last executing test programs:

3m14.574414093s ago: executing program 4 (id=19):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x8d, 0x0, 0x0, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x0, 0x0, 0x0, 0x98, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000300)={0x0, 0xf, 0x800}, 0x10, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000380)=[{0x5, 0x4, 0x10, 0x7}], 0x10, 0x3}, 0x94)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000004c0)=@generic={&(0x7f0000000040)='./file0\x00', r3}, 0x18)
pipe(0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x2, 0x2, 0x9, 0x0, 0x5, 0x0, 0x3, 0x7, 0x6, 0xb, 0x6, 0x62, 0x0, 0x100, 0x562, 0x7, 0x0, 0xc, 0x80, '\x00', 0xed, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m13.964219967s ago: executing program 4 (id=25):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x5, @loopback, 0x5d96}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0xb, @loopback, 0x52}, 0x1c, &(0x7f0000000d80)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x240480c3)
r2 = dup(r1)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000980)='veth0_to_bridge\x00', 0x10)
write$P9_RATTACH(r1, &(0x7f00000002c0)={0x14, 0x69, 0x2, {0x4, 0x2, 0x6}}, 0x14)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x111, 0xa}}, 0x20)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000300)={0x1, 0xbd, 0x202, 0x4, 0x0, 0x1, 0x49, 0x3}, 0x20)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=@gettaction={0x14, 0x32, 0x100, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x2000c800}, 0x2400c800)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff6, @empty, 0x7f}}, 0x1000000, 0x31, 0xffff1896, 0x3, 0x6, 0x8, 0x6}, 0x9c)

3m13.857428527s ago: executing program 4 (id=27):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002800), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
r1 = eventfd2(0x0, 0x0)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000100)={0x0, r1})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001940))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000001740)=""/192, &(0x7f0000000140)=""/92, 0x4000})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=""/4096})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

3m12.929389468s ago: executing program 4 (id=37):
r0 = getpid()
syz_pidfd_open(r0, 0x0)
socket$unix(0x1, 0x5, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mkdir(&(0x7f0000000280)='./file0/file1\x00', 0xb)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000400)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
mount$bind(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000180)='./file0/file1\x00', 0x0, 0x2243005, 0x0)

3m12.724263977s ago: executing program 4 (id=40):
close(0x3)
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000006c0)=@sack_info={r2, 0x40, 0xfffffbff}, &(0x7f0000000240)=0xc)

3m12.321713612s ago: executing program 4 (id=46):
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, 0x0, 0x0)
sendmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x34008880)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x0, 0x0})
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x1000000, &(0x7f00000000c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20088080)
io_uring_setup(0x1d31, &(0x7f0000000040)={0x0, 0xc8a3, 0xc001, 0x8, 0xc1})

3m12.132310328s ago: executing program 32 (id=46):
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, 0x0, 0x0)
sendmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x34008880)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x0, 0x0})
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x1000000, &(0x7f00000000c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20088080)
io_uring_setup(0x1d31, &(0x7f0000000040)={0x0, 0xc8a3, 0xc001, 0x8, 0xc1})

3m4.464626213s ago: executing program 0 (id=111):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="85000000130000005d0000000000000095000000000000000a621cf434b9eaafdc0a00e9bfde908990817b364e51afe9c81a97f0570759f1cae63487ff68fffffffffffe8e3932e2b7185a25a4cf8a9456aa8a701c318c67edb6e9330b53c0eeba8644311ba75411890700000000000000d8e5b1dc91c5499bea0977"], &(0x7f0000000000)='GPL\x00', 0x5, 0x487, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0x10, 0x0, &(0x7f0000000380)="263abd030e98ff4dc870bd6688a86408", 0x0, 0x1200}, 0x50)

3m4.145717151s ago: executing program 0 (id=114):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f0000000140)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c0d23266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x3}, {}, {0xeda7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]})
openat$ptp0(0xffffffffffffff9c, 0x0, 0x481, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x20000000, 0x3, 0xfffffffffffffffc, 0x0, 0x0, 0x2004cb, 0x3, 0x0, 0xfffffffffffffff8, 0x9, 0xfffffffffffff2a7, 0x2000000000003ff, 0x2], 0x0, 0x200306})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m3.385329848s ago: executing program 0 (id=121):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/cpuinfo\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000240)={0xa, 0x4c26, 0x3, @empty, 0x20000005}, 0x1c)
sendfile(r1, r0, 0x0, 0x10000000200008)
setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000040), 0x4)

3m3.209555383s ago: executing program 0 (id=123):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)

3m3.01483321s ago: executing program 0 (id=125):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1e, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000791218"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1a, 0x4, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41000, 0x43, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0x10, &(0x7f00000004c0)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x80000000000, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x4040040}, 0x20000010)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x100, 0x5, 0x2, 0x4002, 0x5, 0x37, 0xefffffffffffffff, 0x0, 0x0, 0x2000001, 0xfffffffface6e3cd, 0x40000000001c, 0x1, 0xffffffffffffffff, 0xfd]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m1.985169471s ago: executing program 0 (id=131):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
write$sndseq(r1, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x20, @time, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {0xfc}, {}, @raw8={"448cc880fe353ca0f2c2e953"}}, {0x0, 0x0, 0x0, 0x0, @time, {0xfd}, {}, @connect}], 0xc4)
write$sndseq(r1, &(0x7f0000000640)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {0x8}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control={0x6, 0x7fff, 0x8}}, {0x0, 0x0, 0x0, 0x0, @time={0xffffff81}, {}, {}, @time=@time}], 0x8c)
write$sndseq(r1, &(0x7f0000002840)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x54)
write$sndseq(r1, &(0x7f0000000300)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}], 0xc4)
write$sndseq(r1, &(0x7f0000000a40)=[{0x0, 0x0, 0x0, 0x0, @tick=0x8}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}], 0x8c)
write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}], 0x54)
write$sndseq(r1, &(0x7f0000000f80)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @addr}, {}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}], 0xc4)
write$sndseq(r1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time}], 0x8c)
write$sndseq(r1, &(0x7f0000000740)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @result}], 0x8c)
write$sndseq(r1, &(0x7f0000000b00)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @result}, {}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"b5f8fbe8c20c855083221c33"}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0xc4)
write$sndseq(r1, &(0x7f00000004c0), 0x0)

3m1.77007358s ago: executing program 33 (id=131):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
write$sndseq(r1, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x20, @time, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {0xfc}, {}, @raw8={"448cc880fe353ca0f2c2e953"}}, {0x0, 0x0, 0x0, 0x0, @time, {0xfd}, {}, @connect}], 0xc4)
write$sndseq(r1, &(0x7f0000000640)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {0x8}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control={0x6, 0x7fff, 0x8}}, {0x0, 0x0, 0x0, 0x0, @time={0xffffff81}, {}, {}, @time=@time}], 0x8c)
write$sndseq(r1, &(0x7f0000002840)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x54)
write$sndseq(r1, &(0x7f0000000300)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}], 0xc4)
write$sndseq(r1, &(0x7f0000000a40)=[{0x0, 0x0, 0x0, 0x0, @tick=0x8}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}], 0x8c)
write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}], 0x54)
write$sndseq(r1, &(0x7f0000000f80)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @addr}, {}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}], 0xc4)
write$sndseq(r1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time}], 0x8c)
write$sndseq(r1, &(0x7f0000000740)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @result}], 0x8c)
write$sndseq(r1, &(0x7f0000000b00)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @result}, {}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"b5f8fbe8c20c855083221c33"}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0xc4)
write$sndseq(r1, &(0x7f00000004c0), 0x0)

2m26.141697964s ago: executing program 1 (id=441):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0))
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
syz_usb_connect(0x3, 0x62, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000fb5d7d086d04c308166b0102030109025000010000000009041f0000ff0100000a24010400050201020724070500000508240805040004960d2406010103020001000600060924030505030605810924030601030405050724040501", @ANYRES32=r0], 0x0)

2m21.75316907s ago: executing program 1 (id=443):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x40, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xe}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x5, 0x7, 0xb3}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@newqdisc={0x58, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xffffbddc, {0x0, 0x0, 0x0, r5, {0x10}, {}, {0xe, 0x1}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x200000, 0xe, 0x7, 0x7, 0x9, 0x40, 0xffffffff, 0x2}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4040098}, 0x4000)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r7, &(0x7f0000000140)="bad330fbc9b5544972e7a5ea0756", 0x1d, 0x40, &(0x7f00000001c0)={0x11, 0x1a, r6, 0x1, 0xd8, 0x6, @random="98c8ca7122df"}, 0x14)

2m21.41545845s ago: executing program 1 (id=449):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000280), 0x9)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000400)={r2, 0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000400)={r4, 0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$sock_attach_bpf(r3, 0x1, 0x4c, 0x0, 0x0)

2m20.50125196s ago: executing program 1 (id=452):
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
setns(0xffffffffffffffff, 0x24020000)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
syz_clone(0x498144ee5762a149, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)

2m20.381243341s ago: executing program 1 (id=453):
r0 = socket$packet(0x11, 0x3, 0x300)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000001100)={0x2, 0x8000}, 0x4)

2m19.551315124s ago: executing program 1 (id=458):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[], 0x9)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x34014c40, 0xb3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2m19.313676205s ago: executing program 34 (id=458):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[], 0x9)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x34014c40, 0xb3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1m58.945827106s ago: executing program 7 (id=592):
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000680)={0x0, 0x2b, 0x0, [0x5, 0x80000000, 0x1, 0x1d, 0x5], [0x1, 0x0, 0x7, 0x200000001, 0x2, 0xf, 0x5, 0x9, 0x1, 0x1, 0x85, 0xf, 0xffc, 0x7c75, 0x4000000e, 0x84, 0x0, 0x1003ff, 0x400000093a, 0x5, 0x5, 0x2, 0xb3, 0x80000000, 0xf8, 0x10000, 0x7, 0x3, 0x1, 0x8, 0xc, 0x0, 0x80000000, 0x5, 0xffff, 0xfffffffffffffffe, 0x4000000000000f0, 0x1ff, 0x0, 0x800000000000000, 0x2, 0x6, 0x7fff, 0x5, 0x3, 0x1000002, 0x6, 0xfff, 0x3, 0xfc4, 0x100000003, 0xcb17, 0x1004005, 0x80000001, 0x8000000000000001, 0x40000000000756, 0x6, 0x1, 0x4, 0x3, 0x20000008, 0x6, 0x1ff, 0xba5, 0x6, 0x3, 0x100008, 0x7fffffffffffffff, 0x1, 0x1000001, 0x802, 0x5, 0xfff, 0xfffffffffffffff8, 0x101, 0x400000000000000, 0x9, 0x8, 0x638, 0x4, 0x2, 0x8000000000000000, 0x8, 0x48, 0x1002, 0x7, 0x7, 0x10000000007, 0xd5, 0x8, 0x5, 0x9, 0x49, 0x8, 0x14c, 0xb, 0x26, 0x8, 0x6, 0x80, 0x0, 0x3, 0x402, 0x6, 0x5, 0x8000, 0x8000000003, 0x0, 0xffff, 0x1, 0x19, 0x8, 0x200000000c, 0x8, 0x0, 0x2, 0xffef, 0xfb, 0x1, 0xaf, 0xd8]})
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000e40), 0x1, 0x0)
r1 = dup(r0)
ioctl$PTP_EXTTS_REQUEST2(r1, 0xc0603d06, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x108)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
unshare(0x28000600)
ioctl$FS_IOC_RESVSP(r3, 0xc0189436, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x5f, 0x3})

1m58.720360906s ago: executing program 7 (id=593):
r0 = socket(0xa, 0x3, 0x3a)
getsockopt$inet6_int(r0, 0x29, 0x24, 0x0, &(0x7f0000000180))

1m58.485400517s ago: executing program 7 (id=596):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000380)=@delqdisc={0x434, 0x25, 0x100, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0xc}, {0xa, 0x7}, {0x7, 0x3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x3, 0xfffffff8, 0x4, 0x40, 0x2, 0x2, 0xffff, 0x7fff, 0x4, 0x1, 0x7, 0x1c8, 0x7, 0x0, 0x5, 0x1, 0x8, 0x8, 0x9, 0x9, 0xf5, 0x200, 0x1, 0x5, 0x6, 0xfff, 0x9, 0x1, 0x80, 0x10000, 0x0, 0x6, 0xff, 0x4, 0x6, 0x9, 0xe6bf, 0x2, 0x65, 0x6, 0x5, 0x71, 0x1f146d7e, 0x80000001, 0x89, 0xe9, 0x80000001, 0x2, 0xff, 0x8, 0xffff8dc2, 0x400, 0x0, 0x2, 0xffff, 0x10001, 0x3ff, 0x0, 0x8, 0xa000000, 0x0, 0x5, 0x8, 0x3, 0x4, 0x401, 0x5, 0x8, 0x4ad1, 0x1, 0x25b1, 0x5, 0xfff, 0x0, 0xe, 0xffffffff, 0x7, 0x5, 0x3ff, 0xfff, 0x8, 0xf, 0x0, 0x4, 0x626cfd3b, 0x0, 0x60df8662, 0x2, 0x5, 0x4, 0xc6, 0x8, 0x7, 0xfffffffa, 0x9, 0x4, 0xffffffff, 0xa80, 0x0, 0x7, 0x2, 0xffff8000, 0xff, 0x8, 0x7, 0xc, 0xfdc1, 0x77f, 0x4, 0xfffffff0, 0x4, 0x7fff, 0x40, 0x1, 0x1f1f, 0x3, 0x665195e5, 0x5, 0x7, 0x5, 0x8, 0x7, 0x4, 0x800, 0x101, 0x400, 0x2, 0x6, 0xd, 0x9, 0x7, 0xc5, 0x99, 0x4, 0x2e9, 0x4, 0x3, 0x0, 0xfffffffe, 0x7, 0x80000000, 0x8, 0x0, 0x4, 0x37, 0x4, 0x34, 0x2, 0x2, 0x3, 0x6, 0x1, 0x690c, 0x328d, 0x9, 0x2, 0x5, 0x8, 0x5, 0x5597, 0x3, 0x4, 0x7fff, 0x62, 0xf6, 0x5, 0x0, 0x7fffffff, 0xd, 0x809, 0x2, 0x100, 0x6, 0x101, 0x5, 0x2, 0x3, 0x4, 0xfc8d, 0x8, 0x3ff, 0x3, 0x0, 0x3, 0x5, 0x9, 0x5, 0x8000, 0x1, 0x7, 0x20000, 0x4, 0x2, 0x9f81, 0x65, 0x4, 0x0, 0x7ff, 0x4, 0x6, 0x7, 0xd92, 0x40, 0xfff, 0xe1, 0x8, 0x426, 0x5, 0x9, 0x1, 0x1000, 0x9, 0x36ae765f, 0x401, 0x9, 0x200000, 0x3, 0x4, 0x5, 0x0, 0x89, 0x5, 0x80000000, 0x9c4, 0x1, 0x41632842, 0x6, 0x10, 0x2, 0x8001, 0x5, 0x100, 0x8, 0x9, 0xfe64, 0xd, 0x1c2, 0x2, 0x6, 0x2, 0x80000001, 0xa, 0x6, 0xfffffffc, 0x5, 0x3, 0x7f, 0x8001, 0x5, 0xfffffff4, 0x6, 0x8001, 0x10001, 0x5, 0x4, 0x1]}]}}]}, 0x434}, 0x1, 0x0, 0x0, 0x40000}, 0x8010)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

1m58.381405786s ago: executing program 7 (id=599):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000e80)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26765ba5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbdf8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d9447c4df6e21ee0e54f8be072e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)

1m58.231143139s ago: executing program 7 (id=600):
socket$nl_generic(0x10, 0x3, 0x10)
ptrace(0x10, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a602"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="03000000040000000400000007"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x7, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000218100000", @ANYRES32=r0, @ANYBLOB="000000000000000018100000", @ANYRES32=r1, @ANYBLOB="000000000000000095"], &(0x7f0000000a00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)

1m58.029719797s ago: executing program 7 (id=606):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r0 = socket(0x10, 0x803, 0x0)
setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f0000000000)=0x6, 0x4)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000014c0), 0x3ffffffffffff42, 0x162, 0x0)

1m42.498597343s ago: executing program 35 (id=606):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r0 = socket(0x10, 0x803, 0x0)
setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f0000000000)=0x6, 0x4)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000014c0), 0x3ffffffffffff42, 0x162, 0x0)

17.749589339s ago: executing program 8 (id=1092):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x20000, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x800810, &(0x7f0000000180)={[{@nobh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x183042, 0x15)
fallocate(r1, 0x20, 0x0, 0x8000)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000140)={'veth1_to_hsr\x00', @broadcast})
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x1000000)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f0000000080)={0x8001, 0x9, 0xec})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3800000010005fba00"/20, @ANYRES32=0x0, @ANYBLOB="800002010800000008001b000000000008000d"], 0x38}}, 0x0)
preadv(r3, &(0x7f0000000340)=[{&(0x7f0000000000)=""/30, 0x1e}], 0x1, 0x8, 0x2)

14.655684021s ago: executing program 5 (id=1118):
fanotify_init(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
sched_setaffinity(r1, 0x0, 0x0)
socket(0x10, 0x2, 0x0)
r3 = syz_clone(0x21200600, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace(0x8, r3)
waitid(0x0, 0x0, 0x0, 0xe, 0x0)

13.888355958s ago: executing program 5 (id=1120):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005938d74010973077339600000001090212000100001e000904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000900)={0x44, &(0x7f0000000600)={0x0, 0x16, 0x6, "252dd45a148e"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000400)={0x34, &(0x7f00000001c0)={0x20, 0x0, 0x2, "81e6"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, &(0x7f0000000180)={0x14, 0x0, 0x0}, 0x0)

13.773652188s ago: executing program 8 (id=1122):
r0 = socket(0x10, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x34, 0x2, 0x3, 0x201, 0x0, 0x0, {0x5, 0x0, 0x3}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x25}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x7ff}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x20}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x10}]}, 0x34}, 0x1, 0x0, 0x0, 0x4018045}, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r5, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x62, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r5, 0x40505330, &(0x7f00000001c0)={0x800000, 0x80, 0x63, 0x4, 0x3ffd, 0x7})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r5, 0x40505330, &(0x7f0000000300)={0x800080, 0x7ff, 0x2, 0xfff, 0xfd, 0x4})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@bridge_newneigh={0x28, 0x1c, 0x1, 0x70bd29, 0x25dfdbfe, {0x7, 0x0, 0x0, 0x0, 0x80, 0x7e, 0x6}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000094}, 0x44)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000003840), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, 0x0)
sendmsg$NL80211_CMD_AUTHENTICATE(r7, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40010}, 0x4000)
unshare(0x6020400)
r9 = syz_open_dev$loop(0x0, 0x5, 0x0)
setsockopt$sock_timeval(r0, 0x1, 0x43, &(0x7f0000000240), 0x10)
fadvise64(r9, 0x4, 0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00'})

13.52602796s ago: executing program 3 (id=1124):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0, <r1=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1a, 0x4, &(0x7f0000000040)=ANY=[@ANYRES32=r0, @ANYRESOCT=r1], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x43, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x80000000000, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040040}, 0x20000010)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x100, 0x5, 0x2, 0x4002, 0x5, 0x37, 0xefffffffffffffff, 0x0, 0x0, 0x2000001, 0xfffffffface6e3cd, 0x40000000001c, 0x1, 0xffffffffffffffff, 0xfd]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

12.551234976s ago: executing program 8 (id=1126):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000106a053103000000000001090224000100008000090400101c0300010009210000000122f804090581"], 0x0)
syz_usb_ep_read(r0, 0x81, 0xda, &(0x7f0000000180)=""/218)
syz_usb_control_io$hid(r0, 0x0, 0x0)

12.38974863s ago: executing program 3 (id=1128):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr, @struct={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}]}}, 0x0, 0x3e}, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)

12.311876987s ago: executing program 3 (id=1130):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x11, r2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000006c0)={0x1, &(0x7f0000000500)=[{0x6, 0x43, 0x0, 0x7fff0000}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

12.153555471s ago: executing program 2 (id=1132):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0xa45, @dev={0xfe, 0x80, '\x00', 0x23}, 0x1003}, 0x1c)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e26, 0x10000, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2c}}, 0x4}, 0x1c)

12.011296923s ago: executing program 6 (id=1133):
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000280)=""/81, 0x51)

11.241647831s ago: executing program 2 (id=1134):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000003740)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000002c0)="2394be1bea", 0x5}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x40805)
shutdown(r0, 0x1)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r0, 0x0, r1, 0x0, 0x39000, 0x3)

11.13790255s ago: executing program 3 (id=1135):
socket$nl_route(0x10, 0x3, 0x0)
creat(&(0x7f0000000380)='./file0\x00', 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x111, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$packet(0x11, 0x3, 0x300)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x42, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22, @private=0xa010100}, {0x2, 0x0, @local}, {0x2, 0x4e24, @rand_addr=0x6}, 0x1d7, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x4, 0x8})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x20000844}, 0x48885)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)

11.118501682s ago: executing program 6 (id=1136):
r0 = socket(0x10, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x34, 0x2, 0x3, 0x201, 0x0, 0x0, {0x5, 0x0, 0x3}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x25}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x7ff}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x20}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x10}]}, 0x34}, 0x1, 0x0, 0x0, 0x4018045}, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r5, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x62, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r5, 0x40505330, &(0x7f00000001c0)={0x800000, 0x80, 0x63, 0x4, 0x3ffd, 0x7})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r5, 0x40505330, &(0x7f0000000300)={0x800080, 0x7ff, 0x2, 0xfff, 0xfd, 0x4})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@bridge_newneigh={0x28, 0x1c, 0x1, 0x70bd29, 0x25dfdbfe, {0x7, 0x0, 0x0, 0x0, 0x80, 0x7e, 0x6}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000094}, 0x44)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000003840), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, 0x0)
sendmsg$NL80211_CMD_AUTHENTICATE(r7, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40010}, 0x4000)
unshare(0x6020400)
r9 = syz_open_dev$loop(0x0, 0x5, 0x0)
setsockopt$sock_timeval(r0, 0x1, 0x43, &(0x7f0000000240), 0x10)
fadvise64(r9, 0x4, 0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00'})

10.871368434s ago: executing program 3 (id=1137):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r3 = socket(0x10, 0x3, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
ioctl$FS_IOC_GETFSUUID(r3, 0x80111500, 0x0)
ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0xbd, 0x0, 0xffff, 0x2, 0x2, '\x00', 0x654})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

10.010529709s ago: executing program 5 (id=1138):
add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$fscrypt_v1(&(0x7f0000000440), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x87}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000e00)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=r0}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r1, 0x0, r2, 0x0, 0x7, 0x0)
syz_clone(0x1222080, 0x0, 0x0, 0x0, 0x0, 0x0)
clock_gettime(0x0, 0x0)
clock_nanosleep(0x2, 0x0, 0x0, 0xfffffffffffffffe)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
mkdir(&(0x7f0000000400)='./file0\x00', 0x1)
r3 = inotify_init1(0x800)
inotify_add_watch(r3, &(0x7f0000000240)='.\x00', 0x50000048)
inotify_add_watch(r3, &(0x7f0000005780)='./file0\x00', 0x9600006f)
lsetxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0, 0x0)

9.938671236s ago: executing program 6 (id=1139):
syz_mount_image$udf(&(0x7f0000000280), &(0x7f00000001c0)='./file0\x00', 0x101c402, &(0x7f0000000400)=ANY=[@ANYBLOB="73686f72746164000000006d653d3030303030303030303030303030303030b030342c6e6f6164696e6963622c7569643d00a933d4462fd5cff78ce32a6ec6ab7ab8cc746e6fb58572d53ada02e26f1befe5ea715ca78e473f5a690f55e83ecc8461d75d9815b5a73b06e6e64b807df73e380c17e4d832165ca5f9bbc1cc1a8f3d6e", @ANYBLOB="89e57d7427efef", @ANYRES32], 0x2, 0xa25, &(0x7f0000000580)="$eJzs20tsXNd5B/DvzKWkoZwmtJIoduK6EyQwVDoxqDdttYBUMUTiKrYQim61KTQUKXlgvkJSgZwWiYoWCAxkIQRoFi1QeNNFgS7URTddGV0UBYoWQhdF0CAp6zSus6PRAl61LO6dM+SQoqyJ9SAl/36C9J+5892Z8xjdeZy5AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABE/NZXTg0dTNvdCgDgQXpp7BtDh73+A8BHyjmf/wEAAAAAAAAAAAAAYKdLUcSfRYpXf7KSLlTX2+pnWrNXro6PjG69W3+KFLUoqvryb/3gocNHjh47PtzJD97/XnsyXh47d6pxem5mfmFqcXFqsjE+27o4NznV8z3c7f6bDVYD0Jh57crkpUuLjUPPHd5w89WBd/Y8tn/gxPEXz+/r1I6PjI6OddX07frQj36L253hsTuK+FmkqH/v3dSMiFrc/Vjc4blzv/VXnRisOjE+Mlp1ZLrVnF0qb0y1XFWLGOja6WRnjB7AXNyVRsS1svllgwfL7o3NNxeaE9NTjbPNhaXWUmtuNtXarS37MxC1GE4R8xGxUtx6d7uiiH+PFN9/fyVNRETRGYdnqxOD79ye2n3oYw/6yr4VETfjIZizHWxPFPFGpPjB+aG4mMe1GrZnIr5e5tMR3yxzOeJ6vp7KJ8hTEe9t8Xzi4dIXRfxTpJhLK2myM/fVceXMK42vzV6a66rtHFce+teHB2mHH5vqUcREdcRfSR/+zQ4AAAAAADtPEX8bKW7MHEjz0b2m2Jq93DjXnJhufyvc+e6/kfdaXV1dHUjtbOQcynky59mcF3LO57yW83rON3PeyPlWzps5l3Ou5IxafvycjZxDOU/mPJvzQs75nNdyXs/5Zs4bOd/KeTPncs6VnGHdCwAAAAAAAIAdpj+K+HGk+MLffKs6rziq89I/cWL4wFe/2H3O+GfucD9l7XMRcSN6Oyd3Vz51ONXKP/e+X/SmHkV8J5//94fb3RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBb1aKIz0SKH76xkiJFRCPiQrRzudju1gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfRj0VcTpS/OIr9er6zYj4bET832r5JyKWVzfZ7hYDAAAAAAAAALdIRQxFisefXEkDEXF14J09j+0fOHH8xfP7iigilSXd9S+PnTvVOD03M78wtbg4NdkYn21dnJuc6vXh6mdas1eujo+M3pfO3FH/fW5/f/303PzrC63Lry5tefve+qmJxaWF5sWtb47+qEUMdW8ZrBo8PjJaNXq61Zytdk212zSwFtHotTMAAAAAAAAAPDL2piKORopXW0dSZ924r73m/yvta8Va7V/8wfpvAaY3ZUf37wd6uZx6behgtfDeGB8ZHR3r2ty369bSsk0pFfHXkeJzv/tEtR6eYu+Wa+Nl3e5IcexbR3LdwOfKupMbquqD4yOjjZfmZr98anp67mJzqTkxPdUYm29e7PmHAwAAAAAAAABwH+1NRfx5pPi9oZupc955Xv/va1/rWv//jWoJvVJPG3NNtbb/8Wptv335EyeGG6O/drvt92P9v2xTSkX8W6R4/PefqM6n76z/D22qLev+O1L86z8+letqu8u6g53utO/xUmt6aijlsfr8s53aqGqP59pPrtceLGs/Hyn+8pmNtcO59lPrtYfK2j+OFP97dOvaT6/XHi5r/yhS/PbbjU7t3rL2TK7dv1773MW56ck7DWs5/38XKc7+4qup0+fbzn/X7z+ubco1t8z5B1++V/M/0LXtWp7XH+f5P3iH+f/7SPEnP30q17XH/lC+/fHq3/X5/51I8V+/urH2WK7dt157sNdubbdy/r8UKU786Edrfc7zn0d2fYa65/+zfRtz7VmyTfP/eNe2gdyuw7/kWHwULb7+7dea09NTC/fiQudYfM/u0AUXXNieC9t8YOKBKF///zlSvHCmljrvY/Lr/8fa19bf/73/nfXX/xc25Zptev3f17XthfwhZVdfRH1pZn7X/oj64uvf/nJrpnl56vLU7PCxo0eeHz527Plduzvv7dYv9dqgR0M5/2cixSs//Ze1zzEb3/9t/f5/76Zcs03z/8nuPm14X9PzUHwklfN/PVJ89+131z5vftD7/87n/wNf2Jhr//+2af4/1bWt+o3/xyOe79p24NMRp3p9LAAAAHjE7M3r5H/66/+wds77xs//8cVObff3P7ezE87/BwAAAACAj7q9qYi/ihT/M/Sl1DmHrJfff05uyjXb9Pu//V3bJu/6vJb+nop7HmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB0oRRFPR4pXf7KSlovyelv9TGv2ytXxkdGtd+tPkaIWRVVf/q0fPHT4yNFjx4c7+cH732tPxstj5041Ts/NzC9MLS5OTTbGZ1sX5yaner6Hu91/s8FqABozr12ZvHRpsXHoucMbbr468M6ex/YPnDj+4vl9ndrxkdHRsa6avl0f+tFvkW6zfXcUcSlS1L/3bvqPIqIWdz8Wd3ju3G/9VScGq06Mj4xWHZluNWeXyhtTLVfVIga6djrZGaMHMBd3pRFxrWx+2eDBsntj882F5sT0VONsc2GptdSam021dmvL/gxELYZTxHxErBS33t2uKGIiUnz//ZX0dhFRdMbh2ZfGvjF0+M7tqd2HPnZb/e6Wm/vKvhURN+MhmLMdbE8U8bFI8YPzQ/Gzoj2u1bA9E/H1Mp+O+GaZyxHX8/VUPkGeinhvi+cTD5e+KOJspJhLK+k/izz31XHlzCuNr81emuuq7RxXHvrXhwdphx+b6lHEz6sj/kr6uf/PAAAAAACPkCJ+M1LcmDmQqvXBtTXF1uzlxrnmxHT7a/3Od/+NvNfq6urqQGpnI+dQzpM5z+a8kHM+57Wc13O+mfNGzrdy3sy5nHMlZ9Ty4+ds5BzKeTLn2ZwXcs7nvJbzes43c97I+VbOmzmXc67kDN+TAwAAAAAAADtQLYp4IlL88I2VtFq0F3gvRDuXrXM+8v4/AAD//9mlO0s=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x143042, 0x100)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)

5.369775278s ago: executing program 2 (id=1140):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr, @struct={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}]}}, 0x0, 0x3e}, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)

5.34457058s ago: executing program 6 (id=1141):
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, 0x0, 0x0)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x109200, 0x0)
pread64(r1, 0x0, 0x0, 0x2)
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000000140)='./file0\x00', 0x2, &(0x7f0000000300)=ANY=[@ANYRES64=0x0, @ANYRESHEX, @ANYRES64=0x0, @ANYRESHEX=r0, @ANYRESDEC], 0xfe, 0x1240, &(0x7f0000002480)="$eJzs3E9rXFUYB+C3Sdo0GfNHrdUK0oPd6OaSZOFGQYKkIB1Q2kZoBeHWTHSY60zIHQIjYnTl1o0fwK24dCeIO93EhZ/BXTYuXahXOpPWjh1JSWMGy/Ns5jDn/C7vmTNcOMOcu//K5x+0NstsM+9OTZx6NSa2Iqb+SJFiIu74JF58+Ycfn7t24+aV1Xp97WpKl1evL7+UUpq/+N3bH339/Pfd2lvfzH87HXuL7+z/uvLL3vm9C/t/Xn+/WaZmmdqdbsrTrU6nm98qGmmjWbaylN4sGnnZSM122dge6t8sOltbvZS3N+Zmt7YbZZnydi+1Gr3U7aTudi/l7+XNdsqyLM3NBjFz9Oj6V79VVRVRVafjTFRVVc3EbEzEYzEX87EQi/F4PBFPxrl4Ks7H0/FMXOiPOs7yAQAAAAAAAAAAAAAAAAAAgFHn/2v3nf//ImLU+f+LYy4eAAAAAAAAAAAAAAAAAAAAHhHXbty8slqvr11N6WxE8dnO+s764HXQv7oZzSiiEUuxEL9H//T/wKB9JuprS6lvMT4tdg/yuzvrk8P55f7jBO7LX369vrY8yKfh/HTM3ptfiYU4Nzq/8o/8pX7+bLxw6Z58Fgvx87vRiSI24nb27/zHyym99kb9bv6nvcHcN8a4LgAAAHCcsnTXyP17lv1b/yB/2O8Dt/fXSyP391Px7NR4505E2fuwlRdFY3vsjTsVDd7ZjYgjXGf64CLjn04rLyYi4kEHnzoofLhrJv7bCk8fOqY2ho/uy1rEQ8Qnh75ID1XPzFFScyOX8n/XOOzOMXns9yJO3sGiT4/srJ14OQAAAAAAAAAAADygk/g74bjnCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACArwIAAP///hC9Rw==")
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000005000000000000008510000002000000850000000800000095000000000000009500a50500"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
r2 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000000000207d1e5a2d00000000000109022400010000000009040000010300000009210000000122080009058103"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
r3 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x80800, 0x0)
ioctl$PTP_PIN_GETFUNC2(r3, 0xc0603d0f, 0x0)
syz_usb_control_io$hid(r2, &(0x7f00000000c0)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="002208000000a20100c3"], 0x0}, 0x0)
r4 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGCOLLECTIONINDEX(r4, 0x40184810, 0x0)

5.338216331s ago: executing program 5 (id=1142):
socket$vsock_stream(0x28, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000400)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000080)=ANY=[@ANYRES16=r2], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r3, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r4, 0x541c, &(0x7f0000000000))

5.281835205s ago: executing program 8 (id=1143):
fanotify_init(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
sched_setaffinity(r1, 0x0, 0x0)
socket(0x10, 0x2, 0x0)
r2 = syz_clone(0x21200600, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace(0x8, r2)
waitid(0x0, 0x0, 0x0, 0xe, 0x0)

5.236261499s ago: executing program 2 (id=1144):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/custom1\x00', 0x2, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x20044000)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
pipe2$9p(0x0, 0x4880)
ptrace(0x10, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f00000029c0)={0x0, 0x31000000, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x15\x00'}]}, 0x1c}}, 0x0)
sendmsg$SEG6_CMD_DUMPHMAC(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000000)={0x28, 0x0, 0x1, 0x70bd27, 0x65dfdbff, {}, [@SEG6_ATTR_DST={0x14, 0x1, @private2}]}, 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x8000)
ptrace$pokeuser(0x6, 0x0, 0x388, 0x41d9fda7)

5.11451317s ago: executing program 8 (id=1145):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000006c0)={0x1, &(0x7f0000000500)=[{0x6, 0x43, 0x0, 0x7fff0000}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.365806806s ago: executing program 5 (id=1146):
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000280)=""/81, 0x51)

4.32363978s ago: executing program 3 (id=1147):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x3000010, &(0x7f0000000040)={[{@errors_remount}, {@debug}]}, 0x1, 0x514, &(0x7f0000000300)="$eJzs3c9vI1cdAPDvTOJtdjfFLiBUKlEqWpStYO2koW2EEJQLnCoB5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgf+AFSpElwQBwQIhGAXDkjADrI9ZrOOnYTdxM7Gn4/04vdmxvN9byy/+eGXmQAm1nMR8VpETEXEixFRzKeneYqDbmovd/fOWyvtlESWvfHXJJJ8Wm9d7fJ0RFzP3zYTEV/7csQ3k6Nxm3v7m8u1WnUnL1da9e1Kc2//5kZ9eb26Xt1aXFx4ZenVpZeX5rPcI7Wz1Mv85Euff+fT3/rdrT/f+Ha7Wp/7SBSirx1nqdv0Qmdb9LS30c55BBuDqbw9hXFXBACAU2kf438wIj7ROf4vxlTnaK7P1DhqBgAAAJyV7AtJ/DuJyAAAAIBLK42I2UjScj4WYDbS9Ep+beDDcS2tNZqtT601drdW2/MiSlFI1zZq1fl8rHApCkm7vJCPse2VX+orL0bEUxHx/eLVTrm80qitjvnaBwAAAEyK633n//8opp38yQb8nwAAAABwcZWGFgAAAIDLwik/AAAAXH795//vjKkeAAAAwLn4yuuvt1PWe/716pt7u5uNN2+uVpub5fruSnmlsbNdXm801jv37KuftL5ao7H9mdjavV1pVZutSnNv/1a9sbvVurXxwCOwAQAAgBF66uPv/jqJiIPPXu2kyO8DCPCAP4y7AsBZmhp3BYCxefi7eBfOtB7A6PkWA8kJ8w3eAQCAx9/cR4/+/t97/r9rA3C5GesDAJPHU7xhchWMAISJlkbEB7rZJ4YtM/T3/1+eNkqWRbxXPDzF9UUAABit2U5K0nJ+HjAbaVouRzwZkZaikKxt1Krz+fnBr4qFJ9rlhc47kxPHDAMAAAAAAAAAAAAAAAAAAAAAAAAAXVmWRAYAAABcahHpn5LO3fwj5oovzPZfH7iS/LMYf8wLP3rjB7eXW62dhfb0v3We5XUlIlo/zKe/NPTxYQAAAMBZSw6Gzuqep+evCyOtFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAT4O6dt1Z6aZRx//LFiCgNij8dM53XmShExLW/JzF96H1JREydQfyDtyPi6UHxk7iXZVkpr0V//DQirp5z/FJn0wyPf/0M4sMke7fd/7w26PuXxnOd18Hfv+k8Parh/V+aR366088N6v+ePLK2+sAYz7z/s8rQ+G9HPDM9uP/p9b/JkPjPH1nbv7IsOxrjG1/f3x8WP/txxNzA/U/yQKxKq75dae7t39yoL69X16tbi4sLryy9uvTy0nxlbaNWzf8OjPG9j/383nHtvzYg/m9/0+1/j2v/C8NW2uc/79++86FutjAo/o3nB+5/Z2JI/DTf930yz7fnz/XyB938Yc/+9L1nj2v/6pDtf9Lnf+OU7X/xq9/9/SkXBQBGoLm3v7lcq1V3jsnMnGKZxzHzi5kLUY3/M5N9p/vJXZT6PGymfbR6f0qvVRegYocy2chiTcUFafL/MmPtlgAAgHNw/6B/3DUBAAAAAAAAAAAAAAAAAACAyTWK24n1xzwYT1MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI713wAAAP//fG7gBw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000001f40)={0x0, 0x2904c, 0x29, 0x10003, '\x00', [{0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0, 0x9500}, {0xffffffff, 0x0, 0x9, 0xa}]})

3.895045007s ago: executing program 5 (id=1148):
ptrace(0x10, 0x0)
wait4(0x0, 0x0, 0x8, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0xfffffffe, @local, 0x1}, 0x1c)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x0)

3.365696994s ago: executing program 2 (id=1149):
r0 = socket(0x10, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x34, 0x2, 0x3, 0x201, 0x0, 0x0, {0x5, 0x0, 0x3}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x25}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x7ff}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x20}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x10}]}, 0x34}, 0x1, 0x0, 0x0, 0x4018045}, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r5, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x62, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r5, 0x40505330, &(0x7f00000001c0)={0x800000, 0x80, 0x63, 0x4, 0x3ffd, 0x7})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r5, 0x40505330, &(0x7f0000000300)={0x800080, 0x7ff, 0x2, 0xfff, 0xfd, 0x4})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@bridge_newneigh={0x28, 0x1c, 0x1, 0x70bd29, 0x25dfdbfe, {0x7, 0x0, 0x0, 0x0, 0x80, 0x7e, 0x6}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000094}, 0x44)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000003840), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEL_KEY(r8, 0x0, 0xc0)
sendmsg$NL80211_CMD_AUTHENTICATE(r7, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40010}, 0x4000)
unshare(0x6020400)
r9 = syz_open_dev$loop(0x0, 0x5, 0x0)
setsockopt$sock_timeval(r0, 0x1, 0x43, &(0x7f0000000240), 0x10)
fadvise64(r9, 0x4, 0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00'})

536.366893ms ago: executing program 2 (id=1150):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file2\x00', 0x404, &(0x7f00000002c0)={[{@init_itable_val={'init_itable', 0x3d, 0x400}}, {@nobh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@dioread_lock}], [{@seclabel}]}, 0x3, 0x439, &(0x7f0000002380)="$eJzs3MtvG0UYAPBv105LXyRU5dEHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QU2QaFVBQKgcUSXuiCMSfwEnuCDghMQV7qhShXJp4WS09m5iO3aauE5c8O8nrTuzO9bM592xZ3a6CWBgjWYvScTuiPg9Iobr2eYCo/V/bi1dmf576cp0EtXqW38ltXI3l65MF0WL9+0qMuWI9LMkDrapd/7S5XNTlcrsxTw/vnD+/fH5S5efO3t+6szsmdkLkydPHj828cKJyed7EmcW180DH80d2v/aO9femD517d2fv02K+Fvi6JHRtQ4+Wa32uLr+2tOQTsp9bAgbUqp30xiq9f/hKMXKyRuOVz/ta+OATVWtVqsPdD68WAX+x5LodwuA/ih+6LP5b7Ft0dDjrnDjpfoEKIv7Vr7Vj5QjzcsMtcxve2k0Ik4t/vNVtsXm3IcAAGjyfTb+ebbd+C+NxvtC9+ZrKCMRcV9E7I2IExGxLyLuj6iVfTAiHtpg/a2LJKvHP+n1rgJbp2z892K+ttU8/itGfzFSynN7avEPJafPVmaP5p/JkRjanuUn1qjjh1d++6LTscbxX7Zl9Rdjwbwd18vbm98zM7UwdScxN7rxScSBcrv4k+WVgCQi9kfEgS7rOPv0N4c6Hbt9/GvowTpT9euIp+rnfzFa4i8ka69Pjt8Tldmj48VVsdovv159s1P9dxR/D2Tnf2fb6385/pGkcb12fuN1XP3j845zmm6v/23J2037PpxaWLg4EbEteb3e6JX9pYuTLeUmV8pn8R853L7/742VT+JgRGQX8cMR8UhEPJq3/bGIeDwiDq8R/08vP/Fe9/Fvriz+mQ2d/5XEtmjd0z5ROvfjd02Vjmwk/uz8H6+ljuR71vP9t552dXc1AwAAwH9PGhG7I0nHltNpOjZW/z/8+2JnWpmbX3jm9NwHF2bqzwiMxFBa3OkabrgfOpFP64v8ZEv+WH7f+MvSjlp+bHquMtPv4GHA7erQ/zN/lvrdOmDTdbeOlva8HcDW87wmDC79HwaX/g+Dq03/39GPdgBbr93v/8d9aAew9coNr/nfBAMGhPk/DC79HwaX/g8DaX5H3P4heQmJVYlI74pmSGxSot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//1Xjmag==")
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000200)='./file0\x00', 0xa00010, &(0x7f0000000840)=ANY=[@ANYBLOB='nodecompose,decompose,nobarrier,gid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6c733d69736f383835392d310000000072726965722c00bcd0f0b5c4e2957974ff5d7ea3c3dcee087e4983684e8a4c4e4e87b134e30ce77162b12885b964b3506ff3eae0f3599447b17861d19be78079e5dd7bdc7f1eb36e31ac14de48349767164f5f6431bbdeaef96a4f2bce64b5cfa76ce3a2c4302374bc5535d7e2eb8dfb2e5d58a37b7e37836597c21f51bcdf6df4cad825cfd9ef5ee9e89e04b15cd3cea9e152d67b9a7eedc5dfe6d85a3ce7c342da8cc969b552197cb8bcc4a1009f38f4a85b7c742101ba5bc03115feca2b994c699812"], 0x6, 0x635, &(0x7f0000000c80)="$eJzs3c1rHOcdB/DvrFZryQVHSezELYGKGNJSUVsvKK16iVtK0SGUkB56FrYcC6+VIClFCaWo79BTD/kD0oNuPRV6N6Tn9parjoFCLznppjKzs9LaWil6s1ZqPx/z7PM888w888xvZ2Zndi0mwP+t+Yk0n6TI/MTb62V9a3OmvbU5c6Vubicpy42k2clSLCfFZ8nddFK+Xk6s5y8OWs8nS3Pvfv7l1hedWrNO1fyNw5Y7mo06ZTzJUJ0/o/Wn4/Q33CmU/dzr398xFLtbWAbsVjdwMGg7+2wcZ/FTHrfARVB0Pjf3GUuuJhmprwNSnx0a5zu6s3essxwAAABcUi9sZzvruTbocQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBlUj//v6hTo1seT9F9/n+rnpa6fKk9GfQAAAAAAAAAAOAMfHM721nPtW59p6h+83+9qlyvXr+WD7OaxazkdtazkLWsZSVTScZ6OmqtL6ytrUwdYcnpvktOn8/2AgAAAAAAAMD/qN9kfu/3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGKShOi86xaJO17vlsTSaSUaStMr5NpJ/dcuXRNFv4pPzHwcAAACcysgJlnlhO9tZz7Vufaeo7vlfqe6XR/JhlrOWpaylncXcr++hy7v+xtbmTHtrc+Zxmfb3+8P/HGsYVY+7X0P0W/PNao7RPMhSNeV27lWDuZ9GtWTpZnc8/cf163JMxVu1I47sfp2XK/vzQd8iDMRYFZHh3YhM1mMro/Hi4ZH4yneneeiaptLY/ebn+nOI+dU6L7fnDxcz5o1UkZju2fteOTwSybf+/tefP2wvP3r4YHXi4mzSCT27T8z0ROLVSx2J5jHnn6wicWO3Pp+f5GeZyHjeyUqW8ossZC2L2anbF+r9uXwdOzxSd5+qvfNVI2nV70vnLHqUMY3nx1VpIa9Xy17LUoq8n/tZzJvVv+lM5XuZzWzmet7hGweOu9q26qhvHO+ov/XtujCa5I91Pmidj9Qyri/2xLX3nDtWtfVO2YvSS2d/bmx+oy6U6/htnV8Mz0ZiqicSLx8eib9Ux8Zqe/nRysOFDw7of+OZ+ht1Xu5xv79QnxLl/vJSRuozydN7R9n28u5Z5ul4tepfXDptjX1tN6q2ougeqT898Eht1ddw+3uartpe7ds2U7Xd7Gl76nor76e9ez0EwAV29TtXW6P/Hv3n6Kejvxt9OPr2yI+ufP/Ka60M/2P4B83JoTcarxV/y6f51d79PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHKrH338aKHdXlzpX2gc3HS2haJ+kM95rEth0IXuQwRP3eHdC7E5l7owlKRfU/0WneThosClcGft8Qd3Vj/6+LtLjxfeW3xvcXl4dnZucm72zZk7D5bai5Od10GPEnge9j70+7cXF+oBmwAAAAAAAAAAAECO9vc2O/X//zvxXxoMehsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy21+Is0nKTI1eXuyrG9tzrTL1C3vzdlM0mgkxS+T4rPkbjopYz3dFW8dsJ5Plube/fzLrS/2+mpW85ed1vkpbNQp40mG6vys+rt36v6K3S0sA3arGzgYtP8GAAD//+IHAOM=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4c4ac000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
pwritev2(0xffffffffffffffff, &(0x7f0000000040)=[{0x0}], 0x1, 0x1000, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x4842, 0x1cb)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x48, &(0x7f0000000100)={0x88, 0x18, '\x00', [@generic={0x0, 0xc3, "3fcd12ae2d9c9963ffb743e2dc2590debefb8792a8a8a7a9100c141fbc325fdc59ccddb656c92b648d84372e3af700d668a0884914b47dc9b771533934535b72f4bc03f7505fc9d443698785659827a9d7af52a2b4b91ecb98478515108dd6c6e425b6e82ef1a8b3a619e4add83e6cf3e1d84b02b2877b09db81a458473c0e842e3500b5d133d83d3724bce1fee3ea4d4f1ed85f2a2ea4cdeb6f95b864d7d2a288465fccf155b11f0264e3142b72a2d0165f7daa384e2b3542b495f4bf061530b5e0f1"}]}, 0xd0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x80200)
writev(r3, 0x0, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x88000)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r5, 0xc0505350, &(0x7f0000000940))
rename(0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)

425.748473ms ago: executing program 6 (id=1151):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$UI_BEGIN_FF_UPLOAD(r0, 0xc06855c8, &(0x7f00000001c0)={0x1, 0xe, {0x52, 0x5d, 0x6, {0x0, 0x8001}, {0x9a8, 0x1}, @cond=[{0x3, 0x723, 0x6, 0x7a, 0x6, 0x8000}, {0x1, 0x7, 0x5, 0x6, 0x5, 0x8}]}, {0x54, 0xe3, 0x5, {0x539b, 0x8000}, {0x7}, @cond=[{0x5, 0xa3c1, 0x7fff, 0x2, 0xf3b7, 0x1}, {0x3, 0x80, 0x400, 0x0, 0x5, 0x80}]}})
add_key$fscrypt_provisioning(&(0x7f0000000040), 0x0, &(0x7f00000000c0)={0x2, 0x0, @d}, 0x18, 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0x1c, r1, 0x1, 0x70bd29, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_TID_CONFIG={0x8, 0x11d, 0x0, 0x1, [{0x4}]}]}, 0x1c}}, 0x20000004)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r3, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d440fe0000000000000100000024000000", 0xfe60)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4, &(0x7f0000000140)={[{@jqfmt_vfsv1}, {@nojournal_checksum}, {@resgid}, {@norecovery}, {@test_dummy_encryption}, {@noauto_da_alloc}]}, 0x9, 0x4c2, &(0x7f0000000640)="$eJzs3E1oXNUeAPD/nSTNe/1KXl/f09aq0SoWP5I2rbYLwQ8QXKgIuqjLmKaldtpIE8GUYKOUulDQggiuRHEjunbhypWoK8GNC91LoUg2rV2N3Jl7x5lJZjJNJp0m+f1geu+5cyfn/O+5595z7ulMABvWUPpPErE1In6LiIGIKDTuMFRZXJufHf9rfnY8iVLppT+T9GNxdX52PN81yZZbKonedFG4kMSTi+Q7NXPu1FixOHE2S49Mn359ZGrm3CMnT4+dmDgxcWb0yJFDBw8cfmz00Y7E+Z+0rLvfmtyz69lXLj0/fvTSqz9+ndQUujaOhiOwTH0xV3NMGt3fgRxuJdtq1pPelrt24uDSIf0R5YbaV27/A9FzYXv1vYF45p2uFg5YVaVSqTTa/O25ErCOJdHtEgDdkd/or85/PJ6OgevHwevflacqA6A07mvZqzLo6a0OVPsaxredNBsRR+euf5q+YsFzCACAzvsu7f88XOl31Pf/CvH/mv22Z3NDg9lcyo6I+G9E7IyI/0WU970tIm6/wfyHGtIL+z+Fy8sKrE1p/+/xbG4rf2X55rsM9mSpbeX4+5LjJ4sT+7Njsi/6+tP0gUX/ehLlSaD45YNm+Q/V9P/SV5p/3hfMynG5t7/+M8fGpsdWHHjmytsRu3sXiz+bwMvmsHZFxO5l5nHywS/31G/pqa4tHX8LreeZ2lL6LOKBSv3PRUP8uaT1/OTIv6I4sX8kPysW+unniy82y39F8XdAWv+bFz3/q/EPJrXztVML/sSmpfK4+Pu7Tcc0QxFPxDLO/03Jy3WZvzk2PX29FLEpeS7ivU+q+6bbz9Y84M7T5eWBSvz79i7e/nfEP0fijohIT+I7I+KuiLg7q7t7IuLeiNjbIv4fnr7vtRbxd7X+46vKFaqt+s/roXIiVM+IpVZ6Tn3/bbPs27v+HSpfMPZlW9q5/rVbwOUeNgAAAFhLChGxNZLCcHW9UBgervwf/p2xuVCcnJp+6PjkG2eOVb4jMBh9hfxJ10CWjuz552AlXR59j5aXEeez56UHs+fGH/X8u5weHp8sHut28LDBbWnS/lN/9HS7dMCq68A8GrBGtWr/nx++iQUBbrrl3//1HGCtW6IV+8EGWMfcxWHjWqz9n+9COYCbr/n9f0LXANa5aiP/sI2da77u1fjlTWDtcZOHjWvp9v/Cav3+FdA97X+L/1ZZSZK6LfFFROtPJSvONB/y1L/VF6sZ6fsr+3hev/mWQsdLGIVmb/Xf6A9EdGVl7NYoxlIreUXOnDvV2/avWsyUzo8Vi79+s5Lcu3I5AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Li/AwAA///7b9mK")

414.293104ms ago: executing program 8 (id=1152):
io_setup(0xd9, &(0x7f00000000c0)=<r0=>0x0)
syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000100)='./file2\x00', 0x1000b, &(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESDEC, @ANYRESOCT], 0x21, 0x1c5, &(0x7f0000000880)="$eJzsVU+rUkEU/42OV2tRrSNwkZQt0uu1ok3kKvwAbaNEbyZd++MVShG6rfwebfwaLdq3CQqCNrWooIXRNowzc8bmPQXf0+f7A/OD62/O35kzR848ip/HAPB3OmqiBgUPZ/BZCEgAeaF1d7Kaf3qaSyx/l5qvsP4N84wRD4aPG1EU9ra4WG5L6YNgPxnJf7fpw/Te2WV5hFyd8BPl227xmy/EGhe1coFEJz0OBR7S4n7alEzFb5rwz0EdLI81+y730GUsdjl3VP95sWj6L95+ncIvVfHH6ahJiwc8pUjX0p+wfaib7yyf81J9Io3Z3IeGHwmXAZT73WfleDC82uk22mE7fBIE1Rv+Nd+/HpQfdqLQ17/C2sKMKOLarSxopp6y7BkAX3jAnoaFH3pbczS2CzuW5vCMh3TxInYgZcUaFng7j+Uw0BXcxSVQS18kwtIWVBYJVVIdAmkl8NB/xdei98opr1LzadQaQ6j9VNgEUufIzF0lPFgCuVVvJkY1Zi4w15knzF+ZzZtl3iKpMnxjqZjQjb5s9Pu9iveeQyr06ild4BlrcC6xL4x2/c05THEXsnBwcHBwcHBwOGH4FwAA//+74FHW")
openat(0xffffffffffffff9c, 0x0, 0x80040, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
utime(0x0, 0x0)
creat(&(0x7f0000000000)='./file1\x00', 0x4)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
listen(0xffffffffffffffff, 0x8)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90)
getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000)

0s ago: executing program 6 (id=1153):
add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$fscrypt_v1(&(0x7f0000000440), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x87}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000e00)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=r0}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r1, 0x0, r2, 0x0, 0x7, 0x0)
syz_clone(0x1222080, 0x0, 0x0, 0x0, 0x0, 0x0)
clock_gettime(0x0, 0x0)
clock_nanosleep(0x2, 0x0, 0x0, 0xfffffffffffffffe)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
mkdir(&(0x7f0000000400)='./file0\x00', 0x1)
r3 = inotify_init1(0x800)
inotify_add_watch(r3, &(0x7f0000000240)='.\x00', 0x50000048)
inotify_add_watch(r3, &(0x7f0000005780)='./file0\x00', 0x9600006f)
lsetxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

267] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   75.346429][ T4297] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.361403][  T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.371060][  T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.392933][ T4297] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.433351][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   75.458574][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   75.470587][   T21] Bluetooth: hci2: command 0x0419 tx timeout
[   75.476808][   T21] Bluetooth: hci1: command 0x0419 tx timeout
[   75.518663][ T1267] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.523697][   T21] Bluetooth: hci0: command 0x0419 tx timeout
[   75.536341][ T4299] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   75.557123][ T4234] Bluetooth: hci3: command 0x0419 tx timeout
[   75.563687][ T4234] Bluetooth: hci4: command 0x0419 tx timeout
[   75.576165][ T1267] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.630581][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   75.880349][ T4313] block device autoloading is deprecated and will be removed.
[   75.911762][ T4308] md: superblock version 12389 not known
[   75.929878][ T4308] md: couldn't set array info. -22
[   76.083256][ T4315] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[   76.115254][ T4315] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[   76.234638][ T4335] kvm: pic: non byte write
[   76.261268][   T26] audit: type=1400 audit(1771905622.638:2): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=4331 comm="syz.1.20"
[   76.339618][ T4335] kvm: pic: non byte write
[   76.373343][ T4332] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[   76.397967][ T4332] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[   76.449988][ T4341] device syzkaller0 entered promiscuous mode
[   76.459858][ T4327] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[   76.472030][ T4327] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[   76.618135][ T4345] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   76.909791][ T4356] KVM: debugfs: duplicate directory 4356-4
[   77.141275][ T4364] kvm: emulating exchange as write
[   78.237169][ T4404] loop2: detected capacity change from 0 to 128
[   78.270562][ T4404] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   78.308648][ T4406] netlink: 'syz.1.45': attribute type 14 has an invalid length.
[   78.316919][ T4404] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   78.336778][ T4406] netlink: 8 bytes leftover after parsing attributes in process `syz.1.45'.
[   78.347497][ T4406] bond0: option xmit_hash_policy: invalid value (172)
[   78.390175][  T144] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.459345][ T1267] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   78.490492][  T144] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.569661][  T144] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.661553][  T144] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.844277][ T4420] loop1: detected capacity change from 0 to 128
[   79.269841][ T4431] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.277999][ T4431] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.819458][ T4421] chnl_net:caif_netlink_parms(): no params data found
[   80.044614][ T4465] kvm: pic: level sensitive irq not supported
[   80.044992][ T4465] kvm: pic: single mode not supported
[   80.089711][ T4465] kvm: pic: single mode not supported
[   80.095154][ T4465] kvm: pic: level sensitive irq not supported
[   80.254988][ T4421] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.270745][ T4421] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.279295][ T4421] device bridge_slave_0 entered promiscuous mode
[   80.290587][ T4421] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.298129][ T4421] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.306477][ T4421] device bridge_slave_1 entered promiscuous mode
[   80.372905][ T4421] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.494198][ T4421] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.627479][ T4489] =======================================================
[   80.627479][ T4489] WARNING: The mand mount option has been deprecated and
[   80.627479][ T4489]          and is ignored by this kernel. Remove the mand
[   80.627479][ T4489]          option from the mount to silence this warning.
[   80.627479][ T4489] =======================================================
[   80.727934][ T4421] team0: Port device team_slave_0 added
[   80.746767][ T4421] team0: Port device team_slave_1 added
[   80.872760][ T4421] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.885394][ T4421] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.906259][   T21] Bluetooth: hci4: command 0x0409 tx timeout
[   80.963266][ T4421] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   81.105211][ T4421] batman_adv: batadv0: Adding interface: batadv_slave_1
[   81.122819][ T4421] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.244837][ T4421] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.337324][ T4509] kvm: pic: non byte read
[   81.355763][ T4509] kvm: pic: level sensitive irq not supported
[   81.355831][ T4509] kvm: pic: non byte read
[   81.368533][ T4509] kvm: pic: level sensitive irq not supported
[   81.368586][ T4509] kvm: pic: non byte read
[   81.379906][ T4509] kvm: pic: level sensitive irq not supported
[   81.379963][ T4509] kvm: pic: non byte read
[   81.396876][ T4421] device hsr_slave_0 entered promiscuous mode
[   81.444995][ T4421] device hsr_slave_1 entered promiscuous mode
[   81.462675][ T4421] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   81.496820][ T4421] Cannot create hsr debugfs directory
[   81.630058][  T144] device hsr_slave_0 left promiscuous mode
[   81.667214][  T144] device hsr_slave_1 left promiscuous mode
[   81.711529][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   81.723957][  T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[   81.774928][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   81.799690][  T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[   81.836342][  T144] device bridge_slave_1 left promiscuous mode
[   81.843341][  T144] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.919909][  T144] device bridge_slave_0 left promiscuous mode
[   81.951369][  T144] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.033812][  T144] device veth1_macvtap left promiscuous mode
[   82.058709][  T144] device veth0_macvtap left promiscuous mode
[   82.078856][  T144] device veth1_vlan left promiscuous mode
[   82.093235][  T144] device veth0_vlan left promiscuous mode
[   82.812609][ T4532] loop2: detected capacity change from 0 to 128
[   82.988203][ T4232] Bluetooth: hci4: command 0x041b tx timeout
[   83.017930][  T144] team0 (unregistering): Port device team_slave_1 removed
[   83.042142][ T4539] process 'syz.0.79' launched '/proc/self' with NULL argv: empty string added
[   83.099273][  T144] team0 (unregistering): Port device team_slave_0 removed
[   83.138514][  T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   83.245689][  T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   83.492370][  T144] bond0 (unregistering): Released all slaves
[   83.602082][ T4537] netlink: 96 bytes leftover after parsing attributes in process `syz.0.79'.
[   83.749419][ T4557] netlink: 8 bytes leftover after parsing attributes in process `syz.0.86'.
[   84.213928][ T4421] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   84.286180][ T4421] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   84.316914][ T4421] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   84.345185][ T4421] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   84.696266][ T4421] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.747503][ T4421] 8021q: adding VLAN 0 to HW filter on device team0
[   84.787073][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   84.803002][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   84.868696][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   84.900900][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   84.971484][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.978763][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.023210][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   85.058381][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   85.066721][ T4234] Bluetooth: hci4: command 0x040f tx timeout
[   85.111244][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   85.135989][ T1267] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.143072][ T1267] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.215965][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   85.258841][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   85.362981][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   85.396209][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   85.404790][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   85.480633][ T4618] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[   85.495350][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   85.512156][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   85.535836][ T4618] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[   85.552234][ T4421] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   85.611061][ T4421] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   85.659017][ T1458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   85.716269][ T1458] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   85.737387][ T1458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   85.768846][ T1458] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   85.893594][ T1458] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   86.226033][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   86.233513][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   86.292276][ T4421] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.624322][ T4668] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[   86.637745][ T1111] cfg80211: failed to load regulatory.db
[   86.689018][ T4668] kvm: pic: level sensitive irq not supported
[   86.689124][ T4668] kvm: pic: non byte read
[   86.706466][ T4668] kvm: pic: level sensitive irq not supported
[   86.706569][ T4668] kvm: pic: non byte read
[   86.781153][ T4668] kvm: pic: level sensitive irq not supported
[   86.781224][ T4668] kvm: pic: non byte read
[   86.931661][ T4685] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   87.153949][ T1111] Bluetooth: hci4: command 0x0419 tx timeout
[   87.396198][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   87.416947][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   87.502783][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   87.532025][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   87.567013][ T4421] device veth0_vlan entered promiscuous mode
[   87.580112][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   87.590144][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   87.613327][ T4421] device veth1_vlan entered promiscuous mode
[   87.715166][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   87.726892][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   87.745054][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   87.767258][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   87.797421][ T4421] device veth0_macvtap entered promiscuous mode
[   87.886119][ T4421] device veth1_macvtap entered promiscuous mode
[   87.934152][ T4421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.985594][ T4421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.042201][ T4421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   88.092157][ T4421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.165086][ T4421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   88.207896][ T4421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.253709][ T4421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   88.305442][ T4421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.366876][ T4421] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.397988][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   88.412241][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   88.466522][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   88.516274][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   88.548705][ T4421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   88.590543][ T4738] loop2: detected capacity change from 0 to 16
[   88.598812][ T4421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.643127][ T4421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   88.684306][ T4421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.707395][ T4738] erofs: (device loop2): mounted with root inode @ nid 36.
[   88.715642][ T4421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   88.757004][ T4421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.788119][ T4421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   88.805391][ T4421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.822273][ T4421] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.876072][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   88.896364][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   88.937145][ T4421] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.976718][ T4421] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.010675][ T4421] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.031090][ T4421] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.345585][ T4507] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.365314][ T4507] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.414315][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   89.446887][ T4750] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.463532][ T4750] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.497715][ T1458] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   89.903035][ T4754] chnl_net:caif_netlink_parms(): no params data found
[   90.074470][  T144] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.244565][  T144] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.439427][ T4754] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.506120][ T4754] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.520849][ T4754] device bridge_slave_0 entered promiscuous mode
[   90.553631][ T4798] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[   90.570447][  T144] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.610304][ T4798] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[   90.637172][ T4754] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.661393][ T4754] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.689118][ T4754] device bridge_slave_1 entered promiscuous mode
[   90.728248][  T144] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.800287][ T4754] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.832622][ T4815] device syzkaller0 entered promiscuous mode
[   90.867250][ T4754] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.998475][ T4754] team0: Port device team_slave_0 added
[   91.013846][ T4754] team0: Port device team_slave_1 added
[   91.097620][ T4754] batman_adv: batadv0: Adding interface: batadv_slave_0
[   91.104604][ T4754] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.186518][ T4754] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   91.234944][ T4754] batman_adv: batadv0: Adding interface: batadv_slave_1
[   91.272584][ T4754] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.375699][ T4754] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   91.424468][   T26] audit: type=1326 audit(1771905637.798:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4835 comm="syz.3.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f689a651629 code=0x7ffc0000
[   91.449113][ T4841] Zero length message leads to an empty skb
[   91.503940][   T26] audit: type=1326 audit(1771905637.798:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4835 comm="syz.3.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f689a651392 code=0x7ffc0000
[   91.591168][   T26] audit: type=1326 audit(1771905637.808:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4835 comm="syz.3.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f689a651629 code=0x7ffc0000
[   91.626786][   T26] audit: type=1326 audit(1771905637.808:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4835 comm="syz.3.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f689a651629 code=0x7ffc0000
[   91.649455][   T13] Bluetooth: hci0: command 0x0409 tx timeout
[   91.680364][   T26] audit: type=1326 audit(1771905637.798:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4835 comm="syz.3.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f689a651427 code=0x7ffc0000
[   91.702772][   T26] audit: type=1326 audit(1771905637.828:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4835 comm="syz.3.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f689a60e391 code=0x7ffc0000
[   91.726155][   T26] audit: type=1326 audit(1771905637.828:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4835 comm="syz.3.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f689a652449 code=0x7ffc0000
[   91.792077][   T26] audit: type=1326 audit(1771905637.828:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4835 comm="syz.3.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f689a60e3fb code=0x7ffc0000
[   91.820650][   T26] audit: type=1326 audit(1771905637.828:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4835 comm="syz.3.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f689a651629 code=0x7ffc0000
[   91.848701][   T26] audit: type=1326 audit(1771905637.828:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4835 comm="syz.3.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f689a651629 code=0x7ffc0000
[   92.329657][ T4839] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.338012][ T4839] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.900557][ T4839] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   92.962160][ T4839] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   93.423893][ T4839] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   93.439330][ T4839] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   93.450921][ T4839] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   93.460320][ T4839] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   93.651868][ T4839] syz.2.158 (4839) used greatest stack depth: 21104 bytes left
[   93.705674][ T4192] Bluetooth: hci0: command 0x041b tx timeout
[   93.714084][ T4871] device syzkaller0 entered promiscuous mode
[   93.754921][ T4754] device hsr_slave_0 entered promiscuous mode
[   93.772941][ T4754] device hsr_slave_1 entered promiscuous mode
[   93.800564][ T4754] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   93.812944][ T4754] Cannot create hsr debugfs directory
[   94.008273][ T4895] netlink: 24 bytes leftover after parsing attributes in process `syz.1.168'.
[   94.025001][ T4895] device ip6gre1 entered promiscuous mode
[   94.038102][ T4192] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   94.049609][ T4192] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   94.057495][ T4895] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   94.072175][ T1111] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   94.135553][ T1111] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   94.346583][ T4192] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   94.633800][ T4754] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   94.655839][ T4923] netlink: 8 bytes leftover after parsing attributes in process `syz.2.174'.
[   94.682296][ T4923] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.699359][ T4754] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   94.766422][ T4754] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   94.785295][ T4754] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   95.178463][ T4754] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.268491][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   95.277195][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   95.287239][ T4754] 8021q: adding VLAN 0 to HW filter on device team0
[   95.355211][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   95.378541][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   95.398459][ T1267] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.405597][ T1267] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.432379][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   95.478399][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   95.495931][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   95.524611][ T1267] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.531901][ T1267] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.614137][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   95.632678][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   95.650605][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   95.664126][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   95.680149][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   95.694877][  T144] device hsr_slave_0 left promiscuous mode
[   95.708992][  T144] device hsr_slave_1 left promiscuous mode
[   95.727079][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   95.734510][  T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[   95.763037][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   95.785531][ T4175] Bluetooth: hci0: command 0x040f tx timeout
[   95.794343][  T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[   95.823953][  T144] device bridge_slave_1 left promiscuous mode
[   95.836933][  T144] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.850955][  T144] device bridge_slave_0 left promiscuous mode
[   95.875389][  T144] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.934109][  T144] device veth1_macvtap left promiscuous mode
[   95.960654][  T144] device veth0_macvtap left promiscuous mode
[   95.970061][  T144] device veth1_vlan left promiscuous mode
[   95.976188][  T144] device veth0_vlan left promiscuous mode
[   96.382772][  T144] team0 (unregistering): Port device team_slave_1 removed
[   96.407657][  T144] team0 (unregistering): Port device team_slave_0 removed
[   96.433223][  T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   96.459030][  T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   96.540033][  T144] bond0 (unregistering): Released all slaves
[   96.617217][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   96.627242][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   96.638046][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   96.646666][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   96.655226][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   96.663773][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   96.672532][ T4967] netlink: 8 bytes leftover after parsing attributes in process `syz.2.185'.
[   96.691847][ T4754] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   97.093853][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   97.109662][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   97.146572][ T4992] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   97.181213][ T4754] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.365802][ T5005] netlink: 96 bytes leftover after parsing attributes in process `syz.3.191'.
[   97.867975][ T4175] Bluetooth: hci0: command 0x0419 tx timeout
[   97.920688][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   97.941502][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   98.005534][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   98.027025][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   98.084797][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   98.106569][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   98.139597][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   98.159194][ T4754] device veth0_vlan entered promiscuous mode
[   98.261489][ T4754] device veth1_vlan entered promiscuous mode
[   98.397843][ T4754] device veth0_macvtap entered promiscuous mode
[   98.460486][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   98.471249][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   98.502567][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   98.513825][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   98.531149][ T5049] netlink: 96 bytes leftover after parsing attributes in process `syz.3.202'.
[   98.577114][ T4754] device veth1_macvtap entered promiscuous mode
[   98.585463][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   98.593608][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   98.686328][ T4754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   98.737682][ T4754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.787473][ T4754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   98.815915][ T4754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.838247][ T4754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   98.865984][ T4754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.915814][ T4754] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.924265][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   98.956224][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   98.979106][ T4754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.025576][ T4754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.049115][ T4754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.081022][ T4754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.105003][ T4754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.136018][ T4754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.164811][ T4754] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.213570][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   99.231787][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   99.293281][ T4754] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.315739][ T4754] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.347032][ T4754] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.382767][ T4754] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.574958][ T4297] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.597945][ T4297] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.636771][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   99.695660][ T1458] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.741555][ T1458] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.767867][ T1458] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  100.074867][ T5102] netlink: 96 bytes leftover after parsing attributes in process `syz.3.214'.
[  100.214943][ T5103] overlayfs: failed to resolve './file1': -2
[  100.255297][ T5109] trusted_key: encrypted_key: insufficient parameters specified
[  102.245622][ T5124] overlayfs: failed to resolve './bus': -2
[  102.253630][ T5125] overlayfs: failed to resolve './bus': -2
[  103.624056][ T5185] netlink: 96 bytes leftover after parsing attributes in process `syz.6.224'.
[  103.889892][ T5195] syz.3.225 (5195): attempted to duplicate a private mapping with mremap.  This is not supported.
[  104.264800][ T5210] loop5: detected capacity change from 0 to 128
[  104.290381][ T5098] ODEBUG: Out of memory. ODEBUG disabled
[  104.850386][ T5233] kvm: vcpu 0: requested 112 ns lapic timer period limited to 200000 ns
[  104.898914][ T5226] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  105.027682][ T5239] netlink: 96 bytes leftover after parsing attributes in process `syz.5.236'.
[  105.264829][ T5249] block device autoloading is deprecated and will be removed.
[  105.295143][ T5242] loop6: detected capacity change from 0 to 8192
[  105.310269][ T5246] md2: error: failed to get bitmap file
[  105.359546][ T5242]  loop6: p1 p2 p3 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p
[  105.361936][ T5242] loop6: p1 start 1191182336 is beyond EOD, truncated
[  105.535051][ T5242] loop6: p2 size 262151 extends beyond EOD, truncated
[  105.602297][ T5242] loop6: p5 start 1191182336 is beyond EOD, truncated
[  105.659057][ T5242] loop6: p6 size 262151 extends beyond EOD, truncated
[  105.747395][ T5242] loop6: p8 start 1191182336 is beyond EOD, truncated
[  105.754235][ T5242] loop6: p9 size 262151 extends beyond EOD, truncated
[  105.852934][ T5242] loop6: p11 start 1191182336 is beyond EOD, truncated
[  105.895653][ T5242] loop6: p12 size 262151 extends beyond EOD, truncated
[  105.989302][ T5242] loop6: p14 start 1191182336 is beyond EOD, truncated
[  106.065423][ T5242] loop6: p15 size 262151 extends beyond EOD, truncated
[  106.107057][ T5242] loop6: p17 start 1191182336 is beyond EOD, truncated
[  106.113969][ T5242] loop6: p18 size 262151 extends beyond EOD, truncated
[  106.225473][ T5242] loop6: p20 start 1191182336 is beyond EOD, truncated
[  106.232468][ T5242] loop6: p21 size 262151 extends beyond EOD, truncated
[  106.299726][ T5242] loop6: p23 start 1191182336 is beyond EOD, truncated
[  106.327217][ T5242] loop6: p24 size 262151 extends beyond EOD, truncated
[  106.367200][ T5242] loop6: p26 start 1191182336 is beyond EOD, truncated
[  106.395314][ T5242] loop6: p27 size 262151 extends beyond EOD, truncated
[  106.425470][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  106.475654][ T5242] loop6: p29 start 1191182336 is beyond EOD, truncated
[  106.482562][ T5242] loop6: p30 size 262151 extends beyond EOD, truncated
[  106.553942][ T5242] loop6: p32 start 1191182336 is beyond EOD, truncated
[  106.597704][ T5242] loop6: p33 size 262151 extends beyond EOD, truncated
[  106.638481][ T5242] loop6: p35 start 1191182336 is beyond EOD, truncated
[  106.665829][ T5242] loop6: p36 size 262151 extends beyond EOD, truncated
[  106.701043][ T5242] loop6: p38 start 1191182336 is beyond EOD, truncated
[  106.730364][ T5294] device syzkaller0 entered promiscuous mode
[  106.735609][ T5242] loop6: p39 size 262151 extends beyond EOD, truncated
[  106.795998][ T5242] loop6: p41 start 1191182336 is beyond EOD, truncated
[  106.802922][ T5242] loop6: p42 size 262151 extends beyond EOD, truncated
[  106.888241][ T5242] loop6: p44 start 1191182336 is beyond EOD, truncated
[  106.895163][ T5242] loop6: p45 size 262151 extends beyond EOD, truncated
[  106.960067][ T5242] loop6: p47 start 1191182336 is beyond EOD, truncated
[  106.985948][ T5299] capability: warning: `syz.2.249' uses deprecated v2 capabilities in a way that may be insecure
[  107.007576][ T5242] loop6: p48 size 262151 extends beyond EOD, truncated
[  107.079516][ T5242] loop6: p50 start 1191182336 is beyond EOD, truncated
[  107.136853][ T5242] loop6: p51 size 262151 extends beyond EOD, truncated
[  107.158936][ T5242] loop6: p53 start 1191182336 is beyond EOD, truncated
[  107.210822][ T5242] loop6: p54 size 262151 extends beyond EOD, truncated
[  107.256891][ T5242] loop6: p56 start 1191182336 is beyond EOD, truncated
[  107.263808][ T5242] loop6: p57 size 262151 extends beyond EOD, truncated
[  107.347355][ T5242] loop6: p59 start 1191182336 is beyond EOD, truncated
[  107.354442][ T5242] loop6: p60 size 262151 extends beyond EOD, truncated
[  107.354995][ T5315] netlink: 96 bytes leftover after parsing attributes in process `syz.3.253'.
[  107.435687][ T5242] loop6: p62 start 1191182336 is beyond EOD, truncated
[  107.442607][ T5242] loop6: p63 size 262151 extends beyond EOD, truncated
[  107.487297][ T5242] loop6: p65 start 1191182336 is beyond EOD, truncated
[  107.494204][ T5242] loop6: p66 size 262151 extends beyond EOD, truncated
[  107.646918][ T5242] loop6: p68 start 1191182336 is beyond EOD, truncated
[  107.653844][ T5242] loop6: p69 size 262151 extends beyond EOD, truncated
[  107.751682][ T5242] loop6: p71 start 1191182336 is beyond EOD, truncated
[  107.826347][ T5242] loop6: p72 size 262151 extends beyond EOD, truncated
[  107.886289][ T5242] loop6: p74 start 1191182336 is beyond EOD, truncated
[  107.930988][ T5242] loop6: p75 size 262151 extends beyond EOD, truncated
[  107.997629][ T5242] loop6: p77 start 1191182336 is beyond EOD, truncated
[  108.021364][ T5242] loop6: p78 size 262151 extends beyond EOD, truncated
[  108.048604][ T5242] loop6: p80 start 1191182336 is beyond EOD, truncated
[  108.105498][ T5242] loop6: p81 size 262151 extends beyond EOD, truncated
[  108.168930][ T5242] loop6: p83 start 1191182336 is beyond EOD, truncated
[  108.202037][ T5242] loop6: p84 size 262151 extends beyond EOD, truncated
[  108.351690][ T5349] loop2: detected capacity change from 0 to 16
[  108.360436][ T5242] loop6: p86 start 1191182336 is beyond EOD, truncated
[  108.384342][ T5349] erofs: (device loop2): mounted with root inode @ nid 36.
[  108.402290][ T5242] loop6: p87 size 262151 extends beyond EOD, truncated
[  108.480578][ T5242] loop6: p89 start 1191182336 is beyond EOD, truncated
[  108.489755][ T5349] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  108.530858][ T5242] loop6: p90 size 262151 extends beyond EOD, truncated
[  108.572066][ T5242] loop6: p92 start 1191182336 is beyond EOD, truncated
[  108.590390][ T5242] loop6: p93 size 262151 extends beyond EOD, truncated
[  108.624412][ T5242] loop6: p95 start 1191182336 is beyond EOD, truncated
[  108.641663][ T5242] loop6: p96 size 262151 extends beyond EOD, truncated
[  108.687988][ T5242] loop6: p98 start 1191182336 is beyond EOD, truncated
[  108.694894][ T5242] loop6: p99 size 262151 extends beyond EOD, truncated
[  108.736521][ T5242] loop6: p101 start 1191182336 is beyond EOD, truncated
[  108.743521][ T5242] loop6: p102 size 262151 extends beyond EOD, truncated
[  108.796178][ T5242] loop6: p104 start 1191182336 is beyond EOD, truncated
[  108.823681][ T5242] loop6: p105 size 262151 extends beyond EOD, truncated
[  108.888069][ T5242] loop6: p107 start 1191182336 is beyond EOD, truncated
[  108.941217][ T5242] loop6: p108 size 262151 extends beyond EOD, truncated
[  108.973498][ T5242] loop6: p110 start 1191182336 is beyond EOD, truncated
[  108.996920][ T5242] loop6: p111 size 262151 extends beyond EOD, truncated
[  109.075593][ T5242] loop6: p113 start 1191182336 is beyond EOD, truncated
[  109.082583][ T5242] loop6: p114 size 262151 extends beyond EOD, truncated
[  109.145664][ T5242] loop6: p116 start 1191182336 is beyond EOD, truncated
[  109.152658][ T5242] loop6: p117 size 262151 extends beyond EOD, truncated
[  109.228454][ T5242] loop6: p119 start 1191182336 is beyond EOD, truncated
[  109.252686][ T5242] loop6: p120 size 262151 extends beyond EOD, truncated
[  109.284904][ T5242] loop6: p122 start 1191182336 is beyond EOD, truncated
[  109.302515][ T5242] loop6: p123 size 262151 extends beyond EOD, truncated
[  109.314759][ T5242] loop6: p125 start 1191182336 is beyond EOD, truncated
[  109.363341][ T5242] loop6: p126 size 262151 extends beyond EOD, truncated
[  109.412675][ T5242] loop6: p128 start 1191182336 is beyond EOD, truncated
[  109.428323][ T5242] loop6: p129 size 262151 extends beyond EOD, truncated
[  109.464656][ T5242] loop6: p131 start 1191182336 is beyond EOD, truncated
[  109.502405][ T5242] loop6: p132 size 262151 extends beyond EOD, truncated
[  109.537454][ T5242] loop6: p134 start 1191182336 is beyond EOD, truncated
[  109.544456][ T5242] loop6: p135 size 262151 extends beyond EOD, truncated
[  109.581585][ T5242] loop6: p137 start 1191182336 is beyond EOD, truncated
[  109.613574][ T5242] loop6: p138 size 262151 extends beyond EOD, truncated
[  109.644139][ T5242] loop6: p140 start 1191182336 is beyond EOD, truncated
[  109.703315][ T5242] loop6: p141 size 262151 extends beyond EOD, truncated
[  109.753596][ T5242] loop6: p143 start 1191182336 is beyond EOD, truncated
[  109.779900][ T5242] loop6: p144 size 262151 extends beyond EOD, truncated
[  109.814226][ T5242] loop6: p146 start 1191182336 is beyond EOD, truncated
[  109.842600][ T5242] loop6: p147 size 262151 extends beyond EOD, truncated
[  109.872767][ T5242] loop6: p149 start 1191182336 is beyond EOD, truncated
[  109.898989][ T5242] loop6: p150 size 262151 extends beyond EOD, truncated
[  109.931529][ T5242] loop6: p152 start 1191182336 is beyond EOD, truncated
[  109.973233][ T5242] loop6: p153 size 262151 extends beyond EOD, truncated
[  110.012220][ T5242] loop6: p155 start 1191182336 is beyond EOD, truncated
[  110.069213][ T5242] loop6: p156 size 262151 extends beyond EOD, truncated
[  110.101436][ T5242] loop6: p158 start 1191182336 is beyond EOD, truncated
[  110.140338][ T5242] loop6: p159 size 262151 extends beyond EOD, truncated
[  110.176158][ T5242] loop6: p161 start 1191182336 is beyond EOD, truncated
[  110.201027][ T5242] loop6: p162 size 262151 extends beyond EOD, truncated
[  110.222976][ T5242] loop6: p164 start 1191182336 is beyond EOD, truncated
[  110.246666][ T5242] loop6: p165 size 262151 extends beyond EOD, truncated
[  110.274801][ T5242] loop6: p167 start 1191182336 is beyond EOD, truncated
[  110.325603][ T5242] loop6: p168 size 262151 extends beyond EOD, truncated
[  110.357334][ T5242] loop6: p170 start 1191182336 is beyond EOD, truncated
[  110.364327][ T5242] loop6: p171 size 262151 extends beyond EOD, truncated
[  110.415904][ T5242] loop6: p173 start 1191182336 is beyond EOD, truncated
[  110.443577][ T5242] loop6: p174 size 262151 extends beyond EOD, truncated
[  110.476097][ T5242] loop6: p176 start 1191182336 is beyond EOD, truncated
[  110.483093][ T5242] loop6: p177 size 262151 extends beyond EOD, truncated
[  110.523260][ T5242] loop6: p179 start 1191182336 is beyond EOD, truncated
[  110.543885][ T5242] loop6: p180 size 262151 extends beyond EOD, truncated
[  110.584585][ T5242] loop6: p182 start 1191182336 is beyond EOD, truncated
[  110.613518][ T5242] loop6: p183 size 262151 extends beyond EOD, truncated
[  110.667303][ T5242] loop6: p185 start 1191182336 is beyond EOD, truncated
[  110.687364][ T5242] loop6: p186 size 262151 extends beyond EOD, truncated
[  110.731558][ T5242] loop6: p188 start 1191182336 is beyond EOD, truncated
[  110.745497][ T5242] loop6: p189 size 262151 extends beyond EOD, truncated
[  110.793527][ T5242] loop6: p191 start 1191182336 is beyond EOD, truncated
[  110.820432][ T5242] loop6: p192 size 262151 extends beyond EOD, truncated
[  110.853127][ T5242] loop6: p194 start 1191182336 is beyond EOD, truncated
[  110.906103][ T5242] loop6: p195 size 262151 extends beyond EOD, truncated
[  110.937953][ T5242] loop6: p197 start 1191182336 is beyond EOD, truncated
[  110.975437][ T5242] loop6: p198 size 262151 extends beyond EOD, truncated
[  111.032555][ T5242] loop6: p200 start 1191182336 is beyond EOD, truncated
[  111.052990][ T5242] loop6: p201 size 262151 extends beyond EOD, truncated
[  111.108652][ T5242] loop6: p203 start 1191182336 is beyond EOD, truncated
[  111.135426][ T5242] loop6: p204 size 262151 extends beyond EOD, truncated
[  111.144780][ T5242] loop6: p206 start 1191182336 is beyond EOD, truncated
[  111.175411][ T5242] loop6: p207 size 262151 extends beyond EOD, truncated
[  111.227134][ T5242] loop6: p209 start 1191182336 is beyond EOD, truncated
[  111.234233][ T5242] loop6: p210 size 262151 extends beyond EOD, truncated
[  111.285622][ T5242] loop6: p212 start 1191182336 is beyond EOD, truncated
[  111.292621][ T5242] loop6: p213 size 262151 extends beyond EOD, truncated
[  111.367282][ T5242] loop6: p215 start 1191182336 is beyond EOD, truncated
[  111.374277][ T5242] loop6: p216 size 262151 extends beyond EOD, truncated
[  111.423000][ T5242] loop6: p218 start 1191182336 is beyond EOD, truncated
[  111.469198][ T5242] loop6: p219 size 262151 extends beyond EOD, truncated
[  111.502113][ T5242] loop6: p221 start 1191182336 is beyond EOD, truncated
[  111.534428][ T5242] loop6: p222 size 262151 extends beyond EOD, truncated
[  111.586238][ T5242] loop6: p224 start 1191182336 is beyond EOD, truncated
[  111.593315][ T5242] loop6: p225 size 262151 extends beyond EOD, truncated
[  111.651269][ T5242] loop6: p227 start 1191182336 is beyond EOD, truncated
[  111.681381][ T5242] loop6: p228 size 262151 extends beyond EOD, truncated
[  111.742263][ T5242] loop6: p230 start 1191182336 is beyond EOD, truncated
[  111.786628][ T5242] loop6: p231 size 262151 extends beyond EOD, truncated
[  111.827539][ T5242] loop6: p233 start 1191182336 is beyond EOD, truncated
[  111.834533][ T5242] loop6: p234 size 262151 extends beyond EOD, truncated
[  111.897761][ T5242] loop6: p236 start 1191182336 is beyond EOD, truncated
[  111.925135][ T5242] loop6: p237 size 262151 extends beyond EOD, truncated
[  111.947557][ T5242] loop6: p239 start 1191182336 is beyond EOD, truncated
[  111.954557][ T5242] loop6: p240 size 262151 extends beyond EOD, truncated
[  112.016248][ T5242] loop6: p242 start 1191182336 is beyond EOD, truncated
[  112.023252][ T5242] loop6: p243 size 262151 extends beyond EOD, truncated
[  112.057452][ T5242] loop6: p245 start 1191182336 is beyond EOD, truncated
[  112.089114][ T5242] loop6: p246 size 262151 extends beyond EOD, truncated
[  112.119807][ T5242] loop6: p248 start 1191182336 is beyond EOD, truncated
[  112.141574][ T5242] loop6: p249 size 262151 extends beyond EOD, truncated
[  112.169593][ T5242] loop6: p251 start 1191182336 is beyond EOD, truncated
[  112.193770][ T5242] loop6: p252 size 262151 extends beyond EOD, truncated
[  112.261832][ T5242] loop6: p254 start 1191182336 is beyond EOD, truncated
[  112.305724][ T5242] loop6: p255 size 262151 extends beyond EOD, truncated
[  112.453042][ T5470] loop1: detected capacity change from 0 to 128
[  113.151764][ T4180] udevd[4180]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[  113.152045][ T4179] udevd[4179]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory
[  113.178183][ T4176] udevd[4176]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  113.189770][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop6p6, 10) failed: No such file or directory
[  113.282516][ T5496] loop6: detected capacity change from 0 to 128
[  113.412087][ T5487] udevd[5487]: inotify_add_watch(7, /dev/loop6p9, 10) failed: No such file or directory
[  113.425163][ T5486] udevd[5486]: inotify_add_watch(7, /dev/loop6p7, 10) failed: No such file or directory
[  113.451545][ T5490] udevd[5490]: inotify_add_watch(7, /dev/loop6p10, 10) failed: No such file or directory
[  113.477883][   T26] kauditd_printk_skb: 25 callbacks suppressed
[  113.477899][   T26] audit: type=1800 audit(1771905659.858:38): pid=5496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.288" name="bus" dev="loop6" ino=1048605 res=0 errno=0
[  113.504615][ T5492] udevd[5492]: inotify_add_watch(7, /dev/loop6p12, 10) failed: No such file or directory
[  113.555270][ T5498] udevd[5498]: inotify_add_watch(7, /dev/loop6p15, 10) failed: No such file or directory
[  113.578305][ T5497] udevd[5497]: inotify_add_watch(7, /dev/loop6p13, 10) failed: No such file or directory
[  116.189667][ T5611] loop1: detected capacity change from 0 to 512
[  116.798985][ T5630] overlayfs: failed to clone upperpath
[  116.981541][ T5643] fuse: Bad value for 'fd'
[  117.009147][ T5644] netlink: 'syz.2.333': attribute type 1 has an invalid length.
[  117.041090][ T5640] loop1: detected capacity change from 0 to 128
[  117.109095][ T5644] device bond1 entered promiscuous mode
[  117.115932][ T5644] 8021q: adding VLAN 0 to HW filter on device bond1
[  117.289427][ T5647] bond1: (slave erspan1): making interface the new active one
[  117.335485][ T5647] device erspan1 entered promiscuous mode
[  117.343659][ T5647] bond1: (slave erspan1): Enslaving as an active interface with an up link
[  117.390901][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  117.513535][ T5662] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.520728][ T5662] bridge0: port 2(bridge_slave_1) entered forwarding state
[  117.528241][ T5662] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.535405][ T5662] bridge0: port 1(bridge_slave_0) entered forwarding state
[  117.559949][ T5647] syz.2.333 (5647) used greatest stack depth: 18512 bytes left
[  117.630859][ T5662] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  117.658667][ T5662] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  117.721898][ T5669] netlink: 'syz.6.341': attribute type 4 has an invalid length.
[  117.803527][ T5675] netlink: 32 bytes leftover after parsing attributes in process `syz.2.342'.
[  117.846200][ T5678] IPv6: NLM_F_REPLACE set, but no existing node found!
[  118.425691][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  118.740495][ T5723] loop1: detected capacity change from 0 to 136
[  121.756083][ T5890] syzkaller0: tun_chr_ioctl cmd 1074812118
[  121.783947][ T5890] syzkaller0: tun_chr_ioctl cmd 35108
[  121.845963][ T5898] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.853405][ T5898] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.954674][ T5898] device bridge_slave_1 left promiscuous mode
[  121.962105][ T5898] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.029962][ T5898] device bridge_slave_0 left promiscuous mode
[  122.076741][ T5898] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.210068][ T5914] netlink: 'syz.1.414': attribute type 13 has an invalid length.
[  122.245849][ T5914] netlink: 8 bytes leftover after parsing attributes in process `syz.1.414'.
[  122.275062][ T5914] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  122.419876][ T5927] syzkaller0: tun_chr_ioctl cmd 2147767521
[  122.857883][ T5960] netlink: 'syz.1.429': attribute type 13 has an invalid length.
[  122.884247][ T5960] netlink: 8 bytes leftover after parsing attributes in process `syz.1.429'.
[  122.900798][ T5960] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  123.065739][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  124.235684][ T6011] tun0: tun_chr_ioctl cmd 1074025675
[  124.241018][ T6011] tun0: persist enabled
[  124.281878][ T6011] tun0: tun_chr_ioctl cmd 1074025675
[  124.287568][ T6011] tun0: persist enabled
[  124.749840][ T4175] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  125.015562][ T4175] usb 2-1: Using ep0 maxpacket: 8
[  125.135566][ T4175] usb 2-1: config 0 has an invalid interface number: 31 but max is 0
[  125.154311][ T4175] usb 2-1: config 0 has no interface number 0
[  125.315724][ T4175] usb 2-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  125.335152][ T4175] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.345425][ T4175] usb 2-1: Product: syz
[  125.349621][ T4175] usb 2-1: Manufacturer: syz
[  125.354233][ T4175] usb 2-1: SerialNumber: syz
[  125.393617][ T4175] usb 2-1: config 0 descriptor??
[  125.695583][ T4175] usb 2-1: Found UVC 0.04 device syz (046d:08c3)
[  125.703072][ T4175] usb 2-1: No valid video chain found.
[  125.736658][ T4175] usb 2-1: USB disconnect, device number 2
[  130.997807][  T144] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.212477][  T144] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.340754][  T144] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.511067][ T6187] hub 8-0:1.0: USB hub found
[  131.517796][ T6187] hub 8-0:1.0: 1 port detected
[  132.267606][ T6189] overlayfs: failed to clone upperpath
[  132.362825][  T144] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.618756][ T6202] loop6: detected capacity change from 0 to 256
[  132.638625][ T6190] device syzkaller0 entered promiscuous mode
[  132.670315][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  132.676687][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  132.886596][ T6202] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  133.420178][ T6197] chnl_net:caif_netlink_parms(): no params data found
[  133.539442][ T6225] loop3: detected capacity change from 0 to 164
[  133.808397][ T6233] overlayfs: failed to clone upperpath
[  134.586704][ T4232] Bluetooth: hci3: command 0x0409 tx timeout
[  134.680733][ T6197] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.792212][ T6197] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.812954][ T6197] device bridge_slave_0 entered promiscuous mode
[  134.833352][ T6197] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.840927][ T6197] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.869506][ T6197] device bridge_slave_1 entered promiscuous mode
[  135.005383][ T6197] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  135.131077][ T6197] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  135.283889][ T6197] team0: Port device team_slave_0 added
[  135.341076][ T6197] team0: Port device team_slave_1 added
[  135.448470][ T6197] batman_adv: batadv0: Adding interface: batadv_slave_0
[  135.509497][ T6197] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  135.756632][ T6197] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  136.006533][ T6197] batman_adv: batadv0: Adding interface: batadv_slave_1
[  136.056930][ T6197] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  136.215576][ T6197] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  136.237423][  T144] device hsr_slave_0 left promiscuous mode
[  136.245123][  T144] device hsr_slave_1 left promiscuous mode
[  136.259113][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  136.269145][  T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[  136.281677][ T6268] overlayfs: failed to clone upperpath
[  136.290205][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  136.304863][  T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[  136.348099][  T144] device bridge_slave_1 left promiscuous mode
[  136.362634][  T144] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.645890][  T144] device bridge_slave_0 left promiscuous mode
[  136.652158][  T144] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.804809][  T144] device veth1_macvtap left promiscuous mode
[  136.820955][ T6288] loop6: detected capacity change from 0 to 1764
[  136.827692][  T144] device veth0_macvtap left promiscuous mode
[  136.833783][  T144] device veth1_vlan left promiscuous mode
[  136.847694][  T144] device veth0_vlan left promiscuous mode
[  136.914032][ T6289] loop3: detected capacity change from 0 to 2048
[  137.120462][ T4175] Bluetooth: hci3: command 0x041b tx timeout
[  137.288332][ T6289] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  137.364086][   T26] audit: type=1800 audit(1771905683.738:39): pid=6289 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.492" name="file1" dev="loop3" ino=15 res=0 errno=0
[  137.389207][ T6289] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1163: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  137.460480][ T6311] loop6: detected capacity change from 0 to 512
[  137.476461][ T6289] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28
[  137.508231][ T6289] EXT4-fs (loop3): This should not happen!! Data will be lost
[  137.508231][ T6289] 
[  137.510561][ T6310] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  137.527071][ T6289] EXT4-fs (loop3): Total free blocks count 0
[  137.548759][ T6311] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  137.577910][ T6311] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  137.609420][ T6311] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  137.637309][ T6314] EXT4-fs (loop3): shut down requested (1)
[  137.647579][ T6310] EXT4-fs (loop3): This should not happen!! Data will be lost
[  137.647579][ T6310] 
[  137.672269][ T6311] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2807: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  137.717135][ T6289] EXT4-fs (loop3): Free/Dirty block details
[  137.723205][ T6289] EXT4-fs (loop3): free_blocks=2415919504
[  137.724445][ T6310] EXT4-fs (loop3): Total free blocks count 0
[  137.747021][ T6311] EXT4-fs (loop6): 1 truncate cleaned up
[  137.751616][ T6310] EXT4-fs (loop3): Free/Dirty block details
[  137.761828][  T144] team0 (unregistering): Port device team_slave_1 removed
[  137.776938][  T144] team0 (unregistering): Port device team_slave_0 removed
[  137.787194][ T6311] EXT4-fs (loop6): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,dioread_nolock,debug_want_extra_isize=0x000000000000006a,jqfmt=vfsold,bsdgroups,grpjquota=,,errors=continue. Quota mode: none.
[  137.845950][  T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  137.924757][  T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  138.823031][  T144] bond0 (unregistering): Released all slaves
[  138.900361][ T6274] netlink: 96 bytes leftover after parsing attributes in process `syz.2.487'.
[  139.010343][ T6341] loop6: detected capacity change from 0 to 1024
[  139.032013][ T6197] device hsr_slave_0 entered promiscuous mode
[  139.046388][ T6197] device hsr_slave_1 entered promiscuous mode
[  139.063771][ T6197] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  139.074035][ T6197] Cannot create hsr debugfs directory
[  139.225431][ T4234] Bluetooth: hci3: command 0x040f tx timeout
[  140.354305][ T6370] netlink: 96 bytes leftover after parsing attributes in process `syz.3.516'.
[  140.544517][ T6197] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  140.580007][ T6197] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  140.642110][ T6197] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  140.700884][ T6197] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  140.983916][ T6197] 8021q: adding VLAN 0 to HW filter on device bond0
[  141.092767][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  141.120979][ T1267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  141.139161][ T6197] 8021q: adding VLAN 0 to HW filter on device team0
[  141.305678][ T4192] Bluetooth: hci3: command 0x0419 tx timeout
[  141.362528][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  141.406004][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  141.455143][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.462274][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  141.501822][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  141.528147][ T6412] kvm [6405]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x495a
[  141.546259][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  141.559626][ T6412] kvm [6405]: vcpu0, guest rIP: 0x1b8 disabled perfctr wrmsr: 0xc2 data 0x0
[  141.575152][  T154] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.582364][  T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[  141.611213][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  141.627065][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  141.692659][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  141.702978][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  141.787809][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  141.822567][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  141.857616][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  141.882762][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  141.924628][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  141.956893][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  142.001704][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  142.035485][ T6197] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  142.058630][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  142.318303][ T6430] kvm [6429]: vcpu2, guest rIP: 0x9135 disabled perfctr wrmsr: 0xc1 data 0xfffffc00
[  142.348320][ T6443] loop3: detected capacity change from 0 to 256
[  142.415649][ T6430] kvm [6429]: vcpu2, guest rIP: 0x9135 disabled perfctr wrmsr: 0xc2 data 0xfffffc00
[  142.432074][ T6443] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  142.482487][ T6443] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  142.508752][ T6430] kvm [6429]: vcpu2, guest rIP: 0x9135 ignored wrmsr: 0x11e data 0xfffffc00
[  142.535917][ T6443] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  142.556378][ T6430] kvm [6429]: vcpu2, guest rIP: 0x9135 disabled perfctr wrmsr: 0x186 data 0xfffffc00
[  142.578570][ T4507] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  142.600318][ T4507] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  142.607892][ T6430] kvm [6429]: vcpu2, guest rIP: 0x9135 disabled perfctr wrmsr: 0x187 data 0xfffffc00
[  142.641797][ T6197] 8021q: adding VLAN 0 to HW filter on device batadv0
[  142.922107][ T6455] loop6: detected capacity change from 0 to 1024
[  143.345947][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  143.375139][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  143.459433][ T6334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  143.496726][ T6334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  143.527786][ T6334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  143.564037][ T6334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  143.588263][ T6197] device veth0_vlan entered promiscuous mode
[  143.647425][ T6197] device veth1_vlan entered promiscuous mode
[  143.746122][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  143.777460][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  143.813297][ T6197] device veth0_macvtap entered promiscuous mode
[  143.839825][ T6197] device veth1_macvtap entered promiscuous mode
[  143.896507][ T6197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  143.925726][ T6197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.966237][ T6197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  143.996650][ T6197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.035673][ T6197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.081645][ T6197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.127049][ T6197] batman_adv: batadv0: Interface activated: batadv_slave_0
[  144.157366][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  144.165980][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  144.206152][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  144.238020][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  144.268851][ T6197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.296170][ T6197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.339648][ T6197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.369593][ T6197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.396399][ T6197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.430681][ T6197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.471463][ T6197] batman_adv: batadv0: Interface activated: batadv_slave_1
[  144.496553][ T6334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  144.525988][ T6334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  144.565556][ T6197] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.574295][ T6197] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.616444][ T6197] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.625182][ T6197] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  144.844458][  T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.910292][  T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.970030][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  145.004792][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  145.013172][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  145.064055][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  145.474330][  T154] hfsplus: b-tree write err: -5, ino 4
[  145.578106][ T6490] netlink: 16 bytes leftover after parsing attributes in process `syz.7.460'.
[  145.587352][ T6490] netlink: 16 bytes leftover after parsing attributes in process `syz.7.460'.
[  145.810494][ T6489] loop3: detected capacity change from 0 to 1024
[  146.405810][   T26] audit: type=1800 audit(2000000004.300:40): pid=6489 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.536" name="file1" dev="loop3" ino=20 res=0 errno=0
[  146.932953][ T6536] fuse: root generation should be zero
[  146.988976][ T6538] kvm: pic: non byte write
[  147.105767][ T6546] netlink: 96 bytes leftover after parsing attributes in process `syz.3.549'.
[  147.388719][ T4175] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  147.795883][ T4175] usb 3-1: config 0 has an invalid interface number: 156 but max is 0
[  147.813632][ T4175] usb 3-1: config 0 has no interface number 0
[  147.891159][ T4175] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  148.007800][ T4175] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  148.095554][ T4175] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  148.178863][ T4175] usb 3-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  148.244919][ T4175] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.322059][ T4175] usb 3-1: config 0 descriptor??
[  148.408171][ T4175] gspca_main: spca561-2.14.0 probing abcd:cdee
[  148.695676][ T4175] spca561: probe of 3-1:0.156 failed with error -22
[  148.713542][ T4175] usb 3-1: MIDIStreaming interface descriptor not found
[  148.807230][ T4175] usb 3-1: USB disconnect, device number 2
[  149.101180][ T6621] loop3: detected capacity change from 0 to 512
[  149.264639][ T6621] EXT4-fs (loop3): 1 truncate cleaned up
[  149.271092][ T6621] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsddf,,errors=continue. Quota mode: none.
[  149.290574][ T6614] udevd[6614]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.156/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  149.340550][ T6632] 9pnet: Insufficient options for proto=fd
[  149.474872][   T26] audit: type=1800 audit(2000000007.370:41): pid=6638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.565" name="file1" dev="loop3" ino=13 res=0 errno=0
[  149.532783][ T6621] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.565: bg 0: block 465: padding at end of block bitmap is not set
[  149.594082][ T6621] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6194: Corrupt filesystem
[  149.667360][ T6645] netlink: 96 bytes leftover after parsing attributes in process `syz.2.569'.
[  149.786819][ T6647] loop7: detected capacity change from 0 to 4096
[  149.810842][ T6647] EXT4-fs (loop7): Test dummy encryption mode enabled
[  149.842536][ T6647] EXT4-fs (loop7): mounted filesystem without journal. Opts: nouid32,usrjquota=,test_dummy_encryption=v1,data_err=ignore,auto_da_alloc,,errors=continue. Quota mode: writeback.
[  150.099606][ T6663] loop6: detected capacity change from 0 to 16
[  150.140069][ T6667] fuse: Bad value for 'fd'
[  150.179520][ T6663] erofs: (device loop6): mounted with root inode @ nid 36.
[  150.327046][ T6647] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  150.332627][ T6673] loop3: detected capacity change from 0 to 1024
[  150.372217][ T6678] loop6: detected capacity change from 0 to 736
[  150.445741][ T6673] hfsplus: invalid file type 0120411 for inode 2
[  150.464760][ T6673] hfsplus: failed to load root directory
[  151.490210][ T6710] loop2: detected capacity change from 0 to 512
[  151.503668][ T6713] loop6: detected capacity change from 0 to 256
[  151.664905][ T6713] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  151.718212][ T6724] loop3: detected capacity change from 0 to 8
[  151.736662][ T6713] FAT-fs (loop6): Filesystem has been set read-only
[  151.781645][ T6713] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  151.828406][ T6710] EXT4-fs (loop2): Test dummy encryption mode enabled
[  151.833427][ T6713] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  151.847308][ T6710] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  151.872346][ T6724] SQUASHFS error: Failed to read block 0x63a: -5
[  151.881403][ T6710] EXT4-fs (loop2): SIPHASH is not a valid default hash value
[  151.911100][   T26] audit: type=1800 audit(2000000009.790:42): pid=6713 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.588" name="file1" dev="loop6" ino=1048629 res=0 errno=0
[  151.946849][ T6724] SQUASHFS error: Unable to read metadata cache entry [638]
[  151.954195][ T6724] SQUASHFS error: Unable to read directory block [26067d:ffff]
[  152.625381][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #282!!!
[  152.634410][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[  152.643501][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[  152.652500][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[  152.661542][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[  152.670539][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[  152.679531][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[  152.688526][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[  152.697601][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[  152.706585][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[  156.582336][ T6774] sched: RT throttling activated
[  156.872851][ T6796] loop2: detected capacity change from 0 to 1024
[  156.919736][ T6797] loop3: detected capacity change from 0 to 512
[  156.948869][ T6799] 9pnet: Insufficient options for proto=fd
[  157.021005][ T6796] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  157.032040][ T6797] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  157.084583][ T6796] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  157.136150][ T6797] EXT4-fs (loop3): 1 truncate cleaned up
[  157.150850][ T6796] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,stripe=0x0000000000000002,dioread_nolock,bsddf,nomblk_io_submit,grpjquota=,,errors=continue. Quota mode: writeback.
[  157.193834][ T6797] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsddf,errors=continue,sb=0x000000000000ffff,debug_want_extra_isize=0x0000000000000080,block_validity,noload,,errors=continue. Quota mode: none.
[  157.345379][ T6811] loop6: detected capacity change from 0 to 128
[  158.621498][ T4186] EXT4-fs error (device loop3): mb_free_blocks:1876: group 0, inode 16: block 35:freeing already freed block (bit 34); block bitmap corrupt.
[  162.897470][ T6923] netlink: 'syz.5.652': attribute type 3 has an invalid length.
[  164.771713][ T6992] loop2: detected capacity change from 0 to 512
[  164.854152][ T6992] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  164.947691][ T6992] EXT4-fs (loop2): 1 truncate cleaned up
[  164.953418][ T6992] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_batch_time=0x0000000004000040,journal_dev=0x0000000000000001,debug_want_extra_isize=0x000000000000006a,user_xattr,nodelalloc,nouid32,barrier=0x0000000000008000,,errors=continue. Quota mode: none.
[  165.116969][ T6992] netlink: 20 bytes leftover after parsing attributes in process `syz.2.669'.
[  166.507805][ T7039] loop6: detected capacity change from 0 to 128
[  166.656334][ T7038] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  166.684468][ T7039] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  166.719629][ T7038] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  167.033928][   T26] audit: type=1326 audit(2000000024.930:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7054 comm="syz.2.683" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5dd59f5629 code=0x0
[  167.106056][   T26] audit: type=1800 audit(2000000025.000:44): pid=7039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.677" name="file2" dev="loop6" ino=95 res=0 errno=0
[  168.228100][ T7071] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  168.735397][ T4235] usb 4-1: new low-speed USB device number 2 using dummy_hcd
[  169.105565][ T4235] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  169.124105][ T4235] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.185036][ T4235] usb 4-1: config 0 descriptor??
[  169.257741][ T4235] asix: probe of 4-1:0.0 failed with error -22
[  169.495690][ T7094] chnl_net:caif_netlink_parms(): no params data found
[  169.876644][ T7094] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.909527][ T7094] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.956526][ T7094] device bridge_slave_0 entered promiscuous mode
[  170.001038][ T7094] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.054354][ T7094] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.085923][ T7094] device bridge_slave_1 entered promiscuous mode
[  170.199661][ T7094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  170.304067][ T7157] netlink: 168 bytes leftover after parsing attributes in process `syz.6.702'.
[  170.641176][ T7094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  170.835539][ T4175] Bluetooth: hci5: command 0x0409 tx timeout
[  171.196754][ T7094] team0: Port device team_slave_0 added
[  171.246875][ T7166] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  171.249978][ T7094] team0: Port device team_slave_1 added
[  171.348658][ T7094] batman_adv: batadv0: Adding interface: batadv_slave_0
[  171.370391][ T7094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.431867][ T7094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  171.460043][ T7094] batman_adv: batadv0: Adding interface: batadv_slave_1
[  171.482097][ T7094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.517961][ T4175] usb 4-1: USB disconnect, device number 2
[  171.588581][ T7094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  172.320507][ T7094] device hsr_slave_0 entered promiscuous mode
[  172.350369][ T7194] overlayfs: failed to resolve './file0': -2
[  172.480536][ T7094] device hsr_slave_1 entered promiscuous mode
[  172.555640][ T7094] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  172.621925][ T7094] Cannot create hsr debugfs directory
[  172.915509][ T4175] Bluetooth: hci5: command 0x041b tx timeout
[  172.941779][ T7209] loop2: detected capacity change from 0 to 512
[  173.125087][ T7209] EXT4-fs (loop2): Ignoring removed orlov option
[  173.235988][ T7209] EXT4-fs (loop2): orphan cleanup on readonly fs
[  173.242459][ T7209] EXT4-fs error (device loop2): ext4_find_extent:893: inode #4: comm syz.2.718: inode has invalid extent depth: 7
[  173.391066][ T7209] EXT4-fs (loop2): Remounting filesystem read-only
[  173.397739][ T7209] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=-117
[  173.465732][ T7209] EXT4-fs warning (device loop2): ext4_enable_quotas:6486: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  173.515487][ T7209] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  173.522134][ T7209] EXT4-fs (loop2): mounted filesystem without journal. Opts: orlov,errors=remount-ro,. Quota mode: writeback.
[  173.562376][ T7094] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  173.603189][ T7094] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  173.678475][ T7094] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  173.705100][ T7094] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  174.616022][ T7094] 8021q: adding VLAN 0 to HW filter on device bond0
[  176.047662][ T4192] Bluetooth: hci5: command 0x040f tx timeout
[  176.059522][ T7094] 8021q: adding VLAN 0 to HW filter on device team0
[  176.909284][ T7247] overlayfs: failed to resolve './file0': -2
[  176.936029][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  176.949813][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  176.971326][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  176.990275][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  177.027871][  T144] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.035074][  T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[  177.075810][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  177.107766][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  177.188485][ T7270] input: syz1 as /devices/virtual/input/input5
[  177.216857][  T144] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.223972][  T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  177.295880][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  177.329902][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  177.665255][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  177.803306][    T9] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.862407][ T7278] loop2: detected capacity change from 0 to 256
[  177.889151][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  177.914325][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  177.957568][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  177.987009][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  178.040680][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  178.085207][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  178.113946][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  178.122293][ T4232] Bluetooth: hci5: command 0x0419 tx timeout
[  178.129985][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  178.140059][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  178.166944][    T9] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.303951][ T7278] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  178.776849][ T7094] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  178.956562][    T9] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.086764][    T9] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.488090][ T7319] loop3: detected capacity change from 0 to 128
[  179.489617][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  179.521915][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  179.578549][ T7094] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.756171][ T7326] loop6: detected capacity change from 0 to 128
[  179.773851][ T7324] attempt to access beyond end of device
[  179.773851][ T7324] loop3: rw=2049, want=161, limit=128
[  179.843414][ T7326] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  179.927556][ T7326] EXT4-fs (loop6): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,dioread_nolock,,errors=continue. Quota mode: none.
[  179.957350][ T7326] ext4 filesystem being mounted at /111/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  180.512948][ T7360] loop6: detected capacity change from 0 to 1024
[  180.628855][ T1458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  180.942175][ T1458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  181.331739][ T7094] device veth0_vlan entered promiscuous mode
[  181.370316][ T7360] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  181.430184][ T1458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  181.439513][ T1458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  181.487631][ T1458] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  181.511183][ T1458] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  181.571189][ T7094] device veth1_vlan entered promiscuous mode
[  181.673519][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  181.686363][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  181.728699][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  181.763931][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  181.772413][ T4268] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  181.796399][ T7094] device veth0_macvtap entered promiscuous mode
[  181.839860][ T7094] device veth1_macvtap entered promiscuous mode
[  181.924409][ T7094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  181.956786][ T7094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.987415][ T7094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  182.015461][ T7094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.038610][ T7094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  182.049472][ T7094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.063009][ T7094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  182.075670][ T7094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.087930][ T7094] batman_adv: batadv0: Interface activated: batadv_slave_0
[  182.113023][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  182.142610][ T4268] usb 4-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[  182.156557][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  182.166587][ T4268] usb 4-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  182.186868][ T4268] usb 4-1: config 0 interface 0 has no altsetting 0
[  182.193637][ T4268] usb 4-1: New USB device found, idVendor=0079, idProduct=1843, bcdDevice= 0.00
[  182.203632][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  182.212279][ T4268] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.227488][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  182.244379][ T4268] usb 4-1: config 0 descriptor??
[  182.253859][ T7094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.274573][ T7094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.298095][ T7094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.315279][ T7094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.333327][ T7094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.343986][ T7094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.369652][ T7094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.383766][ T7094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.399052][ T7094] batman_adv: batadv0: Interface activated: batadv_slave_1
[  182.423717][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  182.435795][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  182.451157][ T7094] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.465402][ T7094] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.484791][ T7094] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.505749][ T7094] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.564921][ T7389] overlayfs: failed to clone upperpath
[  182.572834][ T7190] hfsplus: b-tree write err: -5, ino 4
[  182.698372][ T7403] loop6: detected capacity change from 0 to 128
[  182.776502][ T7403] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  182.874140][ T7408] loop3: detected capacity change from 0 to 1024
[  182.899589][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  182.915951][ T7403] ext4 filesystem being mounted at /114/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  182.945414][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.030964][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  183.063152][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.081999][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.111613][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  183.208362][    T9] device hsr_slave_0 left promiscuous mode
[  183.242420][    T9] device hsr_slave_1 left promiscuous mode
[  183.271927][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  183.302220][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  183.354994][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  183.365545][ T4268] usbhid 4-1:0.0: can't add hid device: -71
[  183.371547][ T4268] usbhid: probe of 4-1:0.0 failed with error -71
[  183.421448][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  183.445592][ T4268] usb 4-1: USB disconnect, device number 3
[  183.516225][    T9] device bridge_slave_1 left promiscuous mode
[  183.529876][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.559941][    T9] device bridge_slave_0 left promiscuous mode
[  183.574302][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.608850][    T9] device veth1_macvtap left promiscuous mode
[  183.625147][    T9] device veth0_macvtap left promiscuous mode
[  183.645940][    T9] device veth1_vlan left promiscuous mode
[  183.658477][    T9] device veth0_vlan left promiscuous mode
[  183.882681][ T7434] 9pnet: p9_errstr2errno: server reported unknown error 1844674
[  185.332988][    T9] team0 (unregistering): Port device team_slave_1 removed
[  185.662479][    T9] team0 (unregistering): Port device team_slave_0 removed
[  185.944136][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  185.993915][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  186.199124][    T9] bond0 (unregistering): Released all slaves
[  186.224832][ T7473] overlayfs: failed to clone upperpath
[  186.611272][ T7491] loop3: detected capacity change from 0 to 512
[  186.947634][ T7491] EXT4-fs (loop3): orphan cleanup on readonly fs
[  186.984181][ T7491] EXT4-fs error (device loop3): ext4_xattr_inode_iget:401: inode #11: comm syz.3.777: ea_inode with extended attributes
[  187.081082][ T7491] EXT4-fs error (device loop3): ext4_xattr_inode_iget:406: comm syz.3.777: error while reading EA inode 11 err=-117
[  187.164849][ T7491] EXT4-fs (loop3): 1 orphan inode deleted
[  187.191210][ T7491] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodioread_nolock,dioread_lock,debug_want_extra_isize=0x0000000000000006,nojournal_checksum,resgid=0x0000000000000000,acl,barrier,,errors=continue. Quota mode: none.
[  187.260781][ T7506] device syzkaller0 entered promiscuous mode
[  189.030163][ T7554] device syzkaller0 entered promiscuous mode
[  189.245609][ T4892] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  189.565504][ T4892] usb 7-1: Using ep0 maxpacket: 16
[  189.698731][ T7562] loop3: detected capacity change from 0 to 16
[  189.777932][ T7562] erofs: (device loop3): mounted with root inode @ nid 36.
[  189.812270][ T7564] overlayfs: failed to clone upperpath
[  189.895618][ T4892] usb 7-1: New USB device found, idVendor=5fc9, idProduct=0063, bcdDevice=93.52
[  189.922182][ T4892] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.983322][ T4892] usb 7-1: Product: syz
[  189.988138][ T4892] usb 7-1: Manufacturer: syz
[  189.992753][ T4892] usb 7-1: SerialNumber: syz
[  190.056314][ T4892] usb 7-1: config 0 descriptor??
[  191.059537][ T7585] loop8: detected capacity change from 0 to 256
[  191.075427][ T4892] Bluetooth: hci2: command 0x0406 tx timeout
[  191.082430][ T4892] Bluetooth: hci1: command 0x0406 tx timeout
[  191.524986][ T7601] Illegal XDP return value 4294967274, expect packet loss!
[  191.976113][ T4239] usb 7-1: USB disconnect, device number 2
[  192.427920][ T7610] loop6: detected capacity change from 0 to 8
[  192.538579][ T7616] loop8: detected capacity change from 0 to 512
[  192.695534][ T7616] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  192.780506][ T7616] ext4 filesystem being mounted at /8/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  193.301057][ T7616] EXT4-fs error (device loop8): ext4_do_update_inode:5222: inode #2: comm syz.8.811: corrupted inode contents
[  193.501877][ T7616] EXT4-fs error (device loop8): ext4_dirty_inode:6058: inode #2: comm syz.8.811: mark_inode_dirty error
[  193.548672][ T7638] loop2: detected capacity change from 0 to 512
[  193.643216][ T7616] EXT4-fs error (device loop8): ext4_do_update_inode:5222: inode #2: comm syz.8.811: corrupted inode contents
[  194.276113][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  194.282462][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  194.712036][ T7639] EXT4-fs error (device loop8): ext4_do_update_inode:5222: inode #2: comm syz.8.811: corrupted inode contents
[  194.980673][ T7639] EXT4-fs error (device loop8): ext4_dirty_inode:6058: inode #2: comm syz.8.811: mark_inode_dirty error
[  195.019995][ T7639] EXT4-fs error (device loop8): ext4_do_update_inode:5222: inode #2: comm syz.8.811: corrupted inode contents
[  195.072955][ T7639] EXT4-fs error (device loop8): __ext4_ext_dirty:183: inode #2: comm syz.8.811: mark_inode_dirty error
[  195.127787][ T7649] loop3: detected capacity change from 0 to 256
[  195.147238][ T7639] EXT4-fs error (device loop8): ext4_do_update_inode:5222: inode #2: comm syz.8.811: corrupted inode contents
[  195.171599][ T7651] loop2: detected capacity change from 0 to 512
[  195.211058][ T7639] EXT4-fs error (device loop8): ext4_dirty_inode:6058: inode #2: comm syz.8.811: mark_inode_dirty error
[  195.248617][ T7649] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  195.305159][ T7651] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  195.356391][ T7651] ext4 filesystem being mounted at /159/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  195.423021][ T7660] netlink: 'syz.3.824': attribute type 4 has an invalid length.
[  195.464492][ T7660] netlink: 17 bytes leftover after parsing attributes in process `syz.3.824'.
[  195.653990][ T7671] loop3: detected capacity change from 0 to 16
[  195.746381][ T7671] erofs: (device loop3): mounted with root inode @ nid 36.
[  196.454499][ T7682] device syzkaller0 entered promiscuous mode
[  197.081325][ T7703] syz.3.835 uses obsolete (PF_INET,SOCK_PACKET)
[  199.408256][ T7727] loop6: detected capacity change from 0 to 164
[  200.207747][ T7717] iso9660: Corrupted directory entry in block 4 of inode 1792
[  200.593582][ T7750] loop3: detected capacity change from 0 to 128
[  200.779279][ T7750] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  201.150399][ T7750] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  201.597922][ T7750] FAT-fs (loop3): Filesystem has been set read-only
[  201.613903][   T21] Bluetooth: hci4: command 0x0406 tx timeout
[  201.678846][ T7767] loop6: detected capacity change from 0 to 256
[  201.749831][ T7750] attempt to access beyond end of device
[  201.749831][ T7750] loop3: rw=524288, want=2073, limit=128
[  201.815946][ T7750] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  201.823888][ T7750] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  201.888475][ T7767] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  201.905692][ T7750] attempt to access beyond end of device
[  201.905692][ T7750] loop3: rw=0, want=2073, limit=128
[  201.925437][ T7767] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  201.976887][   T26] audit: type=1800 audit(2000000059.880:45): pid=7750 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.849" name="file2" dev="loop3" ino=1048641 res=0 errno=0
[  202.005130][ T7767] exFAT-fs (loop6): failed to load upcase table (idx : 0x0001057d, chksum : 0xc03cc181, utbl_chksum : 0xe619d30d)
[  202.061600][ T7777] loop8: detected capacity change from 0 to 256
[  202.154343][ T7777] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  202.162639][ T7767] exFAT-fs (loop6): error, failed to bmap (inode : ffff8880600f3560 iblock : 0, err : -5)
[  202.228630][ T7767] exFAT-fs (loop6): Filesystem has been set read-only
[  202.347905][ T7786] loop2: detected capacity change from 0 to 512
[  202.569326][ T7786] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.843: inode has both inline data and extents flags
[  202.664577][ T7786] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.843: couldn't read orphan inode 15 (err -117)
[  202.694262][ T7786] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  202.905401][ T7805] loop6: detected capacity change from 0 to 2048
[  203.362579][ T7805] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  204.420104][ T7826] loop2: detected capacity change from 0 to 512
[  206.308590][ T7826] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  206.332873][ T7826] System zones: 0-2, 18-18, 34-34
[  206.482709][ T7826] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.865: bg 0: block 248: padding at end of block bitmap is not set
[  206.534375][ T7858] Bluetooth: hci0: invalid length 0, exp 2 for type 10
[  206.574997][ T7826] Quota error (device loop2): write_blk: dquota write failed
[  206.625676][ T7826] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  206.707016][ T7826] EXT4-fs error (device loop2): ext4_acquire_dquot:6234: comm syz.2.865: Failed to acquire dquot type 1
[  206.747891][ T7867] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  206.812728][ T7861] loop3: detected capacity change from 0 to 4096
[  206.815998][ T7826] EXT4-fs (loop2): 1 truncate cleaned up
[  206.945128][ T7826] EXT4-fs (loop2): mounted filesystem without journal. Opts: discard,noload,,errors=continue. Quota mode: writeback.
[  207.044555][ T7861] EXT4-fs (loop3): Test dummy encryption mode enabled
[  207.374491][ T7826] ext4 filesystem being mounted at /164/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  207.706987][ T7861] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,barrier=0x00000000000007ff,,errors=continue. Quota mode: writeback.
[  211.173234][ T7906] loop3: detected capacity change from 0 to 512
[  211.184113][ T7900] Bluetooth: hci0: invalid length 0, exp 2 for type 10
[  211.346920][ T7906] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,init_itable=0x0000000000000006,barrier=0x000000000000008e,bsddf,errors=remount-ro,init_itable,max_dir_size_kb=0x0000000000000109,quota,. Quota mode: writeback.
[  211.403090][ T7906] ext4 filesystem being mounted at /192/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  212.895789][ T4235] usb 3-1: new low-speed USB device number 3 using dummy_hcd
[  213.446334][ T4235] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  213.623334][ T4235] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.014520][ T4235] usb 3-1: config 0 descriptor??
[  214.256410][ T4235] asix: probe of 3-1:0.0 failed with error -22
[  215.895836][ T7972] netlink: 4 bytes leftover after parsing attributes in process `syz.5.900'.
[  215.976473][ T7974] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  215.983824][ T7974] IPv6: NLM_F_CREATE should be set when creating new route
[  216.088165][ T7977] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  216.143062][ T7978] loop2: detected capacity change from 0 to 512
[  216.238086][ T7978] EXT4-fs (loop2): 1 truncate cleaned up
[  216.284628][ T7978] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsddf,,errors=continue. Quota mode: none.
[  216.442096][   T26] audit: type=1800 audit(2000000074.340:46): pid=7984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.901" name="file1" dev="loop2" ino=13 res=0 errno=0
[  216.463163][ T7978] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.901: bg 0: block 465: padding at end of block bitmap is not set
[  217.854750][   T21] Bluetooth: hci0: command 0x0406 tx timeout
[  217.862770][ T7981] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 465: padding at end of block bitmap is not set
[  217.896032][ T4235] usb 3-1: USB disconnect, device number 3
[  218.201497][ T7978] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6194: Corrupt filesystem
[  219.281371][ T8003] syz.3.905 (8003) used greatest stack depth: 18096 bytes left
[  219.435721][ T8012] netlink: 8 bytes leftover after parsing attributes in process `syz.3.909'.
[  219.520702][ T8019] Bluetooth: hci0: unsupported parameter 255
[  219.591068][ T8019] Bluetooth: hci0: unsupported parameter 255
[  219.685484][ T8026] loop3: detected capacity change from 0 to 512
[  219.700330][ T8027] loop6: detected capacity change from 0 to 128
[  219.730948][ T8026] EXT4-fs (loop3): Ignoring removed nobh option
[  219.780462][ T8027] EXT4-fs (loop6): Test dummy encryption mode enabled
[  219.796808][ T8026] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  219.820535][ T8029] loop8: detected capacity change from 0 to 512
[  219.858630][ T8026] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.914: invalid indirect mapped block 256 (level 1)
[  219.884117][ T8027] EXT4-fs (loop6): mounted filesystem without journal. Opts: test_dummy_encryption=v1,max_dir_size_kb=0x0000000000000002,,errors=continue. Quota mode: none.
[  219.900444][ T8026] EXT4-fs (loop3): Remounting filesystem read-only
[  219.952460][ T8027] ext4 filesystem being mounted at /140/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  219.973825][ T8026] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.914: invalid indirect mapped block 2683928664 (level 1)
[  219.990123][ T8026] EXT4-fs (loop3): Remounting filesystem read-only
[  220.006239][ T8029] EXT4-fs (loop8): mounted filesystem without journal. Opts: noauto_da_alloc,min_batch_time=0x0000000000000004,,errors=continue. Quota mode: writeback.
[  220.025504][ T8029] ext4 filesystem being mounted at /24/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.036734][ T8026] EXT4-fs (loop3): 1 truncate cleaned up
[  220.061050][ T8026] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,nouid32,nobh,nodioread_nolock,discard,usrjquota=.noacl,errors=remount-ro,jqfmt=vfsv0,auto_da_alloc,,. Quota mode: writeback.
[  220.224575][ T8026] syz.3.914 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  220.537772][ T8027] fscrypt (loop6): Error allocating 'xts(aes)' transform: -4
[  220.714961][ T8059] loop3: detected capacity change from 0 to 512
[  220.789822][ T8059] EXT4-fs (loop3): 1 truncate cleaned up
[  220.830781][ T8059] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsddf,,errors=continue. Quota mode: none.
[  220.938584][ T8065] loop8: detected capacity change from 0 to 1024
[  221.193241][ T8059] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.921: bg 0: block 465: padding at end of block bitmap is not set
[  221.255440][   T26] audit: type=1800 audit(2000000079.090:47): pid=8070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.921" name="file1" dev="loop3" ino=13 res=0 errno=0
[  221.394291][ T8059] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6194: Corrupt filesystem
[  221.482537][ T8065] hfsplus: xattr search failed
[  221.558412][ T8078] hfsplus: catalog searching failed
[  221.746573][ T7094] hfsplus: node 4:3 still has 1 user(s)!
[  223.359967][ T8122] loop3: detected capacity change from 0 to 512
[  224.067066][ T8139] loop6: detected capacity change from 0 to 1024
[  224.103520][ T8122] EXT4-fs (loop3): 1 truncate cleaned up
[  224.121432][ T8122] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsddf,,errors=continue. Quota mode: none.
[  224.399973][ T8139] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  224.965609][   T26] audit: type=1800 audit(2000000082.850:48): pid=8152 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.940" name="file1" dev="loop3" ino=13 res=0 errno=0
[  225.868905][ T8181] loop2: detected capacity change from 0 to 512
[  226.142065][ T8181] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  226.182522][ T8181] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  226.940062][ T8222] loop3: detected capacity change from 0 to 1024
[  227.055525][ T8222] EXT4-fs (loop3): Ignoring removed nobh option
[  227.064094][ T8222] EXT4-fs (loop3): inline encryption not supported
[  227.115481][ T8222] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  227.203098][ T8222] EXT4-fs (loop3): mounted filesystem without journal. Opts: noload,nojournal_checksum,barrier=0x0000000000000002,dioread_lock,nolazytime,resgid=0x0000000000000000,data_err=ignore,journal_dev=0x0000000000000800,nobh,inlinecrypt,bsddf,dioread_nolock,,errors=continue. Quota mode: none.
[  227.912064][ T8232] loop2: detected capacity change from 0 to 512
[  228.843219][ T8232] EXT4-fs (loop2): Ignoring removed nobh option
[  228.903587][   T26] audit: type=1800 audit(2000000086.800:49): pid=8222 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.959" name="file1" dev="loop3" ino=15 res=0 errno=0
[  228.970416][ T8232] EXT4-fs (loop2): Test dummy encryption mode enabled
[  228.996989][ T8232] EXT4-fs error (device loop2): __ext4_iget:4912: inode #11: block 1: comm syz.2.961: invalid block
[  229.105591][ T8232] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.961: couldn't read orphan inode 11 (err -117)
[  229.186051][ T8232] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,nobh,max_dir_size_kb=0x0000000000000004,bsddf,nodiscard,sysvgroups,noload,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  229.770899][ T8271] loop6: detected capacity change from 0 to 1024
[  230.225520][   T26] audit: type=1800 audit(2000000088.120:50): pid=8222 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.959" name="file1" dev="loop3" ino=15 res=0 errno=0
[  230.552426][ T8271] EXT4-fs (loop6): mounted filesystem without journal. Opts: init_itable,nodioread_nolock,noquota,jqfmt=vfsv1,journal_dev=0x0000000000000009,commit=0x0000000000000000,,errors=continue. Quota mode: none.
[  230.677231][ T8279] kvm: pic: non byte write
[  230.774502][ T8271] ext4 filesystem being mounted at /150/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  230.799446][ T8271] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.970: bg 0: block 112: padding at end of block bitmap is not set
[  230.945453][ T8271] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 44 with error 117
[  230.946111][ T8291] EXT4-fs error (device loop6): ext4_map_blocks:739: inode #15: comm syz.6.970: lblock 0 mapped to illegal pblock 0 (length 1)
[  231.040112][ T8271] EXT4-fs (loop6): This should not happen!! Data will be lost
[  231.040112][ T8271] 
[  231.166988][ T8291] EXT4-fs error (device loop6): ext4_ext_remove_space:2929: inode #15: comm syz.6.970: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  231.313305][ T8310] loop3: detected capacity change from 0 to 512
[  231.405446][ T1108] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  232.000655][ T8310] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  232.254390][ T8310] ext4 filesystem being mounted at /203/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  232.565787][ T1108] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  232.610756][ T8310] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: writeback.
[  232.619316][ T1108] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  232.795230][ T1108] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  232.808367][ T1108] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  232.818638][ T1108] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.831868][ T1108] usb 9-1: config 0 descriptor??
[  232.844496][ T4186] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5854: Out of memory
[  232.862413][ T4186] EXT4-fs error (device loop3): ext4_quota_off:6540: inode #4: comm syz-executor: mark_inode_dirty error
[  233.596357][ T8353] loop2: detected capacity change from 0 to 256
[  233.613575][ T8353] exfat: Deprecated parameter 'utf8'
[  233.667943][ T8353] exfat: Deprecated parameter 'namecase'
[  233.691782][ T8356] loop6: detected capacity change from 0 to 764
[  233.715446][ T8353] exfat: Deprecated parameter 'utf8'
[  233.754017][ T8356] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  233.895262][ T8353] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  233.952329][ T8353] attempt to access beyond end of device
[  233.952329][ T8353] loop2: rw=524288, want=34359738496, limit=256
[  233.995169][ T8353] attempt to access beyond end of device
[  233.995169][ T8353] loop2: rw=0, want=34359738496, limit=256
[  234.014347][   T26] audit: type=1800 audit(2000000091.910:51): pid=8353 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.989" name="file1" dev="loop2" ino=1048653 res=0 errno=0
[  234.045530][ T8353] exFAT-fs (loop2): error, tried to truncate zeroed cluster.
[  234.062778][ T8353] attempt to access beyond end of device
[  234.062778][ T8353] loop2: rw=2049, want=34359738489, limit=256
[  234.084044][ T8353] exFAT-fs (loop2): hint_cluster is invalid (1)
[  234.111161][ T8353] exFAT-fs (loop2): error, invalid access to exfat cache (entry 0x00000000)
[  234.124147][ T8353] exFAT-fs (loop2): error, failed to bmap (inode : ffff8880600f2ee0 iblock : 9, err : -5)
[  234.134868][ T8353] exFAT-fs (loop2): error, tried to truncate zeroed cluster.
[  234.148127][ T1108] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  234.155904][ T1108] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  234.163314][ T1108] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  234.171106][ T8353] attempt to access beyond end of device
[  234.171106][ T8353] loop2: rw=2049, want=34359738490, limit=256
[  234.183378][ T8353] Buffer I/O error on dev loop2, logical block 34359738489, lost async page write
[  234.193426][ T1108] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  234.200947][ T1108] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  234.208564][ T8353] attempt to access beyond end of device
[  234.208564][ T8353] loop2: rw=2049, want=34359738491, limit=256
[  234.223711][ T1108] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  234.234176][ T8353] Buffer I/O error on dev loop2, logical block 34359738490, lost async page write
[  234.243616][ T1108] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  234.252329][ T1108] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  234.260066][ T8353] attempt to access beyond end of device
[  234.260066][ T8353] loop2: rw=2049, want=34359738492, limit=256
[  234.271913][ T1108] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  234.279577][ T8353] Buffer I/O error on dev loop2, logical block 34359738491, lost async page write
[  234.289110][ T1108] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  234.296736][ T1108] plantronics 0003:047F:FFFF.0001: collection stack underflow
[  234.305377][ T1108] plantronics 0003:047F:FFFF.0001: item 0 0 0 12 parsing failed
[  234.306219][ T8353] attempt to access beyond end of device
[  234.306219][ T8353] loop2: rw=2049, want=34359738493, limit=256
[  234.314416][ T1108] plantronics 0003:047F:FFFF.0001: parse failed
[  234.340865][ T1108] plantronics: probe of 0003:047F:FFFF.0001 failed with error -22
[  234.355403][ T8353] Buffer I/O error on dev loop2, logical block 34359738492, lost async page write
[  234.376696][ T8353] attempt to access beyond end of device
[  234.376696][ T8353] loop2: rw=2049, want=34359738494, limit=256
[  234.394709][ T1108] usb 9-1: USB disconnect, device number 2
[  234.420097][ T8353] Buffer I/O error on dev loop2, logical block 34359738493, lost async page write
[  234.452202][ T8353] attempt to access beyond end of device
[  234.452202][ T8353] loop2: rw=2049, want=34359738495, limit=256
[  234.482580][ T8353] Buffer I/O error on dev loop2, logical block 34359738494, lost async page write
[  234.492776][ T8353] attempt to access beyond end of device
[  234.492776][ T8353] loop2: rw=2049, want=34359738496, limit=256
[  234.504619][ T8353] Buffer I/O error on dev loop2, logical block 34359738495, lost async page write
[  234.748934][ T8386] loop3: detected capacity change from 0 to 512
[  234.844990][ T8386] EXT4-fs (loop3): Ignoring removed oldalloc option
[  234.857138][ T8386] EXT4-fs (loop3): 1 truncate cleaned up
[  234.857166][ T8386] EXT4-fs (loop3): mounted filesystem without journal. Opts: quota,bsdgroups,lazytime,errors=remount-ro,jqfmt=vfsv1,oldalloc,stripe=0x0000000000000005,. Quota mode: writeback.
[  234.919086][ T8392] loop2: detected capacity change from 0 to 1024
[  235.134333][  T144] hfsplus: b-tree write err: -5, ino 4
[  235.342719][ T8414] loop8: detected capacity change from 0 to 256
[  235.497183][ T8414] exfat: Deprecated parameter 'utf8'
[  235.502584][ T8414] exfat: Deprecated parameter 'namecase'
[  236.414141][ T8414] exfat: Deprecated parameter 'utf8'
[  236.472361][ T8414] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  236.563046][   T26] audit: type=1800 audit(2000000094.460:52): pid=8414 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.1003" name="file1" dev="loop8" ino=1048654 res=0 errno=0
[  236.598156][ T8414] exFAT-fs (loop8): error, tried to truncate zeroed cluster.
[  236.656620][ T8432] exFAT-fs (loop8): error, tried to truncate zeroed cluster.
[  237.131885][ T8459] loop6: detected capacity change from 0 to 1024
[  238.397725][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.405382][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.412857][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.420338][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.427865][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.435985][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.443504][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.451017][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.458498][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.465988][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.473590][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.481179][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.488857][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.497595][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.505179][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.512741][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.520281][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.527817][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.535407][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.543168][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.551240][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.559682][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  238.567223][ T8487] binder: 8478:8487 ioctl 4020ae46 7f8600c57bd0 returned -22
[  239.631836][ T8500] loop2: detected capacity change from 0 to 2048
[  239.640827][ T8506] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1025'.
[  239.720153][ T8500] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  239.738091][ T1108] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  239.854668][ T1108] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  239.931865][ T8446] loop8: detected capacity change from 0 to 512
[  240.029240][ T8446] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem
[  240.096642][ T8512] fido_id[8512]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  240.104102][ T8446] EXT4-fs (loop8): orphan cleanup on readonly fs
[  240.260799][ T8446] EXT4-fs error (device loop8): ext4_orphan_get:1426: comm syz.8.1008: bad orphan inode 15
[  240.291222][ T8446] ext4_test_bit(bit=14, block=18) = 1
[  240.326181][ T8446] is_bad_inode(inode)=0
[  240.330485][ T8446] NEXT_ORPHAN(inode)=1023
[  240.334841][ T8446] max_ino=32
[  240.387912][ T8446] i_nlink=0
[  240.407045][ T8446] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.1008: bg 0: block 161: padding at end of block bitmap is not set
[  240.473104][ T8446] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6194: Corrupt filesystem
[  240.509859][ T8446] EXT4-fs (loop8): mounted filesystem without journal. Opts: min_batch_time=0x0000000000000002,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  248.296579][ T4235] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  248.675643][ T4235] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  248.705401][ T4235] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  248.762518][ T4235] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  248.795927][ T4235] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  248.815744][ T4235] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.864774][ T4235] usb 4-1: config 0 descriptor??
[  249.360757][ T4235] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  249.483132][ T4235] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  249.663933][ T4235] usb 4-1: USB disconnect, device number 5
[  249.929631][ T8666] loop8: detected capacity change from 0 to 2364
[  250.811792][ T8673] loop3: detected capacity change from 0 to 256
[  250.871034][ T8675] fuse: Bad value for 'fd'
[  250.956210][ T8678] fuse: Bad value for 'fd'
[  250.986429][ T8673] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  251.005210][ T8680] loop2: detected capacity change from 0 to 16
[  251.072304][ T8680] erofs: (device loop2): mounted with root inode @ nid 36.
[  251.294261][ T8693] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  251.310654][ T8692] loop3: detected capacity change from 0 to 1024
[  251.325421][ T8693] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  252.396340][ T8713] loop2: detected capacity change from 0 to 1024
[  252.536618][ T8718] loop3: detected capacity change from 0 to 512
[  252.680106][ T8718] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1085: inode has both inline data and extents flags
[  252.811112][ T8718] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1085: couldn't read orphan inode 15 (err -117)
[  252.834757][ T8718] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  252.858311][ T8740] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  252.889926][ T8718] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1163: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[  252.910631][ T8740] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  252.991930][ T8745] loop8: detected capacity change from 0 to 128
[  253.111506][ T8745] EXT4-fs (loop8): Ignoring removed nobh option
[  253.178396][ T8745] EXT4-fs (loop8): mounted filesystem without journal. Opts: nobh,max_dir_size_kb=0x0000000000000004,,errors=continue. Quota mode: none.
[  253.215659][ T8745] ext4 filesystem being mounted at /47/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  253.449947][ T8745] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1092'.
[  253.487834][ T8745] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  253.536112][ T8745] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  253.544098][ T8745] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  255.022639][ T8786] loop2: detected capacity change from 0 to 256
[  255.126626][ T8786] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d)
[  255.162255][ T8788] loop3: detected capacity change from 0 to 1024
[  255.201283][ T8788] EXT4-fs (loop3): inline encryption not supported
[  255.241997][ T8788] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  255.460669][ T8788] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,mb_optimize_scan=0x0000000000000001,inlinecrypt,debug_want_extra_isize=0x0000000000000008,data_err=ignore,delalloc,mb_optimize_scan=0x0000000000000001,grpquota,noblock_validity,user_xattr,mb_optimize_scan=0x00,errors=continue. Quota mode: writeback.
[  255.548017][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  255.556177][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  255.828412][ T8808] loop2: detected capacity change from 0 to 128
[  255.899611][ T8808] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  255.983291][ T8808] EXT4-fs (loop2): mounted filesystem without journal. Opts: user_xattr,nomblk_io_submit,delalloc,,errors=continue. Quota mode: none.
[  256.005571][ T8808] ext4 filesystem being mounted at /203/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.445496][ T4235] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  259.475352][ T4235] usb 9-1: Using ep0 maxpacket: 16
[  259.715649][ T4235] usb 9-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  260.168906][ T4235] usb 9-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[  260.292456][ T4235] usb 9-1: config 0 interface 0 has no altsetting 0
[  260.361928][ T4235] usb 9-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  260.402629][ T4235] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.560951][ T4235] usb 9-1: config 0 descriptor??
[  260.628082][ T4235] usbhid 9-1:0.0: couldn't find an input interrupt endpoint
[  265.276576][ T4268] usb 9-1: USB disconnect, device number 3
[  267.250016][ T8910] loop3: detected capacity change from 0 to 512
[  270.080782][ T8921] loop2: detected capacity change from 0 to 512
[  270.129461][ T8910] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e002e028, mo2=0002]
[  270.187828][ T8910] System zones: 0-2, 18-18, 34-34
[  270.240896][ T8921] EXT4-fs (loop2): Ignoring removed nobh option
[  270.252546][ T8910] EXT4-fs: error -4 creating inode table initialization thread
[  270.315566][ T8921] EXT4-fs (loop2): Unrecognized mount option "seclabel" or missing value
[  270.344388][ T8910] EXT4-fs (loop3): mount failed
[  270.409024][ T8928] loop8: detected capacity change from 0 to 8
[  270.509137][ T8921] loop2: detected capacity change from 0 to 1024
[  375.855257][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  375.862296][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P144/1:b..l
[  375.870753][    C0] 	(detected by 0, t=10502 jiffies, g=29505, q=25374)
[  375.877547][    C0] task:kworker/u4:1    state:R  running task     stack:22640 pid:  144 ppid:     2 flags:0x00004000
[  375.889586][    C0] Workqueue: netns cleanup_net
[  375.894426][    C0] Call Trace:
[  375.897726][    C0]  <TASK>
[  375.900684][    C0]  __schedule+0x11ef/0x43c0
[  375.905244][    C0]  ? release_firmware_map_entry+0x190/0x190
[  375.911179][    C0]  ? preempt_schedule_irq+0xb0/0x160
[  375.916504][    C0]  preempt_schedule_irq+0xbb/0x160
[  375.921660][    C0]  ? __cond_resched+0xd0/0xd0
[  375.926375][    C0]  ? rcu_is_watching+0x11/0xa0
[  375.931176][    C0]  ? rcu_irq_exit_check_preempt+0xdb/0x200
[  375.937008][    C0]  irqentry_exit+0x63/0x70
[  375.941454][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  375.947508][    C0] RIP: 0010:__sanitizer_cov_trace_pc+0x4/0x60
[  375.953708][    C0] Code: 84 00 00 00 00 00 53 48 89 fb e8 17 00 00 00 48 8b 3d 20 bc 10 0c 48 89 de 5b e9 37 42 44 00 00 00 cc cc 00 00 cc 48 8b 04 24 <65> 48 8b 0d 74 4d 89 7e 65 8b 15 75 4d 89 7e 81 e2 00 01 ff 00 74
[  375.973371][    C0] RSP: 0018:ffffc9000173fa38 EFLAGS: 00000202
[  375.979472][    C0] RAX: ffffffff8863767b RBX: 0000000000000001 RCX: fb819d5c8fe47400
[  375.987473][    C0] RDX: 0000000000000000 RSI: ffffffff8a79f7e0 RDI: ffffffff8a79f7a0
[  375.995477][    C0] RBP: ffffc9000173fb50 R08: dffffc0000000000 R09: 1ffffffff203a618
[  376.003474][    C0] R10: dffffc0000000000 R11: fffffbfff203a619 R12: 000000000005c3ff
[  376.011471][    C0] R13: dffffc0000000000 R14: ffff88802cae2000 R15: ffffffff8d617440
[  376.019627][    C0]  ? inet_twsk_purge+0x13b/0x840
[  376.024609][    C0]  inet_twsk_purge+0x13b/0x840
[  376.029414][    C0]  ? __inet_twsk_schedule+0x130/0x130
[  376.034816][    C0]  ? iput+0x706/0x8a0
[  376.038837][    C0]  ? dccp_v4_exit_net+0x80/0x80
[  376.043719][    C0]  cleanup_net+0x791/0xba0
[  376.048167][    C0]  ? ops_free_list+0x330/0x330
[  376.052965][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[  376.058198][    C0]  process_one_work+0x85f/0x1010
[  376.063192][    C0]  ? worker_detach_from_pool+0x240/0x240
[  376.068864][    C0]  ? lockdep_hardirqs_off+0x70/0x100
[  376.074190][    C0]  ? _raw_spin_lock_irq+0xb7/0xf0
[  376.079251][    C0]  ? _raw_spin_lock_irqsave+0x100/0x100
[  376.084831][    C0]  ? wq_worker_running+0x97/0x170
[  376.089882][    C0]  worker_thread+0xaa6/0x1290
[  376.094612][    C0]  kthread+0x436/0x520
[  376.098703][    C0]  ? rcu_lock_release+0x20/0x20
[  376.103576][    C0]  ? kthread_blkcg+0xd0/0xd0
[  376.108191][    C0]  ret_from_fork+0x1f/0x30
[  376.112655][    C0]  </TASK>
[  376.115698][    C0] rcu: rcu_preempt kthread starved for 10474 jiffies! g29505 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  376.126908][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  376.136893][    C0] rcu: RCU grace-period kthread stack dump:
[  376.142792][    C0] task:rcu_preempt     state:R  running task     stack:28016 pid:   15 ppid:     2 flags:0x00004000
[  376.153602][    C0] Call Trace:
[  376.156902][    C0]  <TASK>
[  376.159861][    C0]  __schedule+0x11ef/0x43c0
[  376.164414][    C0]  ? _raw_spin_lock_irqsave+0x8b/0x100
[  376.169905][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  376.175138][    C0]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  376.181053][    C0]  ? _raw_spin_unlock+0x40/0x40
[  376.185929][    C0]  ? release_firmware_map_entry+0x190/0x190
[  376.191856][    C0]  ? __mod_timer+0x91e/0xd00
[  376.196481][    C0]  schedule+0x11b/0x1e0
[  376.200666][    C0]  schedule_timeout+0x184/0x2d0
[  376.205553][    C0]  ? console_conditional_schedule+0x40/0x40
[  376.211472][    C0]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  376.217390][    C0]  ? update_process_times+0x200/0x200
[  376.222802][    C0]  ? prepare_to_swait_event+0x331/0x350
[  376.228384][    C0]  rcu_gp_fqs_loop+0x2be/0x11d0
[  376.233275][    C0]  ? dyntick_save_progress_counter+0x230/0x230
[  376.239455][    C0]  ? rcu_gp_init+0x10f0/0x10f0
[  376.244265][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[  376.249487][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  376.254718][    C0]  rcu_gp_kthread+0x9b/0x370
[  376.259336][    C0]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  376.265258][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  376.270397][    C0]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  376.276324][    C0]  ? __kthread_parkme+0x157/0x1b0
[  376.281377][    C0]  kthread+0x436/0x520
[  376.285469][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  376.290602][    C0]  ? kthread_blkcg+0xd0/0xd0
[  376.295223][    C0]  ret_from_fork+0x1f/0x30
[  376.299684][    C0]  </TASK>
[  376.302718][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  376.309061][    C0] Sending NMI from CPU 0 to CPUs 1:
[  376.314284][    C1] NMI backtrace for cpu 1
[  376.314308][    C1] CPU: 1 PID: 8932 Comm: syz.6.1153 Not tainted syzkaller #0
[  376.314324][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  376.314333][    C1] RIP: 0010:lockdep_hardirqs_off+0x48/0x100
[  376.314356][    C1] Code: 90 00 00 00 48 89 fb 65 8b 05 6c 45 46 76 a9 00 00 f0 00 74 68 83 3d 16 75 71 0c 00 75 15 48 c7 04 24 00 00 00 00 9c 8f 04 24 <f7> 04 24 00 02 00 00 75 79 65 8b 05 e8 4b 46 76 85 c0 74 56 65 4c
[  376.314369][    C1] RSP: 0018:ffffc9000316fbe0 EFLAGS: 00000046
[  376.314384][    C1] RAX: 0000000000000000 RBX: ffffffff81493d07 RCX: d83bb59bd2417400
[  376.314396][    C1] RDX: ffffc90012c86000 RSI: ffffffff8a2b27a0 RDI: ffffffff8a79f800
[  376.314409][    C1] RBP: ffffc9000316fcb0 R08: ffff88802828bb87 R09: 1ffff11005051770
[  376.314421][    C1] R10: dffffc0000000000 R11: ffffed1005051771 R12: ffffffff812c28e5
[  376.314433][    C1] R13: 1ffff9200062dfff R14: dffffc0000000000 R15: 1ffff9200062df84
[  376.314446][    C1] FS:  00007f8600c596c0(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[  376.314461][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  376.314473][    C1] CR2: 00007f8600c7a6a8 CR3: 000000004f59f000 CR4: 00000000003506e0
[  376.314494][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  376.314504][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  376.314514][    C1] Call Trace:
[  376.314521][    C1]  <TASK>
[  376.314527][    C1]  ? __local_bh_enable_ip+0xd7/0x1c0
[  376.314544][    C1]  trace_hardirqs_off+0x14/0x70
[  376.314562][    C1]  __local_bh_enable_ip+0xd7/0x1c0
[  376.314578][    C1]  ? _local_bh_enable+0xa0/0xa0
[  376.314592][    C1]  ? rcu_is_watching+0x11/0xa0
[  376.314610][    C1]  ? fpu__clear_user_states+0x1a5/0x260
[  376.314629][    C1]  arch_do_signal_or_restart+0xec1/0x12c0
[  376.314649][    C1]  ? _copy_from_user+0x111/0x170
[  376.314675][    C1]  ? get_sigframe_size+0x10/0x10
[  376.314705][    C1]  ? exit_to_user_mode_loop+0x3b/0x130
[  376.314722][    C1]  exit_to_user_mode_loop+0x9e/0x130
[  376.314738][    C1]  exit_to_user_mode_prepare+0xee/0x180
[  376.314754][    C1]  syscall_exit_to_user_mode+0x16/0x40
[  376.314773][    C1]  do_syscall_64+0x58/0xa0
[  376.314787][    C1]  ? clear_bhb_loop+0x30/0x80
[  376.314803][    C1]  ? clear_bhb_loop+0x30/0x80
[  376.314819][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  376.314836][    C1] RIP: 0033:0x7f8602a3fbd0
[  376.314859][    C1] Code: 83 c0 16 83 e0 f7 74 12 50 48 8d 3d a2 22 07 00 e8 a5 65 f9 ff 0f 1f 44 00 00 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 <83> ff 21 74 0b c3 66 2e 0f 1f 84 00 00 00 00 00 55 53 48 89 f3 48
[  376.314872][    C1] RSP: 002b:00007f8600c58b38 EFLAGS: 00000246
[  376.314885][    C1] RAX: 0000000000000000 RBX: 00007f8602c9a098 RCX: 00007f8602a20629
[  376.314896][    C1] RDX: 00007f8600c58b40 RSI: 00007f8600c58c70 RDI: 0000000000000021
[  376.314907][    C1] RBP: 00007f8602c9a090 R08: 0000000000000000 R09: 0000000000000000
[  376.314917][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  376.314927][    C1] R13: 00007f8602c9a128 R14: 00007ffd26177860 R15: 00007ffd26177948
[  376.314947][    C1]  </TASK>