\x9f\x8c\xee\xb1\x1a\xbd\x8ba\x11Oh\xc7\xb8\x8e#\xeeAh\xd9\x15\xc6\xe7>\x95\xe2\xdaQ\x0e\xc0E\xdd\xc3^7Y\xd2\xf0\xf7DZ\x12\xce\xba\vI$[v\x00\x830p\xd4\xbf\xa3\xf28\xab\xd4e\xc9z\xff\xfc\xeb\x04\xff\x98\xda\x01.gT\xcb7!W\x98\xc4\xa5\xb4\xc3\xd8\x94\xe6\xd7\x9e\xed\x1f\xafBF\xd6\xbfu5=.\x92\xc8-\xcc~6Y\xa7K\xd5=v\xdctJ\xba\x17\x18\xc8x\x95\xd8\xb2\xd6\x10)\xcfs\xaf\xf5E\x18\xa2*\x82\tU\xd3\xf7Y\x1d\x175\x04X2\xa3K\xab\x14\xec\xc9\x9c?\xa9\xc4\xc7\xe3{\xbfA\x16\xfcY\nR\x93\xb3\xcf\x0fg\xf6L3\xe87\x8aX\x82Y\x95\v\xbf%\xef\x83\x02\xc1\xd5c}\x18(\x13\x9e\xe7\xb2$\xee\xc4\x94\x00\xf6S9\xb7\xbcu\xb9\xad\xc6$=D\xb9\x82\x15yM\xa8\xf1N\xaeB\xf8.q\x90\x8a\xb57_\x98\x7f\xf2b\xbd\x97\xfc\xefN\xc6\xad\x99IJW\'\xd6m\xf0[WO\xf3\xd0\x9e\xda\xbd8\xd5FVA>\xa8p\vp*\xd1\xd9\v\xa3\xb2\x1b)E/\xbb\x90\xcct_K\x8d\xa3\xd2\\5y\xa7\x8b\xa3\xb8\x86\xa9Q~\x1f\xbf\xa3(,\x91O\x9c\xbf\x86\xec\x80TZO\x85\xdd\x9d\x18\x8e\x976\xd9c\xfb`L\x1b\xa7!9\xf3\x94\xd4\xeb\x06\x99M\x9b\xf6#\xf9\xd3\x90D\xf0\x92\xaf\x9ab\xa2\xc9\xe5\xe1\xb4\xb1\xd6\x19I\xcd\x0f\x17\x16\xbcES\x80\x9e\xf9\xb2\x0e\x13\xe6\xdc\xef\xf9\xd8J\x14\x94\x83\xb8\xd6\x995\x83\x11\x19\xb6cA\x1e\xba.\x91\xec\xb2b\x0e\xb5\xd7\xee\xa2\xaf\xcbZ\x05\xf7\x17\xc03\xa7\xb1\x9d\x80\xb6;p\xf6\xa6\x8b$s\xe6\x92\x84\x02emj\x99\x16D\xaeq8>\xee6t\x95\x02K|\xa1\xdc]\xaf\a\xc40(/\a<\x1b[x\xa5/\x86\xf4J!\xed\x1c\'\\I\x9c\xd6\xab\xc6\xbdr\x06Z\x9aFF\x8b\xcc\xf7\xb0Qe\xf2=\xb7\x1d\xce[\xb8[Ec\xf2\x93\xa7j\x1f\xb9&\xb3;s\xbc\x9e\xec\xb2\x91\xb3Y\xdby\xa7\xf5\x1d\xc1\x85\xb3\x83l&\x05t\xdb2\xd0\x99\xe3h\xf1\x8d#\x941e8\xb9\xca8\x021\xb9Yv!l\xcd\x01\x9d\a\br\xa1e\xe6\xd9DZfc\x0f\xb0\xbb\xb2\r\xf5E\x88\x0e\xd9\xbfo\xb0\x81c#!\xf1\aC\x8c\xa5\x10\x17\xf3q\v\xba\xfe\x81\x86\x01\x04\xb2\xcb\xbdU\xab\x1dn\xf1\b\xf6w!\xb6S\xdf\x96\x11\x02\x90\xd6\xd7BQN*\xae\xddP\x1b\\\xf0Nm') 14m19.679237038s ago: executing program 33 (id=213): syz_open_dev$vcsa(&(0x7f0000000380), 0x7b95b611, 0x802) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x2, [@const={0x0, 0x0, 0x0, 0x9}, @restrict={0x0, 0x0, 0x0, 0xb, 0x1}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2}}]}}, 0x0, 0x4a}, 0x28) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0x7005, 0x0) syz_io_uring_setup(0x2c12, 0x0, &(0x7f0000000280), 0x0, 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0) syz_open_procfs(0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/ip_tables_targets\x00') preadv(r3, 0x0, 0x0, 0x33, 0x0) syz_open_dev$mouse(&(0x7f0000000040), 0x7fffffffffffffff, 0x14000) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x63, 0x11, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x23}, @exit], {0x95, 0x0, 0x5a5}}, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94) select(0x40, &(0x7f0000000580)={0xf, 0x6, 0x6, 0x8, 0x3ff, 0x1, 0xfff, 0xac}, 0x0, 0x0, 0x0) r4 = syz_open_dev$tty20(0xc, 0x4, 0x1) socket(0x2, 0x2, 0x1) ioctl$TCFLSH(r4, 0x5608, 0x0) syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000000)='./file7\x00', 0x200008, &(0x7f0000000340)=ANY=[], 0x1, 0x1d3, &(0x7f0000000100)="$eJzs3cFqE1EUBuAzsTapIHYniOCAG1dBfYKKRBAHRCULXSm0bhoRks3oxvoWPqAPIF11IyNmxsaWZGxjzJj0+zb5yTmTey+ESTY5eX3z3f7u+9Hbr9e/RKeTRGsnduIoie1oxS8HAQCsk6OiiG9FsdH0PgCA5ak+/8dmtHyvu94XBwBYPS9evnryIMt6z9O0E3F4kPfzfvlY1h89znp307HtyVWHed6/dFy/V9bTk/XLcSUitiLr3Z9a34w7t8fXf/5Ze/g0O1Vvx+6/Pz4AAAAAAAAAAAAAAAAAAAAAADSimx6bOt+n251VL9Nv84FOze/ZiBuGAwIAAAAAAAAAAAAAAAAAAMCZjD583H8zGOwNJ6EdESefmS8U12YuMS2kEfH3i543tGJ5a61aSP6PbZwzRDV1oqbn1mLe4c+u/qkn5nvlzYio79mqP+AiwuQe0W7m1gQAAAAAAAAAAAAAAAAAABdO9VvfZDhqeicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Jzy//8He8N5wqeIOENztVTS8FEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYYz8CAAD//x8yIRo=") syz_emit_ethernet(0x64, &(0x7f0000000080)={@broadcast, @remote, @val={@void, {0x8100, 0x0, 0x0, 0x2}}, {@llc={0x4, {@llc={0x80, 0x1ad, "b3", "8ae73830b0d98dc1593306637ca86c3de6ddbc5b823f97c8f791e34ab1bb80126e9bd8f18d121bbc85922d30e22c70825b1ffdfa7a7d8b9945ddf8233f8a8c678cfe1f9ecd8dadc69c5bb6f15fc48a"}}}}}, 0x0) 12m35.411594396s ago: executing program 3 (id=571): setpriority(0x0, 0x0, 0x2a14b58) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000001680)) r2 = eventfd2(0x0, 0x1) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000001c0)={0x0, r2}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000200)={0x0, 0x1, 0x0, &(0x7f0000001d00)=""/168, 0x0, 0x5000}) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000000)={0x0, r2}) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000001540)={0x1, r2}) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x53874000) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000140)={0x1, 0x0, [{0x40000001, 0x0, 0x4, 0x0, 0xf8, 0x631, 0x5}]}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x901800, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) syz_socket_connect_nvme_tcp() madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) r5 = userfaultfd(0x801) ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x108}) ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3}) syz_io_uring_setup(0x867, &(0x7f0000000380)={0x0, 0x507d, 0x200, 0x1, 0x256}, &(0x7f0000000100), &(0x7f0000ff4000), &(0x7f0000000080)) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x3f) 12m32.941583114s ago: executing program 3 (id=575): setpriority(0x0, 0x0, 0x2a14b58) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000001680)) r2 = eventfd2(0x0, 0x1) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000001c0)={0x0, r2}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000200)={0x0, 0x1, 0x0, &(0x7f0000001d00)=""/168, 0x0, 0x5000}) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000000)={0x0, r2}) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000001540)={0x1, r2}) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x53874000) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000140)={0x1, 0x0, [{0x40000001, 0x0, 0x4, 0x0, 0xf8, 0x631, 0x5}]}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x901800, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) syz_socket_connect_nvme_tcp() madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) r5 = userfaultfd(0x801) ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x108}) ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3}) syz_io_uring_setup(0x867, &(0x7f0000000380)={0x0, 0x507d, 0x200, 0x1, 0x256}, &(0x7f0000000100), &(0x7f0000ff4000), &(0x7f0000000080)) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x3f) 12m31.661305074s ago: executing program 3 (id=581): syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000180)='./file1\x00', 0x3010050, &(0x7f0000000200)=ANY=[], 0x1, 0x1506, &(0x7f0000003100)="$eJzs3Au4T9XWMPAx5pyLTdI/yX2OORb/5DJJklwSEkmSJEluCUmSJCGxyS0JScg9yT0kt9jJ/X7LPUmOJElCQpL5PXo7n/e8nfN2znfO9/q+s8fveeZjDmuN8Z9zj/38/2utZ+/9bcfBVetXq1yXmeGfgv/xTyoApABAPwC4BgAiACiVrVQ2wGGQSWPqP/ci4l/roWlXegXiSpL+p2/S//RN+p++Sf/TN+l/+ib9T9+k/+mb9F+I9Gzr9NzXyki/43/u+T/I8///58jn/7+Rw8XGfLm+2PWd/oEU6X/6Jv1P36T/6Zv0P32T/qdv0v9/cxFApf/msPQ/fZP+C5GeXennzzKu7LjS339CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIdKHc+EyAwB/nl/pdQkhhBBCCCGEEOJfJ2S80isQQgghhBBCCCHE/30ICjQYiCADZIQUyASZ4SrIAldDVrgGEnAtZIPrIDtcDzkgJ+SC3JAH8kI+sEDggCGG/FAAknADFIQboRAUhiJQFDwUg+JwE5SAm6Ek3AKl4FYoDbdBGSgL5aA83A4V4A6oCJWgMtwJVeAuqArV4G6oDvdADbgXasJ9UAvuh9rwANSBB6EuPAT14GGoD49AA3gUGkIjaAxNoOn/Uf6L0BVegm7QHVKhB/SEl6EX9IY+0Bf6wSvQH16FAfAaDIRBMBhehyHwBgyFN2EYDIcR8BaMhFEwGsbAWBgH4+FtmADvwER4FybBZJgCU2EaTIcZ8B7MhFkwG96HOfABzIV5MB8WwEL4EBbBYkiDj2AJfAxLYRkshxWwElbBalgDa2EdrIcNsBE2wWbYAlvhE9gG22EH7IRdsBv2wKewFz6DffA57Icv/sH8s/8lvxMCAipUaNBgBsyAKZiCmTEzZsEsmBWzYgITmA2zYXbMjjkwB+bCXJgH82A+zIeEhIyM+TE/JjGJBbEgFsJCWASLoEePxbE4lsCbsSSWxFJYCktjaSyDZbEslsfyWAErYEWsiJWxMlbBKlgVq+LdeDfegzWwBtbEmlgLa2FtrI11sA7WxbpYD+thfayPDbABNsSG2BgbY1Nsis2wGTbH5tgSW2IrbIWtsTW2wTbYFttiO2yH7bE9dsAO2BE7YifsjJ3xRXwRX8KXsDtWUT2wJ/bEXtgL+2Bf7IuvYH98FV/F13AgDsLB+Dq+jm/gUDyDw3A4jsARWEGNwtE4BlmNw/E4HifgBJyIE3ESTsbJOBWn4XScgTNwJs7CWfg+zsEP8AOch/NwAS7EhbgIF2MapuESPItLcRkuxxW4ElfhSlyDa3ENrscNuB434SbcglvwE/wEt+N23Ik7cTfuxk/xU/wMP8OBuB/34wE8gAfxIB7CQ3gYD+MRPIJH8Sgew2N4HI/jCTyJp/AknsbTeAbP4jk8h+fxPF7A5/N8XW934XUDQV1ilFEZVAaVolJUZpVZZVFZVFaVVSVUQmVT2VR2lV3lUDlULpVL5VF5VD6VT5EixSpW+VV+lVRJVVAVVIVUIVVEFVFeeVVcFVclVAlVUpVUpdStqrS6TZVRZVULX16VVxVUS19RVVKVVWVVRd2lqqpqqpqqrqqrGqqGqqlqqlqqlqqtHlB1VA/sgw+pS52prwZhAzUYG6pGqrFqot7Ax1QzNRSbqxaqpXpCDcdh2Fo1823U06qtGo3t1LNqDD6nOqhx2FG9oDqpzqqLelF1Vc19twy/vQWqqdhL9VZ9VF81E+9SlzpWVb2mBqpBarB6XS3AN9RQ9aYapoarEeotNVKNUqPVGDVWjVPj1dtqgnpHTVTvqklqspqipqpparqaod5TM9UsNVu9r+aoD9RcNU/NVwvUQvWhWqQWqzT1kVqiPlZL1TK1XK1QK9UqtVqtUWvVOrVebVAb1Sa1WW1RW9UnapvarnaonWqX2q32qE/VXvWZ2qc+V/vVF+qA+pM6qL5Uh9RX6rD6Wh1R36ij6lt1TH2njqvv1Ql1Up1SP6jT6kd1Rp1V59RP6rz6WV1Qv6iLKijQqJXW2uhIZ9AZdYrOpDPrq3QWfbXOqq/RCX2tzqav09n19TqHzqlz6dw6j86r82mrSTvNOtb5dQGd1DfogvpGXUgX1kV0Ue11MV1c36RL6Jt1SX2LLqVv1aX1bbqMLqvL6fL6dl1B36Er6kq6sr5TV9F36aq6mr5bV9f36Br6Xl1T36dr6ft1bf2ArqMf1HX1Q7qefljX14/oBvpR3VA30o11E91UP6ab6cd1c91Ct9RP6Fb6Sd1aP6Xb6Kd1W/2Mbqef1e31c7qDfl531C/oTrqz7qJ/0Rd10N10d52qe+ie+mXdS/fWfXRf3U+/ovvrV/UA/ZoeqAfpwfp1PUS/oYfqN/UwPVyP0G/pkXqUHq3H6LF6nB6v39YT9Dt6on5XT9KT9RQ9VU/T03Wf3yrN/jvy3/kr+QN+ffUteqv+RG/T2/UOvVPv0rv1Hr1H79V79T69T+/X+/UBfUAf1Af1IX1IH9aH9RF9RB/VR/UxfUwf18f1CX1S/6R/0Kf1j/qMPqvP6p/0eX1eX/jtawAGjTLaGBOZDCajSTGZTGZzlclirjZZzTUmYa412cx1Jru53uQwOU0uk9vkMXlNPmMNGWfYxCa/KWCS5gZT0NxoCpnCpogparwpZoqbm/7p/D9aX1PT1DQzzUxz09y0NC1NK9PKtDatTRvTxrQ1bU070860N+1NB9PBdDQdTSfTyXQxXUxX09V0M91Mqkk1Pc3LppfpbfqYvqafecX0N/3NADPADDQDzWAz2AwxQ8xQM9QMM8PMCDPCjDQjzWgz2ow1Y814M95MMBPMRDPRTDKTzBQzxUwz08wMM8PMNDPNbDPbzDFzzFwz18w3881Cs9AsMotMmkkzS8wSs9QsM8vMCrPCrDKrzBqzxqwz68wGs8FsMpvMUrPVbDXbzDazw+wwu8wus8fsMXvNXrPP7DP7zX5zwBwwB81Bc8gcMofNYXPEHDFHzVFzzBwzx81xc8KcMKfMKXPanDZnzBlzzpwz5815c8FcMBfNxUuXfZGKVGQiE2WIMkQpUUqUOcocZYmyRFmjrFEiSkTZomxR9uj6KEeUM8oV5Y7yRHmjVLARRS7iKI7yRwWiZHRDVDC6MSoUFY6KREUjHxWLikc3RSWim6OS0S1RqejWqHR0W1QmKhuVi8pHt0cVojuiilGlqHJ0Z1QluiuqGlWL7o6qR/dENaJ7o5rRfVGt6P6odvRAVCd6MKobPRTVix6O6kePRA2iR6OGUaOocdQkavovrR/CmZyP+262u021PWxP+7LtZXvbPrav7Wdfsf3tq3aAfc0OtIPsYPu6HWLfsEPtm3aYHW5H2LfsSDvKjrZj7Fg7zo63b9sJ9h070b5rJ9nJdoqdaqfZ6XaGfc/OtLPsbPu+nWM/sHPtPDvfLrAL7Yd2kV1s0+xHdon92C61y+xyu8KutKvsarvGrrXr7Hq7wW60m+xmu8VutZ/YbXa73WF32l12t91jP7V77Wd2n/3c7rdf2AP2T/ag/dIesl/Zw/Zre8R+Y4/ab+0x+509br+3J+xJe8r+YE/bH+0Ze9aesz/Z8/Zne8H+Yi/acOni/tLHOxkylIEyUAqlUGbKTFkoC2WlrJSgBGWjbJSdslMOykG5KBfloTyUj/LRJUxM+Sk/JSlJBakgFaJCVISKkCdPxak4laASVJJKUikqRaWpNJWhMlSOytHtdDvdQXdQJapEd9KddBfdRdWoGlWn6lSDalBNqkm1qBbVptpUh+pQXapL9age1af61IAaUENqSI2pMTWlptSMmlFzak4tqSW1olbUmlpTG2pDbakttaN21J7aUwfqQB2pI3WiTtSFulBX6krdqBulUir1pJ7Ui3pRH+pD/agf9af+NIAG0EAaSINpMA2hITSUhtIwGk4j6C0aSaNoNI2hsTSOxtN4mkATaCJNpEk0iabQFJpG02gGzaCZNJNm02yaQ3NoLs2l+TSfFtJCWkSLKI3SaAktoaW0lJbTclpJK2k1raa1tJbW03raSBtpM22mrbSVttE22kE7aBftoj20h/bSXtpH+2g/7acDdIAO0kE6RIfoMB2mI3SEjtJROkbH6DgdpxN0gk7RKTpNp+kMnaFzdI7O0890gX6hixQoxSnI7K5yWdzVLqu7xqW4TO5SHAHApTiXy+3yuLwun7Muh8v5FzE55wq5wq6IK+q8K+aKu5t+F5dxZV05V97d7iq4O1zF38XV3T2uhrvX1XT3uWru7r+Ia7n7XW33iKvjHnV1XSNXzzVx9d0jroF71DV0jVxj18S1ck+61u4p18Y97dq6Z34XL3KL3Vq3zq13G9xe95k7535yR9237rz72XVz3V0/94rr7151A9xrbqAb9Lt4hHvLjXSj3Gg3xo11434XT3FT3TQ33c1w77mZbtbv4oXuQzfHpbm5bp6b7xb8Gl9aU5r7yC1xH7ulbplb7la4lW6VW+3W/O+1rnCb3Ga3xe1xn7ptbrvb4Xa6XW73r/Glfexzn7v97gt3xH3jDrov3SF3zB12X/8aX9rfMfedO+6+dyfcSXfK/eBOux/dGXf21/1f2vsP7hd30QUHjKxYs+GIM3BGTuFMnJmv4ix8NWflazjB13I2vo6z8/Wcg3NyLs7NeTgv52PLxI6ZY87PBTjJN3BBvpELcWEuwkXZczEuzjdxCb6ZS/ItXIpv5dJ8G5fhslyOy/PtXIHv4IpciSvznVwlBK7K1fhurs73cA2+l2vyfVyL7+fa/ADX4Qe5Lj/E9fhhrs+PcAN+lBtyI27MTbgpP8bN+HFuzi24JT/BrfhJbs1PcRt+mtvyM9yOn+X2/Bx34Oe5I7/Anbgzd+EXuSu/xN24O6dyD+7JL3Mv7s19uC/341e4P7/KA/g1HsiDeDC/zkP4DR7Kb/IwHs4j+C0eyaN4NI/hsTyOx/PbPIHf4Yn8Lk/iyTyFp/I0ns4z+D2eybN4Nr/Pc/gDnsvzeD4v4IX8IS/ixZzGH/ES/piX8jJezit4Ja/i1byG1/I6Xs8beCNv4s28hbfyJ7yNt/MO3sm7eDfv4U95L3/G+/hz3s9f8AH+Ex/kL/kQf8WH+Ws+wt/wUf6Wj/F3fJy/5xN8kk/xD3yaf+QzfJbP8U98nn/mC/wLX+TAEGOsYh2bOIozxBnjlDhTnDm+Ks4SXx1nja+JE/G1cbb4ujh7fH2cI84Z54pzx3nivHG+2MYUu5jjOM4fF4iT8Q1xwfjGuFBcOC4SF419XCwuHt8Ul4hvjkvGt8Sl4lvj0vFtcZm4bPzIfeXj2+MK8R1xxbhSXDm+M64S3xVXjavFd8fV43viGvG9cc34vrhkfH9cO34grhM/GNeNH4rrxQ/H9eNH4gbxo3HDuFHcOG4SN40fi5vFj8fN4xZxy/iJuFX8ZNw6fipuEz8dt42f+cPjqXGPuGf8cvxyHMK9en5yQXJh8sPkouTiZFryo+SS5MfJpcllyeXJFcmVyVXJ1ck1ybXJdcn1yQ3JjclNyc3JLckQqmUEj1557Y2PfAaf0af4TD6zv8pn8Vf7rP4an/DX+mz+Op/dX+9z+Jw+l8/t8/i8Pp+3nrzz7GOf3xfwSX+DL+hv9IV8YV/EF/XeF/PFfRPf1Df1zfzjvrlv4Vv6J/wT/kn/pH/KP+Wf9m39M76df9a398/5Dv55/7x/wXfynX0X/6Lv6l/y3Xx3n+pTfU/f0/fyvXwf38f38/18f9/fD/AD/EA/0A/2g/0QP8QP9UP9MD/Mj/Aj/Eg/0o/2o/1YP9aP9+P9BD/BT/QT/SQ/yU/xU/w0P83P8DP8TD/Tz/az/ZxCc/xcP9fP9/P9Qr/QL/KLfJpP80v8Er/UL/XL/XK/0q/0q/1qv9av9ev9er/Rb/Sb/Wa/1W/12/w2v8Pv8Lv8Lr/H7/F7/V6/z+/z+/1+f8Af8Af9QX/If+UP+6/9Ef+NP+q/9cf8d/64/96f8Cf9Kf+DP+1/9Gf8WX/O/+TP+5/9Bf+Lv+iDH594OzEh8U5iYuLdxKTE5MSUxNTEtMT0xIzEe4mZiVmJ2Yn3E3MSHyTmJuYl5icWJBYmPkwsSixOpCU+SixJfJxYmliWWJ5YkViZWJUIIe+2OOQPBUIy3BAKhhtDoVA4FAlFgw/FQvFwUygRbg4lwy2hVLg1lA63hTKhbCgXHg0NQ6PQODQJTcNjoVl4PDQPLULL8ERoFZ4MrcNToU14OrQNz4R24dnQPjwXOoTnQ8fwQugUOocu4cXQNbwUuoXuITX0CD3Dy6FX6B36hL6hX3gl9A+vhgHhtTAwDAqDw+thSHgjDA1vhmFheBgR3gojw6gwOowJY8O4MD68HSaEd8LE8G6YFCaHKWFqmBamhxnhvTAzzAqzw/thTvggzA3zwvywICwMH4ZFYXFICx+FJeHjsDQsC8vDirAyrAqrw5qwNqwL68OGsDFsCpvDlrA1fBK2he1hR9gZdoXdYU/4NOwNn4V94fOwP3wRDoQ/hYPhy3AofBUOh6/DkfBNOBq+DcfCd+F4+D6cCCfDqfBDOB1+DGfC2XAu/BTOh5/DhfBLuCi/syaEEEII8XfRf3C8x1/5vwwAoH6b9wSAq7fnPvxfa27M8R/z3ipPqwQAPN2940N/HlWqpKam/nbuUg1RgXkAkPjL+n+Ol0FLeBLaQAso8VfX11t1Ps9/UD95K0Dm/5STApfjy/Vv/hv1H3tixKLS8bls/039eQCFClzOyQSX48v1S/6N+jmb/cH6M305HqD5f8rJApfjy/WLw+PwDLT5izP/pujvOUkIIYQQQgghxL+P3qpc+z+6f750f57HXM7JCJfjP7o/F0IIIYQQQgghxJX3XOcuTz3Wpk2L9n/fBFP/4wcG/rEsmchEJv+fTa70O5MQQgghhBDiX+3yRf+VXokQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF+/U/8ObErvUchhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBDiSvtfAQAA//8s4Dlx") openat$vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x202100, 0x0) chdir(&(0x7f0000000140)='./file0\x00') rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./bus\x00') r0 = socket$inet6_tcp(0xa, 0x1, 0x0) io_setup(0x6, &(0x7f0000000680)=0x0) io_submit(r1, 0x2, &(0x7f0000000240)=[&(0x7f0000000000)={0x180a, 0x0, 0x3, 0x1, 0x0, r0, 0x0}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7, 0x3, r0, &(0x7f00000006c0)="5810235a8c132d765b", 0x9, 0x1}]) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f00000000c0)) pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/225, 0xe1, 0x1) r2 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) pwrite64(r2, 0x0, 0x0, 0x9f) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d00)={0x14, 0x20, 0x1, 0x0, 0x0, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=") syz_mount_image$fuse(0x0, &(0x7f0000000140)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) lsetxattr$security_capability(0x0, &(0x7f00000002c0), &(0x7f0000000340)=@v3={0x3000000, [{0x6, 0x3}, {0xa6d, 0xf1d}]}, 0x18, 0x1) chdir(&(0x7f00000003c0)='./bus\x00') truncate(&(0x7f0000000480)='./file1\x00', 0xf) syz_usb_connect$midi(0x5, 0x88, &(0x7f0000000000)=ANY=[@ANYBLOB="120110010000004082052b00400001020301090276000101010014090400000401032044072401ffff070007240101010700062402010c084005060200020406000f25010b5eceffff000097f7d55e75560b746671020602081325010fd7e26abe9d23addd5907c446d5662409050e1208000802c006250102eced09050000000600000004250100"], 0x0) 12m28.01777964s ago: executing program 3 (id=589): openat$vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x202100, 0x0) chdir(&(0x7f0000000140)='./file0\x00') rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./bus\x00') r0 = socket$inet6_tcp(0xa, 0x1, 0x0) io_setup(0x6, &(0x7f0000000680)=0x0) io_submit(r1, 0x2, &(0x7f0000000240)=[&(0x7f0000000000)={0x180a, 0x0, 0x3, 0x1, 0x0, r0, 0x0}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7, 0x3, r0, &(0x7f00000006c0)="5810235a8c132d765b", 0x9, 0x1}]) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f00000000c0)) pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/225, 0xe1, 0x1) r2 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) pwrite64(r2, 0x0, 0x0, 0x9f) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d00)={0x14, 0x20, 0x1, 0x0, 0x0, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=") syz_mount_image$fuse(0x0, &(0x7f0000000140)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) lsetxattr$security_capability(&(0x7f0000000280)='./file1\x00', &(0x7f00000002c0), &(0x7f0000000340)=@v3={0x3000000, [{0x6, 0x3}, {0xa6d, 0xf1d}]}, 0x18, 0x1) chdir(&(0x7f00000003c0)='./bus\x00') truncate(&(0x7f0000000480)='./file1\x00', 0xf) 12m26.166226398s ago: executing program 3 (id=596): syz_emit_ethernet(0xbe, &(0x7f0000000040)={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x68, 0x0, 0x0, 0x88, 0x0, @remote, @local}, {0xfffe, 0x4e24, 0x9c, 0x0, @wg=@initiation={0x1, 0x4, "497a1d08fd3d0ee007022798bb6374ed840b4f36f41fc4d035e9ebe414aa958d", "4bbef5e4007898221aa606d083cd59745493938f1e2de8fdadd3823fedd2c01b2aff03050a4ca5d10fd1b6b06f47ea42", "ef7c9d6a98e3943f6892078bb952854743fe4dddd2e7c0ce70a4ac7d", {"a851525b16af17fe87acbae2ab0b233d", "01422d01cd53c3abe94331d0b7918724"}}}}}}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) request_key(0x0, &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0) request_key(&(0x7f0000000040)='keyring\x00', 0x0, 0x0, 0xfffffffffffffffe) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000940)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@union={0x0, 0x1, 0x0, 0x5, 0x0, 0x80000000, [{0x10, 0x5, 0x2e16}]}]}}, &(0x7f0000000580)=""/263, 0x32, 0x107, 0x1}, 0x28) r3 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10) r4 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000900)={0x41, 0x4}, 0x10) socket$xdp(0x2c, 0x3, 0x0) socket$tipc(0x1e, 0x2, 0x0) keyctl$set_reqkey_keyring(0xe, 0x1) request_key(&(0x7f0000000240)='asymmetric\x00', 0x0, &(0x7f0000000740)='logon\x00', 0x0) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x0, 0x2}, 0x10) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x9, 0x4, &(0x7f00000003c0)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0x4}, [@func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc4, &(0x7f0000000440)=""/196, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x94) 12m20.230461786s ago: executing program 3 (id=605): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) set_tid_address(&(0x7f0000000ac0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) madvise(&(0x7f000004d000/0x2000)=nil, 0x2000, 0xb) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, 0x0, 0x20044000) r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) unshare(0x6020400) timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000440)={{0x0, 0x3938700}}, 0x0) ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, &(0x7f0000000340)) bpf$OBJ_GET_PROG(0x9, &(0x7f0000000600)=@generic={0x0, 0x11, 0x10}, 0xc) ptrace(0x10, r4) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d312c757466383d312c757466383d312c646973636172642c757466383d302c756e695f786c6174653d302c666c7573682c73686f72746e616d653d6d697865642c73686f72746e616d653d6c6f7765722c646f733178666c6f7070792c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c757466382c0014697a7960fb374b722c64329787434c6c9f891d2e309efaf1d4e529e1ba0f697fedffb095592bc19d5a8f8141ee9bf46262f3a2b1452bf206c0e2ae8a465e6e1be6eeb5d588035a24458d476fc1f9a234cdc4ba352a41856102000000000000006357ee95fffb99cde923a6c2e7eee552c60119e2822287367b0526cec2098d6ef88304699e83b0d070ad82774d8cc230dc844fa4ed26ec244085d833e4e2309d01aea46150e5d791371358a8ecd02c1e8795d500af4694cc800962a672fd461d94ad695620623ccf81ae84a48df7d0ffafbb72f694c5e1bb70d4b394fd631e5801e7"], 0x3, 0x2b5, &(0x7f0000000380)="$eJzs3c9qY1UYAPDvpkkaLZIsXIngXczCjWUyWxdmkApiV0oW/gEdnBkYmjDQQGBUDF35BC5c+B7uXLlR3PgGgg/gziKFIze5TWKbpk1rWun8fpsezvm+nO/k3PYuLvf0s1f7ew+fDh4ffPV7NBpZVDrRicMsWlGJY6kUAMCtcJhS/Hmp+3u1sq6aAID1mrv/184I2Tzd9da6ywIA1uiDDz967/7u7s77ed6I6H8z7GYx+TkZv/84nkQvHsXdaMbR7FlASpP2O+/u7kQ1L7TiTn807BaZ/U9/nX9sUOS3oxmtxfntfGIufzTs1uLFiCyLeNIpCrkXzXj5VH4xvnNvQX506/F6o1xkMf92NOO3z+Np9OLh+JnGbP6v23n+dvr2ry8/LoKL/Gw07G6O42bSxnXvDQAAAAAAAAAAAAAAAAAAAAAAt9d2PtWKO/2iqzx/Z+NoPL79r/Hx+TqV8fgkP4uojxsnzgcapfj++Hydu3mep2wSPzvfpxqvVKN6YwsHAAAAAAAAAAAAAAAAAACA/5HBsy/2HvR6j/b/k0b5kv/0tf7Lfk5nrue1WB68udJcsVGGF7WejGn//El/2lMsYvXiD18a1vKIZTXXTvW8UNRz/hR/p5RSlkVcbZtqF5nrnMbW8pjiC/7xu6039h5k532HjeON+2F+qB77g2cn9jSyovHTLxfb7rTS5VdfElMvr5gLfc7WFX+J3vxjMlnZk62wilrZiLMuv8ZK1/M1/QECAAAAAAAAAAAAAAAAAACmZi/9Lhg8WJpaWVtRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDNZv//f4XGqExeHJNSGk176rE/uOElAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Bz4JwAA///l5m1V") unshare(0x80) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000080)={0xfc6, 0xfffffffffffffff7, 0x6976}) ptrace$pokeuser(0x6, r4, 0x388, 0x41d9fda7) pipe(&(0x7f0000000300)) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={0xffffffffffffffff, 0xe0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001000), 0x8, 0x3a, 0x8, 0x0, 0x0}}, 0x10) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000440)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@debug}, {@block_validity}, {@errors_remount}, {@debug}]}, 0x1, 0x44f, &(0x7f0000000640)="$eJzs28tvG8UfAPDvrpP219cvoSqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSoUIbVwMlp7N7Ed23nUiaH+fKRtZ3bXnfl6drwzO90A+tZI9kcSsTcifo2IoVq28YSR2l+3lxam/lpamEqiUnnjj6R63q2lhani1OJze4rMQET6SRKHW5Q7d+XqhclyeeZynh+bv/ju2NyVq8+cvzh5bubczKWJ06dPnhh/7tTEs12JM4vr1qEPZo8cfOWt669Nnbn+9o9fJ0X8TXF0yUing49XKl0urrf21aWTgR5WhA0p1bppDFb7/1CUYqXxhuLlj3taOWBLVSqVyn3tDy9WgLtYEr2uAdAbxY0+m//mW3Hr34bRR+/dfKE2Acpiv51vtSMDkebnDDbNb7tpJCLOLP79RbbFRp9DpFtUKQDgrvZtNv55umH8l48/0qh/LvT/fA1lOCLuiYj9EXEqIg5ExL0R1XPvj4gHWhWStC+/eZFk9fgnvbHp4NYhG/89n69tNY7/lgdXw6U8t68a/2By9nx55nj+nRyLwZ1ZfrxDGd+99Mtn7Y7Vj/+yLSu/GAvm9bgxsLPxM9OT85N3EnO9mx9FHBpoFX+yvBKQNd/BiDi0yTLOP/nVkSJ9uNR4bO34O+jCOlPly4gnau2/GE3xF5LO65Nj/4vyzPGx4qpY7aefr73ervw7ir8Lsvbf3fL6X45/OKlfr53beBnXfvu07Zxms9f/juTNhn3vT87PXx6P2JG8Wqt0/f6JpvMmVs7P4j92tHX/3x8r38Th7PpPIx6MiIci4uG87o9ExKMRcbRD/D+8+Ng7HeP/s138Ozv8q92RxT/d0P7FD1+79l9J7IjmPa0TpQvff9NQ6HBT/Gu2/8lq6li+Zz2/f+up1+auZgAAAPjvySb7eyNJR5fTaTo6Wvs//Adid1qenZt/6uzse5ema+8IDMdgWjzpGqp7HjqeT+uL/ERT/kT+3Pjz0q5qfnRqtjzd6+Chz+1p0/8zv5d6XTtgy3lfC/qX/g99q/49AKDPuP9D/2rR/3f1oh7A9mt1//+wB/UAtl9T/7fsB33E/B/6l/4P/Uv/h740tyvWfkleQmJVItJ/RTUktijR618mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7vgnAAD//wW66qg=") 12m19.995586663s ago: executing program 34 (id=605): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) set_tid_address(&(0x7f0000000ac0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) madvise(&(0x7f000004d000/0x2000)=nil, 0x2000, 0xb) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, 0x0, 0x20044000) r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) unshare(0x6020400) timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000440)={{0x0, 0x3938700}}, 0x0) ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, &(0x7f0000000340)) bpf$OBJ_GET_PROG(0x9, &(0x7f0000000600)=@generic={0x0, 0x11, 0x10}, 0xc) ptrace(0x10, r4) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d312c757466383d312c757466383d312c646973636172642c757466383d302c756e695f786c6174653d302c666c7573682c73686f72746e616d653d6d697865642c73686f72746e616d653d6c6f7765722c646f733178666c6f7070792c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c757466382c0014697a7960fb374b722c64329787434c6c9f891d2e309efaf1d4e529e1ba0f697fedffb095592bc19d5a8f8141ee9bf46262f3a2b1452bf206c0e2ae8a465e6e1be6eeb5d588035a24458d476fc1f9a234cdc4ba352a41856102000000000000006357ee95fffb99cde923a6c2e7eee552c60119e2822287367b0526cec2098d6ef88304699e83b0d070ad82774d8cc230dc844fa4ed26ec244085d833e4e2309d01aea46150e5d791371358a8ecd02c1e8795d500af4694cc800962a672fd461d94ad695620623ccf81ae84a48df7d0ffafbb72f694c5e1bb70d4b394fd631e5801e7"], 0x3, 0x2b5, &(0x7f0000000380)="$eJzs3c9qY1UYAPDvpkkaLZIsXIngXczCjWUyWxdmkApiV0oW/gEdnBkYmjDQQGBUDF35BC5c+B7uXLlR3PgGgg/gziKFIze5TWKbpk1rWun8fpsezvm+nO/k3PYuLvf0s1f7ew+fDh4ffPV7NBpZVDrRicMsWlGJY6kUAMCtcJhS/Hmp+3u1sq6aAID1mrv/184I2Tzd9da6ywIA1uiDDz967/7u7s77ed6I6H8z7GYx+TkZv/84nkQvHsXdaMbR7FlASpP2O+/u7kQ1L7TiTn807BaZ/U9/nX9sUOS3oxmtxfntfGIufzTs1uLFiCyLeNIpCrkXzXj5VH4xvnNvQX506/F6o1xkMf92NOO3z+Np9OLh+JnGbP6v23n+dvr2ry8/LoKL/Gw07G6O42bSxnXvDQAAAAAAAAAAAAAAAAAAAAAAt9d2PtWKO/2iqzx/Z+NoPL79r/Hx+TqV8fgkP4uojxsnzgcapfj++Hydu3mep2wSPzvfpxqvVKN6YwsHAAAAAAAAAAAAAAAAAACA/5HBsy/2HvR6j/b/k0b5kv/0tf7Lfk5nrue1WB68udJcsVGGF7WejGn//El/2lMsYvXiD18a1vKIZTXXTvW8UNRz/hR/p5RSlkVcbZtqF5nrnMbW8pjiC/7xu6039h5k532HjeON+2F+qB77g2cn9jSyovHTLxfb7rTS5VdfElMvr5gLfc7WFX+J3vxjMlnZk62wilrZiLMuv8ZK1/M1/QECAAAAAAAAAAAAAAAAAACmZi/9Lhg8WJpaWVtRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDNZv//f4XGqExeHJNSGk176rE/uOElAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Bz4JwAA///l5m1V") unshare(0x80) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000080)={0xfc6, 0xfffffffffffffff7, 0x6976}) ptrace$pokeuser(0x6, r4, 0x388, 0x41d9fda7) pipe(&(0x7f0000000300)) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={0xffffffffffffffff, 0xe0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001000), 0x8, 0x3a, 0x8, 0x0, 0x0}}, 0x10) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000440)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@debug}, {@block_validity}, {@errors_remount}, {@debug}]}, 0x1, 0x44f, &(0x7f0000000640)="$eJzs28tvG8UfAPDvrpP219cvoSqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSoUIbVwMlp7N7Ed23nUiaH+fKRtZ3bXnfl6drwzO90A+tZI9kcSsTcifo2IoVq28YSR2l+3lxam/lpamEqiUnnjj6R63q2lhani1OJze4rMQET6SRKHW5Q7d+XqhclyeeZynh+bv/ju2NyVq8+cvzh5bubczKWJ06dPnhh/7tTEs12JM4vr1qEPZo8cfOWt669Nnbn+9o9fJ0X8TXF0yUing49XKl0urrf21aWTgR5WhA0p1bppDFb7/1CUYqXxhuLlj3taOWBLVSqVyn3tDy9WgLtYEr2uAdAbxY0+m//mW3Hr34bRR+/dfKE2Acpiv51vtSMDkebnDDbNb7tpJCLOLP79RbbFRp9DpFtUKQDgrvZtNv55umH8l48/0qh/LvT/fA1lOCLuiYj9EXEqIg5ExL0R1XPvj4gHWhWStC+/eZFk9fgnvbHp4NYhG/89n69tNY7/lgdXw6U8t68a/2By9nx55nj+nRyLwZ1ZfrxDGd+99Mtn7Y7Vj/+yLSu/GAvm9bgxsLPxM9OT85N3EnO9mx9FHBpoFX+yvBKQNd/BiDi0yTLOP/nVkSJ9uNR4bO34O+jCOlPly4gnau2/GE3xF5LO65Nj/4vyzPGx4qpY7aefr73ervw7ir8Lsvbf3fL6X45/OKlfr53beBnXfvu07Zxms9f/juTNhn3vT87PXx6P2JG8Wqt0/f6JpvMmVs7P4j92tHX/3x8r38Th7PpPIx6MiIci4uG87o9ExKMRcbRD/D+8+Ng7HeP/s138Ozv8q92RxT/d0P7FD1+79l9J7IjmPa0TpQvff9NQ6HBT/Gu2/8lq6li+Zz2/f+up1+auZgAAAPjvySb7eyNJR5fTaTo6Wvs//Adid1qenZt/6uzse5ema+8IDMdgWjzpGqp7HjqeT+uL/ERT/kT+3Pjz0q5qfnRqtjzd6+Chz+1p0/8zv5d6XTtgy3lfC/qX/g99q/49AKDPuP9D/2rR/3f1oh7A9mt1//+wB/UAtl9T/7fsB33E/B/6l/4P/Uv/h740tyvWfkleQmJVItJ/RTUktijR618mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7vgnAAD//wW66qg=") 12m0.850618319s ago: executing program 5 (id=633): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000100)='./bus\x00', 0x1010000, &(0x7f0000000580)=ANY=[@ANYBLOB="757466383d312c726f6469722c756e695f786c6174653d302c636865636b3d7374726963742c757466383d302c756e695f786c6174653d302c726f6469722c636f6465706167653d3836362c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e39352c696f636861727365743d6d616363726f617469616e2c73686f72746e616d653d6d697865642c756e695f786c6174653d302c646973636172642c0075446e262f25fd37e87bbc0d0e6b98643b75cbf0c79e5a1253c8a327b0b715742b9830d9e0056d2527dec0f0053916"], 0x1, 0x369, &(0x7f0000000700)="$eJzs3U1oY1UbAOA3vWnSGfi+dicKQnQnaJnOTje2SAcGu1EJ/izE4HRUkiq0WGwX09aF4lJwqSt3CrpwIS5FUMSdC7eOIKPiQmc34OCR5OYmt0naaQerFJ9nkZy+57znnPtDcntJTp5bjPal6bh8/fq1mJmpRHXxkcW4UYm5yKKwG+NqE2IAwOlwI6X4PeWOmFI54SkBACes9/7/QkQ0Yi6PvP7lYe2Td38AOPX6//+fOazNzEEVr5zIlACAEzZ2///efdW1akQtqsWf1dKnAgCA0+qJp595dGkl4vFGYyZi7c3N5mYzHhrWL12Ol6ITq3EuZuNmRH6h0H2o9B4vXFxZPtdoNHbip7loRsRUP7GZXyksZb38eizEbMz187uXGqlXzi58srK80OiJiN2d3vixVtlsTsfZ/vjfn43V4YVH0UnvKeLiyvL5Rr+D5lqRvxOxN7xv0Z3/fMzGt88Pukmp+ATjyvKVhWLSw/zNZj0uDfbCgXdAAAAAAAAAAAAAAAAAAAAAAADgtsw3BuYG6+ek7nO+Us78/IT63vo4eX5/faC9fH2gVE+R0m+vPdB8K4t96wONrs+zaSFBAAAAAAAAAAAAAAAAAAAAGNjYqkWr01ld39jabpcLO+sbW1MR0Y28/PVHX5yJ8Ta3KFTzIeoRgyEa/WG3262UFY1TFjGennUHLyIffDqYcblNfbAVE6dRP7iq0/nfPT++O4zcnRU9/zlsk8XkDcxK03h4pOe1/+dTOs6OGhTOlyP18dGvppRKkTfK6VeeHe8wKhHV4x+47fZUHNwmdQtfXXvxzmLvtz5Pufvun33y6jvv/9JudbojR+8I1tY3bqZ2q1I0Pt5u6e7qIlKJvFApnwnVw9L39kda2Xe/PnXX298cbfRUjrzaPZ9H2mT55nw8ml7LC91pjlSdGaZP9zeiszo94eS/VeE2jukd7332YUo//HzkIYamxl42Kn/Pqw8AAAAAAAAAAAAAAAAAAFBW+q54X//LvtOHZT342MnPDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+OcPf/y8V9nZjJDIo7I5FBoU/diZk1VfXNyJq//ZmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwH/dXAAAA//+g5Vir") lsetxattr$system_posix_acl(&(0x7f0000000800)='./file0\x00', 0x0, 0x0, 0x0, 0x0) mkdir(0x0, 0x0) r3 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) r4 = add_key$fscrypt_v1(&(0x7f0000000080), 0x0, &(0x7f00000002c0)={0x0, "f19b0e6fe0ac93dadb8ffcb8a50d416fb3cd738cf7b0db95975f1e504f503006013aba37263b8b47da94eaa0b4055f0fc0d5129e7853725114099643c354b7af", 0x3f}, 0x48, 0xfffffffffffffffe) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000b, 0x204031, 0xffffffffffffffff, 0xd9417000) ioctl$KVM_TDX_GET_CPUID(0xffffffffffffffff, 0xc008aeba, &(0x7f0000000040)={0x5, 0x0, &(0x7f0000000380)={0x3, 0x0, [{0x80000008, 0x6, 0x3, 0x3, 0x68b, 0x3, 0x6}, {0x6, 0x6, 0x3, 0x9, 0x6, 0xdbe, 0x1d6}, {0xd, 0x4, 0x4, 0x1, 0x81, 0x8, 0x8000}]}}) r5 = socket$packet(0x11, 0x2, 0x300) r6 = socket$packet(0x11, 0x3, 0x300) r7 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000000), 0x8) setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000000)={0x200}, 0x4) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000400)={0x0, 0x1}, 0x4) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, 0x0, &(0x7f0000000180)=@keyring={'key_or_keyring:', r4}) 11m57.295197562s ago: executing program 5 (id=637): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000100)='./bus\x00', 0x1010000, &(0x7f0000000580)=ANY=[@ANYBLOB="757466383d312c726f6469722c756e695f786c6174653d302c636865636b3d7374726963742c757466383d302c756e695f786c6174653d302c726f6469722c636f6465706167653d3836362c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e39352c696f636861727365743d6d616363726f617469616e2c73686f72746e616d653d6d697865642c756e695f786c6174653d302c646973636172642c0075446e262f25fd37e87bbc0d0e6b98643b75cbf0c79e5a1253c8a327b0b715742b9830d9e0056d2527dec0f0053916"], 0x1, 0x369, &(0x7f0000000700)="$eJzs3U1oY1UbAOA3vWnSGfi+dicKQnQnaJnOTje2SAcGu1EJ/izE4HRUkiq0WGwX09aF4lJwqSt3CrpwIS5FUMSdC7eOIKPiQmc34OCR5OYmt0naaQerFJ9nkZy+57znnPtDcntJTp5bjPal6bh8/fq1mJmpRHXxkcW4UYm5yKKwG+NqE2IAwOlwI6X4PeWOmFI54SkBACes9/7/QkQ0Yi6PvP7lYe2Td38AOPX6//+fOazNzEEVr5zIlACAEzZ2///efdW1akQtqsWf1dKnAgCA0+qJp595dGkl4vFGYyZi7c3N5mYzHhrWL12Ol6ITq3EuZuNmRH6h0H2o9B4vXFxZPtdoNHbip7loRsRUP7GZXyksZb38eizEbMz187uXGqlXzi58srK80OiJiN2d3vixVtlsTsfZ/vjfn43V4YVH0UnvKeLiyvL5Rr+D5lqRvxOxN7xv0Z3/fMzGt88Pukmp+ATjyvKVhWLSw/zNZj0uDfbCgXdAAAAAAAAAAAAAAAAAAAAAAADgtsw3BuYG6+ek7nO+Us78/IT63vo4eX5/faC9fH2gVE+R0m+vPdB8K4t96wONrs+zaSFBAAAAAAAAAAAAAAAAAAAAGNjYqkWr01ld39jabpcLO+sbW1MR0Y28/PVHX5yJ8Ta3KFTzIeoRgyEa/WG3262UFY1TFjGennUHLyIffDqYcblNfbAVE6dRP7iq0/nfPT++O4zcnRU9/zlsk8XkDcxK03h4pOe1/+dTOs6OGhTOlyP18dGvppRKkTfK6VeeHe8wKhHV4x+47fZUHNwmdQtfXXvxzmLvtz5Pufvun33y6jvv/9JudbojR+8I1tY3bqZ2q1I0Pt5u6e7qIlKJvFApnwnVw9L39kda2Xe/PnXX298cbfRUjrzaPZ9H2mT55nw8ml7LC91pjlSdGaZP9zeiszo94eS/VeE2jukd7332YUo//HzkIYamxl42Kn/Pqw8AAAAAAAAAAAAAAAAAAFBW+q54X//LvtOHZT342MnPDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+OcPf/y8V9nZjJDIo7I5FBoU/diZk1VfXNyJq//ZmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwH/dXAAAA//+g5Vir") lsetxattr$system_posix_acl(&(0x7f0000000800)='./file0\x00', 0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) r3 = add_key$keyring(0x0, &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) r4 = add_key$fscrypt_v1(&(0x7f0000000080), 0x0, &(0x7f00000002c0)={0x0, "f19b0e6fe0ac93dadb8ffcb8a50d416fb3cd738cf7b0db95975f1e504f503006013aba37263b8b47da94eaa0b4055f0fc0d5129e7853725114099643c354b7af", 0x3f}, 0x48, 0xfffffffffffffffe) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000b, 0x204031, 0xffffffffffffffff, 0xd9417000) ioctl$KVM_TDX_GET_CPUID(0xffffffffffffffff, 0xc008aeba, &(0x7f0000000040)={0x5, 0x0, &(0x7f0000000380)={0x3, 0x0, [{0x80000008, 0x6, 0x3, 0x3, 0x68b, 0x3, 0x6}, {0x6, 0x6, 0x3, 0x9, 0x6, 0xdbe, 0x1d6}, {0xd, 0x4, 0x4, 0x1, 0x81, 0x8, 0x8000}]}}) r5 = socket$packet(0x11, 0x2, 0x300) r6 = socket$packet(0x11, 0x3, 0x300) r7 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000000), 0x8) setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000000)={0x200}, 0x4) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000400)={0x0, 0x1}, 0x4) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, 0x0, &(0x7f0000000180)=@keyring={'key_or_keyring:', r4}) 11m49.392665982s ago: executing program 5 (id=645): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) mknodat$loop(0xffffffffffffff9c, 0x0, 0x6000, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff2d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c767562a90a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e42e150d4a2fddd9a976774"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) fsopen(&(0x7f0000000280)='ceph\x00', 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=@can_newroute={0x14, 0x18, 0x1, 0x70bd29, 0x25dfdbfd, {0x1d, 0x1, 0x4}}, 0x14}}, 0x4c0c8) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r5, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000540)=@newlink={0x3c, 0x10, 0x401, 0x2, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2000, 0x41042}, [@IFLA_NET_NS_PID={0x8, 0x13, 0xffffffffffffffff}, @IFLA_IFNAME={0x14, 0x3, 'ip_vti0\x00'}]}, 0x3c}}, 0x0) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x117, 0x5, 0x101, 0x200}}) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0xc3, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2031}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x2}]}, @IFLA_GROUP={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20048054}, 0x0) 11m46.567046301s ago: executing program 5 (id=651): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) mknodat$loop(0xffffffffffffff9c, 0x0, 0x6000, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff2d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c767562a90a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e42e150d4a2fddd9a976774"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5}, 0x48) fsopen(&(0x7f0000000280)='ceph\x00', 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x4c0c8) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r5, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000540)=@newlink={0x3c, 0x10, 0x401, 0x2, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2000, 0x41042}, [@IFLA_NET_NS_PID={0x8, 0x13, 0xffffffffffffffff}, @IFLA_IFNAME={0x14, 0x3, 'ip_vti0\x00'}]}, 0x3c}}, 0x0) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x117, 0x5, 0x101, 0x200}}) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0xc3, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2031}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x2}]}, @IFLA_GROUP={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20048054}, 0x0) 11m37.848336497s ago: executing program 5 (id=657): openat$vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x202100, 0x0) chdir(&(0x7f0000000140)='./file0\x00') rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./bus\x00') r0 = socket$inet6_tcp(0xa, 0x1, 0x0) io_setup(0x6, &(0x7f0000000680)=0x0) io_submit(r1, 0x2, &(0x7f0000000240)=[&(0x7f0000000000)={0x180a, 0x0, 0x3, 0x1, 0x0, r0, 0x0}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7, 0x3, r0, &(0x7f00000006c0)="5810235a8c132d765b", 0x9, 0x1}]) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f00000000c0)) pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/225, 0xe1, 0x1) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d00)={0x14, 0x20, 0x1, 0x0, 0x0, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=") syz_mount_image$fuse(0x0, &(0x7f0000000140)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) lsetxattr$security_capability(&(0x7f0000000280)='./file1\x00', &(0x7f00000002c0), &(0x7f0000000340)=@v3={0x3000000, [{0x6, 0x3}, {0xa6d, 0xf1d}]}, 0x18, 0x1) chdir(&(0x7f00000003c0)='./bus\x00') truncate(&(0x7f0000000480)='./file1\x00', 0xf) 11m35.154657662s ago: executing program 5 (id=666): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000100)='./bus\x00', 0x1010000, &(0x7f0000000580)=ANY=[@ANYBLOB="757466383d312c726f6469722c756e695f786c6174653d302c636865636b3d7374726963742c757466383d302c756e695f786c6174653d302c726f6469722c636f6465706167653d3836362c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e39352c696f636861727365743d6d616363726f617469616e2c73686f72746e616d653d6d697865642c756e695f786c6174653d302c646973636172642c0075446e262f25fd37e87bbc0d0e6b98643b75cbf0c79e5a1253c8a327b0b715742b9830d9e0056d2527dec0f0053916"], 0x1, 0x369, &(0x7f0000000700)="$eJzs3U1oY1UbAOA3vWnSGfi+dicKQnQnaJnOTje2SAcGu1EJ/izE4HRUkiq0WGwX09aF4lJwqSt3CrpwIS5FUMSdC7eOIKPiQmc34OCR5OYmt0naaQerFJ9nkZy+57znnPtDcntJTp5bjPal6bh8/fq1mJmpRHXxkcW4UYm5yKKwG+NqE2IAwOlwI6X4PeWOmFI54SkBACes9/7/QkQ0Yi6PvP7lYe2Td38AOPX6//+fOazNzEEVr5zIlACAEzZ2///efdW1akQtqsWf1dKnAgCA0+qJp595dGkl4vFGYyZi7c3N5mYzHhrWL12Ol6ITq3EuZuNmRH6h0H2o9B4vXFxZPtdoNHbip7loRsRUP7GZXyksZb38eizEbMz187uXGqlXzi58srK80OiJiN2d3vixVtlsTsfZ/vjfn43V4YVH0UnvKeLiyvL5Rr+D5lqRvxOxN7xv0Z3/fMzGt88Pukmp+ATjyvKVhWLSw/zNZj0uDfbCgXdAAAAAAAAAAAAAAAAAAAAAAADgtsw3BuYG6+ek7nO+Us78/IT63vo4eX5/faC9fH2gVE+R0m+vPdB8K4t96wONrs+zaSFBAAAAAAAAAAAAAAAAAAAAGNjYqkWr01ld39jabpcLO+sbW1MR0Y28/PVHX5yJ8Ta3KFTzIeoRgyEa/WG3262UFY1TFjGennUHLyIffDqYcblNfbAVE6dRP7iq0/nfPT++O4zcnRU9/zlsk8XkDcxK03h4pOe1/+dTOs6OGhTOlyP18dGvppRKkTfK6VeeHe8wKhHV4x+47fZUHNwmdQtfXXvxzmLvtz5Pufvun33y6jvv/9JudbojR+8I1tY3bqZ2q1I0Pt5u6e7qIlKJvFApnwnVw9L39kda2Xe/PnXX298cbfRUjrzaPZ9H2mT55nw8ml7LC91pjlSdGaZP9zeiszo94eS/VeE2jukd7332YUo//HzkIYamxl42Kn/Pqw8AAAAAAAAAAAAAAAAAAFBW+q54X//LvtOHZT342MnPDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+OcPf/y8V9nZjJDIo7I5FBoU/diZk1VfXNyJq//ZmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwH/dXAAAA//+g5Vir") lsetxattr$system_posix_acl(&(0x7f0000000800)='./file0\x00', 0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) r3 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) r4 = add_key$fscrypt_v1(&(0x7f0000000080), 0x0, &(0x7f00000002c0)={0x0, "f19b0e6fe0ac93dadb8ffcb8a50d416fb3cd738cf7b0db95975f1e504f503006013aba37263b8b47da94eaa0b4055f0fc0d5129e7853725114099643c354b7af", 0x3f}, 0x48, 0xfffffffffffffffe) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000b, 0x204031, 0xffffffffffffffff, 0xd9417000) ioctl$KVM_TDX_GET_CPUID(0xffffffffffffffff, 0xc008aeba, &(0x7f0000000040)={0x5, 0x0, &(0x7f0000000380)}) r5 = socket$packet(0x11, 0x2, 0x300) r6 = socket$packet(0x11, 0x3, 0x300) r7 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000000), 0x8) setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000000)={0x200}, 0x4) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000400)={0x0, 0x1}, 0x4) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, 0x0, &(0x7f0000000180)=@keyring={'key_or_keyring:', r4}) 11m18.949053995s ago: executing program 35 (id=666): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000100)='./bus\x00', 0x1010000, &(0x7f0000000580)=ANY=[@ANYBLOB="757466383d312c726f6469722c756e695f786c6174653d302c636865636b3d7374726963742c757466383d302c756e695f786c6174653d302c726f6469722c636f6465706167653d3836362c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e39352c696f636861727365743d6d616363726f617469616e2c73686f72746e616d653d6d697865642c756e695f786c6174653d302c646973636172642c0075446e262f25fd37e87bbc0d0e6b98643b75cbf0c79e5a1253c8a327b0b715742b9830d9e0056d2527dec0f0053916"], 0x1, 0x369, &(0x7f0000000700)="$eJzs3U1oY1UbAOA3vWnSGfi+dicKQnQnaJnOTje2SAcGu1EJ/izE4HRUkiq0WGwX09aF4lJwqSt3CrpwIS5FUMSdC7eOIKPiQmc34OCR5OYmt0naaQerFJ9nkZy+57znnPtDcntJTp5bjPal6bh8/fq1mJmpRHXxkcW4UYm5yKKwG+NqE2IAwOlwI6X4PeWOmFI54SkBACes9/7/QkQ0Yi6PvP7lYe2Td38AOPX6//+fOazNzEEVr5zIlACAEzZ2///efdW1akQtqsWf1dKnAgCA0+qJp595dGkl4vFGYyZi7c3N5mYzHhrWL12Ol6ITq3EuZuNmRH6h0H2o9B4vXFxZPtdoNHbip7loRsRUP7GZXyksZb38eizEbMz187uXGqlXzi58srK80OiJiN2d3vixVtlsTsfZ/vjfn43V4YVH0UnvKeLiyvL5Rr+D5lqRvxOxN7xv0Z3/fMzGt88Pukmp+ATjyvKVhWLSw/zNZj0uDfbCgXdAAAAAAAAAAAAAAAAAAAAAAADgtsw3BuYG6+ek7nO+Us78/IT63vo4eX5/faC9fH2gVE+R0m+vPdB8K4t96wONrs+zaSFBAAAAAAAAAAAAAAAAAAAAGNjYqkWr01ld39jabpcLO+sbW1MR0Y28/PVHX5yJ8Ta3KFTzIeoRgyEa/WG3262UFY1TFjGennUHLyIffDqYcblNfbAVE6dRP7iq0/nfPT++O4zcnRU9/zlsk8XkDcxK03h4pOe1/+dTOs6OGhTOlyP18dGvppRKkTfK6VeeHe8wKhHV4x+47fZUHNwmdQtfXXvxzmLvtz5Pufvun33y6jvv/9JudbojR+8I1tY3bqZ2q1I0Pt5u6e7qIlKJvFApnwnVw9L39kda2Xe/PnXX298cbfRUjrzaPZ9H2mT55nw8ml7LC91pjlSdGaZP9zeiszo94eS/VeE2jukd7332YUo//HzkIYamxl42Kn/Pqw8AAAAAAAAAAAAAAAAAAFBW+q54X//LvtOHZT342MnPDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+OcPf/y8V9nZjJDIo7I5FBoU/diZk1VfXNyJq//ZmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwH/dXAAAA//+g5Vir") lsetxattr$system_posix_acl(&(0x7f0000000800)='./file0\x00', 0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) r3 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) r4 = add_key$fscrypt_v1(&(0x7f0000000080), 0x0, &(0x7f00000002c0)={0x0, "f19b0e6fe0ac93dadb8ffcb8a50d416fb3cd738cf7b0db95975f1e504f503006013aba37263b8b47da94eaa0b4055f0fc0d5129e7853725114099643c354b7af", 0x3f}, 0x48, 0xfffffffffffffffe) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000b, 0x204031, 0xffffffffffffffff, 0xd9417000) ioctl$KVM_TDX_GET_CPUID(0xffffffffffffffff, 0xc008aeba, &(0x7f0000000040)={0x5, 0x0, &(0x7f0000000380)}) r5 = socket$packet(0x11, 0x2, 0x300) r6 = socket$packet(0x11, 0x3, 0x300) r7 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000000), 0x8) setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000000)={0x200}, 0x4) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000400)={0x0, 0x1}, 0x4) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, 0x0, &(0x7f0000000180)=@keyring={'key_or_keyring:', r4}) 7m17.07468341s ago: executing program 7 (id=1019): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000003900), 0x34aa945a513d639, 0x0) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000580)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@block_validity}, {@errors_remount}, {@nombcache}]}, 0x1, 0x44f, &(0x7f0000000640)="$eJzs28tvG8UfAPDvrpP219cvoSqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSoUIbVwMlp7N7Ed23nUiaH+fKRtZ3bXnfl6drwzO90A+tZI9kcSsTcifo2IoVq28YSR2l+3lxam/lpamEqiUnnjj6R63q2lhani1OJze4rMQET6SRKHW5Q7d+XqhclyeeZynh+bv/ju2NyVq8+cvzh5bubczKWJ06dPnhh/7tTEs12JM4vr1qEPZo8cfOWt669Nnbn+9o9fJ0X8TXF0yUing49XKl0urrf21aWTgR5WhA0p1bppDFb7/1CUYqXxhuLlj3taOWBLVSqVyn3tDy9WgLtYEr2uAdAbxY0+m//mW3Hr34bRR+/dfKE2Acpiv51vtSMDkebnDDbNb7tpJCLOLP79RbbFRp9DpFtUKQDgrvZtNv55umH8l48/0qh/LvT/fA1lOCLuiYj9EXEqIg5ExL0R1XPvj4gHWhWStC+/eZFk9fgnvbHp4NYhG/89n69tNY7/lgdXw6U8t68a/2By9nx55nj+nRyLwZ1ZfrxDGd+99Mtn7Y7Vj/+yLSu/GAvm9bgxsLPxM9OT85N3EnO9mx9FHBpoFX+yvBKQNd/BiDi0yTLOP/nVkSJ9uNR4bO34O+jCOlPly4gnau2/GE3xF5LO65Nj/4vyzPGx4qpY7aefr73ervw7ir8Lsvbf3fL6X45/OKlfr53beBnXfvu07Zxms9f/juTNhn3vT87PXx6P2JG8Wqt0/f6JpvMmVs7P4j92tHX/3x8r38Th7PpPIx6MiIci4uG87o9ExKMRcbRD/D+8+Ng7HeP/s138Ozv8q92RxT/d0P7FD1+79l9J7IjmPa0TpQvff9NQ6HBT/Gu2/8lq6li+Zz2/f+up1+auZgAAAPjvySb7eyNJR5fTaTo6Wvs//Adid1qenZt/6uzse5ema+8IDMdgWjzpGqp7HjqeT+uL/ERT/kT+3Pjz0q5qfnRqtjzd6+Chz+1p0/8zv5d6XTtgy3lfC/qX/g99q/49AKDPuP9D/2rR/3f1oh7A9mt1//+wB/UAtl9T/7fsB33E/B/6l/4P/Uv/h740tyvWfkleQmJVItJ/RTUktijR618mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7vgnAAD//wW66qg=") r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r3, 0x40305829, 0x0) open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f) syz_emit_ethernet(0xe3, &(0x7f0000000280)={@local, @random="a65c7d43c3c3", @void, {@x25={0x805, {0x1, 0x3f, 0x1, "8542a6bdfb0dd5f1f5d07899f6f7d0f924283dde4c66c653158d53786c5a96604959ffd6f0a854c660107518d03a06a867d65b7d9a7e4945fc7902b1e33805c73b6f9b75d25696659ce012ffd50f7ef6c8e25b10fa0b46613734321b213d03e64d765083ed2bff43f194b5d7a3c5fee836c4b365d6ef41dac44f5d0d7f7064992d16643f5fe588bcd85e8eb3c54985881c8a0052bb79a40b3adf57e0c6f4c976b6638a6f2a2bc4e0dc95f9837c53611b5856262452d06c8bc55015a6f3a24963f2f83e35fe5241448c223b519a0d8025953c"}}}}, 0x0) ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000c80)={{0x2, 0x4e23, @broadcast}, {0x0, @remote}, 0x4, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 'sit0\x00'}) 7m4.178368082s ago: executing program 7 (id=1039): socket$tipc(0x1e, 0x5, 0x0) setpriority(0x0, 0x0, 0x2a14b58) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=0x0) socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8002, 0x7ff}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xfc778000) mincore(&(0x7f0000ff6000/0x8000)=nil, 0x8000, &(0x7f0000000080)=""/19) syz_usb_connect(0x2, 0x24, &(0x7f0000000580)=ANY=[], &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0}) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000a80)=0x1, 0x4) r2 = socket$inet6(0xa, 0x3, 0x88) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000980)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x3f, 0x0}, @in=@local, 0xee24, 0x0, 0x0, 0x3, 0x2}, {0x80000, 0x200000004, 0x40000000007, 0x20000a0de, 0x100000000, 0x0, 0x200000003, 0x9}, {0x5}, 0x5, 0x0, 0x1, 0x0, 0x4, 0x3}, {{@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x3502, 0x3, 0x8, 0x0, 0x9075, 0xef, 0xc5e}}, 0xe8) bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=@base={0xf, 0x4, 0x4, 0x1ff8000, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50) fchdir(0xffffffffffffffff) bpf$PROG_LOAD(0x5, 0x0, 0x0) open(0x0, 0x143142, 0x1a5) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000180)='./file1\x00', 0x2000098, &(0x7f0000000a40)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c646d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75650000000000000003667365743d30121df478303030383030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be27ef17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b73f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8eccec37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e676cc6e5b2e542e426bc1aab9b2cf261046247bce0565d13a6ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d27262802899786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4656e47fe5a25502919954242f8d771fc2acf14f2cee04696a9d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d32da887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab924472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893f64421a40f4822ffcc284dfe9ae1c6e4a04293c970f2dae776decf07b085eb5fdeda7d365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2c7fb0340a249135057f87882717e166ef509c14fdcf38f63141e4ed36737c6e55498b350f41c8caed3e347c149162b4c6ed629be8eaaa25d59747816197aff2cf68a42d73e8146c72fedb13027a9e285872a4ca5353cc354a0b0e2ce57275b34276d28d91b2c0c2fa1041f818ea96f65a3000057dfb8858cfd194f7431e4b734f848268c5a000f01000000010000000360236584faaf1a4d4fabd3b68929729fd406fa91186ac3d0d222e00c77ad726cdc16c8456d6f598254bda7c72b24a6b213162cd6e6f205d16a083b5bf85cd0ea669c18b5535a49d95389c186be0d5d6aaf673c3b675e34dbc89407aa23b2cd4f0d7674421b4896983d7958b0cf1c7c1322b944e316711ed73c720ac25fea464ea96fdf6be3f67430188cb9f1ea81316df61c875ff59c8ffa9ffe954ccb28f037ca003109618cff0ec917fc7abe19b6a10a0eae6c72b067e29580d666042466d68ce5d192fae5bdea0b94a9bfbd0efae746ff081eb028e5566a25db8f43ddd07c39db9bed54a8a9d5763d420000000000000000", @ANYRES16=0x0], 0xfc, 0x2c0, &(0x7f0000001300)="$eJzs3U9rI2UYAPBn8q+pHhLEiyI4oAdPZevVS6OsIPakRFAvBrcLkpSFFgJbwe6e9hN4FL+GV2+e/QaCV8Hb9lAZmcxMmrRJG/sX6u936dv3fZ93ns4zpKc8881bu8NHT5J4/vKPaLeTqG3FVhwl0Y1aVJ5FIwCA++Moy+LvLCKaxe/JypGN2s1lBQDcpOL/f+GucwEAbsfnX371aW97++FnadqONzovxv0kInZfjPvFeu9xfBej2IkH0YnjiGyqGH/8yfbDaKS5bry7ezjuj+fO7/0V65P4zehEd3H8Zloo4/sR+c9mvBJp9B43q6M68fri+PcXxEe/Fe+9M5P/RnTi92/jSYziUeSxJ/E/bKbpR9mPL7//Or9MHp/Uor822Vdaj8jqt1YUAAAAAAAAAAAAAAAAAAAAAADuvY00TYr2PZP+PflU2X+nfjxZ30gr3fn+PEX8tF9w0R8oi7JFz2EWP1X9dR6kaZqVG0/iG/Fmw4sFAAAAAAAAAAAAAAAAAAAAILf/9CCeRezs7T89GA5Go8sP6sPBqOoGUH2t/7IHbs3MvB0Hw0F9+YFrq19rtttAnuu5m6PRuI7bcvEgfl3P81my5+cy3/9+8lpMZ74ow6vCXCnn5qmZ1z6cZpiWS9VNHg6Si67Vrgr3y+xSK1bOJ0nmZia1He3sZZNH4jibr2l7yc1sXUMp82e09erCpX+yLFvtnA/+LGpUziSTFhurpdEsB0uflvbZWvy2/MClHxn1q37mAAAAAAAAAAAAAAAAAAAAi81/cfqU5+eG1m4sKQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4ZSfv/68G7YiYnzkzOCyDz9tTDlqxt3/HfyIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/A/8GAAD//1xwRP8=") fallocate(0xffffffffffffffff, 0x0, 0xbf5, 0x2000402) 6m59.923500249s ago: executing program 7 (id=1046): socket$tipc(0x1e, 0x5, 0x0) setpriority(0x0, 0x0, 0x2a14b58) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8002, 0x7ff}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xfc778000) mincore(&(0x7f0000ff6000/0x8000)=nil, 0x8000, &(0x7f0000000080)=""/19) syz_usb_connect(0x2, 0x24, &(0x7f0000000580)=ANY=[], &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0}) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000a80)=0x1, 0x4) r3 = socket$inet6(0xa, 0x3, 0x88) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000980)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x3f, 0x0}, @in=@local, 0xee24, 0x0, 0x0, 0x3, 0x2}, {0x80000, 0x200000004, 0x40000000007, 0x20000a0de, 0x100000000, 0x0, 0x200000003, 0x9}, {0x5}, 0x5, 0x0, 0x1, 0x0, 0x4, 0x3}, {{@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x3502, 0x3, 0x8, 0x0, 0x9075, 0xef, 0xc5e}}, 0xe8) bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=@base={0xf, 0x4, 0x4, 0x1ff8000, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) open(0x0, 0x143142, 0x1a5) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000180)='./file1\x00', 0x2000098, &(0x7f0000000a40)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c646d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75650000000000000003667365743d30121df478303030383030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be27ef17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b73f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8eccec37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e676cc6e5b2e542e426bc1aab9b2cf261046247bce0565d13a6ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d27262802899786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4656e47fe5a25502919954242f8d771fc2acf14f2cee04696a9d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d32da887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab924472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893f64421a40f4822ffcc284dfe9ae1c6e4a04293c970f2dae776decf07b085eb5fdeda7d365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2c7fb0340a249135057f87882717e166ef509c14fdcf38f63141e4ed36737c6e55498b350f41c8caed3e347c149162b4c6ed629be8eaaa25d59747816197aff2cf68a42d73e8146c72fedb13027a9e285872a4ca5353cc354a0b0e2ce57275b34276d28d91b2c0c2fa1041f818ea96f65a3000057dfb8858cfd194f7431e4b734f848268c5a000f01000000010000000360236584faaf1a4d4fabd3b68929729fd406fa91186ac3d0d222e00c77ad726cdc16c8456d6f598254bda7c72b24a6b213162cd6e6f205d16a083b5bf85cd0ea669c18b5535a49d95389c186be0d5d6aaf673c3b675e34dbc89407aa23b2cd4f0d7674421b4896983d7958b0cf1c7c1322b944e316711ed73c720ac25fea464ea96fdf6be3f67430188cb9f1ea81316df61c875ff59c8ffa9ffe954ccb28f037ca003109618cff0ec917fc7abe19b6a10a0eae6c72b067e29580d666042466d68ce5d192fae5bdea0b94a9bfbd0efae746ff081eb028e5566a25db8f43ddd07c39db9bed54a8a9d5763d420000000000000000", @ANYRES16=0x0], 0xfc, 0x2c0, &(0x7f0000001300)="$eJzs3U9rI2UYAPBn8q+pHhLEiyI4oAdPZevVS6OsIPakRFAvBrcLkpSFFgJbwe6e9hN4FL+GV2+e/QaCV8Hb9lAZmcxMmrRJG/sX6u936dv3fZ93ns4zpKc8881bu8NHT5J4/vKPaLeTqG3FVhwl0Y1aVJ5FIwCA++Moy+LvLCKaxe/JypGN2s1lBQDcpOL/f+GucwEAbsfnX371aW97++FnadqONzovxv0kInZfjPvFeu9xfBej2IkH0YnjiGyqGH/8yfbDaKS5bry7ezjuj+fO7/0V65P4zehEd3H8Zloo4/sR+c9mvBJp9B43q6M68fri+PcXxEe/Fe+9M5P/RnTi92/jSYziUeSxJ/E/bKbpR9mPL7//Or9MHp/Uor822Vdaj8jqt1YUAAAAAAAAAAAAAAAAAAAAAADuvY00TYr2PZP+PflU2X+nfjxZ30gr3fn+PEX8tF9w0R8oi7JFz2EWP1X9dR6kaZqVG0/iG/Fmw4sFAAAAAAAAAAAAAAAAAAAAILf/9CCeRezs7T89GA5Go8sP6sPBqOoGUH2t/7IHbs3MvB0Hw0F9+YFrq19rtttAnuu5m6PRuI7bcvEgfl3P81my5+cy3/9+8lpMZ74ow6vCXCnn5qmZ1z6cZpiWS9VNHg6Si67Vrgr3y+xSK1bOJ0nmZia1He3sZZNH4jibr2l7yc1sXUMp82e09erCpX+yLFvtnA/+LGpUziSTFhurpdEsB0uflvbZWvy2/MClHxn1q37mAAAAAAAAAAAAAAAAAAAAi81/cfqU5+eG1m4sKQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4ZSfv/68G7YiYnzkzOCyDz9tTDlqxt3/HfyIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/A/8GAAD//1xwRP8=") fallocate(0xffffffffffffffff, 0x0, 0xbf5, 0x2000402) 6m56.293606405s ago: executing program 7 (id=1053): socket$tipc(0x1e, 0x5, 0x0) setpriority(0x0, 0x0, 0x2a14b58) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8002, 0x7ff}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xfc778000) mincore(&(0x7f0000ff6000/0x8000)=nil, 0x8000, &(0x7f0000000080)=""/19) syz_usb_connect(0x2, 0x24, &(0x7f0000000580)=ANY=[], &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0}) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000a80)=0x1, 0x4) r3 = socket$inet6(0xa, 0x3, 0x88) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000980)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x3f, 0x0}, @in=@local, 0xee24, 0x0, 0x0, 0x3, 0x2}, {0x80000, 0x200000004, 0x40000000007, 0x20000a0de, 0x100000000, 0x0, 0x200000003, 0x9}, {0x5}, 0x5, 0x0, 0x1, 0x0, 0x4, 0x3}, {{@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x3502, 0x3, 0x8, 0x0, 0x9075, 0xef, 0xc5e}}, 0xe8) bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=@base={0xf, 0x4, 0x4, 0x1ff8000, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50) fchdir(0xffffffffffffffff) bpf$PROG_LOAD(0x5, 0x0, 0x0) open(0x0, 0x143142, 0x1a5) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, 0x0) syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000180)='./file1\x00', 0x2000098, &(0x7f0000000a40)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c646d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75650000000000000003667365743d30121df478303030383030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be27ef17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b73f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8eccec37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e676cc6e5b2e542e426bc1aab9b2cf261046247bce0565d13a6ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d27262802899786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4656e47fe5a25502919954242f8d771fc2acf14f2cee04696a9d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d32da887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab924472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893f64421a40f4822ffcc284dfe9ae1c6e4a04293c970f2dae776decf07b085eb5fdeda7d365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2c7fb0340a249135057f87882717e166ef509c14fdcf38f63141e4ed36737c6e55498b350f41c8caed3e347c149162b4c6ed629be8eaaa25d59747816197aff2cf68a42d73e8146c72fedb13027a9e285872a4ca5353cc354a0b0e2ce57275b34276d28d91b2c0c2fa1041f818ea96f65a3000057dfb8858cfd194f7431e4b734f848268c5a000f01000000010000000360236584faaf1a4d4fabd3b68929729fd406fa91186ac3d0d222e00c77ad726cdc16c8456d6f598254bda7c72b24a6b213162cd6e6f205d16a083b5bf85cd0ea669c18b5535a49d95389c186be0d5d6aaf673c3b675e34dbc89407aa23b2cd4f0d7674421b4896983d7958b0cf1c7c1322b944e316711ed73c720ac25fea464ea96fdf6be3f67430188cb9f1ea81316df61c875ff59c8ffa9ffe954ccb28f037ca003109618cff0ec917fc7abe19b6a10a0eae6c72b067e29580d666042466d68ce5d192fae5bdea0b94a9bfbd0efae746ff081eb028e5566a25db8f43ddd07c39db9bed54a8a9d5763d420000000000000000", @ANYRES16=0x0], 0xfc, 0x2c0, &(0x7f0000001300)="$eJzs3U9rI2UYAPBn8q+pHhLEiyI4oAdPZevVS6OsIPakRFAvBrcLkpSFFgJbwe6e9hN4FL+GV2+e/QaCV8Hb9lAZmcxMmrRJG/sX6u936dv3fZ93ns4zpKc8881bu8NHT5J4/vKPaLeTqG3FVhwl0Y1aVJ5FIwCA++Moy+LvLCKaxe/JypGN2s1lBQDcpOL/f+GucwEAbsfnX371aW97++FnadqONzovxv0kInZfjPvFeu9xfBej2IkH0YnjiGyqGH/8yfbDaKS5bry7ezjuj+fO7/0V65P4zehEd3H8Zloo4/sR+c9mvBJp9B43q6M68fri+PcXxEe/Fe+9M5P/RnTi92/jSYziUeSxJ/E/bKbpR9mPL7//Or9MHp/Uor822Vdaj8jqt1YUAAAAAAAAAAAAAAAAAAAAAADuvY00TYr2PZP+PflU2X+nfjxZ30gr3fn+PEX8tF9w0R8oi7JFz2EWP1X9dR6kaZqVG0/iG/Fmw4sFAAAAAAAAAAAAAAAAAAAAILf/9CCeRezs7T89GA5Go8sP6sPBqOoGUH2t/7IHbs3MvB0Hw0F9+YFrq19rtttAnuu5m6PRuI7bcvEgfl3P81my5+cy3/9+8lpMZ74ow6vCXCnn5qmZ1z6cZpiWS9VNHg6Si67Vrgr3y+xSK1bOJ0nmZia1He3sZZNH4jibr2l7yc1sXUMp82e09erCpX+yLFvtnA/+LGpUziSTFhurpdEsB0uflvbZWvy2/MClHxn1q37mAAAAAAAAAAAAAAAAAAAAi81/cfqU5+eG1m4sKQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4ZSfv/68G7YiYnzkzOCyDz9tTDlqxt3/HfyIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/A/8GAAD//1xwRP8=") fallocate(0xffffffffffffffff, 0x0, 0xbf5, 0x2000402) 6m52.543015655s ago: executing program 7 (id=1059): socket$tipc(0x1e, 0x5, 0x0) setpriority(0x0, 0x0, 0x2a14b58) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8002, 0x7ff}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xfc778000) mincore(&(0x7f0000ff6000/0x8000)=nil, 0x8000, &(0x7f0000000080)=""/19) syz_usb_connect(0x2, 0x24, &(0x7f0000000580)=ANY=[], &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0}) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000a80)=0x1, 0x4) r3 = socket$inet6(0xa, 0x3, 0x88) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000980)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x3f, 0x0}, @in=@local, 0xee24, 0x0, 0x0, 0x3, 0x2}, {0x80000, 0x200000004, 0x40000000007, 0x20000a0de, 0x100000000, 0x0, 0x200000003, 0x9}, {0x5}, 0x5, 0x0, 0x1, 0x0, 0x4, 0x3}, {{@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x3502, 0x3, 0x8, 0x0, 0x9075, 0xef, 0xc5e}}, 0xe8) bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=@base={0xf, 0x4, 0x4, 0x1ff8000, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) open(0x0, 0x143142, 0x1a5) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000180)='./file1\x00', 0x2000098, &(0x7f0000000a40)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c646d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75650000000000000003667365743d30121df478303030383030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be27ef17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b73f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8eccec37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e676cc6e5b2e542e426bc1aab9b2cf261046247bce0565d13a6ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d27262802899786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4656e47fe5a25502919954242f8d771fc2acf14f2cee04696a9d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d32da887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab924472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893f64421a40f4822ffcc284dfe9ae1c6e4a04293c970f2dae776decf07b085eb5fdeda7d365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2c7fb0340a249135057f87882717e166ef509c14fdcf38f63141e4ed36737c6e55498b350f41c8caed3e347c149162b4c6ed629be8eaaa25d59747816197aff2cf68a42d73e8146c72fedb13027a9e285872a4ca5353cc354a0b0e2ce57275b34276d28d91b2c0c2fa1041f818ea96f65a3000057dfb8858cfd194f7431e4b734f848268c5a000f01000000010000000360236584faaf1a4d4fabd3b68929729fd406fa91186ac3d0d222e00c77ad726cdc16c8456d6f598254bda7c72b24a6b213162cd6e6f205d16a083b5bf85cd0ea669c18b5535a49d95389c186be0d5d6aaf673c3b675e34dbc89407aa23b2cd4f0d7674421b4896983d7958b0cf1c7c1322b944e316711ed73c720ac25fea464ea96fdf6be3f67430188cb9f1ea81316df61c875ff59c8ffa9ffe954ccb28f037ca003109618cff0ec917fc7abe19b6a10a0eae6c72b067e29580d666042466d68ce5d192fae5bdea0b94a9bfbd0efae746ff081eb028e5566a25db8f43ddd07c39db9bed54a8a9d5763d420000000000000000", @ANYRES16=0x0], 0xfc, 0x2c0, &(0x7f0000001300)="$eJzs3U9rI2UYAPBn8q+pHhLEiyI4oAdPZevVS6OsIPakRFAvBrcLkpSFFgJbwe6e9hN4FL+GV2+e/QaCV8Hb9lAZmcxMmrRJG/sX6u936dv3fZ93ns4zpKc8881bu8NHT5J4/vKPaLeTqG3FVhwl0Y1aVJ5FIwCA++Moy+LvLCKaxe/JypGN2s1lBQDcpOL/f+GucwEAbsfnX371aW97++FnadqONzovxv0kInZfjPvFeu9xfBej2IkH0YnjiGyqGH/8yfbDaKS5bry7ezjuj+fO7/0V65P4zehEd3H8Zloo4/sR+c9mvBJp9B43q6M68fri+PcXxEe/Fe+9M5P/RnTi92/jSYziUeSxJ/E/bKbpR9mPL7//Or9MHp/Uor822Vdaj8jqt1YUAAAAAAAAAAAAAAAAAAAAAADuvY00TYr2PZP+PflU2X+nfjxZ30gr3fn+PEX8tF9w0R8oi7JFz2EWP1X9dR6kaZqVG0/iG/Fmw4sFAAAAAAAAAAAAAAAAAAAAILf/9CCeRezs7T89GA5Go8sP6sPBqOoGUH2t/7IHbs3MvB0Hw0F9+YFrq19rtttAnuu5m6PRuI7bcvEgfl3P81my5+cy3/9+8lpMZ74ow6vCXCnn5qmZ1z6cZpiWS9VNHg6Si67Vrgr3y+xSK1bOJ0nmZia1He3sZZNH4jibr2l7yc1sXUMp82e09erCpX+yLFvtnA/+LGpUziSTFhurpdEsB0uflvbZWvy2/MClHxn1q37mAAAAAAAAAAAAAAAAAAAAi81/cfqU5+eG1m4sKQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4ZSfv/68G7YiYnzkzOCyDz9tTDlqxt3/HfyIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/A/8GAAD//1xwRP8=") fallocate(0xffffffffffffffff, 0x0, 0xbf5, 0x2000402) 6m47.733522048s ago: executing program 7 (id=1077): write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x6, 0x248, 0x9b99}, 0x3a, [0xfffffff8, 0x0, 0x5, 0x10009, 0x8, 0x155f, 0x6, 0x2, 0x25cd, 0x401, 0x40000b4, 0xa, 0xb2b9, 0x4, 0x81, 0xe4, 0x6, 0xfc000000, 0x9, 0xbbf, 0x1000, 0x1, 0x48, 0x100d, 0x3, 0x12a0, 0x8000, 0x1, 0x7, 0x6, 0x7, 0x81, 0x40008a, 0x79, 0x2, 0x10001, 0x4, 0x91, 0x4, 0xe769, 0x16, 0x2, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x84, 0x9, 0xf9a2, 0x80000001, 0xff, 0x2, 0x2, 0x2, 0x2, 0x7, 0x8, 0x7, 0x5, 0x4007f, 0xffffffff, 0x6], [0x3, 0x16e, 0x6, 0xf6ca, 0x4, 0xda, 0xb8a9, 0x20000070, 0x8e, 0xd50, 0x7, 0x5, 0xfffffffe, 0x80d, 0x5, 0xa7, 0x1000, 0x101, 0x200b395, 0x400000, 0x80000000, 0x4, 0x19, 0x7, 0x400001, 0x3, 0x3, 0xb, 0xffffff7f, 0x401, 0x6, 0x200, 0x96, 0x0, 0xfffffff6, 0x401, 0x6, 0xf1, 0x6, 0x55a, 0x5, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x1, 0x0, 0x1ce, 0x1, 0x80000004, 0x80000001, 0x2, 0x2, 0x9, 0x95, 0x80000000, 0x4, 0xfffffff9, 0x40000003, 0x1000, 0xfffff804, 0x5], [0x2, 0xfffffffe, 0xfffc, 0x6, 0x2, 0x2e6bf783, 0xfffff100, 0x5, 0x400005, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x5, 0xee4b, 0x2008004, 0x1, 0x691, 0x5, 0x89, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xffe, 0x10000a, 0x8000, 0x401, 0x3e55, 0x9, 0xd3, 0x8, 0x3437, 0x2, 0xd, 0x7, 0x601, 0x101, 0x200dd80, 0x60a0, 0x1, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x4, 0x8000, 0x0, 0x3, 0xd500, 0x8, 0x77, 0x9, 0xa, 0x10000, 0x3, 0x8, 0x1], [0xa772, 0x2, 0x7, 0x1afa, 0xbfc, 0x8, 0x3, 0x7f, 0x55, 0x40, 0xc, 0x1005, 0x1, 0x8000007, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0xfffffeff, 0xffbffff7, 0x8, 0x7, 0x5396, 0x939, 0x6, 0x80008001, 0x7777, 0x7fffffff, 0x2, 0x100, 0xffffffff, 0x7ffffffe, 0x4009, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0x6, 0x10000, 0x0, 0x8004, 0x6fff, 0x2, 0x3, 0xf, 0xe, 0x10, 0x26c, 0x6, 0xfffffff9, 0x4, 0xfffffff8, 0x9, 0xf, 0x463f, 0x4, 0xdad, 0x8003, 0x8, 0x14000, 0x1, 0x9]}, 0x45c) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x40040, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000280)=@abs={0x0, 0x0, 0x4e20}, 0x6e) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$NILFS_IOCTL_GET_SUINFO(0xffffffffffffffff, 0x80186e84, &(0x7f0000000500)={&(0x7f0000000300), 0x0, 0x10, 0x7}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x8, 0x80000000, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0x8], 0x25000, 0x204344}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = dup(r4) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x9}], 0x1, 0x1d, 0x0, 0x0) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 6m39.467653823s ago: executing program 8 (id=1088): socket$tipc(0x1e, 0x5, 0x0) setpriority(0x0, 0x0, 0x2a14b58) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4) fcntl$lock(0xffffffffffffffff, 0x7, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xfc778000) mincore(&(0x7f0000ff6000/0x8000)=nil, 0x8000, &(0x7f0000000080)=""/19) syz_usb_connect(0x2, 0x24, &(0x7f0000000580)=ANY=[], &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0}) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000a80)=0x1, 0x4) r3 = socket$inet6(0xa, 0x3, 0x88) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000980)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x3f, 0x0}, @in=@local, 0xee24, 0x0, 0x0, 0x3, 0x2}, {0x80000, 0x200000004, 0x40000000007, 0x20000a0de, 0x100000000, 0x0, 0x200000003, 0x9}, {0x5}, 0x5, 0x0, 0x1, 0x0, 0x4, 0x3}, {{@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x3502, 0x3, 0x8, 0x0, 0x9075, 0xef, 0xc5e}}, 0xe8) bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=@base={0xf, 0x4, 0x4, 0x1ff8000, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50) fchdir(0xffffffffffffffff) bpf$PROG_LOAD(0x5, 0x0, 0x0) open(0x0, 0x143142, 0x1a5) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000180)='./file1\x00', 0x2000098, &(0x7f0000000a40)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c646d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75650000000000000003667365743d30121df478303030383030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be27ef17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b73f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8eccec37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e676cc6e5b2e542e426bc1aab9b2cf261046247bce0565d13a6ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d27262802899786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4656e47fe5a25502919954242f8d771fc2acf14f2cee04696a9d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d32da887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab924472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893f64421a40f4822ffcc284dfe9ae1c6e4a04293c970f2dae776decf07b085eb5fdeda7d365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2c7fb0340a249135057f87882717e166ef509c14fdcf38f63141e4ed36737c6e55498b350f41c8caed3e347c149162b4c6ed629be8eaaa25d59747816197aff2cf68a42d73e8146c72fedb13027a9e285872a4ca5353cc354a0b0e2ce57275b34276d28d91b2c0c2fa1041f818ea96f65a3000057dfb8858cfd194f7431e4b734f848268c5a000f01000000010000000360236584faaf1a4d4fabd3b68929729fd406fa91186ac3d0d222e00c77ad726cdc16c8456d6f598254bda7c72b24a6b213162cd6e6f205d16a083b5bf85cd0ea669c18b5535a49d95389c186be0d5d6aaf673c3b675e34dbc89407aa23b2cd4f0d7674421b4896983d7958b0cf1c7c1322b944e316711ed73c720ac25fea464ea96fdf6be3f67430188cb9f1ea81316df61c875ff59c8ffa9ffe954ccb28f037ca003109618cff0ec917fc7abe19b6a10a0eae6c72b067e29580d666042466d68ce5d192fae5bdea0b94a9bfbd0efae746ff081eb028e5566a25db8f43ddd07c39db9bed54a8a9d5763d420000000000000000", @ANYRES16=0x0], 0xfc, 0x2c0, &(0x7f0000001300)="$eJzs3U9rI2UYAPBn8q+pHhLEiyI4oAdPZevVS6OsIPakRFAvBrcLkpSFFgJbwe6e9hN4FL+GV2+e/QaCV8Hb9lAZmcxMmrRJG/sX6u936dv3fZ93ns4zpKc8881bu8NHT5J4/vKPaLeTqG3FVhwl0Y1aVJ5FIwCA++Moy+LvLCKaxe/JypGN2s1lBQDcpOL/f+GucwEAbsfnX371aW97++FnadqONzovxv0kInZfjPvFeu9xfBej2IkH0YnjiGyqGH/8yfbDaKS5bry7ezjuj+fO7/0V65P4zehEd3H8Zloo4/sR+c9mvBJp9B43q6M68fri+PcXxEe/Fe+9M5P/RnTi92/jSYziUeSxJ/E/bKbpR9mPL7//Or9MHp/Uor822Vdaj8jqt1YUAAAAAAAAAAAAAAAAAAAAAADuvY00TYr2PZP+PflU2X+nfjxZ30gr3fn+PEX8tF9w0R8oi7JFz2EWP1X9dR6kaZqVG0/iG/Fmw4sFAAAAAAAAAAAAAAAAAAAAILf/9CCeRezs7T89GA5Go8sP6sPBqOoGUH2t/7IHbs3MvB0Hw0F9+YFrq19rtttAnuu5m6PRuI7bcvEgfl3P81my5+cy3/9+8lpMZ74ow6vCXCnn5qmZ1z6cZpiWS9VNHg6Si67Vrgr3y+xSK1bOJ0nmZia1He3sZZNH4jibr2l7yc1sXUMp82e09erCpX+yLFvtnA/+LGpUziSTFhurpdEsB0uflvbZWvy2/MClHxn1q37mAAAAAAAAAAAAAAAAAAAAi81/cfqU5+eG1m4sKQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4ZSfv/68G7YiYnzkzOCyDz9tTDlqxt3/HfyIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/A/8GAAD//1xwRP8=") fallocate(0xffffffffffffffff, 0x0, 0xbf5, 0x2000402) 6m36.412862021s ago: executing program 8 (id=1094): write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x6, 0x248, 0x9b99}, 0x3a, [0xfffffff8, 0x0, 0x5, 0x10009, 0x8, 0x155f, 0x6, 0x2, 0x25cd, 0x401, 0x40000b4, 0xa, 0xb2b9, 0x4, 0x81, 0xe4, 0x6, 0xfc000000, 0x9, 0xbbf, 0x1000, 0x1, 0x48, 0x100d, 0x3, 0x12a0, 0x8000, 0x1, 0x7, 0x6, 0x7, 0x81, 0x40008a, 0x79, 0x2, 0x10001, 0x4, 0x91, 0x4, 0xe769, 0x16, 0x2, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x84, 0x9, 0xf9a2, 0x80000001, 0xff, 0x2, 0x2, 0x2, 0x2, 0x7, 0x8, 0x7, 0x5, 0x4007f, 0xffffffff, 0x6], [0x3, 0x16e, 0x6, 0xf6ca, 0x4, 0xda, 0xb8a9, 0x20000070, 0x8e, 0xd50, 0x7, 0x5, 0xfffffffe, 0x80d, 0x5, 0xa7, 0x1000, 0x101, 0x200b395, 0x400000, 0x80000000, 0x4, 0x19, 0x7, 0x400001, 0x3, 0x3, 0xb, 0xffffff7f, 0x401, 0x6, 0x200, 0x96, 0x0, 0xfffffff6, 0x401, 0x6, 0xf1, 0x6, 0x55a, 0x5, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x1, 0x0, 0x1ce, 0x1, 0x80000004, 0x80000001, 0x2, 0x2, 0x9, 0x95, 0x80000000, 0x4, 0xfffffff9, 0x40000003, 0x1000, 0xfffff804, 0x5], [0x2, 0xfffffffe, 0xfffc, 0x6, 0x2, 0x2e6bf783, 0xfffff100, 0x5, 0x400005, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x5, 0xee4b, 0x2008004, 0x1, 0x691, 0x5, 0x89, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xffe, 0x10000a, 0x8000, 0x401, 0x3e55, 0x9, 0xd3, 0x8, 0x3437, 0x2, 0xd, 0x7, 0x601, 0x101, 0x200dd80, 0x60a0, 0x1, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x4, 0x8000, 0x0, 0x3, 0xd500, 0x8, 0x77, 0x9, 0xa, 0x10000, 0x3, 0x8, 0x1], [0xa772, 0x2, 0x7, 0x1afa, 0xbfc, 0x8, 0x3, 0x7f, 0x55, 0x40, 0xc, 0x1005, 0x1, 0x8000007, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0xfffffeff, 0xffbffff7, 0x8, 0x7, 0x5396, 0x939, 0x6, 0x80008001, 0x7777, 0x7fffffff, 0x2, 0x100, 0xffffffff, 0x7ffffffe, 0x4009, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0x6, 0x10000, 0x0, 0x8004, 0x6fff, 0x2, 0x3, 0xf, 0xe, 0x10, 0x26c, 0x6, 0xfffffff9, 0x4, 0xfffffff8, 0x9, 0xf, 0x463f, 0x4, 0xdad, 0x8003, 0x8, 0x14000, 0x1, 0x9]}, 0x45c) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x40040, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000280)=@abs={0x0, 0x0, 0x4e20}, 0x6e) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$NILFS_IOCTL_GET_SUINFO(0xffffffffffffffff, 0x80186e84, &(0x7f0000000500)={&(0x7f0000000300), 0x0, 0x10, 0x7}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x8, 0x80000000, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0x8], 0x25000, 0x204344}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = dup(r4) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x9}], 0x1, 0x1d, 0x0, 0x0) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 6m32.499282976s ago: executing program 36 (id=1077): write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x6, 0x248, 0x9b99}, 0x3a, [0xfffffff8, 0x0, 0x5, 0x10009, 0x8, 0x155f, 0x6, 0x2, 0x25cd, 0x401, 0x40000b4, 0xa, 0xb2b9, 0x4, 0x81, 0xe4, 0x6, 0xfc000000, 0x9, 0xbbf, 0x1000, 0x1, 0x48, 0x100d, 0x3, 0x12a0, 0x8000, 0x1, 0x7, 0x6, 0x7, 0x81, 0x40008a, 0x79, 0x2, 0x10001, 0x4, 0x91, 0x4, 0xe769, 0x16, 0x2, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x84, 0x9, 0xf9a2, 0x80000001, 0xff, 0x2, 0x2, 0x2, 0x2, 0x7, 0x8, 0x7, 0x5, 0x4007f, 0xffffffff, 0x6], [0x3, 0x16e, 0x6, 0xf6ca, 0x4, 0xda, 0xb8a9, 0x20000070, 0x8e, 0xd50, 0x7, 0x5, 0xfffffffe, 0x80d, 0x5, 0xa7, 0x1000, 0x101, 0x200b395, 0x400000, 0x80000000, 0x4, 0x19, 0x7, 0x400001, 0x3, 0x3, 0xb, 0xffffff7f, 0x401, 0x6, 0x200, 0x96, 0x0, 0xfffffff6, 0x401, 0x6, 0xf1, 0x6, 0x55a, 0x5, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x1, 0x0, 0x1ce, 0x1, 0x80000004, 0x80000001, 0x2, 0x2, 0x9, 0x95, 0x80000000, 0x4, 0xfffffff9, 0x40000003, 0x1000, 0xfffff804, 0x5], [0x2, 0xfffffffe, 0xfffc, 0x6, 0x2, 0x2e6bf783, 0xfffff100, 0x5, 0x400005, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x5, 0xee4b, 0x2008004, 0x1, 0x691, 0x5, 0x89, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xffe, 0x10000a, 0x8000, 0x401, 0x3e55, 0x9, 0xd3, 0x8, 0x3437, 0x2, 0xd, 0x7, 0x601, 0x101, 0x200dd80, 0x60a0, 0x1, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x4, 0x8000, 0x0, 0x3, 0xd500, 0x8, 0x77, 0x9, 0xa, 0x10000, 0x3, 0x8, 0x1], [0xa772, 0x2, 0x7, 0x1afa, 0xbfc, 0x8, 0x3, 0x7f, 0x55, 0x40, 0xc, 0x1005, 0x1, 0x8000007, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0xfffffeff, 0xffbffff7, 0x8, 0x7, 0x5396, 0x939, 0x6, 0x80008001, 0x7777, 0x7fffffff, 0x2, 0x100, 0xffffffff, 0x7ffffffe, 0x4009, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0x6, 0x10000, 0x0, 0x8004, 0x6fff, 0x2, 0x3, 0xf, 0xe, 0x10, 0x26c, 0x6, 0xfffffff9, 0x4, 0xfffffff8, 0x9, 0xf, 0x463f, 0x4, 0xdad, 0x8003, 0x8, 0x14000, 0x1, 0x9]}, 0x45c) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x40040, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000280)=@abs={0x0, 0x0, 0x4e20}, 0x6e) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$NILFS_IOCTL_GET_SUINFO(0xffffffffffffffff, 0x80186e84, &(0x7f0000000500)={&(0x7f0000000300), 0x0, 0x10, 0x7}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x8, 0x80000000, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0x8], 0x25000, 0x204344}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = dup(r4) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x9}], 0x1, 0x1d, 0x0, 0x0) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 6m25.407223643s ago: executing program 8 (id=1145): prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x23f}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) io_setup(0x6, 0x0) symlinkat(&(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, 0x0) openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000240)={0x450303, 0x8, 0x11}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000}) epoll_create(0x5) socket$netlink(0x10, 0x3, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') read$FUSE(r3, &(0x7f0000004180)={0x2020}, 0x2020) r4 = bpf$MAP_CREATE(0x0, 0x0, 0x50) r5 = socket$inet_tcp(0x2, 0x1, 0x0) listen(r5, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000580)={r4, &(0x7f0000000480), 0x0}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000010c0)={{r4}, &(0x7f0000001040), &(0x7f0000001080)=r5}, 0x20) r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000440)={{}, &(0x7f0000000380), &(0x7f0000000400)='%ps \x00'}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x16, &(0x7f0000000100)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@map_val={0x18, 0x8, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x8}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x4}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x101, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x0, r6, 0x8, &(0x7f0000000300)={0x1, 0x1}, 0x8, 0x10, &(0x7f0000000340)={0x5, 0xe, 0x5, 0x5}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000580)=[{0x0, 0x1, 0xa, 0x8}, {0x1, 0x2, 0x1, 0x7}, {0x0, 0x2, 0x5, 0x6}], 0x10, 0x7}, 0x94) 6m21.313431944s ago: executing program 8 (id=1149): openat$vsock(0xffffffffffffff9c, 0x0, 0x202100, 0x0) rename(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) io_setup(0x6, 0x0) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x1) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=") syz_mount_image$fuse(0x0, &(0x7f0000000140)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) lsetxattr$security_capability(&(0x7f0000000280)='./file1\x00', &(0x7f00000002c0), 0x0, 0x0, 0x1) chdir(&(0x7f00000003c0)='./bus\x00') truncate(0x0, 0xf) 6m20.264884067s ago: executing program 8 (id=1162): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000280)={[{@oldalloc}, {@nodioread_nolock}, {@sb={'sb', 0x3d, 0x7ff}}, {}, {@journal_dev={'journal_dev', 0x3d, 0x5}}, {@grpjquota}, {@noquota}]}, 0x1, 0x5d5, &(0x7f0000000d40)="$eJzs3U1oG9kdAPD/jKzYSZw6hRbakkNoCymEyB9J2rQn51oaCORQyKU1smKCZStYchsbQ517KM2hX+SS3tpDjy099FB66bGnQi/9OC+EjdmFOIddLZJGjmPLjpxE0sb6/WDs9+aN5/9/Hr3nmWEGBzC0zje+pBFfjYibScTErraRyBrPt7bb3toovtjaKCZRr9/6MIkkIp5vbRTb2yfZ99MRsRkRX4mIv+cjLqY7uzzRLlTX1hfnyuXSSlafrC3dm6yurV+6uzS3UFooLV/+znevXrtydXpmene6L+q7a/mj9fXhfx/9/OE/v//k0R/+eG6z+Mu5JGZjPGtr9+P2r462z9dJskRn96y/8m7DDFwy6AR4I7lsnDeG0pdjInLZqO+kvntyGO1LekAP1Ucj6jt2FfdrTwyHbQO8V5K3GNBmBHiftc8DGte/7aWf5x9Pr7cuQBpxt7c2ij+LdvyR1r2JGGtem5z6KHnlyqRxvXm2n4lyLG0+iIipkZH9n/8k+/y9ual3kSA99bfrrQO1//inO/NPdJh/xtv3Tt9Se/7bzua/7Q7xcwfMfze7jPHJ7f//9sD4D0bjax3jJzvxkw7x04j4cZfxH//wL9cOaqv/LuJCdI7flhx+f3jyzt1yaar1tWOMv144972D+x9x6oD4rXu2Y81Edvf/RJZT2mX///yPP31985D43/rG4ce/0+//ZET8osv4X3z++x8c1Pb0QfKscRZw1OOfRD6edBn/27Pn/5MV3TUEAAAAAAAAAIB3KG0+y5akhZ1ymhYKrXd4vxSn0nKlWrt4p7K6PN965u1s5NP2k1YTrXrSqE9nz+O26zN76pdzWcDcyWa9UKyU5wfcdwAAAAAAAAAAAAAAAAAAAPi8OL3n/f+Pc833/2cjZs4MOjegDw7+l9/AcWf8w/B6dfwnA8sD6D9//2Fo1Y1/GF7djv9cj/MA+s/ffxhexj8Mr47j/2T/8wD6b9/4HxtMHkD/Of8HAAAAAAAAAAAAAAAAAAAAAAAAAICeuHnjRmOpv9jaKDbq8yNrq4uVn1yaL1UXC0urxUKxsnKvsFCpLJRLhWJl6XX7SyqVe1OxvHp/slaq1iara+s/WqqsLrf/p2gp3/MeAQAAAAAAAAAAAAAAAAAAwPtnvLkkaSEi36qnaaEQcSYiziaR3LlbLk1FxBci4t+5/GijPj3opAEAAAAAAAAAAAAAAAAAAOCYqa6tL86Vy6WV3hVGslDd/dT/aj3NZ+QoG0fEZsem9m/vyGk09njYNv+KiH1N+Sxac81Yz4/X8S7kuvwcDn1hMPMRAAAAAAAAAAAAAAAAAAAMs5cv/Xb7E5/2NiEAAAAAAAAAAAAAAAAAAAAYSukHSUQ0lgsT3xzf23oi2c41v0fETx/f+vX9uVptZbqx/tnO+tpvsvUzg8gf6FZ7nKYR0RjHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEvVtfXFuXK5tJIV6qMRr645vDDaxTaD7iMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm/gsAAD//6jwu5Q=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x183042, 0x15) pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xe7c) r1 = openat(0xffffffffffffff9c, 0x0, 0x183042, 0x15) truncate(&(0x7f0000000280)='./file1\x00', 0xca2) pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xe7c) 6m5.809459289s ago: executing program 8 (id=1230): sched_setscheduler(0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0) socket$nl_route(0x10, 0x3, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0) lstat(&(0x7f00000066c0)='./file0\x00', &(0x7f0000006700)) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000a00)=@newsa={0x170, 0x10, 0x633, 0x0, 0x0, {{@in6=@private0, @in6=@private1}, {@in=@dev, 0x0, 0x32}, @in6=@dev={0xfe, 0x80, '\x00', 0xb}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x20, {0x0, 0x4e21, 0x0, @in=@local}}, @encap={0x1c, 0x4, {0x2}}]}, 0x170}}, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000006780), 0x585000, 0x0) openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000006d00), 0x9ba1a4c7bbf4496a, 0x0) sendmmsg$unix(r1, &(0x7f0000006d80), 0x0, 0x20000014) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r5, 0x0, 0x14) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x38, 0x10, 0x801, 0x4000000, 0xfffffffc, {0x0, 0x0, 0x4c, 0x0, 0x204e9, 0x500}, [@IFLA_GROUP={0x8}, @IFLA_OPERSTATE={0x5, 0x10, 0x5}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x4529}]}, 0x38}, 0x1, 0xffffa888}, 0x20000880) 6m5.79811136s ago: executing program 37 (id=1230): sched_setscheduler(0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0) socket$nl_route(0x10, 0x3, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0) lstat(&(0x7f00000066c0)='./file0\x00', &(0x7f0000006700)) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000a00)=@newsa={0x170, 0x10, 0x633, 0x0, 0x0, {{@in6=@private0, @in6=@private1}, {@in=@dev, 0x0, 0x32}, @in6=@dev={0xfe, 0x80, '\x00', 0xb}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x20, {0x0, 0x4e21, 0x0, @in=@local}}, @encap={0x1c, 0x4, {0x2}}]}, 0x170}}, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000006780), 0x585000, 0x0) openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000006d00), 0x9ba1a4c7bbf4496a, 0x0) sendmmsg$unix(r1, &(0x7f0000006d80), 0x0, 0x20000014) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r5, 0x0, 0x14) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x38, 0x10, 0x801, 0x4000000, 0xfffffffc, {0x0, 0x0, 0x4c, 0x0, 0x204e9, 0x500}, [@IFLA_GROUP={0x8}, @IFLA_OPERSTATE={0x5, 0x10, 0x5}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x4529}]}, 0x38}, 0x1, 0xffffa888}, 0x20000880) 58.892386896s ago: executing program 6 (id=2548): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) futimesat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f00000000c0), 0xf00) bind$can_raw(r3, &(0x7f0000000080), 0x10) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000002180)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r4, 0xffffffffffffffff, 0x0) 56.942090948s ago: executing program 6 (id=2551): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x14, 0x0, 0x321, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x24044094}, 0x4) 56.928744119s ago: executing program 6 (id=2552): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000080)="67400f07c40249af4b8bb9800000c00f3235010200000f300f20a366450f769e00000100440f20c03588001d00445b66baf80cb88cf4b684ef66bafc0ced460f01c9c4827d24c366ba4cf0ff07ef87f345a57a43e16806a4", 0x58}], 0x1, 0x7c, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000001c0)={{0x200000, 0x10000, 0x4, 0x9, 0xfd, 0xe4, 0x40, 0x8, 0x0, 0x2b, 0x16}, {0x200000, 0x10000, 0x3, 0x0, 0x40, 0x5, 0x7d, 0x6, 0x5, 0x3, 0x3, 0xb5}, {0xeeef0000, 0xf000, 0x0, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa8, 0x4, 0x4}, {0x80a0000, 0x80a0000, 0xf, 0x6, 0x4, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe}, {0x10000, 0xe000, 0xb, 0x3, 0x3, 0x6, 0xab, 0x7f, 0x7, 0x2, 0xdb}, {0x1000, 0x100000, 0xc, 0x7, 0xb1, 0x8, 0x21, 0x81, 0x80, 0x0, 0x1}, {0x3000, 0x8000000, 0x4, 0x1, 0x2, 0x5, 0xb, 0x3, 0x5, 0x81, 0x1, 0x70}, {0x100000, 0x1000, 0x9, 0x5, 0xf, 0x7, 0xc, 0x34, 0x2, 0xc, 0xb0, 0x9}, {0x0, 0x1000}, {0x2000, 0x5}, 0x80000031, 0x0, 0x8000000, 0x2024, 0x3, 0x500, 0x3000, [0xf90000000000, 0x4, 0x80, 0xfff]}) close_range(r0, 0xffffffffffffffff, 0x0) 56.9158239s ago: executing program 6 (id=2553): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) set_tid_address(&(0x7f0000000ac0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) madvise(&(0x7f000004d000/0x2000)=nil, 0x2000, 0xb) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, 0x0, 0x20044000) sched_setaffinity(0x0, 0x0, 0x0) r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) unshare(0x6020400) timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000440)={{0x0, 0x3938700}}, 0x0) ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, &(0x7f0000000340)) bpf$OBJ_GET_PROG(0x9, &(0x7f0000000600)=@generic={0x0, 0x11, 0x10}, 0xc) ptrace(0x10, r4) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d312c757466383d312c757466383d312c646973636172642c757466383d302c756e695f786c6174653d302c666c7573682c73686f72746e616d653d6d697865642c73686f72746e616d653d6c6f7765722c646f733178666c6f7070792c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c757466382c0014697a7960fb374b722c64329787434c6c9f891d2e309efaf1d4e529e1ba0f697fedffb095592bc19d5a8f8141ee9bf46262f3a2b1452bf206c0e2ae8a465e6e1be6eeb5d588035a24458d476fc1f9a234cdc4ba352a41856102000000000000006357ee95fffb99cde923a6c2e7eee552c60119e2822287367b0526cec2098d6ef88304699e83b0d070ad82774d8cc230dc844fa4ed26ec244085d833e4e2309d01aea46150e5d791371358a8ecd02c1e8795d500af4694cc800962a672fd461d94ad695620623ccf81ae84a48df7d0ffafbb72f694c5e1bb70d4b394fd631e5801e7"], 0x3, 0x2b5, &(0x7f0000000380)="$eJzs3c9qY1UYAPDvpkkaLZIsXIngXczCjWUyWxdmkApiV0oW/gEdnBkYmjDQQGBUDF35BC5c+B7uXLlR3PgGgg/gziKFIze5TWKbpk1rWun8fpsezvm+nO/k3PYuLvf0s1f7ew+fDh4ffPV7NBpZVDrRicMsWlGJY6kUAMCtcJhS/Hmp+3u1sq6aAID1mrv/184I2Tzd9da6ywIA1uiDDz967/7u7s77ed6I6H8z7GYx+TkZv/84nkQvHsXdaMbR7FlASpP2O+/u7kQ1L7TiTn807BaZ/U9/nX9sUOS3oxmtxfntfGIufzTs1uLFiCyLeNIpCrkXzXj5VH4xvnNvQX506/F6o1xkMf92NOO3z+Np9OLh+JnGbP6v23n+dvr2ry8/LoKL/Gw07G6O42bSxnXvDQAAAAAAAAAAAAAAAAAAAAAAt9d2PtWKO/2iqzx/Z+NoPL79r/Hx+TqV8fgkP4uojxsnzgcapfj++Hydu3mep2wSPzvfpxqvVKN6YwsHAAAAAAAAAAAAAAAAAACA/5HBsy/2HvR6j/b/k0b5kv/0tf7Lfk5nrue1WB68udJcsVGGF7WejGn//El/2lMsYvXiD18a1vKIZTXXTvW8UNRz/hR/p5RSlkVcbZtqF5nrnMbW8pjiC/7xu6039h5k532HjeON+2F+qB77g2cn9jSyovHTLxfb7rTS5VdfElMvr5gLfc7WFX+J3vxjMlnZk62wilrZiLMuv8ZK1/M1/QECAAAAAAAAAAAAAAAAAACmZi/9Lhg8WJpaWVtRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDNZv//f4XGqExeHJNSGk176rE/uOElAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Bz4JwAA///l5m1V") unshare(0x80) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000080)={0xfc6, 0xfffffffffffffff7, 0x6976}) ptrace$pokeuser(0x6, r4, 0x388, 0x41d9fda7) pipe(0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={0xffffffffffffffff, 0xe0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001000), 0x8, 0x3a, 0x8, 0x0, 0x0}}, 0x10) 54.311401023s ago: executing program 6 (id=2560): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e21, 0x5, @ipv4={'\x00', '\xff\xff', @empty}, 0x7}, 0x1c) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c) r1 = fcntl$dupfd(r0, 0x406, r0) write$cgroup_pid(r1, 0x0, 0x0) writev(r1, &(0x7f0000005340)=[{&(0x7f0000000300)="a7c1d70ee629c0080008c5fd54", 0xd}, {&(0x7f0000000100)="c268c89450e5ac2465ceffe55436518cdd334d27d371578f0bff0d496d654c529e83c54c3132806f3fd66f91672f20c654e4d1491c4bb571f1", 0x39}, {&(0x7f0000000400)="2ccc04cb57ac20f97a9627127442ef6ef893fc38eb05f11fd1b1a46d3cee6de4eaf4eda5b6d4f864e6b7cc18fb720ef8d205464a38ecb5af2e8c8261f2818d6d62a7db73c1cca4278ba36b58ba3dae1ef4f9e879be9ac8d53b52e2284c447cec4572896e97df1cdde86edf44b00641f4f41ccf2f628aa5076e75709b77321d8c1ebd77f805905226e93bd76439772766f4b1dd614b92fcdb5cd95df257dfdcdddd44216bacbdbd462de284c6410abc39e34726337ad70804a83dbdd6caf174fc5deb0860f3309a1a715c78d77cde7b502b6bcff8e39389935518c9c7f75659266bc5c6476c2d39ffc735d6bbc01328a0a0d9962aaf1f4c12e918dcb48dd5f35c7c6aff254c433d0a80e0c228c04a199a50820cc262dd2b2b9530d4ee760cd7fd8a99716fba8d02e0899228c56303014f807d3509f2912fefb397720b41657a2ccdd417e4a4f738a94bc87324a77e60ae0ea6fdd38b358315d505134b44a34151681ca649e2b12d647ff4b1bd8ac299c514d9d41f891126ec14d83c36aaa8d8b52c3f32bf0a391fc7cdca48bf51a4263080c75c3c509a80b97c820271ce7bb87e68ff2829c5afb7f5ad98ef76f08ba6a07da836fa7132960e764b9ce6cf89a41076f2c99a99e1bf7d2f185d96e7d8d07c5c5c2734d7ceaa8da8ea0d4e77d00c68e7a278d7892b161e92246c2ed7c9f3d8f6c614a364579ddb3f11e32099674a280233c0d254bef7feb367a453460f726a2632187525fb69d52d3cf820d4c87f6b8038bbce2a2a717c11425439bc76f12b34dc254ea208b4d652e12234c5704c6eb5cdd0d48db7dd61213306b1e1b1f6e25bed9a6bc8754054f5013965d115a38c7a1371557fac2ffeacfd18878d341239e46454924ed3d1ff162462edabf8a784b9027e8bf481760da3e0f138a9b9a0aaba73896aacc0e94d54502c3a41de1189d85b3b1d09f5c20c5de8dabcaf7c99ad775179e6c38e85f34790c03cba6d78ec130617cdda8e107f7d56904ced107e982d46212c253fe82ef3a0b3d5c80464ef3ad4542cc429f494c87f4f46c59f37001ac503c369860672f8ef16c40db4a6d01d1732c061219ecbbdc3d8252a56a02e7029673aaa5dc3a03b713e6e44bb0bcf552e920ba5c016da31a51475ff5019abd650319f62b4bec695da0a4b90169d5df1fb23927bdc077c0c289ce347ed11ec474bf77ff3dacac679fee79387d40e724c5b13e7af067fc135b729f9afebb0f40e86d5d432abd7c52e80eb8f9464329dd356d40f1f51b45a923eeac6f0ac472701ef0c701c237029a416ec339d23e56e7ed1572d61e4693515c874d3b9a18d202fd52ec7538c0a981270331f60f0cd01c91e9a5b98f1f305e8f94d4bfe53328cc6e725a0df007a2458ba8c3af5c5c5aad75f052b654406b6f83b5f047aef35e4b79710a5c745e27116cbf11dc17e1d9f0043eec973217bb40ae7660650b35424795312a3f3f73014175aaaa7aece6617203ac4001c6adaf2b8990725471538672b7c6369da504dbec53ff38c450bb9004d4f28baca78d250ea0208e21583ee9324069f88e919b7468ef048354a92161420071d4c3eebd87e2e1e512ea2f93e34a564d038e219dbadfe2ed8fec12f56302cca5500fea427e90882baa8058590677af9a47618d328063cb572af363d1bfcf5d1c39928fa85925daac8cde49406415c193d20a2a1385f364e2d46e95c2e0734a12bae73838ab6952af8c053732ab2661eb1e92f69f009294ae7f944a6d8ec8f45721a22550e1e054af335f39670801d61c9b2ec4f925a062476a0e28c780d40f2b5199a8a513f5af088a09a5a2b95f07929b257f915c344cb232074c8a0672a9021ed310377ad6ba7a797b82c67945d4166ea400598cd926b6fd02aac04733b80a92793cfe4163d1585b92b7d0cd4c551139241d1eaca4000c61696bb530cab56c700a987e475096615738cebc0863e8742c7a9018b14ef6c8d96eaaec89463377076f9f8f40d5212a3d74fdada2d815e6ab7b4bc6abcc312ce4abea2e382629e8b20531f50352ed898ba9c482a6247ed51b773f2c0ff90453e4fa1f207539c6f01ed2622636e166048dd3199513d8e0a755e594b48b93781ba8c258510fe083a2ed03be4c483481311d8a68bcddadb9bb68e3e937fb234f17d9059d904ef", 0x600}], 0x3) read$FUSE(r1, &(0x7f0000002300)={0x2020}, 0x2020) 54.230243866s ago: executing program 6 (id=2561): r0 = socket(0x10, 0x3, 0x0) sched_setscheduler(0x0, 0x1, 0x0) openat(0xffffffffffffff9c, 0x0, 0x181242, 0x148) r1 = open(0x0, 0x14927e, 0x68) fallocate(r1, 0x0, 0x0, 0x1001ed) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0xffffd000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, 0x0, 0x0) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0xffffffffffffff4a, &(0x7f0000000200)={&(0x7f0000000080)={0x18, 0x16, 0xa01}, 0x78}}, 0x0) recvmmsg$unix(r0, &(0x7f00000011c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x2, 0x0) 38.77149917s ago: executing program 38 (id=2561): r0 = socket(0x10, 0x3, 0x0) sched_setscheduler(0x0, 0x1, 0x0) openat(0xffffffffffffff9c, 0x0, 0x181242, 0x148) r1 = open(0x0, 0x14927e, 0x68) fallocate(r1, 0x0, 0x0, 0x1001ed) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0xffffd000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, 0x0, 0x0) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0xffffffffffffff4a, &(0x7f0000000200)={&(0x7f0000000080)={0x18, 0x16, 0xa01}, 0x78}}, 0x0) recvmmsg$unix(r0, &(0x7f00000011c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x2, 0x0) 6.783963953s ago: executing program 2 (id=2768): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000001540)='./file0\x00', 0x0, &(0x7f0000000500), 0x1, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") r0 = open(&(0x7f0000000300)='./file1\x00', 0x14927e, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000300)={0x0, {}, 0x0, {}, 0x20007, 0x0, 0x200040, 0xd, "22536af39b7c7cb7435b0a43852dbc3a9ada34cc97af10fd4fcca15748328c53096c2f359e9ba743d30b59c491a7b3e74d938981061383374a1d79471a2d2dfe", "04106d0c31ef6c1f02a4aa6d0c5aa9263626c0240010f9db74161ccff2c5cf5e", [0x10000004e, 0x6]}) fallocate(r0, 0x3, 0x36e, 0x10000) 6.703807655s ago: executing program 2 (id=2769): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_GET_LAPIC(r4, 0x8400ae8e, &(0x7f0000000640)) 6.629143858s ago: executing program 2 (id=2774): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000300)={0x200000, 0x200000, 0xfffffffe}) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) open(0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0xc0001, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x14) 6.56610062s ago: executing program 2 (id=2778): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r2, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @loopback}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4040000}, 0x0) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x20, r2, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x5}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20008060}, 0x4000800) 6.487448003s ago: executing program 2 (id=2779): syz_emit_ethernet(0x46, &(0x7f0000000000)={@multicast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, '\x00', 0x10, 0x3a, 0xff, @local, @loopback, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x2d, 0x6, 0x999, 0x5932}}}}}}, 0x0) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0x50, 0x0, &(0x7f0000000000)="ff", 0x0, 0x36, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x50) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000008b40)=ANY=[@ANYBLOB="3400000040000100f8ff0700040000000100000004004880100001800c00108008010b00", @ANYRES32=r1, @ANYBLOB="0c0002"], 0x34}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094) 6.436258444s ago: executing program 2 (id=2781): syz_read_part_table(0x61f, &(0x7f0000000d00)="$eJzs272LXGUUB+DfnZ29MxM/Fv8C02VNk8BiFRKQZRlEyAZEk0KiaSTNVFtYrRl1RVJsYqEG0qxFQFwX0lhJEAIx7KYJxEYJWCUiQUGwEFf0ynzurIVIshbC8xR3znnPmXvemXlvOeF/rZZP381UL6oaf6/1F+rT47zodSXdjDtfWj+58PLbJ54b1Pq2f3s/yXQ1NUirRjF5y9YomLtW76yuN/Jsks/3//7TY6knKdOt9ctlbl0+nWZSK/9x+8Obd3uXqYn16tww+OqJf/lF8FBmlw5eL7p3RumRfZ1TZ8s8U9u4vZ1a/wyNf4pJ+/Pi3sy/evTmTHMYf9Nevtf+ofbLz+3jl9YOlReT4sHhfmXyaGTf6NQUezC/88fJ8rMrN+ZX7rfmNkcbWV4YPTTnz2xXAxNP1+N7MBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP/G7NLB608Xd576opWPt45tHdnXOXV248D8uY3bJ6aTfFL0u5o51EiKP5Ni561vJU8+8vyrR2/OvLNSVZnpZcv32j9msd4+fmntWHmxlQMPDg/7XutfV799/Y1BXm01Uz7y9KTTSnLlxvzK/dbc5guLix9M58Ms58uVN+tJyvNn0ho0Fr1xtTJff/RqlTT2YDQAAAAAAAAAAAAAAAAAAACMLTRSH8WvlEnWnr/bi6tGLoybyp0/vH/XC6pk7lq9s7refu/C7LAwbOjeTbpJvr91+fTEmM3m4LW+M60f/FpV1e4NdUfB0tSu9eaurOg1Nh/yM7PjrwAAAP//UQR5Yw==") syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x3004017, &(0x7f0000000200)={[{@nodiscard}, {@nomblk_io_submit}], [{@smackfsfloor={'smackfsfloor', 0x3d, '/}\"\x86\x11Z\x81\x00\x00\x00\xd0T7g\x02\xe8\n\x01\xc2+'}}, {@dont_measure}, {@context={'context', 0x3d, 'staff_u'}}, {@subj_role={'subj_role', 0x3d, '-'}}]}, 0x43, 0x507, &(0x7f0000000fc0)="$eJzs3UFvI1cdAPD/TOI0u03rlHJoV6JUbVG2grWThrYRh7ZICE6VgHIPIXGiKE4cxU67iSqUig+AhBAgcYFTL0h8ACTUj4CQKpU7ggqEYAsHDlBXHo/TbNbepLuOZ3f9+0mz897MvPz/Lys/z3hexgGMracj4rWImIiI5yOinG+fiog0IpY7laPucR/deHu1syTRbr/xzySSfFvvZyX5+uFuk5iOiO9+K+IHSb/Ih1sr9XptL69VW9u71ebB4bXN7ZWN2kZtZ3Fx4aWll5deXJq/qdWvPrgyuDPp4F2zEfHKNz782Y/f/eYrv//KW39e/vvVH3bSmsn3n+zHMHW7Xsp+Fz2TEbF3EcEKMpn1EACA+8HjEfG5iHgmO/8vx0R2Njd1ZrvpkWQHAAAADEP71Zn4XxLRPqdn4vzHAgAAAPeGNJsDm6SVfPrsTKRppdKdw/v5uJzWG83Wl9cb+ztr3f2zUUrXN+u1+Xyu8GyUkk59IZ9j26u/cKq+GBGPRcRPy5eyemW1UV8r+sMPAAAAGBMPn7r+/0+5e/3/7s1/0LlbWIIAAADAcMwWnQAAAABw4e7k+t8DAAEAAOD+4v4/AAAAPNC+/frrnaXd+/7rtTcP9rcab15bqzW3Ktv7q5XVxt5uZaPR2Mie2bd91s+rNxq7X42d/evVVq3ZqjYPDpe3G/s7reVNMwYAAACgKI998b0/JRFx9LVL2dLxZNFJASORfpaD/3pxeQCjN1F0AkBhJotOAChMqegEgMIlZ+x/dNCOPww/FwAA4GLMPXnr/f9y0UkBI/GZ7v8DAA8E9/9hfJXMAISx9+gZ48DAh3fccv//1QEHttt3kBYAADBEM9mSpJX8XuBMpGmlEvFI9rUApWR9s16bz+f/flAuPdSpL2QtkzPnDAMAAAAAAAAAAAAAAAAAAAAAAAAAXe12Em0AAADggRaR/i3JnuYfMVd+bub05wNTyX/L2Toi3vrlGz+/vtJq7S10tv/reHvrF/n2F4r4BAMAAADGxIdnfBPfx58We9fpvet4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABimj268vdpbRhn3H1+PiNl+8SdjOltPRykiLv87ickT7ZKImBhC/KN3IuKJfvGTTloxm2fRL/6lkcdPjtulQ4gN4+69zvjzWr/XXxpPZ+v+r//JfLlbg8e/9Hj8mxgw/jxyzhhX3v9tdWD8dyKuTPYff3rxkyzarfGfPWf873/v8PBE9aGT+9q/jpjr+/6T3BSr2trerTYPDq9tbq9s1DZqO4uLCy8tvbz04tJ8dX2zXsv/7Rv/J1/43ce36//lAfFnj/vf//f/3Dn7///3r994vFss9Yt/9dn+779PDIif5u99X8rLnf1zvfJRt3zSU7/541O36//agP5Pn9H/q+fs//Pf+dFfznkoADACzYPDrZV6vbbXPMjO0bLC8Zb7rdA5vbqL5pHeE70Yp8LU3fx/KVxgoeiRCQAAGLZPT/qLzgQAAAAAAAAAAAAAAAAAAADG1ygeJ3Y65lExXQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuK1PAgAA//9Vgc8S") 959.315339ms ago: executing program 4 (id=2884): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}}, &(0x7f00000001c0)='syzkaller\x00'}, 0x94) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r0, r2, 0x25, 0x4, @val=@netfilter={0x7, 0x0, 0x9}}, 0x20) syz_emit_ethernet(0xe, &(0x7f0000000880)=ANY=[], 0x0) 942.86256ms ago: executing program 4 (id=2886): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000040)=0x1000000, 0x4) bind$xdp(r0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000200)={'veth1_to_bridge\x00', &(0x7f0000000600)=@ethtool_per_queue_op={0x4b, 0xf, [0x1330, 0x16ae3513, 0x10, 0x9, 0x7, 0xff, 0xab, 0xa, 0x84, 0x3, 0xf, 0x1, 0x8, 0x5, 0x5b3, 0x2, 0x4, 0x7, 0xfffffc01, 0x80000000, 0x5090f989, 0x1, 0x2, 0x10001, 0x3fffc00, 0x3, 0x1, 0x6, 0x400, 0x0, 0x0, 0x2, 0x99b, 0x3, 0xda, 0x9, 0x9, 0x8c, 0x0, 0xd6, 0x6, 0x44c, 0xd, 0x7, 0x0, 0xfb1, 0xb, 0x6, 0x7, 0x4d1, 0x4, 0x167, 0x3, 0x874a, 0x1, 0x7, 0xffffffff, 0xf, 0x6, 0x38, 0x8d, 0x1ff, 0x9, 0xffff, 0x1c02, 0xb, 0x0, 0x9, 0x7fff, 0xc6, 0x0, 0x40, 0x4, 0x9605, 0xfffffffb, 0xffffffff, 0xadd7, 0x7c3, 0x9, 0x0, 0xd73, 0x40000, 0x4, 0x4, 0x8, 0x2e66, 0x80, 0x5, 0x86a2, 0x6, 0x8, 0x2, 0x9, 0x3, 0x800, 0x9, 0x8001, 0x3, 0xfffffffe, 0xd6, 0x7, 0x401, 0x8a, 0x7f0, 0x8000, 0x4, 0x93f, 0x8, 0x2, 0x10001, 0x8001, 0x6, 0x9b, 0x62, 0x7, 0x0, 0x3, 0x1000, 0x8, 0x6, 0xc0000000, 0x55, 0x8, 0x3ff, 0x8, 0x5b5, 0x6, 0x4]}}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0) 904.181881ms ago: executing program 4 (id=2888): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000540)=0x189d, 0x1a) recvmmsg(r0, &(0x7f0000004c00)=[{{0x0, 0x0, 0x0}, 0xb393}], 0x400000000000071, 0x0, 0x0) 689.848158ms ago: executing program 9 (id=2896): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000009c0), r0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000a00)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(r0, &(0x7f0000000ac0)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x1c, r1, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 689.773058ms ago: executing program 9 (id=2897): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x200080c0, &(0x7f00000001c0)={0xa, 0x2, 0x8000, @loopback, 0x8}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000140)='cdg', 0x3) close(0x3) 689.517948ms ago: executing program 9 (id=2898): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001680), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r0, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000000)={0x94, r1, 0x1, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_REKEY_DATA={0x78, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "d2896b5685e969ea"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="541770ec5cb24f5fadcda7208f08df8cdda6d2f84452ce101d992c0239451c8e"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="de892b6d498b409b5db25210755504657d891bcd39d14a16"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="919eb0ef5a8a6c07002c1df380d243ca"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="c854b7526919db15a756101755ac4142"}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x4c}, 0x4050) 676.283508ms ago: executing program 9 (id=2900): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000009c0)={'ip6tnl0\x00', &(0x7f0000000900)={'ip6gre0\x00', 0x0, 0x4, 0xc8, 0x3, 0x10000, 0x28, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast2, 0x8000, 0x20, 0x400, 0x1cbc8000}}) 614.10029ms ago: executing program 9 (id=2901): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x6c}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 613.94019ms ago: executing program 9 (id=2902): r0 = socket$inet6(0xa, 0x400000000001, 0x0) bind$inet6(r0, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000040)=0x63, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x20000808, &(0x7f00000001c0)={0xa, 0x4e20, 0x8, @loopback, 0x2}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x7b36, 0x4) sendto$inet6(r0, &(0x7f0000000140)="84caae8b2543f31cd7a7acde8174049e68eeb1e3b770505ff1df2e", 0x1b, 0x0, 0x0, 0x0) recvfrom$inet6(r0, &(0x7f0000000300)=""/242, 0xf2, 0x80, 0x0, 0x0) 308.10976ms ago: executing program 1 (id=2908): socket$packet(0x11, 0x3, 0x300) r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @remote}, 0x14) syz_emit_ethernet(0x3a, &(0x7f0000000700)=ANY=[], 0x0) 288.244141ms ago: executing program 1 (id=2910): close(0xffffffffffffffff) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="640000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000000000008001240000000000500050002000000050004000000000016000300686173683a6e65742c706f72742c6e6574"], 0x64}}, 0x0) sendmsg(r0, &(0x7f0000000000)={0x0, 0x46, &(0x7f00000000c0), 0x1}, 0x40000) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0, 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) 234.951792ms ago: executing program 0 (id=2912): r0 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x41, 0x0, 0x0) recvfrom$inet(r0, 0x0, 0x0, 0x720, 0x0, 0x0) ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000040)) 234.834492ms ago: executing program 1 (id=2913): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0x5}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x8, 0x830, 0x5, 0xffffffff}}}}]}, 0x48}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r4) sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) 234.747422ms ago: executing program 0 (id=2914): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000500)={'macvlan0\x00', 0x0}) r2 = socket(0x400000000010, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd21, 0xfbffffff, {0x0, 0x0, 0x0, r1, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x3}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xfffffe5a}}]}, 0x38}}, 0x400) 187.673734ms ago: executing program 0 (id=2915): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="a8020000400007012bbd700000dcdf25037c00000400c280100001800c0010800800", @ANYRES32], 0x2a8}, 0x1, 0x0, 0x0, 0x4c090}, 0xc000) 169.514785ms ago: executing program 0 (id=2916): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) 101.698287ms ago: executing program 0 (id=2917): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) sendmsg$TIPC_NL_PUBL_GET(r0, 0x0, 0x4000001) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(0x0, r0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000026c0), r0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000002700)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_PMK(r0, &(0x7f0000002800)={0x0, 0x0, &(0x7f00000027c0)={&(0x7f0000002740)={0x1c, r2, 0x1, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40000810}, 0x4) write$rfkill(0xffffffffffffffff, 0x0, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$netlink(0x10, 0x3, 0xf) syz_genetlink_get_family_id$ethtool(0x0, r0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f0000002940), 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_DEBUG_SET(r4, 0x0, 0x20008040) syz_genetlink_get_family_id$nl80211(0x0, r1) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) 101.543837ms ago: executing program 0 (id=2918): r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f00000001c0)={0x1d, r1}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}, 0x7fffffff}, {{0x0, 0x0, 0x0}, 0x7}], 0x2, 0x40000002, 0x0) setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f00000003c0)=0x1, 0x4) sendmsg$can_raw(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@can={{0x1, 0x0, 0x1}, 0x8, 0x2, 0x0, 0x0, "328ba2c744205309"}, 0x10}}, 0xd209f6d814823b07) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000023, 0x13, 0xffffffffffffffff, 0x0) 85.604458ms ago: executing program 1 (id=2919): sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, 0x0, 0x0) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0) r0 = socket$netlink(0x10, 0x3, 0xc) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 62.768248ms ago: executing program 1 (id=2920): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xe}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x5, 0x7, 0xb3}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@newqdisc={0x58, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xffffbddc, {0x0, 0x0, 0x0, r3, {0x10}, {}, {0xe, 0x1}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x200000, 0xe, 0x7, 0x7, 0x9, 0x40, 0xffffffff, 0x2}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4040098}, 0x4000) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000002940)=@newqdisc={0x434, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xffff7dfc, {0x0, 0x0, 0x0, r6, {0x10}, {}, {0x2, 0x3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x0, 0x4f0d, 0x5, 0x10001, 0x8, 0x10000, 0x80, 0x288, 0x5, 0x9, 0x2, 0xfff, 0xdfd, 0x1, 0x7887, 0x5, 0xdd16, 0x392, 0x31aa, 0x7fff, 0x2, 0xfffff98c, 0x4, 0x4e, 0x100, 0xa, 0x9, 0x2, 0x11, 0xffffffff, 0x3, 0x4, 0x1000, 0x800, 0x7, 0x1, 0x9, 0xd, 0x7, 0xa4f, 0x2, 0xc, 0x3, 0x0, 0xfffffff2, 0x74, 0x4, 0x4, 0xffffffff, 0x6, 0x3, 0x1000, 0x6, 0x5, 0x71d, 0x2, 0xffff, 0x6, 0x6, 0x80000000, 0xce0, 0x9, 0xea5, 0x8, 0x200, 0x4, 0x8001, 0xa8, 0x9, 0x10, 0x9, 0x10000, 0x2, 0x7fff, 0xc, 0x7, 0x4800, 0x8, 0x6, 0xe87, 0x7f, 0x6, 0x0, 0x4800, 0x1, 0x12, 0x18b, 0x6, 0x2, 0x5, 0x1, 0x40, 0x5, 0x1, 0x0, 0x1da35084, 0x4, 0x1, 0x9, 0x7, 0x0, 0x4, 0x8, 0x4, 0x2, 0x0, 0x7, 0x200, 0x3, 0x8001, 0xa000, 0x0, 0x7a69, 0x764064d2, 0x92, 0x2, 0xbdc9, 0x3, 0xff, 0x2, 0x10, 0x5, 0x10000, 0x100, 0x5, 0x1022075d, 0x8, 0x5, 0x5, 0xfffffffe, 0x7f, 0x101, 0x4, 0xb, 0x9, 0x27, 0xff, 0x1, 0xf64a, 0xa78c, 0x5, 0x6, 0x7, 0xffff4fc5, 0x8, 0x77, 0x385, 0x3ff, 0x100, 0x2, 0x5, 0x4, 0x7, 0xb9, 0x7, 0x1, 0xb8, 0xffffff2a, 0x6, 0x8001, 0x6, 0x8, 0x3ff, 0x2, 0x6, 0x0, 0x6, 0x7fff, 0x80, 0x2, 0x5aeb, 0xe, 0x80000001, 0x39, 0x5, 0xa05, 0x3, 0x9, 0x72, 0x5, 0x4, 0x5, 0xba, 0x3, 0xc3, 0x8, 0x6, 0x7f, 0x5, 0xe8f0, 0x55, 0x8, 0x0, 0x7, 0x0, 0x8, 0x410, 0xffff03a4, 0xa8, 0x39b5, 0x8, 0xf3, 0x4, 0x10001, 0x0, 0x7f, 0x2, 0x7fff, 0x7, 0x401, 0x4, 0x1, 0x8, 0x2, 0x7, 0x2, 0x1, 0x2, 0x8, 0xffff, 0x0, 0x9, 0xc0e, 0x41, 0xf, 0xffff, 0xfffffff7, 0xffffff29, 0x7, 0x32a, 0xad95, 0x776, 0x9, 0xfffffffd, 0x8, 0x3, 0xa4c9, 0x1, 0x6, 0xb, 0x3, 0x101, 0x1, 0x0, 0x2, 0x1, 0x4, 0x0, 0x80000000, 0xfffffff8, 0x400, 0x5, 0x2, 0x40, 0xfffeffff, 0x541b]}]}}]}, 0x434}, 0x1, 0x0, 0x0, 0xb3538085985bb3d6}, 0x0) 2.17519ms ago: executing program 4 (id=2921): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010800040000000000010b04000008000300", @ANYRES32=r2, @ANYBLOB="28005080110001004abee33908f8eef16f162471f400000005000200020000000800030001ac0f00"], 0x44}}, 0x0) 1.97914ms ago: executing program 4 (id=2922): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1400000015000103000000001c0000000a"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0) readv(r0, &(0x7f0000000500)=[{&(0x7f0000000540)=""/4112, 0x1010}, {&(0x7f0000000400)=""/213, 0xac}], 0x2) 1.89513ms ago: executing program 4 (id=2923): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000500)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_link_settings={0x4d, 0x2, 0xf, 0x80, 0x0, 0x4, 0x0, 0x0, 0xfe, 0x4, [0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1], [0xfffffffc]}}) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000000000000000005000200fc0000000800050064000000050006"], 0x44}, 0x1, 0x0, 0x0, 0x4044851}, 0x0) 0s ago: executing program 1 (id=2924): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x8c, 0x2c, 0xd27, 0x70bd2a, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0xfff3}, {}, {0xb}}, [@filter_kind_options=@f_matchall={{0xd}, {0x58, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x2, 0x8ba4, 0x7, 0x100000a, 0x8}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x0) kernel console output (not intermixed with test programs): adm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 561.180744][ T30] audit: type=1400 audit(1781141127.738:201): avc: denied { unlink } for pid=2607 comm="syz-executor" name="file1" dev="loop7" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 561.221449][ T4063] overlayfs: failed to resolve './file0': -2 [ 561.269954][ T4065] loop7: detected capacity change from 0 to 256 [ 561.314483][ T4065] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 561.332889][ T4065] exFAT-fs (loop7): Medium has reported failures. Some data may be lost. [ 561.440996][ T4065] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 561.568120][ T2960] usb 9-1: new high-speed USB device number 6 using dummy_hcd [ 562.826637][ T4075] overlayfs: failed to resolve './file0': -2 [ 562.925415][ T4065] overlayfs: failed to resolve './file0': -2 [ 563.129306][ T2960] usb 9-1: config 1 has an invalid descriptor of length 237, skipping remainder of the config [ 563.154967][ T2960] usb 9-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 563.329371][ T2960] usb 9-1: New USB device found, idVendor=0582, idProduct=002b, bcdDevice= 0.40 [ 563.348679][ T2960] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 563.368865][ T2960] usb 9-1: Product: syz [ 563.378974][ T2960] usb 9-1: Manufacturer: syz [ 563.389220][ T2960] usb 9-1: SerialNumber: syz [ 567.930101][ T30] audit: type=1400 audit(1781141134.518:202): avc: denied { setopt } for pid=4088 comm="syz.6.1003" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 568.023280][ T4100] overlayfs: failed to resolve './file0': -2 [ 568.054618][ T4101] loop8: detected capacity change from 0 to 256 [ 568.097146][ T2960] usb 9-1: USB disconnect, device number 6 [ 568.142541][ T4099] loop7: detected capacity change from 0 to 256 [ 568.469387][ T2960] usb 9-1: new full-speed USB device number 7 using dummy_hcd [ 572.059434][ T30] audit: type=1400 audit(1781141138.648:203): avc: denied { listen } for pid=4113 comm="syz.4.1010" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 572.119231][ T30] audit: type=1400 audit(1781141138.698:204): avc: denied { connect } for pid=4113 comm="syz.4.1010" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 572.469251][ T30] audit: type=1400 audit(1781141139.008:205): avc: denied { connect } for pid=4118 comm="syz.6.1012" lport=5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 573.031039][ T4125] loop7: detected capacity change from 0 to 1024 [ 573.073250][ T4125] EXT4-fs (loop7): Test dummy encryption mode enabled [ 573.099256][ T4125] EXT4-fs (loop7): mounted filesystem without journal. Opts: test_dummy_encryption,i_version,noblock_validity,commit=0x0000000000000005,noinit_itable,max_batch_time=0x0000000000000000,abort,auto_da_alloc,lazytime,noauto_da_alloc,block_validity,,errors=continue. Quota mode: writeback. [ 573.709244][ T2960] usb 9-1: device descriptor read/64, error -32 [ 573.818853][ T4136] overlayfs: failed to resolve './file0': -2 [ 574.249449][ T4142] loop8: detected capacity change from 0 to 256 [ 575.884769][ T2960] usb 9-1: device descriptor read/64, error -71 [ 577.259199][ T2960] usb 9-1: new full-speed USB device number 8 using dummy_hcd [ 579.180763][ T4173] loop8: detected capacity change from 0 to 256 [ 579.349204][ T2960] usb 9-1: device descriptor read/64, error -71 [ 582.011053][ T4198] loop8: detected capacity change from 0 to 1024 [ 582.033227][ T4198] EXT4-fs (loop8): Test dummy encryption mode enabled [ 582.061816][ T4198] EXT4-fs (loop8): mounted filesystem without journal. Opts: test_dummy_encryption,i_version,noblock_validity,commit=0x0000000000000005,noinit_itable,max_batch_time=0x0000000000000000,abort,auto_da_alloc,lazytime,noauto_da_alloc,block_validity,,errors=continue. Quota mode: writeback. [ 586.152337][ T4223] loop7: detected capacity change from 0 to 512 [ 586.361642][ T4223] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 586.513936][ T4223] EXT4-fs (loop7): 1 truncate cleaned up [ 586.519720][ T4223] EXT4-fs (loop7): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,max_batch_time=0x0000000000000002,debug_want_extra_isize=0x000000000000006a,block_validity,errors=remount-ro,nombcache,. Quota mode: none. [ 586.639370][ T30] audit: type=1400 audit(1781141153.158:206): avc: denied { write } for pid=4218 comm="syz.7.1019" name="file1" dev="loop7" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 587.319216][ T30] audit: type=1400 audit(1781141153.168:207): avc: denied { ioctl } for pid=4218 comm="syz.7.1019" path="/61/file2/file1" dev="loop7" ino=15 ioctlcmd=0x5829 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 588.657729][ T4226] loop8: detected capacity change from 0 to 256 [ 588.762152][ T30] audit: type=1400 audit(1781141155.328:208): avc: denied { accept } for pid=4235 comm="syz.4.1041" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 589.196403][ T4239] loop7: detected capacity change from 0 to 256 [ 590.309916][ T4247] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1043'. [ 591.926671][ T4256] loop7: detected capacity change from 0 to 256 [ 593.548805][ T4269] loop8: detected capacity change from 0 to 256 [ 595.561983][ T4286] loop7: detected capacity change from 0 to 256 [ 598.279637][ T4298] loop8: detected capacity change from 0 to 256 [ 600.481537][ T4314] loop7: detected capacity change from 0 to 256 [ 601.074573][ T4323] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability [ 601.558451][ T30] audit: type=1400 audit(1781141168.138:209): avc: denied { write } for pid=4320 comm="syz.6.1065" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 601.579255][ T4321] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1065'. [ 603.120964][ T30] audit: type=1400 audit(1781141169.708:210): avc: denied { read } for pid=4345 comm="syz.8.1075" name="usbmon9" dev="devtmpfs" ino=182 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 603.212951][ T30] audit: type=1400 audit(1781141169.738:211): avc: denied { open } for pid=4345 comm="syz.8.1075" path="/dev/usbmon9" dev="devtmpfs" ino=182 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 603.339858][ T30] audit: type=1400 audit(1781141169.738:212): avc: denied { ioctl } for pid=4345 comm="syz.8.1075" path="/dev/usbmon9" dev="devtmpfs" ino=182 ioctlcmd=0x9201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 603.394611][ T4349] loop8: detected capacity change from 0 to 256 [ 604.004723][ T30] audit: type=1400 audit(1781141170.588:213): avc: denied { write } for pid=4351 comm="syz.7.1077" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 606.359220][ T42] usb 9-1: new full-speed USB device number 9 using dummy_hcd [ 607.647137][ T4366] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1080'. [ 607.975271][ T4374] loop8: detected capacity change from 0 to 256 [ 608.149199][ T42] usb 9-1: device descriptor read/64, error -71 [ 612.469186][ T42] usb 9-1: device descriptor read/64, error -71 [ 612.749176][ T42] usb 9-1: new full-speed USB device number 10 using dummy_hcd [ 613.049191][ T42] usb 9-1: device descriptor read/64, error -71 [ 613.569248][ T42] usb 9-1: device descriptor read/64, error -71 [ 613.689249][ T42] usb usb9-port1: attempt power cycle [ 614.099180][ T42] usb 9-1: new full-speed USB device number 11 using dummy_hcd [ 614.269220][ T42] usb 9-1: device descriptor read/8, error -71 [ 614.539323][ T42] usb 9-1: device descriptor read/8, error -71 [ 614.819170][ T42] usb 9-1: new full-speed USB device number 12 using dummy_hcd [ 614.989222][ T42] usb 9-1: device descriptor read/8, error -71 [ 615.183477][ T30] audit: type=1400 audit(1781141181.768:214): avc: denied { create } for pid=4411 comm="syz.6.1095" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 615.209203][ T42] usb 9-1: device descriptor read/8, error -71 [ 615.329272][ T42] usb usb9-port1: unable to enumerate USB device [ 616.632991][ T30] audit: type=1400 audit(1781141183.178:215): avc: denied { block_suspend } for pid=4448 comm="syz.0.1109" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 618.490386][ T30] audit: type=1400 audit(1781141185.078:216): avc: denied { create } for pid=4455 comm="syz.6.1120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 618.634070][ T30] audit: type=1400 audit(1781141185.098:217): avc: denied { bind } for pid=4455 comm="syz.6.1120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 618.719723][ T4462] overlayfs: failed to resolve './file0': -2 [ 618.760394][ T30] audit: type=1400 audit(1781141185.108:218): avc: denied { connect } for pid=4455 comm="syz.6.1120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 619.988778][ T4477] bridge0: port 1(bridge_slave_0) entered blocking state [ 620.162872][ T4477] bridge0: port 1(bridge_slave_0) entered disabled state [ 620.191837][ T4477] device bridge_slave_0 entered promiscuous mode [ 620.269959][ T4477] bridge0: port 2(bridge_slave_1) entered blocking state [ 620.277043][ T4477] bridge0: port 2(bridge_slave_1) entered disabled state [ 620.319685][ T4477] device bridge_slave_1 entered promiscuous mode [ 621.736546][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 621.744422][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 621.779568][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 621.787947][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 621.809375][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 621.816436][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 621.839249][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 621.847627][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 621.869357][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 621.876419][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 621.899287][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 621.907402][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 621.929433][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 621.937569][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 621.978190][ T4477] device veth0_vlan entered promiscuous mode [ 621.984675][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 621.999443][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 622.007788][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 622.029450][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 622.037388][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 622.075527][ T4477] device veth1_macvtap entered promiscuous mode [ 622.082342][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 622.090055][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 622.097516][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 622.129677][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 622.137924][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 622.167184][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 622.189473][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 622.197869][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 622.219455][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 622.356418][ T4508] loop9: detected capacity change from 0 to 1024 [ 622.430291][ T4508] EXT4-fs (loop9): Ignoring removed oldalloc option [ 622.489635][ T4508] EXT4-fs (loop9): mounted filesystem without journal. Opts: oldalloc,nodioread_nolock,sb=0x00000000000007ff,bsddf,journal_dev=0x0000000000000005,grpjquota=,noquota,,errors=continue. Quota mode: none. [ 622.519331][ T4508] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 622.672220][ T4513] loop9: detected capacity change from 0 to 256 [ 622.740395][ T4513] exFAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 622.760472][ T4513] exFAT-fs (loop9): Medium has reported failures. Some data may be lost. [ 622.781500][ T4513] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 622.899715][ T4513] overlayfs: failed to resolve './file0': -2 [ 624.242636][ T4534] overlayfs: failed to resolve './file0': -2 [ 630.229302][ T30] audit: type=1400 audit(1781141196.818:219): avc: denied { name_bind } for pid=4556 comm="syz.0.1146" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 630.234053][ T4567] loop8: detected capacity change from 0 to 1024 [ 630.313577][ T30] audit: type=1400 audit(1781141196.848:220): avc: denied { node_bind } for pid=4556 comm="syz.0.1146" saddr=224.0.0.1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 630.389609][ T4567] EXT4-fs (loop8): Ignoring removed bh option [ 630.425812][ T4580] loop9: detected capacity change from 0 to 4096 [ 630.510523][ T4567] EXT4-fs (loop8): mounted filesystem without journal. Opts: nodelalloc,dioread_lock,barrier=0x0000000000000004,nolazytime,debug_want_extra_isize=0x0000000000000080,lazytime,errors=remount-ro,stripe=0x0000000000000005,bh,init_itable,. Quota mode: none. [ 630.535012][ T4580] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 630.813061][ T4595] tipc: Started in network mode [ 630.907540][ T4595] tipc: Node identity ac14140f, cluster identity 4711 [ 631.012759][ T4595] tipc: Enabled bearer , priority 10 [ 631.230298][ T2913] EXT4-fs error (device loop8): ext4_read_inline_dir:1632: inode #12: block 7: comm syz-executor: path /65/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 631.680194][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 631.695304][ T2913] EXT4-fs error (device loop8): ext4_read_inline_dir:1632: inode #12: block 7: comm syz-executor: path /65/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 631.741463][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 631.756650][ T2913] EXT4-fs error (device loop8): empty_inline_dir:1887: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0 [ 632.460537][ T4607] netlink: 'syz.0.1163': attribute type 32 has an invalid length. [ 632.519506][ T30] audit: type=1400 audit(1781141199.048:221): avc: denied { write } for pid=4603 comm="syz.0.1163" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 632.601513][ T26] tipc: Node number set to 2886997007 [ 632.740380][ T30] audit: type=1400 audit(1781141199.048:222): avc: denied { nlmsg_write } for pid=4603 comm="syz.0.1163" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 632.761115][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 632.775547][ T4613] loop9: detected capacity change from 0 to 256 [ 632.785752][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 632.801371][ T2913] EXT4-fs error (device loop8): ext4_read_inline_dir:1632: inode #12: block 7: comm syz-executor: path /65/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 632.829378][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 632.836122][ T2913] EXT4-fs error (device loop8): ext4_read_inline_dir:1632: inode #12: block 7: comm syz-executor: path /65/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 632.914107][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 632.920832][ T2913] EXT4-fs error (device loop8): empty_inline_dir:1887: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0 [ 632.959705][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 632.964755][ T4613] FAT-fs (loop9): Directory bread(block 64) failed [ 632.966626][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 632.973716][ T4613] FAT-fs (loop9): Directory bread(block 65) failed [ 632.994184][ T2913] EXT4-fs error (device loop8): ext4_read_inline_dir:1632: inode #12: block 7: comm syz-executor: path /65/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 633.159501][ T4613] FAT-fs (loop9): Directory bread(block 66) failed [ 633.172632][ T4613] FAT-fs (loop9): Directory bread(block 67) failed [ 633.189368][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 633.202903][ T2913] EXT4-fs error (device loop8): ext4_read_inline_dir:1632: inode #12: block 7: comm syz-executor: path /65/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 633.273555][ T4613] FAT-fs (loop9): Directory bread(block 68) failed [ 633.336778][ T4613] FAT-fs (loop9): Directory bread(block 69) failed [ 633.399977][ T4613] FAT-fs (loop9): Directory bread(block 70) failed [ 633.440412][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 633.472696][ T4613] FAT-fs (loop9): Directory bread(block 71) failed [ 633.510917][ T2913] EXT4-fs error (device loop8): empty_inline_dir:1887: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0 [ 633.544409][ T4613] FAT-fs (loop9): Directory bread(block 72) failed [ 634.169265][ T4634] netlink: 'syz.0.1172': attribute type 32 has an invalid length. [ 634.494335][ T4613] FAT-fs (loop9): Directory bread(block 73) failed [ 635.532434][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 635.544562][ T45] device bridge_slave_1 left promiscuous mode [ 635.579914][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 635.594532][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 635.603930][ T4641] overlayfs: failed to resolve './file0': -2 [ 635.629634][ T45] device bridge_slave_0 left promiscuous mode [ 635.651295][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 635.655357][ T2913] EXT4-fs error (device loop8): ext4_read_inline_dir:1632: inode #12: block 7: comm syz-executor: path /65/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 635.680594][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 635.689486][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 635.703869][ T45] device veth1_macvtap left promiscuous mode [ 635.710855][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 635.712355][ T45] device veth0_vlan left promiscuous mode [ 635.732172][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 635.747213][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 635.880811][ T4649] netlink: 'syz.6.1177': attribute type 32 has an invalid length. [ 635.952115][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 636.809389][ T2913] EXT4-fs error: 14 callbacks suppressed [ 636.809407][ T2913] EXT4-fs error (device loop8): ext4_read_inline_dir:1632: inode #12: block 7: comm syz-executor: path /65/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 636.848693][ T2913] EXT4-fs: 14 callbacks suppressed [ 636.848709][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 636.916836][ T4657] netlink: 'syz.0.1179': attribute type 32 has an invalid length. [ 636.961736][ T4649] bridge0: port 1(bridge_slave_0) entered disabled state [ 636.970549][ T4649] bridge0: port 2(bridge_slave_1) entered disabled state [ 637.064001][ T2913] EXT4-fs error (device loop8): ext4_read_inline_dir:1632: inode #12: block 7: comm syz-executor: path /65/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 637.179182][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 637.186210][ T2913] EXT4-fs error (device loop8): empty_inline_dir:1887: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0 [ 637.206121][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 637.212855][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 637.227160][ T2913] EXT4-fs error (device loop8): ext4_read_inline_dir:1632: inode #12: block 7: comm syz-executor: path /65/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 637.242442][ T4662] loop9: detected capacity change from 0 to 256 [ 637.286766][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 637.298361][ T2913] EXT4-fs error (device loop8): ext4_read_inline_dir:1632: inode #12: block 7: comm syz-executor: path /65/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 637.321219][ T4662] FAT-fs (loop9): Directory bread(block 64) failed [ 637.328904][ T4662] FAT-fs (loop9): Directory bread(block 65) failed [ 637.335841][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 637.346004][ T2913] EXT4-fs error (device loop8): empty_inline_dir:1887: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0 [ 637.353727][ T4662] FAT-fs (loop9): Directory bread(block 66) failed [ 637.388026][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 637.394950][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 637.409543][ T2913] EXT4-fs error (device loop8): ext4_read_inline_dir:1632: inode #12: block 7: comm syz-executor: path /65/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 637.432303][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 637.438965][ T2913] EXT4-fs error (device loop8): ext4_read_inline_dir:1632: inode #12: block 7: comm syz-executor: path /65/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 637.504357][ T4662] FAT-fs (loop9): Directory bread(block 67) failed [ 637.511288][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 637.517922][ T4662] FAT-fs (loop9): Directory bread(block 68) failed [ 637.524764][ T2913] EXT4-fs error (device loop8): empty_inline_dir:1887: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0 [ 637.529235][ T4662] FAT-fs (loop9): Directory bread(block 69) failed [ 637.545031][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 637.879629][ T4662] FAT-fs (loop9): Directory bread(block 70) failed [ 637.886214][ T4662] FAT-fs (loop9): Directory bread(block 71) failed [ 637.892958][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 637.907784][ T4662] FAT-fs (loop9): Directory bread(block 72) failed [ 637.923068][ T4662] FAT-fs (loop9): Directory bread(block 73) failed [ 637.930002][ T2913] EXT4-fs error (device loop8): ext4_read_inline_dir:1632: inode #12: block 7: comm syz-executor: path /65/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 637.996296][ T2913] EXT4-fs (loop8): Remounting filesystem read-only [ 638.003512][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 638.028679][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 638.099692][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 638.115398][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 638.130512][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 638.146497][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 638.171689][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 638.710541][ T4685] tipc: Enabling of bearer rejected, already enabled [ 638.724012][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 638.752735][ T2913] EXT4-fs warning (device loop8): empty_inline_dir:1894: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 641.423670][ T4713] loop9: detected capacity change from 0 to 512 [ 641.455829][ T4713] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 641.499565][ T4713] EXT4-fs (loop9): 1 truncate cleaned up [ 641.507615][ T4713] EXT4-fs (loop9): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000003,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,nombcache,. Quota mode: none. [ 641.578808][ T30] audit: type=1400 audit(1781141208.158:223): avc: denied { read append open } for pid=4712 comm="syz.9.1204" path="/10/file2/cpu.stat" dev="loop9" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 641.607503][ T30] audit: type=1400 audit(1781141208.158:224): avc: denied { ioctl } for pid=4712 comm="syz.9.1204" path="/10/file2/cpu.stat" dev="loop9" ino=18 ioctlcmd=0x583b scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 642.011346][ T909] device bridge_slave_1 left promiscuous mode [ 642.025858][ T909] bridge0: port 2(bridge_slave_1) entered disabled state [ 644.144581][ T30] audit: type=1400 audit(1781141210.728:225): avc: denied { watch } for pid=4763 comm="syz.6.1224" path="/250" dev="tmpfs" ino=1370 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 644.167368][ T4764] overlayfs: failed to clone upperpath [ 644.173421][ T30] audit: type=1400 audit(1781141210.748:226): avc: denied { create } for pid=4768 comm="syz.4.1226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 645.618910][ T909] device bridge_slave_0 left promiscuous mode [ 645.627946][ T909] bridge0: port 1(bridge_slave_0) entered disabled state [ 645.640915][ T909] device veth1_macvtap left promiscuous mode [ 645.646985][ T909] device veth0_vlan left promiscuous mode [ 645.708857][ T4781] overlayfs: failed to clone upperpath [ 645.937549][ T4799] bridge0: port 1(bridge_slave_0) entered blocking state [ 645.950629][ T4799] bridge0: port 1(bridge_slave_0) entered disabled state [ 645.968153][ T4799] device bridge_slave_0 entered promiscuous mode [ 646.069974][ T4799] bridge0: port 2(bridge_slave_1) entered blocking state [ 646.133083][ T4799] bridge0: port 2(bridge_slave_1) entered disabled state [ 646.176434][ T4799] device bridge_slave_1 entered promiscuous mode [ 646.539228][ T30] audit: type=1400 audit(1781141213.038:227): avc: denied { remount } for pid=4814 comm="syz.4.1244" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 647.147923][ T4800] loop9: detected capacity change from 0 to 40427 [ 647.381551][ T4828] netlink: 'syz.6.1247': attribute type 32 has an invalid length. [ 648.294185][ T4800] F2FS-fs (loop9): invalid crc value [ 648.336644][ T4800] F2FS-fs (loop9): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 648.356773][ T30] audit: type=1400 audit(1781141214.938:228): avc: denied { mount } for pid=4834 comm="syz.4.1251" name="/" dev="ramfs" ino=29125 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 648.379633][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 648.406780][ T4800] F2FS-fs (loop9): Start checkpoint disabled! [ 648.413984][ T4800] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6 [ 648.461398][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 648.482059][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 649.659700][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 649.695044][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 649.702156][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 649.729225][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 649.737299][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 649.745755][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 649.754367][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 649.761701][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 649.775767][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 649.784031][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 649.811897][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 649.862865][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 650.030386][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 650.109316][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 650.152747][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 650.162519][ T4855] loop9: detected capacity change from 0 to 256 [ 650.180389][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 650.198026][ T4799] device veth0_vlan entered promiscuous mode [ 650.206519][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 650.221220][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 650.245532][ T4799] device veth1_macvtap entered promiscuous mode [ 650.254290][ T4855] FAT-fs (loop9): Directory bread(block 64) failed [ 650.258136][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 650.275320][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 650.279196][ T4855] FAT-fs (loop9): Directory bread(block 65) failed [ 650.291876][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 650.299243][ T4855] FAT-fs (loop9): Directory bread(block 66) failed [ 650.308148][ T4855] FAT-fs (loop9): Directory bread(block 67) failed [ 650.318236][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 650.326255][ T4855] FAT-fs (loop9): Directory bread(block 68) failed [ 650.326284][ T4855] FAT-fs (loop9): Directory bread(block 69) failed [ 650.326337][ T4855] FAT-fs (loop9): Directory bread(block 70) failed [ 650.347595][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 650.355911][ T4855] FAT-fs (loop9): Directory bread(block 71) failed [ 650.365508][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 650.369322][ T4855] FAT-fs (loop9): Directory bread(block 72) failed [ 650.383472][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 650.389271][ T4855] FAT-fs (loop9): Directory bread(block 73) failed [ 650.406455][ T30] audit: type=1400 audit(1781141216.988:229): avc: denied { mounton } for pid=4799 comm="syz-executor" path="/root/syzkaller.8qTVuG/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 650.471947][ T4857] loop2: detected capacity change from 0 to 256 [ 651.366724][ T4857] FAT-fs (loop2): Directory bread(block 64) failed [ 651.388139][ T4857] FAT-fs (loop2): Directory bread(block 65) failed [ 651.400456][ T4857] FAT-fs (loop2): Directory bread(block 66) failed [ 651.407351][ T4857] FAT-fs (loop2): Directory bread(block 67) failed [ 651.414306][ T4857] FAT-fs (loop2): Directory bread(block 68) failed [ 651.425251][ T4857] FAT-fs (loop2): Directory bread(block 69) failed [ 651.432068][ T4857] FAT-fs (loop2): Directory bread(block 70) failed [ 651.439734][ T4857] FAT-fs (loop2): Directory bread(block 71) failed [ 651.446575][ T4857] FAT-fs (loop2): Directory bread(block 72) failed [ 651.514394][ T4879] netlink: 'syz.0.1262': attribute type 32 has an invalid length. [ 651.546086][ T4879] bridge0: port 1(bridge_slave_0) entered disabled state [ 651.554963][ T4879] bridge0: port 2(bridge_slave_1) entered disabled state [ 651.798919][ T4857] FAT-fs (loop2): Directory bread(block 73) failed [ 652.937326][ T4892] netlink: 'syz.0.1267': attribute type 32 has an invalid length. [ 653.816886][ T4907] netlink: 'syz.2.1271': attribute type 32 has an invalid length. [ 653.831142][ T4907] bridge0: port 1(bridge_slave_0) entered disabled state [ 653.838913][ T4907] bridge0: port 2(bridge_slave_1) entered disabled state [ 653.879629][ T30] audit: type=1400 audit(1781141220.398:230): avc: denied { read } for pid=4899 comm="syz.2.1271" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 653.932582][ T30] audit: type=1400 audit(1781141220.398:231): avc: denied { open } for pid=4899 comm="syz.2.1271" path="/dev/ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 654.005262][ T30] audit: type=1400 audit(1781141220.588:232): avc: denied { mounton } for pid=4914 comm="syz.4.1277" path="/281/bus" dev="tmpfs" ino=1583 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 656.791493][ T4966] netlink: 'syz.4.1289': attribute type 32 has an invalid length. [ 656.806235][ T4966] bridge0: port 1(bridge_slave_0) entered disabled state [ 656.814097][ T4966] bridge0: port 2(bridge_slave_1) entered disabled state [ 657.304819][ T4963] loop2: detected capacity change from 0 to 128 [ 658.868374][ T4982] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1300'. [ 658.948584][ T4963] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 660.048631][ T5003] netlink: 'syz.0.1306': attribute type 32 has an invalid length. [ 661.259093][ T5006] netlink: 'syz.6.1308': attribute type 32 has an invalid length. [ 662.759842][ T5014] netlink: 'syz.0.1309': attribute type 32 has an invalid length. [ 664.214242][ T5024] netlink: 'syz.6.1312': attribute type 32 has an invalid length. [ 664.262170][ T5028] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1317'. [ 664.291740][ T5034] loop2: detected capacity change from 0 to 512 [ 667.179282][ T5034] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 667.403420][ T5034] EXT4-fs (loop2): 1 truncate cleaned up [ 667.412621][ T5034] EXT4-fs (loop2): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,jqfmt=vfsv0,stripe=0x0000000000004000,errors=remount-ro,max_batch_time=0x0000000000000004,. Quota mode: none. [ 669.453517][ T5076] loop2: detected capacity change from 0 to 512 [ 669.616706][ T5085] loop2: detected capacity change from 0 to 512 [ 670.029437][ T5085] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 670.060669][ T5085] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 670.106626][ T5085] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,barrier=0x000000000000000d,minixdf,stripe=0x0000000000000b74,resuid=0x0000000000000000,nomblk_io_submit,grpjquota=,i_version,,errors=continue. Quota mode: writeback. [ 670.194010][ T5085] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 670.255819][ T30] audit: type=1400 audit(1781141236.838:233): avc: denied { read } for pid=5084 comm="syz.2.1335" name="file1" dev="loop2" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 670.715941][ T5121] loop2: detected capacity change from 0 to 512 [ 670.794203][ T5121] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 670.805370][ T5119] tipc: Started in network mode [ 670.811969][ T5119] tipc: Node identity ac14140f, cluster identity 4711 [ 670.819191][ T5119] tipc: Enabled bearer , priority 10 [ 670.844982][ T5121] EXT4-fs (loop2): 1 truncate cleaned up [ 670.912059][ T5121] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000003,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,nombcache,. Quota mode: none. [ 671.517532][ T5146] netlink: 'syz.6.1353': attribute type 32 has an invalid length. [ 671.691183][ T5148] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1359'. [ 671.852844][ T30] audit: type=1400 audit(1781141238.438:234): avc: denied { getopt } for pid=5151 comm="syz.4.1362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 671.981892][ T642] tipc: Node number set to 2886997007 [ 673.372458][ T5179] netlink: 'syz.4.1372': attribute type 32 has an invalid length. [ 673.508790][ T5160] loop2: detected capacity change from 0 to 40427 [ 673.525832][ T5160] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 673.542169][ T5160] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 673.615725][ T5160] F2FS-fs (loop2): invalid crc value [ 673.629060][ T5160] F2FS-fs (loop2): Ignore s_resuid=0, s_resgid=65535 w/o reserve_root and reserve_node [ 673.676146][ T5193] tipc: Started in network mode [ 673.681567][ T5193] tipc: Node identity ac14140f, cluster identity 4711 [ 673.691163][ T5193] tipc: Enabled bearer , priority 10 [ 673.726413][ T5160] F2FS-fs (loop2): Found nat_bits in checkpoint [ 674.339991][ T5160] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 674.354013][ T5160] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 674.748464][ T4799] attempt to access beyond end of device [ 674.748464][ T4799] loop2: rw=2049, want=45104, limit=40427 [ 674.846821][ T5244] overlayfs: failed to clone upperpath [ 674.978742][ T317] tipc: Node number set to 2886997007 [ 675.230029][ T30] audit: type=1400 audit(1781141241.818:235): avc: denied { unmount } for pid=4799 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 675.311199][ T5283] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1411'. [ 675.504348][ T5285] loop2: detected capacity change from 0 to 256 [ 675.515370][ T30] audit: type=1400 audit(1781141241.878:236): avc: denied { bind } for pid=5264 comm="syz.6.1411" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 675.600933][ T30] audit: type=1400 audit(1781141241.878:237): avc: denied { node_bind } for pid=5264 comm="syz.6.1411" saddr=fe88::7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 675.629731][ T5285] exfat: Bad value for 'uid' [ 678.482386][ T5328] netlink: 'syz.6.1435': attribute type 32 has an invalid length. [ 678.815549][ T5323] loop2: detected capacity change from 0 to 4096 [ 678.847215][ T5323] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 683.766241][ T5355] netlink: 'syz.0.1441': attribute type 32 has an invalid length. [ 683.909575][ T5358] loop2: detected capacity change from 0 to 512 [ 683.965188][ T5358] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 683.976479][ T5358] ext4 filesystem being mounted at /29/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 690.085507][ T30] audit: type=1400 audit(1781141254.178:238): avc: denied { getopt } for pid=5404 comm="syz.4.1465" lport=141 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 690.227377][ T5414] overlayfs: failed to clone upperpath [ 692.105992][ T5451] netlink: 'syz.0.1477': attribute type 32 has an invalid length. [ 692.123207][ T5451] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 692.427479][ T5454] netlink: 'syz.6.1481': attribute type 32 has an invalid length. [ 693.166783][ T5431] loop2: detected capacity change from 0 to 40427 [ 693.229632][ T5431] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 693.237433][ T5431] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 693.330374][ T5431] F2FS-fs (loop2): invalid crc value [ 693.760161][ T5431] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-4) [ 697.333151][ T5482] netlink: 'syz.6.1489': attribute type 32 has an invalid length. [ 703.233536][ T5506] loop2: detected capacity change from 0 to 512 [ 703.331797][ T5506] EXT4-fs (loop2): Test dummy encryption mode enabled [ 703.422516][ T5512] overlayfs: failed to clone upperpath [ 703.451236][ T5506] EXT4-fs error (device loop2): ext4_orphan_get:1406: inode #15: comm syz.2.1496: inode has both inline data and extents flags [ 703.641735][ T5506] EXT4-fs error (device loop2): ext4_orphan_get:1411: comm syz.2.1496: couldn't read orphan inode 15 (err -117) [ 703.674354][ T5506] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: writeback. [ 704.199311][ T5529] loop2: detected capacity change from 0 to 1024 [ 706.039297][ T5529] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 706.106961][ T5529] EXT4-fs (loop2): Errors on filesystem, clearing orphan list. [ 706.130583][ T5529] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000100,quota,,errors=continue. Quota mode: writeback. [ 706.172442][ T5529] EXT4-fs (loop2): re-mounted. Opts: (null). Quota mode: writeback. [ 706.179544][ T30] audit: type=1400 audit(1781141272.748:239): avc: denied { remount } for pid=5528 comm="syz.2.1505" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 712.303098][ T5576] loop2: detected capacity change from 0 to 512 [ 716.165235][ T5590] netlink: 'syz.4.1523': attribute type 32 has an invalid length. [ 716.886413][ T30] audit: type=1400 audit(1781141283.468:240): avc: denied { create } for pid=5595 comm="syz.2.1524" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1 [ 718.182097][ T5603] loop2: detected capacity change from 0 to 128 [ 719.120378][ T5603] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 719.223404][ T5603] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 719.234923][ T5603] ext2 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 719.837677][ T5620] loop2: detected capacity change from 0 to 512 [ 719.920025][ T5620] EXT4-fs (loop2): Test dummy encryption mode enabled [ 719.978272][ T5620] EXT4-fs error (device loop2): ext4_orphan_get:1406: inode #15: comm syz.2.1532: inode has both inline data and extents flags [ 720.000009][ T5620] EXT4-fs error (device loop2): ext4_orphan_get:1411: comm syz.2.1532: couldn't read orphan inode 15 (err -117) [ 720.019713][ T5620] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: writeback. [ 720.570305][ T5611] overlayfs: failed to clone upperpath [ 720.590400][ T5611] overlayfs: failed to clone upperpath [ 723.755074][ T5657] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1543'. [ 727.901665][ T5678] loop2: detected capacity change from 0 to 512 [ 727.945341][ T5678] EXT4-fs (loop2): Test dummy encryption mode enabled [ 728.052919][ T5678] EXT4-fs error (device loop2): ext4_orphan_get:1406: inode #15: comm syz.2.1552: inode has both inline data and extents flags [ 728.069415][ T5678] EXT4-fs error (device loop2): ext4_orphan_get:1411: comm syz.2.1552: couldn't read orphan inode 15 (err -117) [ 728.086582][ T5678] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: writeback. [ 728.458922][ T5697] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1558'. [ 733.523135][ T5754] loop2: detected capacity change from 0 to 256 [ 733.733091][ T5754] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 735.676113][ T5786] loop2: detected capacity change from 0 to 256 [ 735.740359][ T5786] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 735.751051][ T5786] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 735.766865][ T5786] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c91aa, utbl_chksum : 0xe619d30d) [ 737.113418][ T5805] loop2: detected capacity change from 0 to 512 [ 737.262787][ T5805] EXT4-fs (loop2): Test dummy encryption mode enabled [ 737.336523][ T5805] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 737.869618][ T5805] EXT4-fs error (device loop2): ext4_orphan_get:1432: comm syz.2.1594: bad orphan inode 131083 [ 737.899655][ T5805] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,noauto_da_alloc,noload,,errors=continue. Quota mode: none. [ 739.770270][ T5781] overlayfs: failed to clone upperpath [ 739.778842][ T5829] fuse: Bad value for 'fd' [ 739.853987][ T5841] overlayfs: missing 'lowerdir' [ 739.879048][ T5847] tipc: Enabling of bearer rejected, already enabled [ 747.838482][ T5900] loop2: detected capacity change from 0 to 512 [ 747.925579][ T5900] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 747.966207][ T5900] EXT4-fs (loop2): 1 truncate cleaned up [ 748.042613][ T5913] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1628'. [ 748.093661][ T5900] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000003,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,nombcache,. Quota mode: none. [ 755.538295][ T5966] 9pnet: Insufficient options for proto=fd [ 759.380892][ T6012] IPv6: NLM_F_CREATE should be specified when creating new route [ 759.886751][ T6027] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1671'. [ 767.569168][ T30] audit: type=1400 audit(1781141334.008:241): avc: denied { write } for pid=6095 comm="syz.0.1695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 767.797178][ T6067] loop2: detected capacity change from 0 to 40427 [ 767.806636][ T30] audit: type=1400 audit(1781141334.018:242): avc: denied { read } for pid=6095 comm="syz.0.1695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 768.110669][ T6117] loop2: detected capacity change from 0 to 256 [ 768.410796][ T6117] FAT-fs (loop2): Directory bread(block 64) failed [ 768.417475][ T6117] FAT-fs (loop2): Directory bread(block 65) failed [ 768.424180][ T6117] FAT-fs (loop2): Directory bread(block 66) failed [ 768.430782][ T6117] FAT-fs (loop2): Directory bread(block 67) failed [ 768.437453][ T6117] FAT-fs (loop2): Directory bread(block 68) failed [ 768.444046][ T6117] FAT-fs (loop2): Directory bread(block 69) failed [ 768.450835][ T6117] FAT-fs (loop2): Directory bread(block 70) failed [ 768.457413][ T6117] FAT-fs (loop2): Directory bread(block 71) failed [ 768.464315][ T6117] FAT-fs (loop2): Directory bread(block 72) failed [ 768.471083][ T6117] FAT-fs (loop2): Directory bread(block 73) failed [ 769.287519][ T6121] IPv6: NLM_F_CREATE should be specified when creating new route [ 769.760865][ T6107] overlayfs: failed to clone upperpath [ 770.508630][ T6147] loop2: detected capacity change from 0 to 256 [ 770.607977][ T6147] FAT-fs (loop2): Directory bread(block 64) failed [ 770.614654][ T6147] FAT-fs (loop2): Directory bread(block 65) failed [ 770.621496][ T6147] FAT-fs (loop2): Directory bread(block 66) failed [ 770.628073][ T6147] FAT-fs (loop2): Directory bread(block 67) failed [ 770.634758][ T6147] FAT-fs (loop2): Directory bread(block 68) failed [ 770.641366][ T6147] FAT-fs (loop2): Directory bread(block 69) failed [ 770.648035][ T6147] FAT-fs (loop2): Directory bread(block 70) failed [ 770.654624][ T6147] FAT-fs (loop2): Directory bread(block 71) failed [ 770.661326][ T6147] FAT-fs (loop2): Directory bread(block 72) failed [ 770.667898][ T6147] FAT-fs (loop2): Directory bread(block 73) failed [ 772.059167][ T3398] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 772.156817][ T6161] IPv6: NLM_F_CREATE should be specified when creating new route [ 772.349152][ T3398] usb 3-1: Using ep0 maxpacket: 8 [ 772.469200][ T3398] usb 3-1: config 32 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 772.492879][ T3398] usb 3-1: config 32 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0 [ 772.523617][ T3398] usb 3-1: config 32 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 772.566645][ T3398] usb 3-1: config 32 interface 0 has no altsetting 0 [ 772.779314][ T3398] usb 3-1: New USB device found, idVendor=0000, idProduct=b600, bcdDevice=ef.df [ 772.796166][ T3398] usb 3-1: New USB device strings: Mfr=40, Product=120, SerialNumber=0 [ 772.827246][ T3398] usb 3-1: Product: syz [ 772.841975][ T3398] usb 3-1: Manufacturer: syz [ 774.079200][ T3398] usbhid 3-1:32.0: can't add hid device: -71 [ 774.085576][ T3398] usbhid: probe of 3-1:32.0 failed with error -71 [ 774.122607][ T3398] usb 3-1: USB disconnect, device number 6 [ 775.526914][ T6203] tmpfs: Unknown parameter 'n00000000000000000000' [ 779.317117][ T6232] loop2: detected capacity change from 0 to 131072 [ 779.459720][ T6232] F2FS-fs (loop2): Test dummy encryption mode enabled [ 779.485079][ T6232] F2FS-fs (loop2): invalid crc value [ 779.601041][ T6232] F2FS-fs (loop2): Found nat_bits in checkpoint [ 779.887967][ T6232] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 780.909868][ T6265] fuse: Unknown parameter '0xffffffffffffffff' [ 782.639541][ T6299] loop2: detected capacity change from 0 to 128 [ 782.754966][ T6299] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 787.004102][ T6384] cgroup: fork rejected by pids controller in /syz4 [ 787.342538][ T6387] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1792'. [ 787.379689][ T6387] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1792'. [ 788.951668][ T6404] loop2: detected capacity change from 0 to 512 [ 789.022812][ T6404] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 789.190617][ T6404] EXT4-fs (loop2): 1 truncate cleaned up [ 789.196776][ T6404] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000003,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,nombcache,. Quota mode: none. [ 790.862314][ T6427] loop2: detected capacity change from 0 to 128 [ 790.979992][ T6427] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 793.720215][ T6456] loop2: detected capacity change from 0 to 128 [ 794.789162][ T6456] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 798.650596][ T6500] loop2: detected capacity change from 0 to 40427 [ 798.705393][ T6500] F2FS-fs (loop2): Invalid log_blocksize (64), supports only 12 [ 798.749303][ T6500] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 798.757688][ T6500] F2FS-fs (loop2): Unrecognized mount option "backgrond_gc=on" or missing value [ 800.011145][ T6634] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1841'. [ 800.059893][ T6634] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1841'. [ 809.195268][ T6717] overlayfs: failed to clone upperpath [ 815.466799][ T6892] IPv6: NLM_F_CREATE should be specified when creating new route [ 815.760570][ T6902] 9pnet: Insufficient options for proto=fd [ 815.774956][ T30] audit: type=1400 audit(1781141382.298:243): avc: denied { bind } for pid=6899 comm="syz.4.1894" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 815.954467][ T6894] loop2: detected capacity change from 0 to 40427 [ 815.979746][ T6894] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 815.987561][ T6894] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 816.120447][ T6894] F2FS-fs (loop2): invalid crc value [ 816.359447][ T6894] F2FS-fs (loop2): Found nat_bits in checkpoint [ 816.493742][ T6894] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 816.509131][ T6894] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 816.628847][ T6894] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 819.485082][ T6950] 9pnet: Could not find request transport: fd0x0000000000000003 [ 820.970323][ T6983] tmpfs: Unknown parameter 'n00000000000000000000' [ 823.518864][ T7012] tmpfs: Unknown parameter 'nr_blo00000000000000000000' [ 824.878542][ T7026] 9pnet: Insufficient options for proto=fd [ 825.990747][ T7048] IPv6: NLM_F_CREATE should be specified when creating new route [ 833.811400][ T7113] loop2: detected capacity change from 0 to 128 [ 833.834381][ T7113] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 833.869713][ T7113] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 833.888919][ T7113] ext2 filesystem being mounted at /101/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 834.290917][ T30] audit: type=1400 audit(1781141400.878:244): avc: denied { write } for pid=7112 comm="syz.2.1965" path="/101/file1/file1" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 834.550279][ T30] audit: type=1400 audit(1781141401.118:245): avc: denied { create } for pid=7112 comm="syz.2.1965" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=fifo_file permissive=1 [ 834.893250][ T7135] loop2: detected capacity change from 0 to 1024 [ 835.122727][ T7135] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 836.043696][ T7167] loop2: detected capacity change from 0 to 40427 [ 836.142032][ T7167] F2FS-fs (loop2): Invalid log_blocksize (64), supports only 12 [ 836.155238][ T7167] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 836.171199][ T7167] F2FS-fs (loop2): Unrecognized mount option "backgrond_gc=on" or missing value [ 838.139761][ T7186] device syzkaller0 entered promiscuous mode [ 838.152409][ T30] audit: type=1400 audit(1781141404.738:246): avc: denied { ioctl } for pid=7185 comm="syz.2.1989" path="socket:[35187]" dev="sockfs" ino=35187 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 839.240515][ T7195] loop2: detected capacity change from 0 to 40427 [ 839.307281][ T7195] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 839.321461][ T7195] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 839.340077][ T7195] F2FS-fs (loop2): invalid crc value [ 839.450359][ T7214] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1995'. [ 839.637131][ T7195] F2FS-fs (loop2): Found nat_bits in checkpoint [ 839.852882][ T7195] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 839.866201][ T7195] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 840.120264][ T7198] overlayfs: failed to clone upperpath [ 840.134019][ T7198] overlayfs: failed to clone upperpath [ 840.137694][ T7195] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 845.933065][ T7310] overlayfs: failed to clone upperpath [ 845.942811][ T7310] overlayfs: failed to clone upperpath [ 845.967149][ T7313] overlayfs: failed to clone upperpath [ 846.018615][ T7313] overlayfs: failed to clone upperpath [ 847.482085][ T7344] loop2: detected capacity change from 0 to 40427 [ 847.561530][ T7344] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 847.581663][ T7344] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 847.598325][ T7344] F2FS-fs (loop2): invalid crc value [ 847.617580][ T7344] F2FS-fs (loop2): Found nat_bits in checkpoint [ 847.664734][ T7344] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 847.677319][ T7344] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 847.846661][ T7344] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 847.879893][ T7346] overlayfs: failed to clone upperpath [ 848.074553][ T7346] overlayfs: failed to clone upperpath [ 848.699710][ T7370] loop2: detected capacity change from 0 to 512 [ 848.823910][ T7370] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 848.869622][ T7370] EXT4-fs (loop2): Unrecognized mount option "context" or missing value [ 850.637803][ T7370] loop2: detected capacity change from 0 to 131072 [ 850.913684][ T7370] F2FS-fs (loop2): invalid crc value [ 850.950456][ T7370] F2FS-fs (loop2): Found nat_bits in checkpoint [ 851.065545][ T7370] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 851.294075][ T7367] F2FS-fs (loop2): Corrupted max_depth of 3: 16842753 [ 854.401085][ T7463] loop2: detected capacity change from 0 to 128 [ 854.518966][ T7463] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 854.550143][ T7472] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2079'. [ 854.565887][ T7472] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2079'. [ 855.082727][ T7463] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 855.184257][ T7463] ext2 filesystem being mounted at /111/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 855.200791][ T7480] netlink: 24 bytes leftover after parsing attributes in process `syz.9.2082'. [ 855.234073][ T7480] netlink: 24 bytes leftover after parsing attributes in process `syz.9.2082'. [ 858.739981][ T7621] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2094'. [ 858.759595][ T7621] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2094'. [ 860.000318][ T7738] capability: warning: `syz.6.2100' uses 32-bit capabilities (legacy support in use) [ 860.842139][ T7745] loop2: detected capacity change from 0 to 40427 [ 861.189649][ T7745] F2FS-fs (loop2): Invalid log_blocksize (64), supports only 12 [ 861.212606][ T7745] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 861.236641][ T7745] F2FS-fs (loop2): Unrecognized mount option "backgrond_gc=on" or missing value [ 861.915749][ T7756] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2106'. [ 861.925343][ T7756] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2106'. [ 868.938169][ T7834] loop2: detected capacity change from 0 to 131072 [ 869.145204][ T7834] F2FS-fs (loop2): Test dummy encryption mode enabled [ 869.153210][ T7834] F2FS-fs (loop2): invalid crc value [ 869.160480][ T7834] F2FS-fs (loop2): Found nat_bits in checkpoint [ 869.481569][ T7834] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 870.419299][ T7878] overlayfs: failed to clone upperpath [ 870.444816][ T30] audit: type=1400 audit(1781141437.028:247): avc: denied { mount } for pid=7879 comm="syz.0.2145" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 870.654354][ T7891] loop2: detected capacity change from 0 to 1024 [ 870.765186][ T7891] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 871.257738][ T7911] netlink: 104 bytes leftover after parsing attributes in process `syz.9.2153'. [ 871.556612][ T7917] input: syz1 as /devices/virtual/input/input5 [ 871.564155][ T30] audit: type=1400 audit(1781141438.158:248): avc: denied { read } for pid=86 comm="acpid" name="event3" dev="devtmpfs" ino=1452 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 871.636759][ T30] audit: type=1400 audit(1781141438.158:249): avc: denied { open } for pid=86 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1452 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 871.663361][ T7919] loop2: detected capacity change from 0 to 512 [ 871.719742][ T7919] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 871.736905][ T30] audit: type=1400 audit(1781141438.158:250): avc: denied { ioctl } for pid=86 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1452 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 871.773237][ T7919] EXT4-fs (loop2): 1 truncate cleaned up [ 871.790515][ T30] audit: type=1400 audit(1781141438.258:251): avc: denied { read } for pid=7916 comm="syz.2.2156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 871.801174][ T7919] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 881.696758][ T8085] loop2: detected capacity change from 0 to 128 [ 881.781882][ T8085] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 881.802891][ T8085] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 881.813885][ T8085] ext2 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 889.636614][ T8188] loop2: detected capacity change from 0 to 40427 [ 889.733929][ T8188] F2FS-fs (loop2): Invalid log_blocksize (64), supports only 12 [ 889.759116][ T8188] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 889.776150][ T8188] F2FS-fs (loop2): Unrecognized mount option "backgrond_gc=on" or missing value [ 889.928511][ T8188] loop2: detected capacity change from 0 to 256 [ 890.017102][ T8188] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 892.991614][ T8225] overlayfs: failed to clone upperpath [ 893.346960][ T8235] xt_hashlimit: size too large, truncated to 1048576 [ 893.854869][ T8247] xt_hashlimit: size too large, truncated to 1048576 [ 894.424553][ T30] audit: type=1400 audit(1781141461.008:252): avc: denied { create } for pid=8252 comm="syz.0.2262" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 894.573703][ T8255] mmap: syz.0.2262 (8255): VmData 17715200 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 895.781525][ T8251] loop2: detected capacity change from 0 to 40427 [ 896.910593][ T30] audit: type=1400 audit(1781141463.438:253): avc: denied { shutdown } for pid=8272 comm="syz.0.2270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 898.245897][ T8251] F2FS-fs (loop2): Invalid log_blocksize (64), supports only 12 [ 900.719461][ T8251] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 900.758402][ T8251] F2FS-fs (loop2): Unrecognized mount option "backgrond_gc=on" or missing value [ 900.800827][ T8289] overlayfs: failed to clone upperpath [ 902.357798][ T8306] xt_hashlimit: size too large, truncated to 1048576 [ 905.246272][ T8346] loop2: detected capacity change from 0 to 4096 [ 905.299895][ T8346] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 905.431901][ T8351] loop2: detected capacity change from 0 to 2048 [ 905.480712][ T8351] EXT4-fs (loop2): mounted filesystem without journal. Opts: abort,block_validity,grpid,,errors=continue. Quota mode: writeback. [ 905.539167][ T8351] ext4 filesystem being mounted at /146/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 909.588134][ T8497] loop2: detected capacity change from 0 to 512 [ 909.680046][ T8497] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 909.723987][ T8497] ext4 filesystem being mounted at /154/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 912.759209][ T8554] input: syz1 as /devices/virtual/input/input6 [ 912.853057][ T8558] loop2: detected capacity change from 0 to 512 [ 913.009112][ T8558] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 913.398639][ T8558] EXT4-fs (loop2): 1 truncate cleaned up [ 913.415043][ T8558] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 916.087004][ T8595] device syzkaller0 entered promiscuous mode [ 917.096553][ T30] audit: type=1400 audit(1781141483.678:254): avc: denied { unlink } for pid=8716 comm="syz.2.2352" name="#19" dev="tmpfs" ino=914 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 917.694111][ T8728] loop2: detected capacity change from 0 to 256 [ 917.743918][ T8728] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 921.505584][ T30] audit: type=1400 audit(1781141487.088:255): avc: denied { setopt } for pid=8966 comm="syz.2.2370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 921.590587][ T30] audit: type=1400 audit(1781141487.108:256): avc: denied { bind } for pid=8966 comm="syz.2.2370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 921.867366][ T8990] input: syz1 as /devices/virtual/input/input7 [ 922.837776][ T8990] loop2: detected capacity change from 0 to 512 [ 922.949964][ T8990] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 923.073247][ T8990] EXT4-fs (loop2): 1 truncate cleaned up [ 923.079187][ T8990] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 925.939452][ T9042] loop2: detected capacity change from 0 to 256 [ 925.970078][ T9042] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 927.431591][ T9061] loop2: detected capacity change from 0 to 128 [ 927.469944][ T9061] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 927.552250][ T9061] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 927.606345][ T9061] ext2 filesystem being mounted at /177/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 932.480755][ T30] audit: type=1400 audit(1781141499.068:257): avc: denied { unmount } for pid=4799 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 936.409062][ T9475] overlayfs: failed to resolve './file1': -2 [ 937.469448][ T9591] cgroup: fork rejected by pids controller in /syz6 [ 938.097029][ T9697] loop2: detected capacity change from 0 to 40427 [ 938.222289][ T9697] F2FS-fs (loop2): Invalid log_blocksize (64), supports only 12 [ 938.245747][ T9697] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 938.273969][ T9697] F2FS-fs (loop2): Unrecognized mount option "backgrond_gc=on" or missing value [ 938.548109][ T9835] overlayfs: failed to clone upperpath [ 938.593845][ T9697] loop2: detected capacity change from 0 to 256 [ 938.635308][ T9697] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 938.658889][ T9837] /dev/loop0: Can't open blockdev [ 941.710376][ T9867] input: syz1 as /devices/virtual/input/input8 [ 941.836949][ T9868] loop2: detected capacity change from 0 to 512 [ 941.880086][ T9868] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 941.929910][ T9868] EXT4-fs (loop2): 1 truncate cleaned up [ 941.937696][ T9868] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 942.791511][ T9899] /dev/loop0: Can't open blockdev [ 945.510517][ T9921] overlayfs: failed to clone upperpath [ 945.545626][ T30] audit: type=1400 audit(1781141512.128:258): avc: denied { bind } for pid=9924 comm="syz.2.2495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 945.579265][ T30] audit: type=1400 audit(1781141512.158:259): avc: denied { setopt } for pid=9924 comm="syz.2.2495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 945.870279][ T9929] loop2: detected capacity change from 0 to 40427 [ 945.930406][ T9929] F2FS-fs (loop2): Invalid log_blocksize (64), supports only 12 [ 945.949063][ T9929] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 945.965113][ T9929] F2FS-fs (loop2): Unrecognized mount option "backgrond_gc=on" or missing value [ 945.970257][ T9939] /dev/loop0: Can't open blockdev [ 946.004139][ T9939] 9pnet: Insufficient options for proto=fd [ 946.547351][ T9953] loop2: detected capacity change from 0 to 1024 [ 946.693574][ T9953] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 946.838276][ T9953] EXT4-fs (loop2): mounted filesystem without journal. Opts: user_xattr,noquota,dioread_nolock,jqfmt=vfsv1,barrier,max_dir_size_kb=0x00000000000007b1,stripe=0x0000000000000020,bsdgroups,barrier=0x0000000000000005,user_xattr,noinit_itable,,errors=continue. Quota mode: none. [ 947.410775][ T30] audit: type=1400 audit(1781141513.998:260): avc: denied { map } for pid=9952 comm="syz.2.2505" path="/190/file1/cgroup.controllers" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 947.531168][ T9953] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters [ 947.547779][ T9953] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 20 with error 28 [ 947.560233][ T9953] EXT4-fs (loop2): This should not happen!! Data will be lost [ 947.560233][ T9953] [ 947.572283][ T9953] EXT4-fs (loop2): Total free blocks count 0 [ 947.578439][ T9953] EXT4-fs (loop2): Free/Dirty block details [ 947.584775][ T9953] EXT4-fs (loop2): free_blocks=20480 [ 947.590510][ T9953] EXT4-fs (loop2): dirty_blocks=2576 [ 947.966780][ T9953] EXT4-fs (loop2): Block reservation details [ 947.975413][ T9953] EXT4-fs (loop2): i_reserved_data_blocks=161 [ 948.220274][ T10] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28 [ 948.312923][ T10] EXT4-fs (loop2): This should not happen!! Data will be lost [ 948.312923][ T10] [ 949.075264][T10386] /dev/loop0: Can't open blockdev [ 949.096128][T10386] 9pnet: Insufficient options for proto=fd [ 951.375145][T10541] loop2: detected capacity change from 0 to 1024 [ 951.466539][T10544] overlayfs: failed to clone upperpath [ 951.511056][T10541] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 951.689482][T10541] EXT4-fs (loop2): mounted filesystem without journal. Opts: user_xattr,noquota,dioread_nolock,jqfmt=vfsv1,barrier,max_dir_size_kb=0x00000000000007b1,stripe=0x0000000000000020,bsdgroups,barrier=0x0000000000000005,user_xattr,noinit_itable,,errors=continue. Quota mode: none. [ 951.843485][T10655] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters [ 951.872600][T10655] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 820 with error 28 [ 951.917651][T10655] EXT4-fs (loop2): This should not happen!! Data will be lost [ 951.917651][T10655] [ 951.952615][T10655] EXT4-fs (loop2): Total free blocks count 0 [ 952.099128][T10655] EXT4-fs (loop2): Free/Dirty block details [ 952.105214][T10655] EXT4-fs (loop2): free_blocks=20480 [ 952.123705][T10655] EXT4-fs (loop2): dirty_blocks=832 [ 952.135049][T10655] EXT4-fs (loop2): Block reservation details [ 952.165099][T10655] EXT4-fs (loop2): i_reserved_data_blocks=52 [ 953.112471][ T315] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28 [ 953.232141][ T315] EXT4-fs (loop2): This should not happen!! Data will be lost [ 953.232141][ T315] [ 957.190522][ T30] audit: type=1400 audit(1781141523.778:261): avc: denied { bind } for pid=10891 comm="syz.6.2560" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 957.228815][ T30] audit: type=1400 audit(1781141523.808:262): avc: denied { name_bind } for pid=10891 comm="syz.6.2560" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 957.259447][ T30] audit: type=1400 audit(1781141523.808:263): avc: denied { node_bind } for pid=10891 comm="syz.6.2560" saddr=::ffff:0.0.0.0 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 963.912248][T11146] overlayfs: failed to clone upperpath [ 964.620656][ T30] audit: type=1400 audit(1781141531.208:264): avc: denied { write } for pid=11256 comm="syz.4.2582" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 973.028812][T11620] bridge0: port 1(bridge_slave_0) entered blocking state [ 973.047884][T11620] bridge0: port 1(bridge_slave_0) entered disabled state [ 973.065725][T11620] device bridge_slave_0 entered promiscuous mode [ 973.086023][T11620] bridge0: port 2(bridge_slave_1) entered blocking state [ 973.106125][T11620] bridge0: port 2(bridge_slave_1) entered disabled state [ 973.125728][T11620] device bridge_slave_1 entered promiscuous mode [ 973.296917][T11620] bridge0: port 2(bridge_slave_1) entered blocking state [ 973.304209][T11620] bridge0: port 2(bridge_slave_1) entered forwarding state [ 973.311530][T11620] bridge0: port 1(bridge_slave_0) entered blocking state [ 973.318571][T11620] bridge0: port 1(bridge_slave_0) entered forwarding state [ 973.415985][ T909] bridge0: port 1(bridge_slave_0) entered disabled state [ 973.433711][ T909] bridge0: port 2(bridge_slave_1) entered disabled state [ 973.460669][ T909] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 973.486513][ T909] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 973.521595][ T909] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 973.552904][ T909] bridge0: port 1(bridge_slave_0) entered blocking state [ 973.560019][ T909] bridge0: port 1(bridge_slave_0) entered forwarding state [ 973.605175][ T909] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 973.650953][ T909] bridge0: port 2(bridge_slave_1) entered blocking state [ 973.658036][ T909] bridge0: port 2(bridge_slave_1) entered forwarding state [ 973.743664][ T909] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 973.766747][ T909] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 973.793423][ T909] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 973.808752][ T909] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 974.027987][ T909] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 974.067493][ T909] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 974.144018][T11620] device veth0_vlan entered promiscuous mode [ 974.158263][T11620] device veth1_macvtap entered promiscuous mode [ 974.179756][ T909] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 974.195157][ T909] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 974.243726][ T909] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 974.988824][T11660] loop2: detected capacity change from 0 to 256 [ 975.245286][ T30] audit: type=1400 audit(1781141541.658:265): avc: denied { connect } for pid=11654 comm="syz.9.2615" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 975.460638][T11660] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 975.605010][ T30] audit: type=1400 audit(1781141541.658:266): avc: denied { write } for pid=11654 comm="syz.9.2615" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 975.675996][T11670] xt_hashlimit: size too large, truncated to 1048576 [ 975.894912][T11682] loop2: detected capacity change from 0 to 256 [ 975.970458][T11682] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 976.880335][T11696] loop1: detected capacity change from 0 to 128 [ 976.983004][T11696] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 977.024537][T11696] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 977.055503][T11696] ext2 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 977.180898][T11692] loop2: detected capacity change from 0 to 40427 [ 977.251801][T11692] F2FS-fs (loop2): Invalid log_blocksize (64), supports only 12 [ 977.396609][T11692] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 977.579992][T11692] F2FS-fs (loop2): Unrecognized mount option "backgrond_gc=on" or missing value [ 979.313511][T11936] xt_hashlimit: size too large, truncated to 1048576 [ 979.442442][T11939] loop2: detected capacity change from 0 to 128 [ 979.559955][T11939] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 979.589800][T11939] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 979.629131][T11939] ext2 filesystem being mounted at /214/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 980.119079][ T4393] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 980.619542][ T4393] usb 2-1: unable to get BOS descriptor or descriptor too short [ 980.749109][ T4393] usb 2-1: not running at top speed; connect to a high speed hub [ 981.049286][ T4393] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 981.094512][ T4393] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 981.339289][ T4393] usb 2-1: New USB device found, idVendor=2a39, idProduct=3fd4, bcdDevice= 0.40 [ 981.375833][ T4393] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 981.829170][ T4393] usb 2-1: Product: syz [ 981.833380][ T4393] usb 2-1: Manufacturer: syz [ 981.837984][ T4393] usb 2-1: SerialNumber: syz [ 982.069099][ T30] audit: type=1400 audit(1781141548.578:267): avc: denied { read write } for pid=12082 comm="syz.2.2658" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 982.341652][T12194] xt_policy: neither incoming nor outgoing policy selected [ 982.809028][ T30] audit: type=1400 audit(1781141548.578:268): avc: denied { open } for pid=12082 comm="syz.2.2658" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 982.834688][T12193] loop2: detected capacity change from 0 to 256 [ 983.561887][T12193] FAT-fs (loop2): Directory bread(block 64) failed [ 983.576213][T12193] FAT-fs (loop2): Directory bread(block 65) failed [ 983.596358][T12193] FAT-fs (loop2): Directory bread(block 66) failed [ 983.617953][T12193] FAT-fs (loop2): Directory bread(block 67) failed [ 983.639070][T12193] FAT-fs (loop2): Directory bread(block 68) failed [ 983.661195][T12193] FAT-fs (loop2): Directory bread(block 69) failed [ 983.668881][T12204] xt_hashlimit: size too large, truncated to 1048576 [ 983.671247][T12193] FAT-fs (loop2): Directory bread(block 70) failed [ 983.683870][T12193] FAT-fs (loop2): Directory bread(block 71) failed [ 983.691484][T12193] FAT-fs (loop2): Directory bread(block 72) failed [ 983.699075][T12193] FAT-fs (loop2): Directory bread(block 73) failed [ 983.814552][ T4393] usb 2-1: unit 3 not found! [ 983.839194][ T4393] usb 2-1: cannot get ctl value: req = 0x81, wValue = 0x100, wIndex = 0x500, type = 0 [ 983.868590][ T4393] usb 2-1: USB disconnect, device number 6 [ 984.248966][T11700] udevd[11700]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 984.493405][T12231] loop1: detected capacity change from 0 to 512 [ 984.529187][ T30] audit: type=1400 audit(1781141551.018:269): avc: denied { ioctl } for pid=12228 comm="syz.9.2676" path="socket:[40162]" dev="sockfs" ino=40162 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 984.695891][T12231] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.2672: invalid indirect mapped block 10 (level 1) [ 984.710141][T12231] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.2672: invalid indirect mapped block 8 (level 1) [ 984.725760][T12231] EXT4-fs (loop1): 1 truncate cleaned up [ 984.731476][T12231] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 985.122116][T12238] xt_policy: neither incoming nor outgoing policy selected [ 986.696595][ T30] audit: type=1400 audit(1781141553.278:270): avc: denied { write } for pid=12250 comm="syz.1.2683" name="usbmon9" dev="devtmpfs" ino=182 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 986.764675][ T30] audit: type=1400 audit(1781141553.308:271): avc: denied { append } for pid=12250 comm="syz.1.2683" name="001" dev="devtmpfs" ino=184 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 986.862326][T12260] loop1: detected capacity change from 0 to 1024 [ 986.930199][T12260] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 986.973235][T12260] EXT4-fs (loop1): mounted filesystem without journal. Opts: user_xattr,noquota,dioread_nolock,jqfmt=vfsv1,barrier,max_dir_size_kb=0x00000000000007b1,stripe=0x0000000000000020,bsdgroups,barrier=0x0000000000000005,user_xattr,noinit_itable,,errors=continue. Quota mode: none. [ 987.364619][T12266] loop1: detected capacity change from 0 to 512 [ 987.559490][T12266] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.2688: invalid indirect mapped block 10 (level 1) [ 987.573569][T12266] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.2688: invalid indirect mapped block 8 (level 1) [ 987.588621][T12266] EXT4-fs (loop1): 1 truncate cleaned up [ 987.594368][T12266] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 988.759148][ T30] audit: type=1400 audit(1781141555.268:272): avc: denied { ioctl } for pid=12268 comm="syz.2.2689" path="socket:[39784]" dev="sockfs" ino=39784 ioctlcmd=0x6722 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 989.462618][T12283] xt_policy: neither incoming nor outgoing policy selected [ 992.962512][ T30] audit: type=1400 audit(1781141555.278:273): avc: denied { write } for pid=12268 comm="syz.2.2689" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 993.314353][T12306] loop1: detected capacity change from 0 to 512 [ 993.526966][T12306] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.2699: invalid indirect mapped block 10 (level 1) [ 993.541195][T12306] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.2699: invalid indirect mapped block 8 (level 1) [ 993.556233][T12306] EXT4-fs (loop1): 1 truncate cleaned up [ 993.561976][T12306] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 994.664786][T12292] loop2: detected capacity change from 0 to 40427 [ 994.757696][T12292] F2FS-fs (loop2): Wrong segment_count / block_count (64 > 16384) [ 994.809407][T12292] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 994.900241][T12292] F2FS-fs (loop2): Found nat_bits in checkpoint [ 995.882390][T12292] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 995.902325][T12292] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 996.121217][T12328] bridge0: port 1(bridge_slave_0) entered blocking state [ 996.140974][T12328] bridge0: port 1(bridge_slave_0) entered disabled state [ 996.167096][T12328] device bridge_slave_0 entered promiscuous mode [ 996.190729][T12328] bridge0: port 2(bridge_slave_1) entered blocking state [ 996.241767][T12328] bridge0: port 2(bridge_slave_1) entered disabled state [ 996.274181][T12328] device bridge_slave_1 entered promiscuous mode [ 997.432702][ T9174] tipc: Disabling bearer [ 997.441671][ T9174] tipc: Left network mode [ 997.509584][ T367] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 997.518141][ T367] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 997.533163][ T367] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 997.560540][ T367] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 997.580883][T12359] /dev/loop0: Can't open blockdev [ 997.586065][ T367] bridge0: port 1(bridge_slave_0) entered blocking state [ 997.593129][ T367] bridge0: port 1(bridge_slave_0) entered forwarding state [ 997.618083][ T367] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 997.634436][ T30] audit: type=1400 audit(1781141564.198:274): avc: denied { map } for pid=12351 comm="syz.2.2716" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 997.662890][ T367] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 997.679642][ T367] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 997.709507][ T367] bridge0: port 2(bridge_slave_1) entered blocking state [ 997.716626][ T367] bridge0: port 2(bridge_slave_1) entered forwarding state [ 998.094882][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 998.103626][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 998.122530][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 998.131476][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 998.150879][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 998.159917][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 998.170463][T12328] device veth0_vlan entered promiscuous mode [ 998.177036][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 998.186034][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 998.194638][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 998.202656][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 998.219241][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 998.229757][T12328] device veth1_macvtap entered promiscuous mode [ 998.242105][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 998.253869][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 998.274851][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 998.289877][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 998.541725][T12382] loop4: detected capacity change from 0 to 512 [ 999.031576][ T9174] device bridge_slave_1 left promiscuous mode [ 999.066692][T12382] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.2705: invalid indirect mapped block 10 (level 1) [ 999.080918][T12382] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.2705: invalid indirect mapped block 8 (level 1) [ 999.095815][T12382] EXT4-fs (loop4): 1 truncate cleaned up [ 999.101520][T12382] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 999.211503][ T9174] bridge0: port 2(bridge_slave_1) entered disabled state [ 999.710490][ T9174] device bridge_slave_0 left promiscuous mode [ 999.716709][ T9174] bridge0: port 1(bridge_slave_0) entered disabled state [ 999.733310][T12392] overlayfs: missing 'lowerdir' [ 999.853981][ T9174] device veth1_macvtap left promiscuous mode [ 999.863953][ T9174] device veth0_vlan left promiscuous mode [ 1001.173735][T12409] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2735'. [ 1001.284302][T12409] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2735'. [ 1001.452072][T12416] device syzkaller0 entered promiscuous mode [ 1002.718864][T12414] loop4: detected capacity change from 0 to 40427 [ 1002.728596][ T30] audit: type=1400 audit(1781141569.318:275): avc: denied { create } for pid=12428 comm="syz.2.2741" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1 [ 1002.849636][T12414] F2FS-fs (loop4): fault_injection options not supported [ 1002.856783][T12414] F2FS-fs (loop4): fault_type options not supported [ 1002.889848][T12414] F2FS-fs (loop4): invalid crc value [ 1002.901110][T12414] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1002.960592][ T9174] device bridge_slave_1 left promiscuous mode [ 1002.977092][ T9174] bridge0: port 2(bridge_slave_1) entered disabled state [ 1002.985030][ T9174] device bridge_slave_0 left promiscuous mode [ 1002.991294][T12414] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1002.999103][ T9174] bridge0: port 1(bridge_slave_0) entered disabled state [ 1003.029192][ T9174] device veth1_macvtap left promiscuous mode [ 1003.044219][ T30] audit: type=1400 audit(1781141569.628:276): avc: denied { execute } for pid=12413 comm="syz.4.2736" path="/2/file0/file1" dev="loop4" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 1003.044601][ T9174] device veth0_vlan left promiscuous mode [ 1003.090674][T12328] attempt to access beyond end of device [ 1003.090674][T12328] loop4: rw=2049, want=45120, limit=40427 [ 1003.114421][ T30] audit: type=1400 audit(1781141569.658:277): avc: denied { rename } for pid=12413 comm="syz.4.2736" name="file2" dev="loop4" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 1003.253571][T12436] overlayfs: failed to clone upperpath [ 1003.268929][T12447] device syzkaller0 entered promiscuous mode [ 1003.277665][T12447] tipc: Started in network mode [ 1003.283292][T12447] tipc: Node identity 12586666ad55, cluster identity 4711 [ 1003.290661][T12447] tipc: Enabled bearer , priority 0 [ 1003.298045][T12446] tipc: Resetting bearer [ 1003.304943][T12446] tipc: Disabling bearer [ 1003.349156][ T26] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 1003.619082][ T26] usb 2-1: Using ep0 maxpacket: 16 [ 1003.629036][ T1003] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 1003.739150][ T26] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1003.750250][ T26] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1003.760186][ T26] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1003.772899][ T30] audit: type=1400 audit(1781141570.358:278): avc: denied { setopt } for pid=12454 comm="syz.2.2752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 1003.775419][ T26] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1003.803571][ T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1003.814838][ T26] usb 2-1: config 0 descriptor?? [ 1003.844438][ T30] audit: type=1400 audit(1781141570.428:279): avc: denied { read } for pid=12454 comm="syz.2.2752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 1003.999182][ T1003] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1004.010202][ T1003] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 1004.179118][ T1003] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1004.188262][ T1003] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1004.196282][ T1003] usb 5-1: Product: syz [ 1004.200512][ T1003] usb 5-1: Manufacturer: syz [ 1004.205102][ T1003] usb 5-1: SerialNumber: syz [ 1004.249648][ T1003] cdc_mbim 5-1:1.0: skipping garbage [ 1004.300085][ T26] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 1004.307348][ T26] microsoft 0003:045E:07DA.0001: ignoring exceeding usage max [ 1004.322817][ T26] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0001/input/input9 [ 1004.400179][ T26] microsoft 0003:045E:07DA.0001: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 1004.450277][T12453] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 1004.506433][ T30] audit: type=1400 audit(1781141571.088:280): avc: denied { write } for pid=12440 comm="syz.1.2746" name="001" dev="devtmpfs" ino=172 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 1004.614739][T12479] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1004.632928][T12481] bridge0: port 3(syz_tun) entered blocking state [ 1004.639543][T12481] bridge0: port 3(syz_tun) entered disabled state [ 1004.646401][T12481] device syz_tun entered promiscuous mode [ 1004.692192][T12489] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2767'. [ 1004.701182][T12489] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2767'. [ 1004.710306][T12489] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2767'. [ 1004.719232][T12489] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2767'. [ 1004.744771][T12491] loop2: detected capacity change from 0 to 512 [ 1004.773347][T12491] EXT4-fs error (device loop2): ext4_orphan_get:1406: inode #15: comm syz.2.2768: inode has both inline data and extents flags [ 1004.786832][T12491] EXT4-fs error (device loop2): ext4_orphan_get:1411: comm syz.2.2768: couldn't read orphan inode 15 (err -117) [ 1004.798819][T12491] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 1004.848309][T12498] overlayfs: failed to clone upperpath [ 1004.910575][T12511] capability: warning: `syz.2.2774' uses deprecated v2 capabilities in a way that may be insecure [ 1004.985524][T12514] tipc: Started in network mode [ 1004.991227][T12514] tipc: Node identity 7f000001, cluster identity 4711 [ 1005.000216][T12514] tipc: Enabling of bearer rejected, failed to enable media [ 1005.109637][ T367] tipc: Disabling bearer [ 1005.115014][ T367] tipc: Left network mode [ 1005.121490][T12453] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 1005.129404][ T1003] cdc_mbim 5-1:1.0: setting tx_max = 16384 [ 1005.137399][T12524] loop2: detected capacity change from 0 to 2048 [ 1005.148380][ T1003] cdc_mbim 5-1:1.0: cdc-wdm0: USB WDM device [ 1005.156126][T12515] bridge0: port 1(bridge_slave_0) entered blocking state [ 1005.163243][T12515] bridge0: port 1(bridge_slave_0) entered disabled state [ 1005.170789][T12285] loop2: p1 p2 p3 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 [ 1005.171026][T12515] device bridge_slave_0 entered promiscuous mode [ 1005.172233][T12285] loop2: p2 size 458752 extends beyond EOD, [ 1005.261488][ T1003] cdc_mbim 5-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.4-1, CDC MBIM, 5a:39:69:a6:9e:cf [ 1005.265342][T12285] truncated [ 1005.288104][T12529] netlink: 2028 bytes leftover after parsing attributes in process `syz.9.2783'. [ 1005.292829][ T30] audit: type=1400 audit(1781141571.878:281): avc: denied { read } for pid=140 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 1005.297859][T10658] usb 2-1: USB disconnect, device number 7 [ 1005.318747][T12529] netlink: 24 bytes leftover after parsing attributes in process `syz.9.2783'. [ 1005.329934][T12285] loop2: p6 size 458752 extends beyond EOD, [ 1005.337631][T12515] bridge0: port 2(bridge_slave_1) entered blocking state [ 1005.362735][T12285] truncated [ 1005.366257][T12515] bridge0: port 2(bridge_slave_1) entered disabled state [ 1005.374595][T12285] loop2: p8 size 458752 extends beyond EOD, truncated [ 1005.382718][T12285] loop2: p10 size 458752 extends beyond EOD, truncated [ 1005.390272][T12515] device bridge_slave_1 entered promiscuous mode [ 1005.402708][ T30] audit: type=1400 audit(1781141571.988:282): avc: denied { search } for pid=140 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1005.430244][T12285] loop2: p12 size 458752 extends beyond EOD, truncated [ 1005.448271][T12285] loop2: p14 size 458752 extends beyond EOD, truncated [ 1005.455670][ T30] audit: type=1400 audit(1781141571.988:283): avc: denied { read } for pid=140 comm="dhcpcd" name="n15" dev="tmpfs" ino=9643 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 1005.489414][T12285] loop2: p16 size 458752 extends beyond EOD, truncated [ 1005.506616][T12285] loop2: p18 size 458752 extends beyond EOD, truncated [ 1005.516719][T12453] loop4: detected capacity change from 0 to 40427 [ 1005.524085][T12285] loop2: p20 size 458752 extends beyond EOD, truncated [ 1005.531789][ T30] audit: type=1400 audit(1781141571.988:284): avc: denied { open } for pid=140 comm="dhcpcd" path="/run/udev/data/n15" dev="tmpfs" ino=9643 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 1005.562071][T12453] F2FS-fs (loop4): Unrecognized mount option "00000000000000000000003" or missing value [ 1005.572112][T12285] loop2: p22 size 458752 extends beyond EOD, truncated [ 1005.580780][T12285] loop2: p24 size 458752 extends beyond EOD, truncated [ 1005.586572][T12515] bridge0: port 2(bridge_slave_1) entered blocking state [ 1005.590727][T12285] loop2: p26 size 458752 extends beyond EOD, truncated [ 1005.594737][T12515] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1005.602537][T12285] loop2: p28 size 458752 extends beyond EOD, truncated [ 1005.608862][T12515] bridge0: port 1(bridge_slave_0) entered blocking state [ 1005.616565][T12285] loop2: p30 size 458752 extends beyond EOD, [ 1005.622692][T12515] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1005.622701][T12285] truncated [ 1005.623361][T12285] loop2: p32 size 458752 extends beyond EOD, [ 1005.639770][T12453] usb 5-1: USB disconnect, device number 10 [ 1005.663542][T12285] truncated [ 1005.667570][T12285] loop2: p34 size 458752 extends beyond EOD, truncated [ 1005.675192][T12453] cdc_mbim 5-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.4-1, CDC MBIM [ 1005.684188][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1005.692291][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1005.692507][T12285] loop2: p36 size 458752 extends beyond EOD, truncated [ 1005.701837][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1005.716575][T12285] loop2: p38 size 458752 extends beyond EOD, truncated [ 1005.724921][T12285] loop2: p40 size 458752 extends beyond EOD, truncated [ 1005.734015][T12285] loop2: p42 size 458752 extends beyond EOD, truncated [ 1005.745100][T12285] loop2: p44 size 458752 extends beyond EOD, truncated [ 1005.760173][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1005.769159][T12285] loop2: p46 size 458752 extends beyond EOD, truncated [ 1005.776480][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1005.788454][T12285] loop2: p48 size 458752 extends beyond EOD, truncated [ 1005.804266][T12515] device veth0_vlan entered promiscuous mode [ 1005.811334][T12285] loop2: p50 size 458752 extends beyond EOD, truncated [ 1005.819707][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1005.827215][T12285] loop2: p52 size 458752 extends beyond EOD, truncated [ 1005.832163][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1005.837036][T12285] loop2: p54 size 458752 extends beyond EOD, truncated [ 1005.847583][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1005.853463][T12285] loop2: p56 size 458752 extends beyond EOD, truncated [ 1005.873843][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1005.888167][T12285] loop2: p58 size 458752 extends beyond EOD, truncated [ 1005.899950][T12285] loop2: p60 size 458752 extends beyond EOD, truncated [ 1005.910326][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1005.920962][T12285] loop2: p62 size 458752 extends beyond EOD, truncated [ 1005.926232][T12515] device veth1_macvtap entered promiscuous mode [ 1005.931255][T12285] loop2: p64 size 458752 extends beyond EOD, truncated [ 1005.945057][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1005.961515][T12285] loop2: p66 size 458752 extends beyond EOD, truncated [ 1005.967547][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1005.976154][T12285] loop2: p68 size 458752 extends beyond EOD, truncated [ 1005.985941][T12285] loop2: p70 size 458752 extends beyond EOD, truncated [ 1005.991621][T12565] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2786'. [ 1005.995355][T12285] loop2: p72 size 458752 extends beyond EOD, truncated [ 1006.012116][T12285] loop2: p74 size 458752 extends beyond EOD, truncated [ 1006.024316][T12285] loop2: p76 size 458752 extends beyond EOD, truncated [ 1006.056939][T12285] loop2: p78 size 458752 extends beyond EOD, truncated [ 1006.083708][T12285] loop2: p80 size 458752 extends beyond EOD, truncated [ 1006.109253][T12285] loop2: p82 size 458752 extends beyond EOD, truncated [ 1006.124269][T12285] loop2: p84 size 458752 extends beyond EOD, truncated [ 1006.140458][T12285] loop2: p86 size 458752 extends beyond EOD, truncated [ 1006.149534][ T367] device bridge_slave_1 left promiscuous mode [ 1006.155675][ T367] bridge0: port 2(bridge_slave_1) entered disabled state [ 1006.173354][T12285] loop2: p88 size 458752 extends beyond EOD, truncated [ 1006.180755][ T367] device bridge_slave_0 left promiscuous mode [ 1006.190186][T12285] loop2: p90 size 458752 extends beyond EOD, truncated [ 1006.199236][ T367] bridge0: port 1(bridge_slave_0) entered disabled state [ 1006.207216][T12285] loop2: p92 size 458752 extends beyond EOD, truncated [ 1006.214434][ T367] device veth1_macvtap left promiscuous mode [ 1006.221222][ T367] device veth0_vlan left promiscuous mode [ 1006.221961][T12285] loop2: p94 size 458752 extends beyond EOD, truncated [ 1006.246947][T12285] loop2: p96 size 458752 extends beyond EOD, truncated [ 1006.262914][T12285] loop2: p98 size 458752 extends beyond EOD, truncated [ 1006.280226][T12285] loop2: p100 size 458752 extends beyond EOD, truncated [ 1006.295970][T12285] loop2: p102 size 458752 extends beyond EOD, truncated [ 1006.329995][T12285] loop2: p104 size 458752 extends beyond EOD, truncated [ 1006.342555][T12285] loop2: p106 size 458752 extends beyond EOD, truncated [ 1006.357245][T12285] loop2: p108 size 458752 extends beyond EOD, truncated [ 1006.386760][T12285] loop2: p110 size 458752 extends beyond EOD, truncated [ 1006.402607][T12285] loop2: p112 size 458752 extends beyond EOD, truncated [ 1006.423589][T12285] loop2: p114 size 458752 extends beyond EOD, truncated [ 1006.444945][T12285] loop2: p116 size 458752 extends beyond EOD, truncated [ 1006.445091][T12582] bridge0: port 2(bridge_slave_1) entered disabled state [ 1006.459181][T12582] bridge0: port 1(bridge_slave_0) entered disabled state [ 1006.468742][T12285] loop2: p118 size 458752 extends beyond EOD, truncated [ 1006.484782][T12285] loop2: p120 size 458752 extends beyond EOD, truncated [ 1006.499556][T12285] loop2: p122 size 458752 extends beyond EOD, truncated [ 1006.515191][T12582] device bridge_slave_1 left promiscuous mode [ 1006.521790][T12285] loop2: p124 size 458752 extends beyond EOD, truncated [ 1006.533241][T12285] loop2: p126 size 458752 extends beyond EOD, truncated [ 1006.539412][T12582] bridge0: port 2(bridge_slave_1) entered disabled state [ 1006.547936][T12582] device bridge_slave_0 left promiscuous mode [ 1006.556441][T12285] loop2: p128 size 458752 extends beyond EOD, truncated [ 1006.563682][T12582] bridge0: port 1(bridge_slave_0) entered disabled state [ 1006.572249][T12285] loop2: p130 size 458752 extends beyond EOD, truncated [ 1006.588043][T12285] loop2: p132 size 458752 extends beyond EOD, truncated [ 1006.603925][T12285] loop2: p134 size 458752 extends beyond EOD, truncated [ 1006.619620][T12285] loop2: p136 size 458752 extends beyond EOD, truncated [ 1006.636955][T12285] loop2: p138 size 458752 extends beyond EOD, truncated [ 1006.652753][T12285] loop2: p140 size 458752 extends beyond EOD, truncated [ 1006.667501][T12285] loop2: p142 size 458752 extends beyond EOD, truncated [ 1006.683612][T12285] loop2: p144 size 458752 extends beyond EOD, truncated [ 1006.704562][T12285] loop2: p146 size 458752 extends beyond EOD, truncated [ 1006.723317][T12285] loop2: p148 size 458752 extends beyond EOD, truncated [ 1006.747159][T12285] loop2: p150 size 458752 extends beyond EOD, truncated [ 1006.765487][T12285] loop2: p152 size 458752 extends beyond EOD, truncated [ 1006.781448][T12285] loop2: p154 size 458752 extends beyond EOD, truncated [ 1006.799163][T12285] loop2: p156 size 458752 extends beyond EOD, truncated [ 1006.818061][T12285] loop2: p158 size 458752 extends beyond EOD, truncated [ 1006.833905][T12285] loop2: p160 size 458752 extends beyond EOD, truncated [ 1006.849779][T12285] loop2: p162 size 458752 extends beyond EOD, truncated [ 1006.865667][T12285] loop2: p164 size 458752 extends beyond EOD, truncated [ 1006.881554][T12285] loop2: p166 size 458752 extends beyond EOD, truncated [ 1006.919212][T12285] loop2: p168 size 458752 extends beyond EOD, truncated [ 1006.950931][T12285] loop2: p170 size 458752 extends beyond EOD, truncated [ 1006.970120][T12285] loop2: p172 size 458752 extends beyond EOD, truncated [ 1006.978397][T12285] loop2: p174 size 458752 extends beyond EOD, truncated [ 1006.996572][T12285] loop2: p176 size 458752 extends beyond EOD, truncated [ 1007.016010][T12285] loop2: p178 size 458752 extends beyond EOD, truncated [ 1007.035963][T12285] loop2: p180 size 458752 extends beyond EOD, truncated [ 1007.072805][T12285] loop2: p182 size 458752 extends beyond EOD, truncated [ 1007.099785][T12285] loop2: p184 size 458752 extends beyond EOD, truncated [ 1007.126877][T12285] loop2: p186 size 458752 extends beyond EOD, truncated [ 1007.168888][T12285] loop2: p188 size 458752 extends beyond EOD, truncated [ 1007.172784][T12569] loop1: detected capacity change from 0 to 131072 [ 1007.196425][T12569] F2FS-fs (loop1): invalid crc value [ 1007.196703][T12285] loop2: p190 size 458752 extends beyond EOD, truncated [ 1007.220930][T12285] loop2: p192 size 458752 extends beyond EOD, truncated [ 1007.243728][T12569] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1007.251573][T12285] loop2: p194 size 458752 extends beyond EOD, truncated [ 1007.269851][T12285] loop2: p196 size 458752 extends beyond EOD, truncated [ 1007.296774][T12285] loop2: p198 size 458752 extends beyond EOD, truncated [ 1007.308554][T12285] loop2: p200 size 458752 extends beyond EOD, truncated [ 1007.328746][T12569] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 1007.336922][T12285] loop2: p202 size 458752 extends beyond EOD, truncated [ 1007.344876][T12569] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 1007.359080][T12285] loop2: p204 size 458752 extends beyond EOD, truncated [ 1007.367903][T12639] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2819'. [ 1007.401179][T12285] loop2: p206 size 458752 extends beyond EOD, truncated [ 1007.409646][T12285] loop2: p208 size 458752 extends beyond EOD, truncated [ 1007.431299][T12285] loop2: p210 size 458752 extends beyond EOD, truncated [ 1007.440534][T12285] loop2: p212 size 458752 extends beyond EOD, truncated [ 1007.458176][T12285] loop2: p214 size 458752 extends beyond EOD, truncated [ 1007.466813][T12285] loop2: p216 size 458752 extends beyond EOD, truncated [ 1007.476097][T12285] loop2: p218 size 458752 extends beyond EOD, truncated [ 1007.494184][T12285] loop2: p220 size 458752 extends beyond EOD, truncated [ 1007.503138][T12285] loop2: p222 size 458752 extends beyond EOD, truncated [ 1007.519396][T12285] loop2: p224 size 458752 extends beyond EOD, truncated [ 1008.818368][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 1008.818389][ T30] audit: type=1400 audit(1781141574.108:300): avc: denied { relabelto } for pid=12654 comm="syz.0.2827" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 1008.955159][T12285] loop2: p226 size 458752 extends beyond EOD, truncated [ 1008.974501][T12285] loop2: p228 size 458752 extends beyond EOD, truncated [ 1008.994118][T12285] loop2: p230 size 458752 extends beyond EOD, truncated [ 1009.007857][T12285] loop2: p232 size 458752 extends beyond EOD, truncated [ 1009.022053][T12285] loop2: p234 size 458752 extends beyond EOD, truncated [ 1009.035089][T12285] loop2: p236 size 458752 extends beyond EOD, truncated [ 1009.060498][T12285] loop2: p238 size 458752 extends beyond EOD, truncated [ 1009.077895][T12285] loop2: p240 size 458752 extends beyond EOD, truncated [ 1009.089960][T12285] loop2: p242 size 458752 extends beyond EOD, truncated [ 1009.110832][T12285] loop2: p244 size 458752 extends beyond EOD, truncated [ 1009.119813][T12285] loop2: p246 size 458752 extends beyond EOD, truncated [ 1009.135673][T12285] loop2: p248 size 458752 extends beyond EOD, truncated [ 1009.144382][T12285] loop2: p250 size 458752 extends beyond EOD, truncated [ 1009.155355][T12285] loop2: p252 size 458752 extends beyond EOD, truncated [ 1009.163634][T12285] loop2: p254 size 458752 extends beyond EOD, truncated [ 1009.279929][ T30] audit: type=1400 audit(1781141575.868:301): avc: denied { name_bind } for pid=12700 comm="syz.0.2849" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 1009.907760][T12710] tipc: Enabled bearer , priority 10 [ 1009.950259][ T30] audit: type=1400 audit(1781141576.538:302): avc: denied { write } for pid=12713 comm="syz.1.2854" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 1009.992805][ T30] audit: type=1400 audit(1781141576.538:303): avc: denied { ioctl } for pid=12713 comm="syz.1.2854" path="/dev/ppp" dev="devtmpfs" ino=154 ioctlcmd=0x7438 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 1010.018260][ T30] audit: type=1400 audit(1781141576.548:304): avc: denied { ioctl } for pid=12717 comm="syz.9.2856" path="socket:[42195]" dev="sockfs" ino=42195 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 1010.095079][T12524] loop2: p1 p2 p3 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 [ 1010.096417][T12524] loop2: p2 size 458752 extends beyond EOD, [ 1010.124097][T12736] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2863'. [ 1010.185007][T12524] truncated [ 1010.210970][T12524] loop2: p6 size 458752 extends beyond EOD, truncated [ 1010.212670][ T30] audit: type=1400 audit(1781141576.798:305): avc: denied { write } for pid=12737 comm="syz.0.2866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 1010.238173][ T30] audit: type=1400 audit(1781141576.828:306): avc: denied { read } for pid=12737 comm="syz.0.2866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 1010.258458][T12524] loop2: p8 size 458752 extends beyond EOD, truncated [ 1010.275389][T12524] loop2: p10 size 458752 extends beyond EOD, truncated [ 1010.292381][T12524] loop2: p12 size 458752 extends beyond EOD, truncated [ 1010.311146][T12524] loop2: p14 size 458752 extends beyond EOD, truncated [ 1010.313604][T12752] netlink: 24 bytes leftover after parsing attributes in process `syz.9.2872'. [ 1010.319255][T12751] netlink: 'syz.4.2873': attribute type 4 has an invalid length. [ 1010.329487][T12524] loop2: p16 size 458752 extends beyond EOD, truncated [ 1010.346727][T12751] netlink: 'syz.4.2873': attribute type 4 has an invalid length. [ 1010.350875][T12524] loop2: p18 size 458752 extends beyond EOD, truncated [ 1010.370830][T12524] loop2: p20 size 458752 extends beyond EOD, truncated [ 1010.383349][T12524] loop2: p22 size 458752 extends beyond EOD, truncated [ 1010.387936][ T30] audit: type=1400 audit(1781141576.968:307): avc: denied { create } for pid=12757 comm="syz.9.2876" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 1010.410789][T12524] loop2: p24 size 458752 extends beyond EOD, truncated [ 1010.420413][T12524] loop2: p26 size 458752 extends beyond EOD, truncated [ 1010.428553][T12524] loop2: p28 size 458752 extends beyond EOD, truncated [ 1010.444731][T12524] loop2: p30 size 458752 extends beyond EOD, truncated [ 1010.453222][T12524] loop2: p32 size 458752 extends beyond EOD, truncated [ 1010.455359][T12764] tipc: Enabling of bearer rejected, failed to enable media [ 1010.461073][T12524] loop2: p34 size 458752 extends beyond EOD, truncated [ 1010.478142][T12524] loop2: p36 size 458752 extends beyond EOD, truncated [ 1010.486145][T12524] loop2: p38 size 458752 extends beyond EOD, truncated [ 1010.494059][T12524] loop2: p40 size 458752 extends beyond EOD, truncated [ 1010.507366][T12524] loop2: p42 size 458752 extends beyond EOD, truncated [ 1010.520743][T12524] loop2: p44 size 458752 extends beyond EOD, truncated [ 1010.524756][T12772] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2883'. [ 1010.527686][ T30] audit: type=1400 audit(1781141577.108:308): avc: denied { ioctl } for pid=12771 comm="syz.9.2883" path="socket:[41807]" dev="sockfs" ino=41807 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 1010.561076][T12524] loop2: p46 size 458752 extends beyond EOD, truncated [ 1010.571050][T12524] loop2: p48 size 458752 extends beyond EOD, truncated [ 1010.590013][ T30] audit: type=1400 audit(1781141577.168:309): avc: denied { bind } for pid=12777 comm="syz.4.2886" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 1010.593699][T12524] loop2: p50 size 458752 extends beyond EOD, truncated [ 1010.626953][T12524] loop2: p52 size 458752 extends beyond EOD, truncated [ 1010.635564][T12524] loop2: p54 size 458752 extends beyond EOD, truncated [ 1010.643513][T12524] loop2: p56 size 458752 extends beyond EOD, truncated [ 1010.651488][T12524] loop2: p58 size 458752 extends beyond EOD, truncated [ 1010.659657][T12524] loop2: p60 size 458752 extends beyond EOD, truncated [ 1010.667291][T12524] loop2: p62 size 458752 extends beyond EOD, truncated [ 1010.675103][T12524] loop2: p64 size 458752 extends beyond EOD, truncated [ 1010.682879][T12524] loop2: p66 size 458752 extends beyond EOD, truncated [ 1010.690780][T12524] loop2: p68 size 458752 extends beyond EOD, truncated [ 1010.698522][T12524] loop2: p70 size 458752 extends beyond EOD, truncated [ 1010.706713][T12524] loop2: p72 size 458752 extends beyond EOD, truncated [ 1010.714961][T12524] loop2: p74 size 458752 extends beyond EOD, truncated [ 1010.722934][T12524] loop2: p76 size 458752 extends beyond EOD, truncated [ 1010.732492][T12524] loop2: p78 size 458752 extends beyond EOD, truncated [ 1010.740304][T12524] loop2: p80 size 458752 extends beyond EOD, truncated [ 1010.750148][T12524] loop2: p82 size 458752 extends beyond EOD, truncated [ 1010.757921][T12524] loop2: p84 size 458752 extends beyond EOD, truncated [ 1010.760962][T12793] netlink: 'syz.9.2893': attribute type 3 has an invalid length. [ 1010.772865][T12793] netlink: 16 bytes leftover after parsing attributes in process `syz.9.2893'. [ 1010.779803][T12524] loop2: p86 size 458752 extends beyond EOD, truncated [ 1010.790306][T12524] loop2: p88 size 458752 extends beyond EOD, truncated [ 1010.798618][T12524] loop2: p90 size 458752 extends beyond EOD, truncated [ 1010.807143][T12524] loop2: p92 size 458752 extends beyond EOD, truncated [ 1010.815834][T12524] loop2: p94 size 458752 extends beyond EOD, truncated [ 1010.824214][T12524] loop2: p96 size 458752 extends beyond EOD, truncated [ 1010.851436][T12524] loop2: p98 size 458752 extends beyond EOD, truncated [ 1010.861183][T12524] loop2: p100 size 458752 extends beyond EOD, truncated [ 1010.870412][T12524] loop2: p102 size 458752 extends beyond EOD, truncated [ 1010.878773][T12524] loop2: p104 size 458752 extends beyond EOD, truncated [ 1010.887261][T12524] loop2: p106 size 458752 extends beyond EOD, truncated [ 1010.895913][T12524] loop2: p108 size 458752 extends beyond EOD, truncated [ 1010.905235][T12524] loop2: p110 size 458752 extends beyond EOD, truncated [ 1010.912495][T12807] bridge0: port 2(bridge_slave_1) entered disabled state [ 1010.913360][T12524] loop2: p112 size 458752 extends beyond EOD, truncated [ 1010.919784][T12807] bridge0: port 1(bridge_slave_0) entered disabled state [ 1010.927458][T12524] loop2: p114 size 458752 extends beyond EOD, truncated [ 1010.943205][T12524] loop2: p116 size 458752 extends beyond EOD, truncated [ 1010.951663][T12524] loop2: p118 size 458752 extends beyond EOD, truncated [ 1010.961433][T12524] loop2: p120 size 458752 extends beyond EOD, truncated [ 1010.972617][T12524] loop2: p122 size 458752 extends beyond EOD, truncated [ 1010.980795][T12524] loop2: p124 size 458752 extends beyond EOD, truncated [ 1010.988637][T12524] loop2: p126 size 458752 extends beyond EOD, truncated [ 1010.996681][T12524] loop2: p128 size 458752 extends beyond EOD, truncated [ 1011.004627][T12524] loop2: p130 size 458752 extends beyond EOD, truncated [ 1011.012440][T12524] loop2: p132 size 458752 extends beyond EOD, truncated [ 1011.020267][T12524] loop2: p134 size 458752 extends beyond EOD, truncated [ 1011.028037][T12524] loop2: p136 size 458752 extends beyond EOD, truncated [ 1011.035805][T12524] loop2: p138 size 458752 extends beyond EOD, truncated [ 1011.043632][T12524] loop2: p140 size 458752 extends beyond EOD, truncated [ 1011.057181][T12524] loop2: p142 size 458752 extends beyond EOD, truncated [ 1011.065079][T12524] loop2: p144 size 458752 extends beyond EOD, truncated [ 1011.072949][T12524] loop2: p146 size 458752 extends beyond EOD, truncated [ 1011.080914][T12524] loop2: p148 size 458752 extends beyond EOD, truncated [ 1011.088666][T12524] loop2: p150 size 458752 extends beyond EOD, truncated [ 1011.096576][T12524] loop2: p152 size 458752 extends beyond EOD, truncated [ 1011.104741][T12524] loop2: p154 size 458752 extends beyond EOD, truncated [ 1011.112594][T12524] loop2: p156 size 458752 extends beyond EOD, truncated [ 1011.120462][T12524] loop2: p158 size 458752 extends beyond EOD, truncated [ 1011.128324][T12524] loop2: p160 size 458752 extends beyond EOD, truncated [ 1011.136170][T12524] loop2: p162 size 458752 extends beyond EOD, truncated [ 1011.143935][T12524] loop2: p164 size 458752 extends beyond EOD, truncated [ 1011.151708][T12524] loop2: p166 size 458752 extends beyond EOD, truncated [ 1011.159990][T12524] loop2: p168 size 458752 extends beyond EOD, truncated [ 1011.174383][T12524] loop2: p170 size 458752 extends beyond EOD, truncated [ 1011.190222][T12524] loop2: p172 size 458752 extends beyond EOD, truncated [ 1011.204624][T12524] loop2: p174 size 458752 extends beyond EOD, truncated [ 1011.220006][T12524] loop2: p176 size 458752 extends beyond EOD, truncated [ 1011.239794][T12524] loop2: p178 size 458752 extends beyond EOD, truncated [ 1011.247172][T12831] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2911'. [ 1011.254165][T12524] loop2: p180 size 458752 extends beyond EOD, truncated [ 1011.270709][T12524] loop2: p182 size 458752 extends beyond EOD, truncated [ 1011.279073][T12524] loop2: p184 size 458752 extends beyond EOD, truncated [ 1011.288656][T12524] loop2: p186 size 458752 extends beyond EOD, truncated [ 1011.294569][T12838] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2914'. [ 1011.305014][T12837] device syzkaller0 entered promiscuous mode [ 1011.305598][T12524] loop2: p188 size 458752 extends beyond EOD, truncated [ 1011.316352][T12837] tipc: Started in network mode [ 1011.319803][T12524] loop2: p190 size 458752 extends beyond EOD, truncated [ 1011.329917][T12837] tipc: Node identity 0a0b73d96e72, cluster identity 4711 [ 1011.337935][T12837] tipc: Enabled bearer , priority 0 [ 1011.338571][T12524] loop2: p192 size 458752 extends beyond EOD, truncated [ 1011.353626][T12835] tipc: Resetting bearer [ 1011.358863][T12524] loop2: p194 size 458752 extends beyond EOD, truncated [ 1011.367719][T12524] loop2: p196 size 458752 extends beyond EOD, truncated [ 1011.375328][T12835] tipc: Disabling bearer [ 1011.381631][T12524] loop2: p198 size 458752 extends beyond EOD, truncated [ 1011.391050][T12524] loop2: p200 size 458752 extends beyond EOD, truncated [ 1011.404280][T12524] loop2: p202 size 458752 extends beyond EOD, truncated [ 1011.412194][T12524] loop2: p204 size 458752 extends beyond EOD, truncated [ 1011.420502][T12524] loop2: p206 size 458752 extends beyond EOD, truncated [ 1011.428189][T12524] loop2: p208 size 458752 extends beyond EOD, truncated [ 1011.442935][T12524] loop2: p210 size 458752 extends beyond EOD, truncated [ 1011.450886][T12524] loop2: p212 size 458752 extends beyond EOD, truncated [ 1011.459659][T12524] loop2: p214 size 458752 extends beyond EOD, truncated [ 1011.467782][T12524] loop2: p216 size 458752 extends beyond EOD, truncated [ 1011.478922][T12524] loop2: p218 size 458752 extends beyond EOD, truncated [ 1011.488011][T12524] loop2: p220 size 458752 extends beyond EOD, truncated [ 1011.496623][T12524] loop2: p222 size 458752 extends beyond EOD, truncated [ 1011.504725][T12524] loop2: p224 size 458752 extends beyond EOD, truncated [ 1011.513144][T12524] loop2: p226 size 458752 extends beyond EOD, truncated [ 1011.521498][T12524] loop2: p228 size 458752 extends beyond EOD, truncated [ 1011.529645][T12524] loop2: p230 size 458752 extends beyond EOD, truncated [ 1011.538580][T12524] loop2: p232 size 458752 extends beyond EOD, truncated [ 1011.540084][T12858] ================================================================== [ 1011.547194][T12524] loop2: p234 size 458752 extends beyond EOD, truncated [ 1011.553626][T12858] BUG: KASAN: slab-out-of-bounds in tc_setup_flow_action+0x870/0x3240 [ 1011.561537][T12524] loop2: p236 size 458752 extends beyond EOD, truncated [ 1011.568777][T12858] Read of size 8 at addr ffff88810ab705c0 by task syz.1.2924/12858 [ 1011.579966][T12524] loop2: p238 size 458752 extends beyond EOD, [ 1011.583626][T12858] [ 1011.583628][T12524] truncated [ 1011.584285][T12524] loop2: p240 size 458752 extends beyond EOD, [ 1011.589782][T12858] CPU: 1 PID: 12858 Comm: syz.1.2924 Not tainted syzkaller #0 [ 1011.589806][T12858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1011.589818][T12858] Call Trace: [ 1011.592582][T12524] truncated [ 1011.595264][T12858] [ 1011.609946][T12524] loop2: p242 size 458752 extends beyond EOD, [ 1011.618898][T12858] __dump_stack+0x21/0x30 [ 1011.622407][T12524] truncated [ 1011.625281][T12858] dump_stack_lvl+0x110/0x170 [ 1011.628916][T12524] loop2: p244 size 458752 extends beyond EOD, [ 1011.634351][T12858] ? show_regs_print_info+0x20/0x20 [ 1011.639013][T12524] truncated [ 1011.641807][T12858] ? load_image+0x3e0/0x3e0 [ 1011.647174][T12524] loop2: p246 size 458752 extends beyond EOD, [ 1011.652617][T12858] print_address_description+0x7f/0x2c0 [ 1011.652645][T12858] ? tc_setup_flow_action+0x870/0x3240 [ 1011.658210][T12524] truncated [ 1011.660945][T12858] kasan_report+0xf1/0x140 [ 1011.666381][T12524] loop2: p248 size 458752 extends beyond EOD, [ 1011.671662][T12858] ? tc_setup_flow_action+0x870/0x3240 [ 1011.671688][T12858] __asan_report_load8_noabort+0x14/0x20 [ 1011.677426][T12524] truncated [ 1011.682679][T12858] tc_setup_flow_action+0x870/0x3240 [ 1011.682703][T12858] mall_replace_hw_filter+0x2cc/0x8b0 [ 1011.686693][T12524] loop2: p250 size 458752 extends beyond EOD, [ 1011.690220][T12858] ? pcpu_block_update_hint_alloc+0x8c4/0xc50 [ 1011.696556][T12524] truncated [ 1011.701847][T12858] ? mall_set_parms+0x520/0x520 [ 1011.701870][T12858] ? tcf_exts_destroy+0xb0/0xb0 [ 1011.701891][T12858] ? pcpu_alloc+0x1170/0x16e0 [ 1011.708427][T12524] loop2: p252 size 458752 extends beyond EOD, [ 1011.710613][T12858] ? mall_set_parms+0x1e8/0x520 [ 1011.710638][T12858] mall_change+0x544/0x760 [ 1011.716096][T12524] truncated [ 1011.721283][T12858] ? __kasan_check_write+0x14/0x20 [ 1011.721314][T12858] ? mall_get+0xa0/0xa0 [ 1011.721331][T12858] ? tcf_chain_tp_insert_unique+0xac1/0xc10 [ 1011.728411][T12524] loop2: p254 size 458752 extends beyond EOD, [ 1011.733560][T12858] ? mall_get+0xa0/0xa0 [ 1011.733580][T12858] tc_new_tfilter+0x142f/0x19b0 [ 1011.736883][T12524] truncated [ 1011.741545][T12858] ? tcf_gate_entry_destructor+0x20/0x20 [ 1011.741570][T12858] ? security_capable+0x87/0xb0 [ 1011.741662][T12858] ? ns_capable+0x8c/0xf0 [ 1011.817747][T12858] ? netlink_net_capable+0x125/0x160 [ 1011.823045][T12858] ? tcf_gate_entry_destructor+0x20/0x20 [ 1011.828687][T12858] rtnetlink_rcv_msg+0x871/0xce0 [ 1011.833742][T12858] ? rtnetlink_bind+0x80/0x80 [ 1011.838436][T12858] ? avc_has_perm_noaudit+0x391/0x490 [ 1011.843849][T12858] ? memcpy+0x56/0x70 [ 1011.847834][T12858] ? avc_has_perm_noaudit+0x30b/0x490 [ 1011.853207][T12858] ? arch_stack_walk+0xee/0x140 [ 1011.858121][T12858] ? avc_denied+0x1b0/0x1b0 [ 1011.862629][T12858] ? stack_trace_save+0xa6/0xf0 [ 1011.867590][T12858] ? avc_has_perm+0x163/0x250 [ 1011.872274][T12858] ? avc_has_perm_noaudit+0x490/0x490 [ 1011.878170][T12858] ? x64_sys_call+0x4b/0x9a0 [ 1011.882802][T12858] ? selinux_nlmsg_lookup+0x416/0x4c0 [ 1011.888206][T12858] netlink_rcv_skb+0x1f5/0x440 [ 1011.892968][T12858] ? rtnetlink_bind+0x80/0x80 [ 1011.897649][T12858] ? netlink_ack+0xb50/0xb50 [ 1011.902336][T12858] ? __netlink_lookup+0x387/0x3b0 [ 1011.907381][T12858] rtnetlink_rcv+0x1c/0x20 [ 1011.911805][T12858] netlink_unicast+0x876/0xa40 [ 1011.916574][T12858] netlink_sendmsg+0x879/0xb80 [ 1011.921341][T12858] ? netlink_getsockopt+0x530/0x530 [ 1011.926550][T12858] ? do_futex+0xde8/0x2800 [ 1011.931036][T12858] ? security_socket_sendmsg+0x82/0xa0 [ 1011.936493][T12858] ? netlink_getsockopt+0x530/0x530 [ 1011.941777][T12858] ____sys_sendmsg+0x5b7/0x8f0 [ 1011.946593][T12858] ? __sys_sendmsg_sock+0x40/0x40 [ 1011.951616][T12858] ? import_iovec+0x7c/0xb0 [ 1011.956177][T12858] ___sys_sendmsg+0x236/0x2e0 [ 1011.960877][T12858] ? __sys_sendmsg+0x280/0x280 [ 1011.965658][T12858] ? sock_show_fdinfo+0xa0/0xa0 [ 1011.970511][T12858] ? __fdget+0x1a1/0x230 [ 1011.974778][T12858] __x64_sys_sendmsg+0x206/0x2f0 [ 1011.979714][T12858] ? ___sys_sendmsg+0x2e0/0x2e0 [ 1011.984567][T12858] ? __kasan_check_write+0x14/0x20 [ 1011.989677][T12858] ? switch_fpu_return+0x15d/0x2c0 [ 1011.994790][T12858] x64_sys_call+0x4b/0x9a0 [ 1011.999211][T12858] do_syscall_64+0x4c/0xa0 [ 1012.003695][T12858] ? clear_bhb_loop+0x50/0xa0 [ 1012.008413][T12858] ? clear_bhb_loop+0x50/0xa0 [ 1012.013085][T12858] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1012.018978][T12858] RIP: 0033:0x7f83cc1a4e59 [ 1012.023446][T12858] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1012.043051][T12858] RSP: 002b:00007f83cabff028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1012.051512][T12858] RAX: ffffffffffffffda RBX: 00007f83cc41dfa0 RCX: 00007f83cc1a4e59 [ 1012.059483][T12858] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000004 [ 1012.067451][T12858] RBP: 00007f83cc23ad6f R08: 0000000000000000 R09: 0000000000000000 [ 1012.075420][T12858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1012.083389][T12858] R13: 00007f83cc41e038 R14: 00007f83cc41dfa0 R15: 00007fff42775478 [ 1012.091364][T12858] [ 1012.094390][T12858] [ 1012.096708][T12858] Allocated by task 12858: [ 1012.101149][T12858] __kasan_kmalloc+0xda/0x110 [ 1012.105824][T12858] __kmalloc+0x13d/0x2c0 [ 1012.110062][T12858] tcf_idr_create+0x5f/0x790 [ 1012.114650][T12858] tcf_idr_create_from_flags+0x61/0x70 [ 1012.120104][T12858] tcf_gact_init+0x342/0x570 [ 1012.124695][T12858] tcf_action_init_1+0x3ff/0x6b0 [ 1012.129627][T12858] tcf_action_init+0x233/0x7a0 [ 1012.134389][T12858] tcf_exts_validate+0x24a/0x580 [ 1012.139324][T12858] mall_set_parms+0x48/0x520 [ 1012.143913][T12858] mall_change+0x478/0x760 [ 1012.148480][T12858] tc_new_tfilter+0x142f/0x19b0 [ 1012.153350][T12858] rtnetlink_rcv_msg+0x871/0xce0 [ 1012.158300][T12858] netlink_rcv_skb+0x1f5/0x440 [ 1012.163070][T12858] rtnetlink_rcv+0x1c/0x20 [ 1012.167489][T12858] netlink_unicast+0x876/0xa40 [ 1012.172249][T12858] netlink_sendmsg+0x879/0xb80 [ 1012.177009][T12858] ____sys_sendmsg+0x5b7/0x8f0 [ 1012.181768][T12858] ___sys_sendmsg+0x236/0x2e0 [ 1012.186440][T12858] __x64_sys_sendmsg+0x206/0x2f0 [ 1012.191373][T12858] x64_sys_call+0x4b/0x9a0 [ 1012.195789][T12858] do_syscall_64+0x4c/0xa0 [ 1012.200203][T12858] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1012.206091][T12858] [ 1012.208410][T12858] Last potentially related work creation: [ 1012.214238][T12858] kasan_save_stack+0x3a/0x60 [ 1012.218941][T12858] __kasan_record_aux_stack+0xd2/0x100 [ 1012.224408][T12858] kasan_record_aux_stack_noalloc+0xb/0x10 [ 1012.230218][T12858] kvfree_call_rcu+0xb6/0x840 [ 1012.234964][T12858] ip_ma_put+0xf7/0x140 [ 1012.239138][T12858] __ip_mc_dec_group+0x44e/0x520 [ 1012.244071][T12858] ip_mc_down+0x1b0/0x240 [ 1012.248396][T12858] inetdev_event+0x2c6/0x10a0 [ 1012.253067][T12858] raw_notifier_call_chain+0x90/0x100 [ 1012.258503][T12858] __dev_notify_flags+0x241/0x560 [ 1012.263538][T12858] dev_change_flags+0xe8/0x1a0 [ 1012.268300][T12858] dev_ifsioc+0x130/0xd50 [ 1012.272656][T12858] dev_ioctl+0x546/0xd00 [ 1012.276893][T12858] sock_do_ioctl+0x241/0x310 [ 1012.281568][T12858] sock_ioctl+0x4a1/0x6e0 [ 1012.285893][T12858] __se_sys_ioctl+0x121/0x1a0 [ 1012.290600][T12858] __x64_sys_ioctl+0x7b/0x90 [ 1012.295186][T12858] x64_sys_call+0x2f/0x9a0 [ 1012.299601][T12858] do_syscall_64+0x4c/0xa0 [ 1012.304015][T12858] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1012.309907][T12858] [ 1012.312228][T12858] Second to last potentially related work creation: [ 1012.318805][T12858] kasan_save_stack+0x3a/0x60 [ 1012.323488][T12858] __kasan_record_aux_stack+0xd2/0x100 [ 1012.328966][T12858] kasan_record_aux_stack_noalloc+0xb/0x10 [ 1012.334794][T12858] call_rcu+0x10b/0xf80 [ 1012.338952][T12858] neigh_parms_release+0x1dd/0x220 [ 1012.344076][T12858] addrconf_ifdown+0x1630/0x18d0 [ 1012.349117][T12858] addrconf_notify+0x3bd/0xde0 [ 1012.353916][T12858] raw_notifier_call_chain+0x90/0x100 [ 1012.359293][T12858] unregister_netdevice_many+0x10a1/0x1aa0 [ 1012.365106][T12858] default_device_exit_batch+0x35e/0x3c0 [ 1012.370739][T12858] cleanup_net+0x60a/0xae0 [ 1012.375156][T12858] process_one_work+0x6be/0xba0 [ 1012.380043][T12858] worker_thread+0xa59/0x1200 [ 1012.384719][T12858] kthread+0x411/0x500 [ 1012.388786][T12858] ret_from_fork+0x1f/0x30 [ 1012.393203][T12858] [ 1012.395614][T12858] The buggy address belongs to the object at ffff88810ab70500 [ 1012.395614][T12858] which belongs to the cache kmalloc-192 of size 192 [ 1012.409750][T12858] The buggy address is located 0 bytes to the right of [ 1012.409750][T12858] 192-byte region [ffff88810ab70500, ffff88810ab705c0) [ 1012.423367][T12858] The buggy address belongs to the page: [ 1012.428990][T12858] page:ffffea00042adc00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10ab70 [ 1012.439238][T12858] flags: 0x4000000000000200(slab|zone=1) [ 1012.444881][T12858] raw: 4000000000000200 dead000000000100 dead000000000122 ffff888100042c00 [ 1012.453461][T12858] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 1012.462033][T12858] page dumped because: kasan: bad access detected [ 1012.468460][T12858] page_owner tracks the page as allocated [ 1012.474169][T12858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12c00(GFP_NOIO|__GFP_NOWARN|__GFP_NORETRY), pid 1, ts 2187874623, free_ts 0 [ 1012.488840][T12858] post_alloc_hook+0x192/0x1b0 [ 1012.493631][T12858] prep_new_page+0x1c/0x110 [ 1012.498131][T12858] get_page_from_freelist+0x2d3a/0x2dc0 [ 1012.503701][T12858] __alloc_pages+0x1a2/0x460 [ 1012.508288][T12858] new_slab+0xa1/0x4d0 [ 1012.512357][T12858] ___slab_alloc+0x381/0x810 [ 1012.516946][T12858] __slab_alloc+0x49/0x90 [ 1012.521272][T12858] __kmalloc+0x16a/0x2c0 [ 1012.525517][T12858] bio_kmalloc+0x52/0x240 [ 1012.529891][T12858] blk_rq_map_kern+0x1e0/0x870 [ 1012.534681][T12858] __scsi_execute+0xe4/0x5a0 [ 1012.539314][T12858] scsi_probe_and_add_lun+0x40f/0x3650 [ 1012.544798][T12858] __scsi_scan_target+0x1d2/0xb70 [ 1012.549820][T12858] scsi_scan_host_selected+0x343/0x5f0 [ 1012.555279][T12858] scsi_scan_host+0x39e/0x660 [ 1012.559952][T12858] virtscsi_probe+0x8ba/0xa30 [ 1012.564663][T12858] page_owner free stack trace missing [ 1012.570023][T12858] [ 1012.572340][T12858] Memory state around the buggy address: [ 1012.577960][T12858] ffff88810ab70480: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 1012.586014][T12858] ffff88810ab70500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1012.594155][T12858] >ffff88810ab70580: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 1012.602212][T12858] ^ [ 1012.608357][T12858] ffff88810ab70600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1012.616412][T12858] ffff88810ab70680: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc [ 1012.624462][T12858] ================================================================== [ 1012.632514][T12858] Disabling lock debugging due to kernel taint [ 1012.754970][ T101] loop2: p1 p2 p3 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 [ 1012.755485][ T101] loop2: p2 size 458752 extends beyond EOD, truncated [ 1012.850896][ T101] loop2: p6 size 458752 extends beyond EOD, truncated [ 1012.858482][ T101] loop2: p8 size 458752 extends beyond EOD, truncated [ 1012.866140][ T101] loop2: p10 size 458752 extends beyond EOD, truncated [ 1012.873947][ T101] loop2: p12 size 458752 extends beyond EOD, truncated [ 1012.881508][ T101] loop2: p14 size 458752 extends beyond EOD, truncated [ 1012.889188][ T101] loop2: p16 size 458752 extends beyond EOD, truncated [ 1012.896808][ T101] loop2: p18 size 458752 extends beyond EOD, truncated [ 1012.904355][ T101] loop2: p20 size 458752 extends beyond EOD, truncated [ 1012.911926][ T101] loop2: p22 size 458752 extends beyond EOD, truncated [ 1012.919491][ T101] loop2: p24 size 458752 extends beyond EOD, truncated [ 1012.927086][ T101] loop2: p26 size 458752 extends beyond EOD, truncated [ 1012.934710][ T101] loop2: p28 size 458752 extends beyond EOD, truncated [ 1012.942362][ T101] loop2: p30 size 458752 extends beyond EOD, truncated [ 1012.949922][ T101] loop2: p32 size 458752 extends beyond EOD, truncated [ 1012.957373][ T101] loop2: p34 size 458752 extends beyond EOD, truncated [ 1012.965092][ T101] loop2: p36 size 458752 extends beyond EOD, truncated [ 1012.972940][ T101] loop2: p38 size 458752 extends beyond EOD, truncated [ 1012.980492][ T101] loop2: p40 size 458752 extends beyond EOD, truncated [ 1012.987986][ T101] loop2: p42 size 458752 extends beyond EOD, truncated [ 1012.995517][ T101] loop2: p44 size 458752 extends beyond EOD, truncated [ 1013.003362][ T101] loop2: p46 size 458752 extends beyond EOD, truncated [ 1013.010901][ T101] loop2: p48 size 458752 extends beyond EOD, truncated [ 1013.018318][ T101] loop2: p50 size 458752 extends beyond EOD, truncated [ 1013.026026][ T101] loop2: p52 size 458752 extends beyond EOD, truncated [ 1013.033574][ T101] loop2: p54 size 458752 extends beyond EOD, truncated [ 1013.041156][ T101] loop2: p56 size 458752 extends beyond EOD, truncated [ 1013.048586][ T101] loop2: p58 size 458752 extends beyond EOD, truncated [ 1013.056134][ T101] loop2: p60 size 458752 extends beyond EOD, truncated [ 1013.063654][ T101] loop2: p62 size 458752 extends beyond EOD, truncated [ 1013.071145][ T101] loop2: p64 size 458752 extends beyond EOD, truncated [ 1013.078623][ T101] loop2: p66 size 458752 extends beyond EOD, truncated [ 1013.086132][ T101] loop2: p68 size 458752 extends beyond EOD, truncated [ 1013.093653][ T101] loop2: p70 size 458752 extends beyond EOD, truncated [ 1013.101144][ T101] loop2: p72 size 458752 extends beyond EOD, truncated [ 1013.108534][ T101] loop2: p74 size 458752 extends beyond EOD, truncated [ 1013.116025][ T101] loop2: p76 size 458752 extends beyond EOD, truncated [ 1013.123566][ T101] loop2: p78 size 458752 extends beyond EOD, truncated [ 1013.131064][ T101] loop2: p80 size 458752 extends beyond EOD, truncated [ 1013.138457][ T101] loop2: p82 size 458752 extends beyond EOD, truncated [ 1013.145989][ T101] loop2: p84 size 458752 extends beyond EOD, truncated [ 1013.153495][ T101] loop2: p86 size 458752 extends beyond EOD, truncated [ 1013.161060][ T101] loop2: p88 size 458752 extends beyond EOD, truncated [ 1013.168531][ T101] loop2: p90 size 458752 extends beyond EOD, truncated [ 1013.176149][ T101] loop2: p92 size 458752 extends beyond EOD, truncated [ 1013.183892][ T101] loop2: p94 size 458752 extends beyond EOD, truncated [ 1013.191610][ T101] loop2: p96 size 458752 extends beyond EOD, truncated [ 1013.199126][ T101] loop2: p98 size 458752 extends beyond EOD, truncated [ 1013.206676][ T101] loop2: p100 size 458752 extends beyond EOD, truncated [ 1013.214347][ T101] loop2: p102 size 458752 extends beyond EOD, truncated [ 1013.221979][ T101] loop2: p104 size 458752 extends beyond EOD, truncated [ 1013.229603][ T101] loop2: p106 size 458752 extends beyond EOD, truncated [ 1013.237160][ T101] loop2: p108 size 458752 extends beyond EOD, truncated [ 1013.244808][ T101] loop2: p110 size 458752 extends beyond EOD, truncated [ 1013.252438][ T101] loop2: p112 size 458752 extends beyond EOD, truncated [ 1013.260110][ T101] loop2: p114 size 458752 extends beyond EOD, truncated [ 1013.267509][ T101] loop2: p116 size 458752 extends beyond EOD, truncated [ 1013.275192][ T101] loop2: p118 size 458752 extends beyond EOD, truncated [ 1013.282874][ T101] loop2: p120 size 458752 extends beyond EOD, truncated [ 1013.290502][ T101] loop2: p122 size 458752 extends beyond EOD, truncated [ 1013.298030][ T101] loop2: p124 size 458752 extends beyond EOD, truncated [ 1013.305862][ T101] loop2: p126 size 458752 extends beyond EOD, truncated [ 1013.313449][ T101] loop2: p128 size 458752 extends beyond EOD, truncated [ 1013.321076][ T101] loop2: p130 size 458752 extends beyond EOD, truncated [ 1013.328585][ T101] loop2: p132 size 458752 extends beyond EOD, truncated [ 1013.336213][ T101] loop2: p134 size 458752 extends beyond EOD, truncated [ 1013.343900][ T101] loop2: p136 size 458752 extends beyond EOD, truncated [ 1013.351582][ T101] loop2: p138 size 458752 extends beyond EOD, truncated [ 1013.359344][ T101] loop2: p140 size 458752 extends beyond EOD, truncated [ 1013.367313][ T101] loop2: p142 size 458752 extends beyond EOD, truncated [ 1013.375050][ T101] loop2: p144 size 458752 extends beyond EOD, truncated [ 1013.383181][ T101] loop2: p146 size 458752 extends beyond EOD, truncated [ 1013.391006][ T101] loop2: p148 size 458752 extends beyond EOD, truncated [ 1013.398529][ T101] loop2: p150 size 458752 extends beyond EOD, truncated [ 1013.406155][ T101] loop2: p152 size 458752 extends beyond EOD, truncated [ 1013.413985][ T101] loop2: p154 size 458752 extends beyond EOD, truncated [ 1013.421626][ T101] loop2: p156 size 458752 extends beyond EOD, truncated [ 1013.429361][ T101] loop2: p158 size 458752 extends beyond EOD, truncated [ 1013.436985][ T101] loop2: p160 size 458752 extends beyond EOD, truncated [ 1013.444633][ T101] loop2: p162 size 458752 extends beyond EOD, truncated [ 1013.452335][ T101] loop2: p164 size 458752 extends beyond EOD, truncated [ 1013.460002][ T101] loop2: p166 size 458752 extends beyond EOD, truncated [ 1013.467519][ T101] loop2: p168 size 458752 extends beyond EOD, truncated [ 1013.475154][ T101] loop2: p170 size 458752 extends beyond EOD, truncated [ 1013.482746][ T101] loop2: p172 size 458752 extends beyond EOD, truncated [ 1013.490367][ T101] loop2: p174 size 458752 extends beyond EOD, truncated [ 1013.497871][ T101] loop2: p176 size 458752 extends beyond EOD, truncated [ 1013.505488][ T101] loop2: p178 size 458752 extends beyond EOD, truncated [ 1013.513104][ T101] loop2: p180 size 458752 extends beyond EOD, truncated [ 1013.520718][ T101] loop2: p182 size 458752 extends beyond EOD, truncated [ 1013.528543][ T101] loop2: p184 size 458752 extends beyond EOD, truncated [ 1013.536205][ T101] loop2: p186 size 458752 extends beyond EOD, truncated [ 1013.543818][ T101] loop2: p188 size 458752 extends beyond EOD, truncated [ 1013.551768][ T101] loop2: p190 size 458752 extends beyond EOD, truncated [ 1013.559391][ T101] loop2: p192 size 458752 extends beyond EOD, truncated [ 1013.566957][ T101] loop2: p194 size 458752 extends beyond EOD, truncated [ 1013.574554][ T101] loop2: p196 size 458752 extends beyond EOD, truncated [ 1013.582272][ T101] loop2: p198 size 458752 extends beyond EOD, truncated [ 1013.589922][ T101] loop2: p200 size 458752 extends beyond EOD, truncated [ 1013.597438][ T101] loop2: p202 size 458752 extends beyond EOD, truncated [ 1013.605094][ T101] loop2: p204 size 458752 extends beyond EOD, truncated [ 1013.612716][ T101] loop2: p206 size 458752 extends beyond EOD, truncated [ 1013.620406][ T101] loop2: p208 size 458752 extends beyond EOD, truncated [ 1013.627955][ T101] loop2: p210 size 458752 extends beyond EOD, truncated [ 1013.635672][ T101] loop2: p212 size 458752 extends beyond EOD, truncated [ 1013.643313][ T101] loop2: p214 size 458752 extends beyond EOD, truncated [ 1013.650946][ T101] loop2: p216 size 458752 extends beyond EOD, truncated [ 1013.658466][ T101] loop2: p218 size 458752 extends beyond EOD, truncated [ 1013.666470][ T101] loop2: p220 size 458752 extends beyond EOD, truncated [ 1013.674791][ T101] loop2: p222 size 458752 extends beyond EOD, truncated [ 1013.682469][ T101] loop2: p224 size 458752 extends beyond EOD, truncated [ 1013.690154][ T101] loop2: p226 size 458752 extends beyond EOD, truncated [ 1013.697722][ T101] loop2: p228 size 458752 extends beyond EOD, truncated [ 1013.705568][ T101] loop2: p230 size 458752 extends beyond EOD, truncated [ 1013.713248][ T101] loop2: p232 size 458752 extends beyond EOD, truncated [ 1013.720968][ T101] loop2: p234 size 458752 extends beyond EOD, truncated [ 1013.728534][ T101] loop2: p236 size 458752 extends beyond EOD, truncated [ 1013.736192][ T101] loop2: p238 size 458752 extends beyond EOD, truncated [ 1013.743798][ T101] loop2: p240 size 458752 extends beyond EOD, truncated [ 1013.751416][ T101] loop2: p242 size 458752 extends beyond EOD, truncated [ 1013.758997][ T101] loop2: p244 size 458752 extends beyond EOD, truncated [ 1013.766640][ T101] loop2: p246 size 458752 extends beyond EOD, truncated [ 1013.774250][ T101] loop2: p248 size 458752 extends beyond EOD, truncated [ 1013.781855][ T101] loop2: p250 size 458752 extends beyond EOD, truncated [ 1013.789485][ T101] loop2: p252 size 458752 extends beyond EOD, truncated [ 1013.797038][ T101] loop2: p254 size 458752 extends beyond EOD, truncated [ 1013.906097][T12531] udevd[12531]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 1013.906611][T12285] udevd[12285]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 1013.917362][T12530] udevd[12530]: inotify_add_watch(7, /dev/loop2p6, 10) failed: No such file or directory [ 1013.926986][T12290] udevd[12290]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 1013.946832][T12467] udevd[12467]: inotify_add_watch(7, /dev/loop2p5, 10) failed: No such file or directory [ 1013.999168][T12531] udevd[12531]: inotify_add_watch(7, /dev/loop2p15, 10) failed: No such file or directory [ 1014.003004][T12285] udevd[12285]: inotify_add_watch(7, /dev/loop2p14, 10) failed: No such file or directory [ 1014.041864][T12864] udevd[12864]: inotify_add_watch(7, /dev/loop2p10, 10) failed: No such file or directory [ 1014.052479][T12531] udevd[12531]: inotify_add_watch(7, /dev/loop2p19, 10) failed: No such file or directory [ 1014.053083][T12290] udevd[12290]: inotify_add_watch(7, /dev/loop2p16, 10) failed: No such file or directory