last executing test programs:

7m5.831859721s ago: executing program 32 (id=265):
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x7)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r2, 0x8914, &(0x7f0000000000))
ioctl$sock_ax25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@default, @null, 0x6, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]})

6m6.28892536s ago: executing program 33 (id=787):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000b04000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000080)={0x0, &(0x7f0000000300)=[@wrmsr={0x65, 0x20, {0x40000091, 0x3}}], 0x20})
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000140)={0x2, 0x0, [{0x40000001, 0x7fff, 0x4, 0x31237648, 0x6, 0x2, 0x80}, {0x40000003, 0x4, 0x1, 0xffff, 0xffffffff, 0x9}]})
ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r3, 0x4068aea3, &(0x7f00000000c0)={0xc7, 0x0, 0x1})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

6m5.011851204s ago: executing program 34 (id=792):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001ac0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc786b409ac930c90ff90f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d858952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09e3187a10d905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367638cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775a2d4f12e8e717eaaa2a6d14fee0c15f36c203dbc7c06128bec84231d43e152ef19ce027436fb4ebb9fce431b913f4817597a6f53d1626f9d1cb7b36fb18ac19547a8b20ede70c81a75686cea85dcd34408128da7cab045541bc6b9a0a79f63f2e7646356e04b977c9f47467537015240b974184be9c54b7c628ae4d97ebdb06070344468994afbaac71e5ffac2c61d9af66f9de2760a38e968a781528531c1c936a02065be48f1eee77be878873206d65bd0b1241fab9139abd7f40febe81fed3684e6b59273da01f1743c6a5df300ec59c65e8174fc2d95a62ca7b937289ad14107333007eab833a5849eb19f18ae41743dfb949377e"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xfe, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac141416441805034d2f87e5940c05ab845013f2325f1a39010702038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)

5m10.83588914s ago: executing program 35 (id=1210):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f00000005c0)='~', 0x1, 0x4040001, &(0x7f0000000200)={0xa, 0x4e23, 0x2, @loopback, 0x2}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x200002, 0x30}, 0xc)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000340)={0x0, 0x1}, 0x8)
sendmsg$inet6(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000002840)=[{&(0x7f00000006c0)="1e", 0x1}], 0x1}, 0x24028464)
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000240)=',', 0x34000}], 0x1)

5m0.139138673s ago: executing program 36 (id=1280):
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000140)=@req3={0xeffffffb, 0x3a, 0x1000, 0x3a, 0x83ff, 0xffff, 0x6}, 0x1c)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="700000001000030500000000ffdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="35c60100ef000000500012800e0001006970366772657461700000003c00028014000600fe880000000000000000000000000101140007"], 0x70}, 0x1, 0x0, 0x0, 0x240488c0}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

4m4.0453822s ago: executing program 37 (id=1759):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000140)={[{@debug}, {@delalloc}, {@journal_ioprio}, {@test_dummy_encryption}, {@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@nodiscard}, {@abort}]}, 0x1, 0xbb4, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnHy2zb2TXi6X27tpLpdLC+I0raTYIthKxY0LQbdCQzopIdMPkkhNmsVE/wFR14IbQS1KF3bdjYJbN1q3FhdCkdgoiGjkzEeSJjNJ2k5yYvL7wZvzvvOcOe/z5DBzzgszE8CeNZD9SSMORcT5JKJQfzyNiO5qrzeiUttvYX525Jf52ZEkFhdf/jGJJCLuz8+ONI6V1LcH6oPeiPjquST+8ebaeSenZ8aHy+XSRH18bOrS1WOT0zNPjl0avli6WLp8/OTTQyeGTg6eGmpbrb9+d+bWz/994fvKbx/9fuOndz5I4kz01WMr66hX/dgGYmDpf7JSZ0QMt+H4O0FHvZ6VdSadGzwp3eKkAABoKV1xD/evKERHLN+8FeLzr3NNDgAAAGiLxY6IRQAAAGCXS6z/AQAAYJdrfA7g/vzsSKPl+4mE7XXvbET01+pfqLdapDMq1W1vdEXE/vtJrPxaa1J72mMbiIi73576NGvR5HvIW60yFxH/bnb+k2r9/fVvQq+uP42IwTbMP7Bq/Feq/0wb5s+7fgD2pttnaxeytde/dOn+J5pc/zqbXLseRd7Xv8b938Ka+7/l+jta3P+9tMk5rn/43rVWsaz+Z249/0mjZfNn28cq6iHcm4v4T2ez+pOl+pMW9Z/f5ByFP66VWsXyrn/x/Ygj0bz+hmT93yc6NjpWLg3W/jadY+7LoY9bzZ93/dn539+i/o3O/9UHjtT6R31ePXfuZqvYxvWnP3Qnr1R73fVHXh+empo4HtGdvLj28RPr19vYp3GMrP6j/1v/9d+s/uw9oVL/P2SVz9W32fiNVXM+e+P6Z+vVn6398jz/Fx7x/L+1yTn+/8XbR1vFVq5/s5bNfzeprYUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCGNiL5I0mJEJNV+mhaLEQci4p+xPy1fmZx6YvTKa5cvZLGI/uhKR8fKpcGIKNTGSTY+Xu0vj0+sGj8VEQcj4t3Cvuq4OHKlfCHv4gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhyICL6IkmLEZFGxEIhTYvFvLMCAAAA2q4/7wQAAACALWf9DwAAALuf9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb7ODh23eSiKic3ldtme56rCvXzICtluadAJCbjrwTAHLTmXcCQG4eco3vdgF2oWSDeG/LSE/bcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg5zpy6PadJCIqp/dVW6a7Hutq+ozD25gdsJXSvBMActOxXrBz+/IAtp+XOOxdzdf4wF6SbBDvXd6n8mCkZ8tyAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDn6au2JC1GRFrtp2mxGPG3iOiPrmR0rFwajIi/R8Q3ha6ebNyTd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC03eT0zPhwuVya0NHRybeT7Iw0ap2835kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjD5PTM+HC5XJqYzDsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIG+T0zPjw+VyaWITnZsPs/OKTt41AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQnz8DAAD//9b4DfQ=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f00000000c0)='./bus\x00', 0x2c600, 0x0, 0xbe, 0x0, &(0x7f00000007c0))
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804071, 0x0, 0x0, 0x0, &(0x7f0000000480))
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90)
getdents64(r0, &(0x7f0000000200)=""/48, 0x30)

3m46.598696526s ago: executing program 9 (id=1931):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x77f, &(0x7f0000000600)="$eJzs3c9rHFUcAPDvbJKmTauJIPjjFBA0ULoxNbYKHioeRLBQ0LPtstmGmk22ZDelCQEtIngRVDwIeunZH/Xm1R9X/S88iKVqWqx4kMhsZtpts5smbZKt7ucD07w3b7bvfffNvHm7M8wG0LNG038KEY9FxAdJxHC2PomIgWaqP+LY2nbXV5bL6ZLE6uprvyfNba6tLJej5TWp/Vnm0Yj4/t2Ig4X19dYXl2ZK1Wplfi3bFxFnx+uLS4fOzJamK9OVuSMTk5OHjz579Mj2xfrnT0sHLn/48lNfHfv7nUcuvf9DEsfiQFbWGsd2GY3R7D0ZSN/CW7y03ZV1WdLtBnBXCtnB1x/pGDAcfc0UAPB/9lZErAIAPSZx/geAHpN/D3BtZbmcL939RmJ3XXkxIvauxZ9f31wr6c+u2e1tXgcdupbccmUkiYiRbah/NCI+++aNL9Ildug6JEA7b1+IiFMjo+vH/2TdPQtb9fQGZXuyv6O3rTf+we75Np3/PNdu/le4Mf+JNvOfwTbH7t244/G/bxsq2UA6/3uh5d626y3xZ0b6stwDzTnfQHL6TLWSjm0PRsRYDAym+YkN6hi7+s/VTmWt878/Pnrz87T+9O/NLQq/9g/e+pqpUqN0LzG3unIh4vH+dvEnN/o/6TD/PbHJOl55/r1PO5Wl8afx5sv6+CO7O2lnrF6MeLJt/9+8oy1NjTdmO9yfON7cHcbznaKNr3/+ZKhT/a39ny5p/flngd2Q9v/QxvGPJK33a9bXjv2t+PHi8Hedyu4cf/v9f0/yejOdzyPOlxqN+YmIPcmr69cfvvnaPJ9vn8Y/9kT743+j/T/9THhqk/H3X/7tyw3j39/d/p/aUv+3S6SDdIeimVL10vWZvk71b67/J5upsWzNZsa/Ti29PXEv7x0AAAAAAAAAAAAAAAAAAAAAAAAAbFYhIg5EUijeSBcKxeLab3g/HEOFaq3eOHi6tjA3Fc3fyh6JgUL+qMvhluehTmTPw8/zh2/LPxMRD0XEx4P7kvw5ilNdjh0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcvs7/P5/6pfBbrcOANgxe7vdAABg1zn/A0Dvcf4HgN7j/A8Avcf5HwB6j/M/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO+zE8ePpsvrXynI5zU+dW1yYqZ07NFWpzxRnF8rFcm3+bHG6VpuuVorl2uyd/r9qrXZ2MuYWzo83KvXGeH1x6eRsbWGucfLMbGm6crIysCtRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDW1BeXZkrVamVe4i4Sq/dHM7qf6Mt2p/ulPbuaSO6PZmxzossDEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB/xL8BAAD//7KsH7I=")
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x13, r0, 0x8b6f3000)
chdir(0x0)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfffffdd6}], 0x1, 0x9c00, 0x0, 0x3)

3m46.020899029s ago: executing program 9 (id=1937):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000003000/0x18000)=nil, &(0x7f00000002c0)=[@text16={0x10, 0x0}], 0x1, 0x1b, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)={0x1, 0x0, [{0x4b564d03, 0x0, 0x1}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x8040ae9f, &(0x7f00000001c0)=@arm64)

3m45.433400054s ago: executing program 9 (id=1941):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r1, 0x26, &(0x7f0000000080)={0x1, 0x0, 0x2007, 0x1fd})
fcntl$lock(r1, 0x7, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9})
fcntl$lock(r1, 0x26, &(0x7f00000000c0)={0x1, 0x2, 0x9, 0x401})
close_range(r0, 0xffffffffffffffff, 0x0)

3m45.222416976s ago: executing program 9 (id=1943):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, 0x0)
chroot(&(0x7f0000000440)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9101)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000100)='./file0/../file0/../file0/../file0\x00')

3m44.98569482s ago: executing program 9 (id=1945):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'chacha20\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=@getchain={0x2c, 0x66, 0x10, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xa, 0xffe0}, {0xfff1, 0xb}, {0x10, 0xe}}}, 0x2c}}, 0x8005)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x3, 0x0, 0xfffffffffffffffd, 0x9}, 0x0, &(0x7f0000000240)={0x1f, 0x3, 0x56d92c88, 0x0, 0x0, 0x10000}, 0x0, 0x0)

3m44.756023713s ago: executing program 9 (id=1947):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x1}}}, 0x10)
bind$tipc(r1, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x0, 0x4}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

3m44.29534359s ago: executing program 38 (id=1947):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x1}}}, 0x10)
bind$tipc(r1, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x0, 0x4}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

3m9.12415355s ago: executing program 1 (id=2252):
r0 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x7, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x3, 0x0, 0x10000}, {0x10000002, 0x0, 0x0, 0x9}]}, 0x90)
socket$kcm(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x84, 0x64, &(0x7f0000000000)=r3, 0x4)

3m8.997168687s ago: executing program 1 (id=2254):
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'lo\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv4_newaddr={0x20, 0x14, 0x503, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, r2}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000180)={'lo\x00', {0x2, 0x4e21, @empty=0x7f000000}})

3m8.834593627s ago: executing program 1 (id=2257):
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x10c4, 0x0, 0x0, 0x80000}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1, r3}})
add_key$user(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

3m8.700836805s ago: executing program 1 (id=2259):
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x21000, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000340)='./file0/file0\x00', &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x3b101f, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)

3m8.502633697s ago: executing program 1 (id=2263):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xa}}}, 0x24}}, 0x0)

3m7.824443316s ago: executing program 1 (id=2269):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket(0xa, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @rand_addr=0x64010100}, 0x10)
ptrace(0x10, r0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r0, 0x0, &(0x7f0000000700)=""/4096)

3m7.503257975s ago: executing program 39 (id=2269):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket(0xa, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @rand_addr=0x64010100}, 0x10)
ptrace(0x10, r0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r0, 0x0, &(0x7f0000000700)=""/4096)

2m55.665569255s ago: executing program 2 (id=2338):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x32cc0000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x600000a, 0x12, r1, 0x0)
getsockopt$inet_tcp_buf(r0, 0x6, 0x12, 0x0, &(0x7f0000000000))

2m53.584163307s ago: executing program 2 (id=2357):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x800000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4048aecb, &(0x7f0000005540)=@vmx={0x0, 0x0, 0x2080, {0x200000}, {"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100"}})
syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000bfd000/0x400000)=nil)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4048aecb, &(0x7f0000001440)=@svm={0x2, 0x1, 0x1080, {0x67000}, {"2733fa6d5841336824a6bc59720ffb9a68b76b67067ad1c269b8b2614e10c31ab117f0f3e430b79bb0b77576294d1b4d61f34d752a849dd5dfbe822926d1498102d872d18e1980f418a682d80404783b089fe9c0028e7e798daeba2e9498dcdc31b658257bb1cdd121d80ea0359bd4497a04a28fc99fad946ac0eea866f5e5650191e1091a0d0004a4bfba86ba12d1ee991102a079d47121557c26a6d09dcc38dcc6e6e158197c318a7a7e4c776dbce1c2719e7b9f90241410dc1ee955f4d8dd8c5dfcb6242fe3182b1c9efbde4aa686440ebbdd9bedda572503e34c63b9055cd4563891ea4632d73d0f4d54aaa68f25e4f47c749c8deefc28d8d2309ad3eeaa7ec983321b1a7a99b7277c84c093e791f5d449b480d9e39d4c6ead5792d70930dedf8cc666e6ac4e27bbb22cc44d4b9f27f971e37dceef1c6ff1f9f34abcae03fc62379fdb5eda9cf8e0549bd05e03ff488921b65f309235f44428975bf53a469b7b0268fa5fa4de433de2d1876e9f8d874d5ef835b01beec3ac4c2b90dd6c3247517cf3187f882b5036bad14e82fbd961507ea9ee29359c09000000b61d228d8ca529c95bc9c2bf5dd49ce88787ef7c467281991de2bf1a62c212e8487f96b9074f036e43454bc5f37e5f23379bc822bb9419a72d7750cfcec3f2bbe116960e286f7ee41b4510de9c14352e28590a61cc64b5f23c3b0d9db6ec5f3b0b4055b27f9136b6786a9aa9dafd1b609c4adf8693eb131a9f700eddb287588b71ebc1a13097adecd8c1fa55af929f479b8fcb3352c3138f5b1f04fdb61b0be946804c9a4f278d375909cdefbcc4f6b08380c6bc471d9b6d566477d670ec0c019870e42b3243f779f89299b6dbb19d9ba6568fa3fd07e308e3cc210d96f59f31e24a8950a477404228ed4ccca639227679ac2bcd2694c7a677b65568e9d360e0a29803fdb1d3220dc36e1d4d42f2aafa5f2e592b2d75662c58da434f6d17033081646320339f97fc4beab3e1f2716247831cc810bdaadecc0df0dab586e126c5191d00c9b39d9e3377577bf48f894aadceb3042f202b0ff8b98d66655ac3bb06cbf491e728b3450d0cb86d98173538d6a9c82217231d0cd6469c7eaa85f9e7705474286ce48fa1374a83893af9508337d6177206afeb7449dab3191f5893df020021eba08a8a54fed68df6410d0370b68fd5a5308fcb9b2ac54805f5c88ff59184722a4586ca50b687d0fd2ffeed70cc948001daff7bf87752dc2fe62489093072b0876d828acd4aef8f1a48c84921647e2eeab04a155bbe11170abbbd9f2c6c3227af27305d33a20551534d483d6e303fa6974c87d28a813e55a412916a8a06f09a75f4a72fde608bfdb8868c50e98a9e20f1ea6e9197cdad67d8778d3e9cf325ef4f0f61399df74c961b2bec40b2754814f6611a31478c5cacf3ecc785e400caf04091d549f56bc27b4cc33af7ac438dba71d859a94d62efccd3cf5a2a1d81563f812966278c4f1c91627128e41c1f0b1d96e400fe36ceaf9a5258feec0c644e6c269b752ed0908eea91b6348dc1075c0a82b8043f7d903ae32aad2e6c3f7bf6e58724c1c682149460f1e0f3e3ef92dc64f8be309ae5f02796adafb65779e1b856213271ac68d1394d31df78c4d1a4bf3ee4d93095192869f38dd164d43367e4cbc939d7d84db5c7df07c67fb450afecf9e4f645cbcb89067d28c439543e07a124d1ca8f7f4c8313d80c80c42f06315d7f3d72fb8a38c12cac0a4f7b2c81ccd427719562afd4c0bbf9337fb0afb5159f50bd75a429e015aea1fe05fe4c20550e4b12a7343c3f0afb7afa36de7280442f241c6d073b754e4605cbbadb3d272da7f0dba477f1a5984ca3adc541bd72a09d1f4f3fd345f39940f747e8524faa353c0be74a819e31ad252b8fe2e14899db18529c46c685278a1df54fec79f0948cfceef1ab6c494d8949a77c42e26643e84419fcab42ce9cc8b0130b76d9db54440704d0dd4dd2d22f73b1d0a7003a8e4ff92a5cd11ee5f54284536d8a7258c6d1c5abde6e648594efb55f359ad5d48ac33d89fb5805730213fdcdd5d0557446d521173e6bc19582535a04ad27b1a920d387a2fed04587f69e5f43be3109cd2b2c34452c2f1bd3d5275147f4d3989d9000fabfd8bcaabd6ee6d8c5b4f11edc1ce83d4e77edd2d7cce66701ef46426d7d60fba5979a7abfbd7d609f8d8ba1687870dfa418c39ce59c004bff8b570bc5c7c64e99db4a360fbf53ff251a3b04ddb09790ed2eb179703d40305c22332805c5f24a326d017cc92b8e5a19175667c64864cc58e47190bbf0e9066ab889e3253321476dc64b54b9ac3d561d77d76cffe89928c54263d3cf1eb95a1285345bf6fa60629ee9d1db84a181c9c609ce940d9edcbb1fc5d1ffef76842c1609a117345f22dc4863e3aee115ced3e00d6307155081a8c5aebd1f87879773eeaec9b4450622391ad56f05a685a9e907b3637e2b8bd82aa9d46f7dae5830ec902337f5db7220b7c5bd1c5516f23e1ade1859a7cb0575cbc4f8b094f87236c5df8b34a56f8c09e12145bcb99d61d36390c6289b81751e84cc6f2719c642d0556d1f51bba799d5ef1c17144ed4a7c8ad564e07848c929ceec02e3df90bcf7a4c32a4cbeab9f350e74d62d3db5986ebe12e612180495ad33e5ddaa13dbbd42609544ff5c8e80a7888e8c6ebad050937eed12594c60a53db1123113e3cfa51f8e003e2b895dea086b8780415a8c7685eb0a2fbd884052b366c49e86a700d32c7ac58a8ea162ee8b62f58668b57267993797c028391acc15b11cef3d02dfb6b5f765022efca4afd949aa471f18cbc5038aa7f6487a409890d270af82342d8d5f85abaafb49e0c7b8403867af35573f0dd83591a968fbcac38cb963322a2e905a89e5079ee2d328e43fec71cfd24960b6f039bb0e1a9ec44ae21208d06523bf0bbd710b878d2bb55fdc0829cb5af1065a114149e291f1b207bbadcdc13dd23fcf910a229e6a5148c8c5bc67cd9fb67f1a73f0123c3a807a1309f5f3a35aaa740eeedd075a48ffda95579d6f75461fb3934c596e0f05e4059ea1ca1ab63d14a0655367a29305a8ed1a274ed6d474efb4e511efa3ee79646763073e72a7e86e60798bad2d623dd49f87669d94b64349c9b8ce0c3af0fb15f92b40f13c9f647480f80fe3206e5a9c5cd08c9d71a4889d938c27ced278fefb2e4265adc0744c0ab75ab4b2fb3bf7d9e69ecab10dbd4a7e3599fbe648943c13ce936a4c8587ae2cbf71df38dfb32caeedf89812f79e204b8b8d988abb480037eb33608ad853c85ab2e7e5eb25f6426b00e7ec9f69092acd7e5dac38a7436a35d947fa695f11a6307405132374b9404923cd74077f93129d06117d829fbd1b2aa895851537610d16e9db787cb35c93334118351e41cf3d20b7aa47eb3f91025041c2d21e9fd101ba3cb8fa2e5e89c98f816490633b6fa387812b4ab8481adbdec2abf62a22a66531d769a84c3c629a189965e7dd5bb05d80cd1e8c71cf4576c371d36d3437b892008c2a4e030b977f8bcd71b9dd5ff77fc517ffe5123c7cdf0fca0df2cda165743dad219c55fa6bc6e8f389d9e5ff2b00b2909254d460737c5a9d5d536947b4ce1d9aa05f8674fa072aaf3188f0b54afa05b5f7199f5108dde8b4af05775ffa6dd70172e2aab9b7ecb01134edb799f11f8d5e4d8fdc23a096eb0be3588c21ad26a82d04095723e12431ee297052089468d54e4c3ab4dcdda50b1cb076e749a9b1b2f7800675117290441ee881f6e519aa7dcdea15238acdfb578e332a4deeb6e2fc3c751b5362bcbcc7a01ddb0be9fac208045e0a3400e08b7b873d125e247931d34722356d56b27c24a798585de7b25ce44c5b59ca8866e3143b935bdb80a65ac18fbbeb93cc08355168c960ccb98dc84593c883bc12117b851a6f4bd4939d0c103a6b5787b54215bc2de14cc99226452912cf11404463c02e4c0ac85c9dd789712c2c4f8236ae580bd203faf81f9afe87c658bc9a77600ff045f032c58029bf7b0db5da3a0dbb952ac9413c872be88801632941c513b8a31af276d2ae3be60bc6d803008b182b7a7d79d69466396c1b6c4218fa41eb6004f2d5586605e9a6b128571d850a78097c9303a4c37e7569e53d30901ab1bd21aa7b778f636a5aad646d55b3c53b79dd38fc4f6ad2934719846149e8adc2a6dce2960f9a872a2d803b461d27817eed5139af390b4491f1471647f4b4a4c52a61dd24ca2cad9fcef4d946bfb4c81d271baa342c60b1ad9abdd7127bc7972b24ce5887143ae8009dbb48050e9df6d235db910cf9bac2873437149d4b75139fa28120d868101b7f7007582c92cb0b4da2ee8c599423d8140ceb58568fb89e1ed7bd61c9ef3f4832a0a19b7aa2146bb821e6fbcd720fcd92bd0feed76af2d816a6dccb6f38bc0eedec901635230f8f4c20ea91a6a4cc6cc1c93c989c693ce7710e847617dadd3fec1b0779a60ca1af6f3be28aa4345e491b40d3bc671f60bcd61355f23132192c1368e340e6b0233ac469a9d1bbb065370d6b6a2ac2bae59fe8dc00b844dfa7e6f4307dc1a165533fd1b3db1ed0bf8ffc8fbe9655799247ec6e5c826c466fbfe28e3ba2fa0dc7fb39c637bab5fc0d5c2382a97962a720d4e852db1273286746aea0548dba1387972b09d7e1860894ef46c1fb6fc34c6308c1f7c2c157183a0c08f700760a6bbf70e27a522ea5c860b0fe0331cceba477fc9583a485f2b7fcf00f58ca57bce8027b4c5a170d0ed0d5bb8a1e66acce1f4325c08dc9ad6c162ccdd4512fb9102932c27f2a48cc98e5507575a11431c938f4344fd3aff118eda16d18faa952adb4c8b8cf2e1f5690582bc5d54f77098f400eb93c16df4be2d0947713d945005eca2cf9aaca91a880bb727e90580bf0e4b41ff1e85e8d1cc4d432830362e36730f2d5bb60a814568e221b740e10604bda03ca5f951b31b8dde4292585d6367fbebc9717526477d9156ffb232e67f810d03a9dd2acf6f7d2362d7b70b67e201de6b85ae6106220141ec28349d9f5c9d8ef03fc2559c1e6ca7795a31c19645226a5d073f487af58fc7090238e9dfa3e16bdff2054360cec3f437ff50e403cf80b03ab694009bcaf5eba1f18ae9daa16916a28afa99671287f9413058b40a9bcf87df5cd3a0806595aaa55c0ff55089844466bae56522d1e8994f0f56be4e5a87c5e5c040f81f2b23c4abd11798115e5f1a93d7d56c796db81207f87640875f1028431647a716dfdcb0954e05209d0d923d7c9bd050041975d07b977816c8ce8223617b39f3e19392eb369a09f54dcaf8bf3aa3fbd2c7f3c8a7e690f4b502927e9f1d6b569bed10dcc5d02427240d6b9f2e6ce1d53fd75ba6a0a57792746974b4907806dd8a71690c99de682a27e11e84ae091adfadeec72d858ee6a6a1e1a638b8a44572bf70d9cf59b37259fabd7fab7a038286052d431b542d040061cc9ad382485fa5a2a7dc7922b40cc2890f9b66aa234705192d4df22772165c75ee227c0a4f1bfdab37e52be7828f25c4d4c097044e0fe9f31cac7b072e461d9e6558e92aff5ec80c0b44bc44205b1736f16b29410c64899833678b4e447ad10d24b7d92d9bbb8b9b0eea3da5bc3cf9355c8fee841c76724f83b0b69d12622b4b32989f95d1a8c3792691e3042583efd2280bea16b3a5bf362ee0a520c54d6b989fe2f5d40bc62feeb4bd5dcd29a3ed49ad732a739f09ff1809e1ce09cf179564b85d718bd03c7b81e8f1e3b258cd6197f42983ffd17824627343365adc07996156189294"}})

2m53.284615234s ago: executing program 2 (id=2360):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xfff1, 0xffff}, {0x0, 0xffff}}}, 0x24}}, 0x44080)
close(0xffffffffffffffff)
ioctl$F2FS_IOC_GET_COMPRESS_OPTION(0xffffffffffffffff, 0x8002f515, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000ac0)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd2a, 0x25dfdbfb, {0x60, 0x0, 0x0, r2, {}, {0xffe0, 0xa}, {0x1, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x55}, 0xc010)

2m53.171529971s ago: executing program 2 (id=2361):
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x204001, &(0x7f0000000240), 0x1, 0xb9f, &(0x7f0000000c00)="$eJzs3E9vVFUbAPDn3k5LS/vS8ubNqxATmxjUaBwKJZiwAtdGTXThktpOSdPhj21NbMOi4F5dGOOCxPARTNzLxpWJC1wofgJiJIboBliMufOnjEyn1DLtgfL7JWfuOXNm7vM8c2HuucncBvDUGi8e8ogDEXE6ixhtPp9HxEC9Nxix2njd3dsXp4uWRa327h9ZZBFx5/bF6da+suZ2uDkYjIjrb2Tx30864y4ur8xPVauVheb48NLZC4cXl1demzs7daZypnLu2OTrxyaPT072sNabFz746rmf3nrx8tVPJ97+ct8PWZyMkeZcex29Mh7ja59Ju1JETPU6WCJ9zXra68xKCRMCAGBDedsa7v8xGn1xf/E2Gt//nDQ5AAAAoCdqfRE1AAAAYJfLXP8DAADALtf6HcCd2xenWy3tLxJ21q1TETHWqL91f3NjphSr9e1g9EfE3j+zaL+tNWu87ZGNF5G+/bFStNim+5A3snopIp5d7/hn9frH6ndxd9afR8RED+KPPzB+kuo/2YP4qesH4Ol07VTjRNZ5/svX1j+xzvmvtM65aytSn/9a67+7Heu/+/X3dVn/vbPJGAfvvXK921z7+u/9z36dKeIX20cq6l+4dSniYGm9+rO1+rMu9Z/eZIzh6ZtXus0V9Rf1ttpO11+7GnGovprrrL8l2+jvEx2enatWJhqP6+x/+fjG8duPf9GK+K1rgZ1QHP+9sbXjf2GTMcae+f1At7mH15//NpC9V+8NNJ/5eGppaeFIxED2ZufzRzfOpfWa1j6K+l9+YeP//+vVX3wnrDY/h+Jfz6XmthhffiDm8KGj32y9/u1V1D+zxeP/+SZjfP3dlQ+7zaWuHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAnQx4RI5Hl5bV+npfLEcMR8b/Ym1fPLy69Onv+o3MzxVzEWPTns3PVykREjDbGWTE+Uu/fHx99YDwZEfsj4ovRofq4PH2+OpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANYMR8RIZHk5IvKI+Gs0z8vl1FkBAAAAPTeWOgEAAABg27n+BwAAgN2v4/q/9I/R4E7mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwK60//lrN7KIWD0xVG+FgeZcf9LMgO2Wp04ASKYvdQJAMqW2fq1WqyVMBdhhrvGB7CHzg11n9vQ8FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeXy8duHYji4jVE0P1VhhozvUnzQzYbnnqBIBk+jaazHYuD2DnlVInACTjGh9oLPXv1Ro65we7vnPPdqYFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGNmpN6yvBwReb2f5+VyxH8iYiz6s9m5amUiIvZFxC+j/XuK8ZHUSQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBzi8sr81PVamVBR0enh52heCzS2HIn9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAApLC6vzE9Vq5WFxdSZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKktLq/MT1WrlYVt7KSuEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdP4OAAD//1rfDrQ=")
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$binfmt_register(r0, &(0x7f00000001c0)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x1, 0x3a, 'usrjquota=', 0x3a, '\x00\x03!\f\xee\x998r~\b\x13\x89\xae\xf1\x06hz\xcc\xd6\xbb\xb8\x19\x90\x9e\xdb\xa2F\xfa_F(\x05\b\x13\x82\x12\xad\x0f^\xdc\xf2\xb5', 0x3a, './file2', 0x3a, [0x46]}, 0x5c)
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000002c0)={0x2, 0x7, 0x1, 'queue1\x00', 0x3})
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2390024, 0x0)

2m51.137429009s ago: executing program 2 (id=2373):
r0 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r0, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001300)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x20000080)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)

2m50.400173322s ago: executing program 2 (id=2377):
setuid(0xee01)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000300)={0x20000002})
epoll_pwait2(r1, &(0x7f00000001c0)=[{}], 0x1, 0x0, 0x0, 0x0)
epoll_pwait(r1, &(0x7f00000002c0)=[{}], 0x1, 0xfffffffe, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000180)={0x800001f})

2m50.040646963s ago: executing program 40 (id=2377):
setuid(0xee01)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000300)={0x20000002})
epoll_pwait2(r1, &(0x7f00000001c0)=[{}], 0x1, 0x0, 0x0, 0x0)
epoll_pwait(r1, &(0x7f00000002c0)=[{}], 0x1, 0xfffffffe, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000180)={0x800001f})

1m9.671541727s ago: executing program 3 (id=3100):
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
r0 = inotify_init1(0x80000)
inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x4200062d)
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x70c80, 0x181)
r1 = syz_io_uring_setup(0xbd9, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x0, 0xff}, &(0x7f00000001c0)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)

1m9.398077783s ago: executing program 3 (id=3103):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @mcast2, 0x3}, 0x1c)
setsockopt$SO_BINDTODEVICE_wg(r1, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

1m9.068097622s ago: executing program 3 (id=3107):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{0x0, 0xeeef0000, 0xe, 0x0, 0x81, 0x4, 0xa, 0x4e, 0x0, 0x5, 0x6, 0x1}, {0x5000, 0xffff1000, 0x3, 0x5, 0x2, 0x8, 0xd, 0x3, 0x0, 0x81, 0x8, 0x1}, {0x5000, 0x0, 0x0, 0x7, 0x3, 0x1, 0x7, 0xf, 0x8, 0x6, 0x2}, {0xeeef0000, 0xd5dd0000, 0xe, 0x2, 0x1, 0x3, 0xc, 0x0, 0x1, 0x6, 0x4, 0x9}, {0x100002, 0xeeee8000, 0x9, 0x0, 0x80, 0xee, 0x0, 0x7, 0x7c, 0x0, 0xe, 0x9}, {0x3000, 0x4, 0x8, 0x1, 0x5, 0x4, 0x1, 0x1, 0x6, 0x86, 0xb, 0x2}, {0xeeee8000, 0xeeee0000, 0xc, 0x7, 0x7, 0x3, 0x1d, 0x47, 0x30, 0x2, 0x8, 0xe1}, {0xf000, 0x2, 0xc, 0xf8, 0xfd, 0xa, 0x2, 0x44, 0x3, 0x8, 0x5, 0xce}, {0x4, 0x7}, {0x108000, 0x5}, 0x80000035, 0x0, 0x0, 0x40, 0x7, 0x1000, 0xeeef0000, [0x5, 0x8001, 0x8]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m8.666741186s ago: executing program 3 (id=3109):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x48a, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@grpjquota, 0x22}, {@errors_continue}, {@noload}, {@nombcache}, {@usrjquota, 0x22}, {@errors_continue}, {@usrjquota}, {@barrier}]}, 0x1, 0x455, &(0x7f0000000d80)="$eJzs3MtvG1UXAPAzdpy+v+Qr5dHSQqAgKh5Jkz7ogk0RSCxAQoJFEauQplWo26AkSLSKIGURlqgSe8QSib+ADWWDgBUSW9gjpICyobAyGnsmdRPbeTlxqX8/aZJ7fce693jm2sd3bAfQtQbSP0nE3oj4JSL6atU7dxio/bu1ODv29+LsWBKVyht/JtX9/lqcHct3ze+3p1apVFr0O/92xGi5PD6V1YdmLr83NH312nMTl0cvjl8cvzJy5szJE0d6T4+cakuc+9KxHvpw8vDBV9668drYuRvv/PBVOt69WXt9HO0yUHt0G3qy3Z112L66ctLTwYGwLsWISA9XqTr/+6IYu5ba+uLljzs6OGBLVSqFyo7mzXMV4B6WJupAN8pf6NP3v/m2TanHXWHhbCytY9zKtlpLTxSyfUrZe6StMBAR5+b++TzdYovWIQAA6t08GxHPNsr/CvFA3X7/y64N9UfE/yNif0TcFxEHIuL+iOq+D0bEQ2vsN19lXn6FZGX+U+nbcHBrkOZ/L2TXtu7M//LsL/qLWW1fNf5ScmGiPH48e0yORWlHWh9u0ce3L/38abO2+vwv3dL+81wwG8fvPcsW6M6PzoxuJuZ6C9cjDvU0ij9ZynnT/PhgRBzaYB8TT395uFnb6vG30IakvPJFxFO14z8Xy+LPJU2vTw4/f3rk1NDOKI8fH8rPipV+/Gn+9ay3ZHnbpuJvg4Wbldjd8PxfGmp/sjNi+uq1S9XrtdPr72P+10+avqfZ6Pnfm7xZLfdmt30wOjMzNRzRm7y68vaR2/fN6/n+6fl/7Gjj+b8/bj8SD0dEehIfiYhHIuLRbOyPRcTjEXG0Rfzfv/jEu+uPv8WqfBul8f9RWuX4R/3xX3+heOm7r9cffy49/ierpWPZLWt5/ms1rutTmzmbAQAA4L+nUP0MfFIYXCoXCoODtc/wH4jdhfLk9MwzFybfv3K+9ln5/igV8pWuvrr10OFsbTivjyyrn8jWjT8r7qrWB8cmy+c7HTx0uT1N5n/qt2KnRwdsOd/Xgu5l/kP3Mv+he5n/0L3Mf+hejeb/Rx0YB7D9Vnn937Vd4wC2n/wfupf5D93L/Ieu1PRL8oVNfeVfoUOFb3o391sNay9E4S4J+Z4plKJhU0/LH7NoQ2FHw6ZOPzMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0x78BAAD//0k+5Mg=")
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x9000, &(0x7f0000000000)={0x0, 0xd}, 0x20)

1m7.0423045s ago: executing program 3 (id=3117):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x2ff49051d920611, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x0, 0x0, 0x0}, 0x94)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000004c0)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0xe)

1m4.997367269s ago: executing program 3 (id=3131):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'pim6reg1\x00', 0x2})
io_setup(0x400e, &(0x7f0000000600)=<r1=>0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0x1)
syz_clone3(&(0x7f0000000080)={0xa1800000, &(0x7f0000000040)=<r2=>0xffffffffffffffff, 0x0, 0x0, {0x5}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_submit(r1, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r2, 0x0}])
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @link_local})

1m4.700732447s ago: executing program 41 (id=3131):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'pim6reg1\x00', 0x2})
io_setup(0x400e, &(0x7f0000000600)=<r1=>0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0x1)
syz_clone3(&(0x7f0000000080)={0xa1800000, &(0x7f0000000040)=<r2=>0xffffffffffffffff, 0x0, 0x0, {0x5}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_submit(r1, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r2, 0x0}])
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @link_local})

46.668823618s ago: executing program 8 (id=3217):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000540)='./file1\x00', 0x102)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r0 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43)
mknodat$loop(r0, &(0x7f00000002c0)='./file1\x00', 0x10, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
execve(&(0x7f0000000100)='./file1\x00', 0x0, 0x0)

45.910371722s ago: executing program 8 (id=3220):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000300)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='&\x00\x00\x00\x00\x00\x00\x00', @ANYRES64=0x0], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)

43.171707153s ago: executing program 8 (id=3232):
r0 = syz_open_dev$sndpcmc(&(0x7f0000004240), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS64(r0, 0x40084146, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_udp_int(r1, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4)
recvmmsg(r1, &(0x7f0000000240), 0x80000dd, 0x10003, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x200000, 0x0)

41.383103517s ago: executing program 8 (id=3242):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000600), 0xfec8)
r2 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)

38.166564254s ago: executing program 8 (id=3256):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x880}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@delchain={0x50, 0x64, 0xf31, 0x3, 0x4, {0x0, 0x0, 0x0, r3, {0x8, 0xffe0}, {0x10, 0xffff}, {0xffe0}}, [@filter_kind_options=@f_flower={{0xb}, {0x20, 0x2, [@TCA_FLOWER_KEY_ENC_IPV6_DST={0x14, 0x21, @mcast1}, @TCA_FLOWER_KEY_ENC_IPV4_SRC={0x8, 0x1b, @remote}]}}]}, 0x50}}, 0x0)

34.347938177s ago: executing program 8 (id=3268):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0), 0x800, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$AUTOFS_IOC_READY(r1, 0x7439, 0x0)

19.245447788s ago: executing program 42 (id=3268):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0), 0x800, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$AUTOFS_IOC_READY(r1, 0x7439, 0x0)

6.566071987s ago: executing program 4 (id=3420):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x149800, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000001c0)={0x10000004})
io_setup(0x1, &(0x7f0000000b80)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000001d00)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
r3 = open(&(0x7f0000000000)='./file0\x00', 0x82, 0x8)
write$P9_RXATTRWALK(r3, &(0x7f0000000200)={0xf, 0x1f, 0x2, 0x4d406712}, 0xf)

6.085249925s ago: executing program 4 (id=3423):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x58, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x1414, 0x2021}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x20, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR={0xa, 0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x29}}, @IFLA_MACVLAN_MACADDR_MODE={0x8}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x8000002)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x26004411}, 0x800)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x4)

5.516286518s ago: executing program 7 (id=3425):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}, 0x1, 0x0, 0x0, 0x4c840}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0xfffc}, 0x4000800)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@delchain={0x38, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x8, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x4}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x0)

3.234600301s ago: executing program 7 (id=3434):
mkdirat(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0x45)
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000a80)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x7, 0xfff1}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=@newtfilter={0x3c, 0x2c, 0x601, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r1, {0xfff3}, {}, {0xc, 0xd}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_IPV4_SRC={0x8, 0x1b, @local}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48800}, 0x24000840)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3.215931772s ago: executing program 4 (id=3435):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
exit(0x100000000000035)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, 0x0, 0x0)
tkill(r0, 0x12)
wait4(0x0, 0x0, 0x8, 0x0)

3.08608451s ago: executing program 7 (id=3437):
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x8, 0xffe, 0x1ff, 0x42000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="280000005200010004000000000000001c0000001400", @ANYRES16=r0], 0x28}}, 0x0)

2.930361569s ago: executing program 7 (id=3438):
r0 = fanotify_init(0x200, 0x0)
r1 = memfd_create(&(0x7f0000000500)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x1c\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\x83\x11\v}k+\xeb\xc3\xc0O\xae\xd2\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb901nEy\x82\x83\x80\xd3O\x00|hP\x00\x00\x00\x00\x00\x00\x00\x05\x86\xfe\xd9\xa5\xc6\nSy\xa3N\xba-]\'q\xc6\xfb\x02\x9a\xa9Z\xa8\x80Bx\xbd74\xcf\"\xa5\xea$\x95\xfd\x06T\xef\x89\xe4j\x06\xdc\x15\xe7\xc3\xb5H\xf7\xdc\xee\x182\xab\xe2?\"\xbewm\x9d\xd8x\xd92\xeeS/\xd2\xcd[\x9dcO1\xcb\x12lZ$\xa7\x9d\xf8b\xf6}\xc5``\xfe0\x8a\'v-\x99`?\x97\x8c\xdd\xd6\xfa\xa2\x06>\xf3\xe2uI\xe65C\xdb\x84\xe6eU\xe8RK\xd6=s\xcd\x9d\x1f#3\xc5\x16\xd0\xbbD\xc5\xde\xc8/\v\xa5W\xbep\x87\x15\x10\xcdm\xa7\x93\x01\x1c,9V8\xdc\xfd\xb7\xc0\xfc\x04\x00p\xad\x12\xb2\xbf\xfbFZ\x1a\f\x99\x05\xe4\x1eP\xed\x87\x89\xbeo\xfbv\xb6\x8a\xee\xf6Oc8\xaf\x11[\xc3\x98w-\xf0\xb2z\xc7\xaf;\x92\xad4\x1b\x92L\x97<\xbdh\x80\xf2\xc0\xd0n)K\xf2#Ncp\xe4\xb4\xfb\x94\x18\xc2-TWA\x13\xfe\xea\xad\v\xc4\xa5\x02\xf9\xed]\xf4\\\x01\xab\xdc\xb6\xcdP\x93\xf2\xc3\x96\xf2\xc0\xd6-x\xd5\xd6\xc7\x9d\xa5\x1f\xd2t\xd7\x8f}b\x9749\xd4a7\x18\xe0\x91KV7[\xb8\x8dL\xc8\xc8\x8f>sbE\xf5\xa7\xdb|\xb0m\x16c\x84\r\"\xf2\x92s\xeb\xaf\x1c\x00\xf4\x8dL\xa5\x10\x89FB\xfb8\xf9\x9d\xcbm\x1c\x91\xe9fd$5\xdc\xad\xec\xef\x90\xd9\xefX\xd2m\x9e\xec\x94w\xb3\xf9\xd9\x0eu-z\x81\xbb\xa6\xc0\x00\xa1\xd9\xcbI\xda\xa3\b\x9e@\xb8\xc8k\xdeQ/\xb8X\x9c\xff4Np~\xc4\xc1_\x1c#zX\a\xd41\x1c\x7fH\x91\xd9k\x05\x1f\n\b\b\x88\xd6\xcf4i\xa0B\xe7\x9c\x9c\xe6\xcax\xca\xa1E#6\xe9\xf31W\xd0\x1bY3/\x00I#\xfa\xb0\f\xd5!\x9fR[\x0e\xdb`\xdb\x82M\'k\x16(\xfa\xc2\xec\x96e\\Q\xe9\x19\xe1u\x86\xcb\xc3\xb0\xb8\x19\xb9l\x1fk!R\xb1P\x8b\xda\xffE\x89\x97\n\x17m\xd10\x1a\xe7Qz\xd8\bi\x8dRw+\xa1^N\xaf\x1b\x1dg\x8f$\xbe\x93\x8d\x8b\xfd\r\xee<\x84\x95\x82)TH\xcac9\x98\x13WW@;\xb4\xd5\x0f\xa1\xb3xX(\x80\xe8\x89\xed e.\xe04\xba\x9c=\xc6\x04\f\xbf\x06\xce5\xf99GD8@\xd2\r\xd0\xdf@\xe3\xbe\"qq#]\x86W\tA\xa7\x91\x85\xae\x9c\x8dO\xa6\xa3\xf9i\x83\xc5\xa8C\x164\xef\xa4\\\a\xaa%\x94!3k]\xd5\xbe\'U\xf17', 0x1)
r2 = dup(r1)
fanotify_mark(r0, 0x1, 0x8000046, r2, 0x0)
r3 = dup(r2)
write$binfmt_elf64(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="7f454c4606ff78a33e0200000000000002003e00cd000000c9030000000000004000000000000000ea02000000000000000001000500380001000600b10600040300000081000000ff00000000000000f50f0000000000000500000000000000b801000000000000"], 0x178)
pwrite64(r3, &(0x7f0000000040)="aff4", 0x2, 0x800)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

2.75379115s ago: executing program 7 (id=3442):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000044, &(0x7f0000000340)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@nodioread_nolock}, {@bh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@nouid32}, {@noblock_validity}, {@user_xattr}, {@minixdf}, {@dioread_nolock}]}, 0x1, 0x55e, &(0x7f0000001bc0)="$eJzs3d9rW+UbAPDnpM1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLqMJh1rHbhduBtvZAgiDsR7vfdKhv+Af8VAB0NG0QtvKic9abs1adIuWzrz+cDZ3jfnJO95cs7z9n1zTkgAA2s0+6cQ8WJEfJVEHI6IJF83HPnK0dXtlh9en8qWJFZWPv4zaWyX1Zuv1XzewbzyQkT8+kXEycLmdmuLS7PlSiWdz+tj9bkrY7XFpVOX5soz6Ux6eWJy8sybkxPvvP1Wz2J97fzf33509/0zXx5f/uan+0duJ3E2DuXrNsbxBG5srIzGaP6eFOPsYxuOr/7XizZ3haTfO8CODOV5XoysDzgcQ3nWA/99n0fECjCgEvkPA6o5DmjO7Xs0D35uPHhvdQK0Of7h1c9GYl9jbnRgOXlkZpTNd0d60H7Wxs9/3LmdLdG7zyEAOrpxMyJODw9v7v+SvP/budNdbPN4G/o/eHbuZuOf11uNfwpr459oMf452CJ3d6Jz/hfu96CZtrLx37stx79rF61GhvLa/xpjvmJy8VIlzfq2/0fEiSjuzerjW7RxZvneSrt1G8d/2ZK13xwL5vtxf3jvo8+ZLtfLTxLzRg9uRrzUcvybrB3/pMXxz96P8122cSy980q7dZ3jf7pWfoh4teXxX7+ilWx9fXKscT6MNc+Kzf66dey3du33O/7s+B/YOv6RZOP12tr22/h+3z9pu3WPxB/dn/97kk8a5T35Y9fK9fr8eMSe5MPNj0+sP7dZb26fxX/i+Nb93/r5/8va6+yPiE+7jP/W0R9f3tdN/H06/tPbOv7bL9z74LPv2rXfXf/3RqN0In+km/6vw34VY8dnMwAAAAAAAOxehYg4FEmhtFYuFEql1fs7jsaBQqVaq5+8WF24PB2N78qORLHQvNJ9eMP9EOP5/bDN+sRj9cmIOBIRXw/tb9RLU9XKdL+DBwAAAAAAAAAAAAAAAAAAgF3iYJvv/2d+H+r33gFPnZ/8hsHVMf978UtPwK7k7z8MLvkPg0v+w+CS/zC45D8MLvkPg0v+w+CS/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBT58+dy5aV5YfXp7L69NXFhdnq1VPTaW22NLcwVZqqzl8pzVSrM5W0NFWd6/R6lWr1yvhELFwbq6e1+lhtcenCXHXhcv3CpbnyTHohLT6TqAAAAAAAAAAAAAAAAAAAAOD5Ultcmi1XKum8gsKOCsO7YzcUelzod88EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOv+DQAA//8Kozfs")
r0 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x5000)
setresuid(0xee00, 0xee00, 0x0)
fallocate(r0, 0x0, 0x0, 0x8800000)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580), 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x40305829, 0x0)
timer_create(0x2, 0x0, &(0x7f0000044000))

2.503678104s ago: executing program 6 (id=3444):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'vlan1\x00', <r2=>0x0})
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r3, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x3}, 0x1c)
sendto$packet(r1, &(0x7f0000000180)="02030e00d3fc02000000ab5d71b9edd7c9560385dcb188a8", 0xfc9c, 0x2004c8a1, &(0x7f00000001c0)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14)

2.428654928s ago: executing program 5 (id=3445):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000280)={<r1=>0xffffffffffffffff}, 0x106, 0x2}}, 0xfe5e)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000000)=0x1, r1, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}, 0x2000000000001005, 0x19dff, 0x4}}}, 0x90)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000280)={<r3=>0xffffffffffffffff}, 0x106, 0x2}}, 0xfe5e)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000000)=0x1, r3, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r2, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {r3, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}, 0x2000000000001005, 0x19dff}}}, 0x90)

2.206498851s ago: executing program 4 (id=3447):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
r1 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r1, &(0x7f0000000200)={0xa, 0x4e23, 0x5, @ipv4={'\x00', '\xff\xff', @loopback}, 0x4}, 0x1c)
listen(r1, 0x50)
listen(r0, 0x5)
syz_emit_ethernet(0x4f, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd6c2d01000019840100000000000000000002000000010102fe8000000000000000000000000000aaa5ba94e385673ccfd3fe184ab0643975bcc85fbf438632261b"], 0x0)

2.171098393s ago: executing program 5 (id=3448):
setpgid(0x0, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000040)={0x0, 0x0, "d607f8f9951e76c13f64323723e7eecdf40c363423eb3d259266ec9c37865c6c1a4640ce1b22bb3327ef4f001d34c09f39c3539e4f8d3ee0878ae95bc7f52363c468b257ff3e24852548deb01efd54f11ed2c41d078b9cf1fc8f725616b694bb4a6e4606c3fb19d1d2bd3c8c4e97da2213f9d5c3b90400000000000000c279f03558083906666827d61dcc3a633b72fad6265a293e3877adc1660edbc9a0307a25720a170e7f5670e419dc44febf7ddc73fd4a5a0b6c28665f7f46c7084e17c809268103a2584ab40a68e528329dffafc3612e325c1eb4a3ab2e156a97444800", "0615e456c196e819a321fdb3690bfab19538829a732a01781564ef7738cb5b82a704b3952f81c68bb4ceeaad63206f88201638e87c4981cbf9332cbc9c4d69e392bd33237ece7ad91e44edac0da8dacad81adf2e08c21ad6b44ce1f90bd618c255ca40cdb411485fb48a51d329c816b3488c7d032ef69c502c6e1236bd381efd410165988847c1dcb98a18ca2b853910e52044fa3b3026cb88de269537c8f26ffc3b15cbf279832bfc90bd95939043182e88050dfd2a4784a5d1453610fb1f1c2bac36c3ecd3e6fb756ef8880debeef3636afd981d8af4ab119928448f90351aec113335eacf52a18c87738d9679d3acc032a16fbefc64776f363610a15b37bcd36e6a7cba931151b9c9ba5779d550e9ab21603a43a25f3b4895d8dc4f3ce0e7d5e964e888169ea79a0848e9338b3d34d62e963fbf98834f4455419907f0ffdb76373af77a34edee7789f56e7f01bdab9614a0d460f791a06e6cf5243bf2b3a1624a80ec7e1116f1c81f5ef4b895be74bf67eea9193428b58a8b62b7976d3d2e59796c46ec918c83cd49c3f43dbd2967586966c19ace7b0bef5f94eb333b362649f1bfa114f8b1f126e97ec672cff77e2130823fa7a1df6760c6a8917815e9f0a409ed32b133df7dc9afceffcd472b35145c83c9167764d25ce214133c6170adeb6653b30b226a3b6ff1363ac862a540c7fab584cd051ce7ee951e0f121d43cff75afbdec6bc6f6e8f7db58c8086751320d22ee8582e915cabc536e3767e9a9230c8ae8b92398f0ca2a7141ea4588af7afde10e5ec2a6fe85ba5712e126629d4e3998fc4721cb638f2ef8356049e3448466e2c400d5e8baf843fa399907cb526b791c5350ce29204cb6fe50b892a69ec6dbecc28f032a745738faa12c2a34222942fef0ec0511da5fe0b565ceac429da7cc25cfe0320b40a514723e2392a6a361032343edb79fd83cd0a354837153542fd61b3156b54c566036e493250c3a3214738e3cacc24a50d5dfd17d5008b4ca629c3062f3417cb69c48b8b888ae51256bb4e6c68e95a71a00383ad9df263f6a775ded64fef20ed5cb5f31c33cb86f839d00a12e40cd31219113619c4e0585454cb1776278bfd7f5c4275792afb790e83ff0fc6925355c7aee7a070477d9ec2292366e39b9dc66f7adcf449a1a718e5217183faf0f679efc5cef20bcdcf2d12ea0684084ec0d693256e280025b23b5a08b7b1ebe7d41fb045793f971d6ee066604818cb09d86c1eda99a44c35476a113fd5d1a7543f8f99424ebb78dd9e00d719502a6eafa743a061fa3fa55e4deaa0a011b6b9d633f10e0c9446b5a2e3f6d6014ab00695366c1a6bf0c32f703aebb7988c7d4d322681458e85626302c70f37628835e1fcfff1da3099c0b4af433eb9a51f9609f2c0c09a98b18880c846b34d6ac0210f073765666100976ee1d928893f983580ea47a012144633b98e02c3e81869534ab985eb3a73e0bac892dac949f85db949285a6a7a490b1075467226af23df82d8dd09b7282490fbb3ada9ed4cae8f761aefbe0701de6b132f12044c58ac1c2607c8f51361de5bed021dea13fd0a440263cf0b304522a324b581ab274e7bdae5994316657b5c0ab0220d9b08739729f7a35d436878c182aec4f08dd161c11ee5b7937fae7835e8bfe98a44c8d4bbb2e0c14968035dbcefad96a9fc8132e60f3ef7c735bea1934b37df451f981c8d9210e61278c871e6dad6ceb89aa4d7245658a63e65cec7b81d307426a60a31cc917844a14e1d9ad83bef1c9f736d1836687c950d1275caece0d46ab9f3b0e95d9cf560eb8134e8346b35e0a6f60e6a87a14c4aeb3e0d06158390660a52a6e44b524c1e16de2bf99870f78fc81d267072bc63e97d3f26d23fd59799ff2c847d6a724cebc2377a582ba73d99a610a095c28d66c60910ac64b7d18847fa98fd8528b72e0a149b082c731575b2e2763e67c821ba29eecd8b8c87981c4fb1fbbaaa4e8aa077ec98de1362fc7af7a0ac5e3297fd0d924124b2e255b5cc4f6b0873f3d34418d5ae0d6f734628f38cb9b856b2db3fbb2fafb76983eabc51a348e55789e997fa25cbe6e5031bd2e33d4e2686f964a65d1abf7f96a20a8b270b1522ace4adf6fdade5cd3f101574960d13267e2382f70027ebe5ef7f9418e14e6a8a130d2aec2253c8fe21825e3295774db0c9b1340ea28a96589ba0d9f79aa61b92aea6f704ef7f716d849b8c77e6922e198a086d8133491d0bb85b925825a6d307d7cc8f09c655aa3edabf84c75560dfb279ee3e8b825323279edc58c3161e72cf9ae02ef80d500da922c0abeb8b164abd9c17ef7c02e89000d67b0c2ddd078cacbf37c4826be3845948d598980d63c1d7aade89d0637d80a4c102a35eb027a08ef90cc20d17fc514926914e68e5de54b861200ffa4ce1cbc16e4ecf342a1176cdb561f7dea38b3ae0fd81260f72d34e6f33d364cf313d3b3161410dcbf5f0f0579a1d235b49bb5d27f85825b94f1899e7846d0292ad912d934574f9d55d2152dbfb39d662e6e0f2496182d012af8b4bebbdfa1d68e3e988869fb5cd9612db97e6cc574444f4b5025ec9827bafc55341bf6ad3fd4fab2ee43f343cb9bcec0c38384b5699e5c6d5973ba591978275c51a40200d340b9ed3681f08c69f58320f538f9cd78a34eb6ed55710d2478ea4bd15813921817b42f88f1bb038033b519668f0a2e8693b9a19c7bcf96eec04bda625b31c32f4286be922ab2c87aa30310c8f46551450d5bc26b5fbfdedaae0f756384023bb9a28d3200cfeaedd63d6afe076513e8ad73d16607cd4ede16344e60d8707357e82b1089258c56d851a435e23ce0919825e04471dd61a44c43e87c2959d4e89311a30ee8be010094d0ef109bb210dda58b21b685b9e9c078c9ded6117d9a88dd7799291969851cd4c3f22b5f870a275a692188dafcf6e89ba87b0eb61011de031fda25fb3349901d40da2bbdb76eda417c9fafd90fb23504ab150ca0033ea1d00000000000086ba3aaa79d0df4f2e4e4afa565e66d28aa167f835d080bf1d41d0e52dbf81c671f8eacae234bf4fc328302671fab46613b73daf2ace80aff2f80f6a9d84b82480178cc612aa90adfc80ab3bba7d1527fc6ab04f009011bf093494a0d329df4e53d855b1c0ff6a25d22052b3a778e1ca2fbe59c9eeedf99e13682d06da269560524ffa0f404b73b946edf900ee958ceba09a051e27a620fb78e7a352c182c8c2981ce822eeaf6323965b4b3f322d40d406a158b6f3cf5d74802de952fefc341d0dead6c1c8fed8e48e0a85b51c1dcc7796d3f45bb1f50467a475da76c356c9e031b096867da1dbb89c3a038d475dbcdb2df1278d5dba55c2fb5ba6a9778c2a244198491f0f711cdb2ef0332f347afffb1b098b4c59041ccb0c286bb2dd40e7ec713f6ffe0b1067678c748615dae3c1e090f3739a9035767fb9972580d19fdef49a5071f99c3706b8fa4991f430721cf3ca11af0e3bd7c4d0cd0ab5b7d98ee66730c20a098110e4a15ce0bfc88c41fe375f261fe3557e14eb5ff4a2cdf6a008fd7b6702951b8456e940fbd269a0f3ed515ac03cfecce67027d579e1226bd7b7381827453550343566508d38790ee838c3bf85c6c91a45e7a44752f57313533a3e82e4042e65d346afb20c0527575f79080aef4e1aa8d5868d190c8d37bdae7592e41bed37b9d4c30d8126d3debde02dff25f5ef1e48133e2a41cd55347bd23dcce57a00189619db629c530dc112d22ac72bce353681264b5175be40b3ba84408d0f56762cc720e96c128447be7128748e185be2640115556bac64d060207e629b0144e501c1c49c6abd15c7982b01e22da2ad04bb28df1a27f31e18040c16406071d798bb40d901d001e22cc5ed870d08702f49f0021814cdd814901a13c7ab061bb4b8172c639b3449e24f656fee58186e69e6874ea95d946da781b49ca080ffb4a3c87746c661f43e9be52d0ba2ee368b9c143687c8846abac599069decf41e69fddcadf31c5f715917df12df4eedbfcc5805fe8e661b8fcd7b130d7bcc4a9a152de93a15dddacf3cf52479956185a3c5000d18ddce0236d5858c0d8761bca7446e3d30f3e8f48d5e8f86a60cbe46f038b1028ffd35590bdacfeebb86e28d42a923bdc3f9a307b919341a2a7dda096d41070db245c2c424aedd4a4bb9863169454d09f25fd0aa2da7bfc97ad7aca886dd998e041133e07899ad48f7cda600de48ac3951152dfbe6331b8acae24cfd2dd2b14696c75040685c756942a0d049ee9863a2e480388f93876f3910ecb3a59fa16c25b2b3636a542f92744495e10a4ce37f19f5c2256e2d61775d388e2a86b52f76add2f956aa02501f5badb94da12595b2bbf88b05dc70caae6766fd3df4f299d0ff71c8787249b255ea49b3d33b3f1a8c9403cb75d64264465c3578538382b23d721f8a49134020ca2d9e887d9949624ac6d63322b6507e277a0020db9bfa2928736b96c72fa3406a95adfe6b374ffa27001d37d3bbe725e75c257834572026c511f57dce67153a4008f9e75e07ed9237f600005800ee667c137fc78bc4fd4ebf4d228979ab0ccafbcd8b8daad76fb2abcfc585377ea6e19f170db898b950a7b0f4e75466a2ba26e7d60e0a6f5c54a3fe78677f3362c5b01ae791b62ee8a5d0fd65b739ece4f3b758d05a8e4e4ea7e4866ee67750ce2769f72a9f45780eadfae73b42d4dd4c614c797c694ece8af88cc732edabfa26ace57de54835c7551154dfa3be11a0d3b5845ac97b2da84410a652e72cd563acbb2b02bb59370cebaaa80014e3ad280944eae6fbf8d5f85237257bb5b8e5ec3e52dc06f8394176b325a577804e9eb78d7015172d17ed15f905f705d56687f53988bb207c74fbeb2b03a700258e835362886239f4d8f1c2cf6d4d10ff26d2579ea40a5fb99e5b6d01cdeda050d3faa78ed674f2899be08332086c8bf0410a7d06099c50a2d949d49a0f21b43bcdfbdf435875cf5a9def46db63746574ee8a5b1fbcef411154e914dd9e5bb1b1bd2944581083fb66a017e7972df3daefc487e4198cb281d3a80637d52b41738b7f1a57c867d5b2ee5d72465657593339506fd0c3807cd6445eb54cfb5ca9d35ef93eec6383224ebf85197eb6ed75f6c324f6a0345a25be6bb52ed347e57ccb059b903fb7db4e9f46513a4158ce29c1f5d6081b556bbc471e89225cad81aed34dae0f90ee8e7237b3b286e29b49d7a1700c537b28571f7d7e2a55e10792d6f7779ddefa3febdea5693048372a45903c04f1035a96c6cfbe6f6c2b754581aac02f8a70e698be6e37fd411cf4b76317b47683f6b0f80dfdeef3a9767c7e5c30dff786093a21477431fea0458023953700"})
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
socket$nl_rdma(0x10, 0x3, 0x14)
rseq(&(0x7f0000001080)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x15)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x2]}, 0x8, 0x180000)

2.092681448s ago: executing program 4 (id=3449):
r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000280))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000000)="1c681411f7a496c0dacc6a3c24465b016f64b4c00b5f7c691cb24cb8000000001a0000200000000000201500", 0x0, 0x48)
readv(r1, &(0x7f00000001c0)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000001440)="e403402e6d69aa1cef9ef9a6a8a811114a73730561f86ec24fbd20a031516af10645443ba1ea91a31e618c729fb36241fc852cf7795cc3c0d78ae4de1e5110eafba42f764d048680", 0x0, 0x48)
ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000140)={&(0x7f0000ffd000/0x2000)=nil, 0x2000})

1.922607378s ago: executing program 6 (id=3451):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r0 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x1381, 0x10, 0x3, 0x2c9}, &(0x7f00000019c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0xc, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81800, 0x1})
io_uring_enter(r0, 0x749f, 0x7, 0x0, 0x0, 0xffffffffffffffe0)

1.869234321s ago: executing program 5 (id=3452):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000600)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x200000000000}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@empty, 0x0, 0x3c}, 0x2, @in=@broadcast, 0x6, 0x4, 0x1}]}]}, 0xfc}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0xdd52d6c}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x200080d0, &(0x7f000072e000)={0xa, 0x0, 0xfffffffd, @empty, 0x4}, 0x1c)
getsockopt$inet6_buf(r2, 0x29, 0x3d, 0x0, &(0x7f00000000c0))

1.764346017s ago: executing program 7 (id=3453):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x13, r1, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
write$binfmt_aout(r1, 0x0, 0xffffffdb)
sigaltstack(0x0, &(0x7f0000000080)={0x0})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

1.761798667s ago: executing program 5 (id=3454):
syz_mount_image$ext4(&(0x7f00000008c0)='ext4\x00', &(0x7f0000000300)='./file1\x00', 0x800080, &(0x7f00000000c0)={[{@test_dummy_encryption}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x6}}, {@errors_remount}]}, 0x1, 0x473, &(0x7f0000002fc0)="$eJzs3MtvG8UfAPDvbh59/5JfKY8+gEBBRDySpi3QAwdAIHEoEhIc4BglaVXqNqgJUltV0CJUTgghcUcc+Rc4wQUhTkhc4Y4qVaiXtpyM1rvbOI7tJqkdp/jzkbad2ZnNzDe7Y8/u2Amgb41l/yQROyPij4gYybPLK4zl/926cWnm9o1LM0lUL7z7d1Krd/PGpZmyanncjiIznkaknyexv0m7Cxcunp6uVObOFfnJxTMfTS5cuPjCqTPTJ+dOzp09fOzY0SNTL790+MWOxJn16ea+T+YP7H3rg6/fPv5ltm+4jL8hjg4Za1f4dLXa4eZ6a1ddOhlsLN2zsZ1h1QYiIjtdQ7XxPxIDsXTyRuLNz3raOaCrqtVqdUfr4stV4D9se90rQcaQh35RvtFn97/l1jgJeLU7U49N4fpr+Q1QFvetYstLBiMt6gw13N920lhEvH/5n2+zLbrzHAIAYJkfs/nP883mf2k8VFfvf8Xa0GhE/D8idkfEA8WT/QcjanUfjohH1th+4yLJyvlPem1dga1SNv97pVjbWj7/K2d/MTpQ5HbV4h9KTpyqzB0qfifjMbQly0+1aeOnN37/qlVZ/fwv27L2y7lg0Y9rg1uWHzM7vTh9LzHXu34lYt9gs/iTOysBSUTsjYh99QeuWONp7dSz3x9oVXb3+NtYQx9aqX4X8Ux+/i9HQ/ylpP365OTWqMwdmiyvipV+/e3qO63av6f4OyA7/9ubXv934h9N6tdrF9bextU/v2h5T7PK63+0/pjs+h9O3qulh4t956cXF89NRQwnx/NO1+8/vHRsmS/rZ/GPH2w+/nfH0m9if0RkF/GjEfFYRDxe9P2JiHgyIg62if+X15/6cP3xd1cW/+yazv9SYjga9zRPDJz++YdljY6uiP92+/N/tJYaL/as5vVvNf1a39UMAAAA9580InZGkk7cSafpxET+efk9EWllfmHxuRPzH5+dzb8jMBpDafmka6TueehUcVuf569ERP7RgrL8SPHc+JuBbbX8xMx8ZbbXwUOf29Fi/Gf+Guh174Cu68A6GnCfMv6hfxn/0L+aj/9tG94PYOM1Gf8GP/SJZu//n/agH8DGaxj/lv2gj3j+B/3L+If+ZfxDX1rYFnf/knzbRPmTmtYp/7Tw+poYPJ8ffY897E0ihjZFN/LE1s7/5Eg3QVzdTGyJTdGNXiV69IIEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQYf8GAAD//2ub0u0=")
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000000180)=0x80000001, 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff8000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0}, 0x68)
setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000140)=0x6, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x32, &(0x7f0000001140)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@timestamp={0x44, 0x4, 0x5e}]}}, {0x1, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)

1.737370169s ago: executing program 6 (id=3456):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendto$inet(r1, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000580)={0x2, 0x0, 0x6, 0xffffffff}, 0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8)
writev(r1, &(0x7f0000000280)=[{&(0x7f0000000200)="e8", 0x1}], 0x1)

1.554433979s ago: executing program 6 (id=3457):
r0 = memfd_create(&(0x7f0000000040)='\x02A\xbb\xcc\x96\x0e\x00\x00\x00\x00\x00\x00', 0x6)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3000002, 0x4004012, r0, 0x0)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x24020000)
syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x2000, 0x0, 0x0, 0x0, 0x0, 0x0)
ftruncate(r0, 0x0)

1.525323951s ago: executing program 0 (id=3458):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x10, &(0x7f00000014c0), 0x1, 0x79c, &(0x7f0000001500)="$eJzs3c9rHFUcAPDvbJKmptVEEGw9LQgaKN2YGlsFDxUPIlgo6Nk2bLahZpMt2U1pQqAWEbwIWjwIeunZH/Xm1R9X/Rf0IiItVdNixYNEZrPTbJpNummzSWs+H5j2vZm3efOdH++93XnsBrBj5dN/chH7I+KDJKK/sT6JiJ56qjvi6FK5mwvzxXRJYnHx9T+SepkbC/PFaHpNak8jsy8ivns34kBudb3V2bmJ0XK5NN3ID9UmzwxVZ+cOnp4cHS+Nl6YOD4+MHDry3JHezYv1rx/n9l798JWnvzz6zzuPX37/+ySOxt7GtuY4Nks+8o1j0pMewhVe3uzKtlmy3TvAXUlvza6luzz2R3901VPtab8kAHA/OR8RiwDADpNsrP+PgY7tCQCwNbLPAW4szBfTZfH89n4esdWuvRQRu5fiz55vLm3pbjyz211/Dtp3I1nxvCOJiIFNqD8fEZ9+/ebn6RIdeg4J0MrbFyLi5EA+a/+X259k1ZyFJe1PyHimjTL52/LaP9g636Tjn+eXx3/L91/u1vgnWox/elvcu3cjH7GrOb/6/s9d2YRq1pSO/17sWZ7bdrMp/oaBrkbu4fqYryc5dbpcStu2RyJiMHp60/zwOnUMXv/3+ooVXcvJbPyXHuU/L771WVp/+v9yidyV7tua3LHR2ui9xp25diHiie5W8Se3zn+yxvj3eJt1vPrCe5+stS3fiDtbVsbf+Vlli5cinorW8WeS9eYnHh6qXw5D2UXRwle/fNy3Vv3N4/90SevP3gs02cRZkCul579v/fgHkub5mtWN1/HDpf5v19p25/hbX/+nkjfq6azxODdaq00PR+xKXlu9/tDya7N8Vj6Nf/DJ1vf/etd/+p7wZJvxd1/9/Yu7j7+z0vjHNnT+N564fHOia6362zv/I/XUYGNNO+1fuzt4L8cOAAAAAAAAAAAAAAAAAAAAAAAAANqVi4i9keQKt9K5XKGw9Bvej0Vfrlyp1g6cqsxMjUX9t7IHoieXfdVlf9P3oQ43vg8/yx+6Lf9sRDwaER/1PlTPF4qV8th2Bw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADXvW+P3/1G+92713AEDH7L5jieulLdkRAGDL3Ln/BwD+b/T/ALDz6P8BYOfR/wPAzqP/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMOOHzuWLot/L8wX0/zY2dmZicrZg2Ol6kRhcqZYKFamzxTGK5XxcqlQrEw2vfSnVn+vXKmcGYmpmXNDtVK1NlSdnTsxWZmZqp04PTk6XjpR6tmyyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgfdXZuYnRcrk0LfGgJBb7l07d/bI/nU/8evDnfeuVuegy3vzEdrdMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+G/wIAAP//jfAk6A==")
chdir(&(0x7f0000000240)='./file0\x00')
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x14, &(0x7f0000000440)={[], [{@smackfsfloor={'smackfsfloor', 0x3d, '+'}}, {@appraise_type}]})
unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0)

1.227814928s ago: executing program 0 (id=3459):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f0000000140)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x5, 0x810, 0x0, {0x77359400}, {}, {0x0, 0x0, 0x1}, 0x1, @canfd={{}, 0x28, 0x0, 0x0, 0x0, "f33d8e7b847ec8b36f1107e036dd98fc469107485e371bcf5c6b77db54f3d984795c49eca9b92241dc9fc39f976ad52e581942d9fc2178681e6866aa6ef10d06"}}, 0x80}, 0x1, 0x0, 0x0, 0x40084}, 0x20000000)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000180)={'vxcan0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x100003, {0x0, 0x0, 0x0, r4, {0xb, 0xfff3}, {0x3, 0xfff9}, {0xd}}}, 0x24}}, 0x0)

1.122289835s ago: executing program 4 (id=3460):
epoll_create1(0x80000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@file={0x0, './bus\x00'}, 0x6e)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = epoll_create1(0x0)
poll(&(0x7f0000000140)=[{r2, 0x8}, {r1, 0x2cfc08c20dafc34e}], 0x2, 0x8000007)

1.103627095s ago: executing program 5 (id=3461):
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1000, 0x103)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x80800, 0x0)
r1 = signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x5]}, 0x8)
mount$9p_fd(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000240), 0x10, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
rt_sigprocmask(0x0, &(0x7f00000000c0)={[0xfffffeffffffffff]}, 0x0, 0x8)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
io_setup(0x7, &(0x7f00000005c0)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000700)=[&(0x7f00000006c0)={0x0, 0x0, 0x0, 0x8, 0x4, r2, 0x0}])

1.017968341s ago: executing program 6 (id=3462):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @remote}, 0x14)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000300)={0x11, 0x0, r3, 0x1, 0x8, 0x6, @remote}, 0x14)
syz_emit_ethernet(0x82, &(0x7f0000000340)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @empty, @val={@val, {0x8100, 0x0, 0x0, 0x2}}, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "1c00", 0x44, 0x2f, 0x0, @private0, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x88a8}, {0x0, 0x0, 0x0, 0x0, 0x100}, {}, {0x8, 0x88be, 0x1, {{0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}}}}}}}}}, 0x0)

693.147269ms ago: executing program 6 (id=3463):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

602.773805ms ago: executing program 0 (id=3464):
openat$tun(0xffffffffffffff9c, 0x0, 0x2241, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x140, 0x82)
r1 = fanotify_init(0x2, 0x1000)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x0)
fanotify_mark(r1, 0x445, 0x800002a, r2, 0x0)
r3 = fanotify_init(0x200, 0x0)
fanotify_mark(r3, 0x105, 0x40001032, r0, 0x0)
openat(r2, &(0x7f0000000100)='./file0\x00', 0x200, 0x2a)

451.671434ms ago: executing program 0 (id=3465):
setresgid(0x0, 0xee01, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20008000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DEL(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x2c, 0xb, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x4, 0x7, 0x0, 0x0}]}, 0x2c}}, 0x0)

291.873503ms ago: executing program 0 (id=3466):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c)
connect$pppl2tp(r1, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x6, @private0}}}, 0x3a)
connect$inet6(r0, &(0x7f0000000480)={0xa, 0x0, 0x4, @ipv4={'\x00', '\xff\xff', @multicast1}, 0xffe}, 0x1c)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote}, 0x1, 0x1}}, 0x2e)
sendto(r2, 0x0, 0x0, 0x4008044, 0x0, 0x0)

66.903686ms ago: executing program 0 (id=3467):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x5, 0x4, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000180)=r3, 0x4)
sendmsg$inet(r5, &(0x7f0000000100)={0x0, 0x1, 0x0}, 0x200400c0)

0s ago: executing program 5 (id=3468):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000180)={0x20, 0xff, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x2, 0x0, 0x93}, 0xe)
pselect6(0x40, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x300, 0x2, 0xfffffffffffffffe}, 0x0, &(0x7f0000000100)={0x8, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000480)={0x0, 0x3cfa, 0x800, 0x3, 0x8067}, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000440)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0, 0x0, 0x0, 0x0, {0x3}})
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)
shutdown(r0, 0x1)

kernel console output (not intermixed with test programs):

d solve the problem.
[  313.284898][T11479] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  313.328125][T11479] batman_adv: batadv0: Adding interface: batadv_slave_1
[  313.347718][T11479] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  313.442982][T11479] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  313.499262][ T9435] bond1: (slave gretap1): Releasing active interface
[  313.557111][ T9435] bond2: (slave gretap2): Releasing active interface
[  313.629744][T11580] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1975'.
[  313.707084][T11479] device hsr_slave_0 entered promiscuous mode
[  313.745476][T11479] device hsr_slave_1 entered promiscuous mode
[  313.777830][T11479] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  313.804297][T11479] Cannot create hsr debugfs directory
[  313.832682][T11587] 8021q: adding VLAN 0 to HW filter on device bond0
[  313.912821][T11587] bond0: (slave rose0): Enslaving as an active interface with an up link
[  313.982395][T11590] bond0: (slave rose0): Releasing backup interface
[  314.052409][T11599] loop1: detected capacity change from 0 to 128
[  314.212071][T11599] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  314.229930][T11599] ext4 filesystem being mounted at /23/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  314.637317][T11618] loop1: detected capacity change from 0 to 16
[  314.781895][T11618] erofs: (device loop1): mounted with root inode @ nid 36.
[  314.798028][ T9435] device hsr_slave_0 left promiscuous mode
[  314.815094][ T9435] device hsr_slave_1 left promiscuous mode
[  314.828567][T11618] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  314.851945][ T9435] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  314.865845][ T9435] batman_adv: batadv0: Removing interface: batadv_slave_0
[  314.886095][ T9435] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  314.903357][ T9435] batman_adv: batadv0: Removing interface: batadv_slave_1
[  314.936593][ T9435] device bridge_slave_1 left promiscuous mode
[  314.946570][ T9435] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.986286][ T9435] device bridge_slave_0 left promiscuous mode
[  315.001168][ T9435] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.132208][ T9435] device veth1_macvtap left promiscuous mode
[  315.135437][ T5455] Bluetooth: hci1: command 0x041b tx timeout
[  315.138372][ T9435] device veth0_macvtap left promiscuous mode
[  315.199211][ T9435] device veth1_vlan left promiscuous mode
[  315.213975][ T9435] device veth0_vlan left promiscuous mode
[  315.663330][ T9435] bond2 (unregistering): Released all slaves
[  315.708110][ T9435] bond1 (unregistering): Released all slaves
[  315.913128][ T9435] team0 (unregistering): Port device team_slave_1 removed
[  315.950651][ T9435] team0 (unregistering): Port device team_slave_0 removed
[  315.982206][ T9435] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  316.030724][ T9435] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  316.185721][ T9435] bond0 (unregistering): Released all slaves
[  316.771086][T11687] team0: Port device team_slave_1 removed
[  317.073424][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  317.079826][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  317.209821][ T5455] Bluetooth: hci1: command 0x040f tx timeout
[  317.218396][T11717] netlink: 'syz.0.2004': attribute type 12 has an invalid length.
[  317.239677][T11717] netlink: 'syz.0.2004': attribute type 29 has an invalid length.
[  317.277613][T11717] netlink: 148 bytes leftover after parsing attributes in process `syz.0.2004'.
[  317.298257][T11717] netlink: 'syz.0.2004': attribute type 2 has an invalid length.
[  317.328715][T11717] netlink: 23 bytes leftover after parsing attributes in process `syz.0.2004'.
[  317.501009][T11733] loop0: detected capacity change from 0 to 512
[  317.533884][T11479] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  317.554701][T11479] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  317.610266][T11479] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  317.679920][T11479] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  317.702318][T11733] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.2008: inode has both inline data and extents flags
[  317.750269][T11733] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.2008: couldn't read orphan inode 15 (err -117)
[  317.773102][T11733] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  318.130649][ T5291] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  318.136603][T11479] 8021q: adding VLAN 0 to HW filter on device bond0
[  318.179771][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  318.204001][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  318.243335][T11479] 8021q: adding VLAN 0 to HW filter on device team0
[  318.290984][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  318.340167][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  318.348703][ T9432] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.355881][ T9432] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.401341][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  318.410798][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  318.450368][ T9432] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.457534][ T9432] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.489930][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  318.527807][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  318.607187][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  318.637377][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  318.702127][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  318.721377][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  318.748033][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  318.774457][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  318.819431][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  318.853554][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  318.893990][T11479] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  318.930314][T11479] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  318.957458][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  318.984604][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  319.290148][ T4192] Bluetooth: hci1: command 0x0419 tx timeout
[  319.481228][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  319.488829][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  319.560702][T11479] 8021q: adding VLAN 0 to HW filter on device batadv0
[  319.679282][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  319.718900][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  319.789170][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  319.825277][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  319.880393][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  319.930201][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  319.969081][T11479] device veth0_vlan entered promiscuous mode
[  319.997026][T11479] device veth1_vlan entered promiscuous mode
[  320.127653][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  320.150393][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  320.200543][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  320.252984][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  320.296114][T11479] device veth0_macvtap entered promiscuous mode
[  320.331446][T11479] device veth1_macvtap entered promiscuous mode
[  320.427119][T11479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  320.498790][T11479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  320.539322][T11479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  320.579511][T11479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  320.619524][T11479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  320.660552][T11479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  320.701264][T11479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  320.752576][T11479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  320.801436][T11479] batman_adv: batadv0: Interface activated: batadv_slave_0
[  320.835587][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  320.853054][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  320.903267][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  320.938824][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  320.992405][T11479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  321.034946][T11479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.086041][T11479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  321.127699][T11479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.165442][T11811] loop0: detected capacity change from 0 to 40427
[  321.180858][T11479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  321.241154][T11479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.276911][T11479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  321.309560][T11479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.348574][T11479] batman_adv: batadv0: Interface activated: batadv_slave_1
[  321.371302][T11811] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  321.384129][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  321.413840][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  321.439840][T11811] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  321.463506][T11479] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  321.496338][T11479] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  321.551295][T11811] F2FS-fs (loop0): Found nat_bits in checkpoint
[  321.557065][T11479] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  321.605927][T11479] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  321.828415][T11811] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  321.849658][T11811] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  321.977337][ T9432] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  322.009767][ T9432] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  322.058324][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  322.060717][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  322.141833][T11863] kvm [11862]: vcpu0, guest rIP: 0x86c8 unimplemented MMIO_CONF_BASE wrmsr: 0x8000
[  322.153486][T11863] kvm [11862]: vcpu0, guest rIP: 0x86c8 disabled perfctr wrmsr: 0xc0010000 data 0x8000
[  322.162369][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  322.163681][T11863] kvm [11862]: vcpu0, guest rIP: 0x8028 disabled perfctr wrmsr: 0xc0010000 data 0x8000
[  322.183019][T11863] kvm [11862]: vcpu0, guest rIP: 0x8028 disabled perfctr wrmsr: 0xc0010000 data 0x8000
[  322.193014][T11863] kvm [11862]: vcpu0, guest rIP: 0x8028 disabled perfctr wrmsr: 0xc0010000 data 0x8000
[  322.202967][T11863] kvm [11862]: vcpu0, guest rIP: 0x8028 disabled perfctr wrmsr: 0xc0010000 data 0x8000
[  322.213487][T11863] kvm [11862]: vcpu0, guest rIP: 0x8028 disabled perfctr wrmsr: 0xc0010000 data 0x8000
[  322.223540][T11863] kvm [11862]: vcpu0, guest rIP: 0x8028 disabled perfctr wrmsr: 0xc0010000 data 0x8000
[  322.233457][T11863] kvm [11862]: vcpu0, guest rIP: 0x8028 disabled perfctr wrmsr: 0xc0010000 data 0x8000
[  322.243398][T11863] kvm [11862]: vcpu0, guest rIP: 0x8028 disabled perfctr wrmsr: 0xc0010000 data 0x8000
[  322.253319][T11863] kvm [11862]: vcpu0, guest rIP: 0x8028 disabled perfctr wrmsr: 0xc0010000 data 0x8000
[  322.306931][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  322.627858][T11875] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1948'.
[  322.837209][T11881] loop2: detected capacity change from 0 to 1024
[  322.913122][T11882] device gretap0 entered promiscuous mode
[  322.949727][T11882] device vlan2 entered promiscuous mode
[  323.078697][T11881] EXT4-fs (loop2): Ignoring removed bh option
[  323.104665][T11881] EXT4-fs (loop2): Ignoring removed nobh option
[  323.124908][T11881] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  323.360812][T11881] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000003,nodioread_nolock,bh,max_dir_size_kb=0x00000000004007b1,data_err=ignore,nouid32,nobh,user_xattr,nouid32,dioread_nolock,,errors=continue. Quota mode: none.
[  323.595186][T11881] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3887: comm syz.2.2038: Allocating blocks 385-513 which overlap fs metadata
[  323.730725][T11880] EXT4-fs (loop2): pa ffff88801c298d20: logic 16, phys. 129, len 24
[  323.739495][T11880] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4904: group 0, free 0, pa_free 8
[  324.939382][T11946] overlayfs: failed to clone upperpath
[  325.294212][T11954] loop2: detected capacity change from 0 to 4096
[  325.355609][T11954] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512)
[  327.067574][T12025] loop0: detected capacity change from 0 to 64
[  327.092137][T12026] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  327.277510][T12034] loop2: detected capacity change from 0 to 1024
[  327.407408][T12034] EXT4-fs (loop2): Ignoring removed bh option
[  327.465566][T12034] EXT4-fs (loop2): Ignoring removed nobh option
[  327.523903][T12034] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  327.627817][T12034] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000003,nodioread_nolock,bh,max_dir_size_kb=0x00000000004007b1,data_err=ignore,nouid32,nobh,user_xattr,nouid32,dioread_nolock,,errors=continue. Quota mode: none.
[  327.676481][T12051] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2081'.
[  327.754810][T12051] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2081'.
[  327.860480][T12051] netdevsim netdevsim8 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  327.868741][T12051] netdevsim netdevsim8 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  327.877227][T12051] netdevsim netdevsim8 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  327.885495][T12051] netdevsim netdevsim8 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  328.081108][T12051] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2081'.
[  328.103907][T12051] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2081'.
[  329.002781][T12100] netlink: 71 bytes leftover after parsing attributes in process `syz.8.2094'.
[  329.425983][T12117] overlayfs: failed to clone upperpath
[  329.786894][T12139] device batadv_slave_1 entered promiscuous mode
[  329.805048][T12139] device bridge0 entered promiscuous mode
[  329.860321][T12135] device bridge0 left promiscuous mode
[  329.866176][T12135] device batadv_slave_1 left promiscuous mode
[  330.084699][T12105] loop2: detected capacity change from 0 to 32768
[  330.345311][T12105] XFS (loop2): Mounting V5 Filesystem
[  330.501914][T12166] device gretap0 entered promiscuous mode
[  330.508476][T12166] device vlan0 entered promiscuous mode
[  330.550849][   T26] audit: type=1326 audit(1770081314.346:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12095 comm="syz.1.2092" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdaac76deb9 code=0x0
[  330.594465][T12105] XFS (loop2): Ending clean mount
[  330.611628][T12105] XFS (loop2): Quotacheck needed: Please wait.
[  330.888660][T12105] XFS (loop2): Quotacheck: Done.
[  331.002655][T12177] 9pnet: Insufficient options for proto=fd
[  331.125561][T11479] XFS (loop2): Unmounting Filesystem
[  331.518330][T12191] loop0: detected capacity change from 0 to 128
[  331.673235][T12191] EXT4-fs (loop0): mounted filesystem without journal. Opts: quota,init_itable,,errors=continue. Quota mode: writeback.
[  331.724440][T12191] ext4 filesystem being mounted at /400/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  332.307237][T12214] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2124'.
[  333.998463][T12268] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2143'.
[  334.016607][T12219] loop1: detected capacity change from 0 to 32768
[  334.055059][T12268] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2143'.
[  334.180418][T12268] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2143'.
[  334.190547][T12219] XFS (loop1): Mounting V5 Filesystem
[  334.199931][T12268] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2143'.
[  334.440899][T12219] XFS (loop1): Ending clean mount
[  334.452782][T12219] XFS (loop1): Quotacheck needed: Please wait.
[  334.622717][T12219] XFS (loop1): Quotacheck: Done.
[  334.729919][T10756] XFS (loop1): Unmounting Filesystem
[  335.629393][T12338] loop2: detected capacity change from 0 to 8
[  335.818254][T12335] loop1: detected capacity change from 0 to 32768
[  335.913170][T12335] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.2152 (12335)
[  335.942920][T12335] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  335.952006][T12335] BTRFS info (device loop1): using free space tree
[  335.958564][T12335] BTRFS info (device loop1): has skinny extents
[  336.185539][T12335] BTRFS info (device loop1): enabling ssd optimizations
[  336.832573][T12387] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2168'.
[  337.099875][T12382] 9pnet: p9_errstr2errno: server reported unknown error �@cƒF	S+¼ingult
[  337.159917][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!!
[  337.415236][T12409] loop2: detected capacity change from 0 to 32768
[  337.458400][T12400] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2170'.
[  337.526389][T12418] overlayfs: failed to clone upperpath
[  337.734064][T12424] sctp: [Deprecated]: syz.8.2176 (pid 12424) Use of int in max_burst socket option deprecated.
[  337.734064][T12424] Use struct sctp_assoc_value instead
[  337.974262][T12433] IPVS: sh: TCP [::]:0 - no destination available
[  338.237125][   T26] audit: type=1326 audit(1770081322.026:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12442 comm="syz.1.2182" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdaac76deb9 code=0x0
[  338.380748][ T4410] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  338.649681][ T4410] usb 3-1: Using ep0 maxpacket: 8
[  338.966130][ T4410] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  338.986207][ T4410] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.017420][ T4410] usb 3-1: Product: syz
[  339.036904][ T4410] usb 3-1: Manufacturer: syz
[  339.050960][ T4410] usb 3-1: SerialNumber: syz
[  339.068344][ T4410] usb 3-1: config 0 descriptor??
[  339.145975][T12490] loop1: detected capacity change from 0 to 128
[  339.197693][T12490] FAT-fs (loop1): bogus sectors per cluster 0
[  339.207272][T12490] FAT-fs (loop1): Can't find a valid FAT filesystem
[  339.379902][ T4410] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  340.730323][ T4410] dvb_usb_rtl28xxu: probe of 3-1:0.0 failed with error -71
[  340.744899][ T4410] usb 3-1: USB disconnect, device number 12
[  341.095785][T12557] Set syz1 is full, maxelem 5 reached
[  342.063230][T12597] overlayfs: failed to decode file handle (len=6, type=248, flags=0, err=-22)
[  342.456094][T12617] netlink: 'syz.8.2228': attribute type 1 has an invalid length.
[  342.501691][T12617] netlink: 'syz.8.2228': attribute type 4 has an invalid length.
[  342.519684][T12617] netlink: 9462 bytes leftover after parsing attributes in process `syz.8.2228'.
[  343.363978][T12619] loop0: detected capacity change from 0 to 131072
[  343.431029][T12619] F2FS-fs (loop0): Wrong CP boundary, start(512) end(1536) blocks(0)
[  343.439263][T12619] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  343.452398][T12619] F2FS-fs (loop0): invalid crc value
[  343.475419][T12619] F2FS-fs (loop0): Found nat_bits in checkpoint
[  343.527558][T12619] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  343.534831][T12619] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  343.669834][ T5455] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  343.697229][T12649] overlayfs: failed to clone upperpath
[  343.906962][T12655] netlink: 172 bytes leftover after parsing attributes in process `syz.4.2239'.
[  343.919609][ T5455] usb 2-1: Using ep0 maxpacket: 32
[  344.039874][ T5455] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  344.072026][ T5455] usb 2-1: New USB device found, idVendor=056a, idProduct=00b9, bcdDevice= 0.00
[  344.106794][ T5455] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.139406][ T5455] usb 2-1: config 0 descriptor??
[  344.453464][T12640] loop1: detected capacity change from 0 to 1024
[  345.174679][T12696] loop1: detected capacity change from 0 to 1024
[  345.277661][T12696] EXT4-fs (loop1): Unrecognized mount option "context=unconfined_u" or missing value
[  345.471592][T12710] overlayfs: failed to clone upperpath
[  345.830670][T12728] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2256'.
[  346.845440][ T9435] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.879946][ T5455] usbhid 2-1:0.0: can't add hid device: -71
[  346.886002][ T5455] usbhid: probe of 2-1:0.0 failed with error -71
[  346.939678][ T5455] usb 2-1: USB disconnect, device number 7
[  346.956464][T12736] loop0: detected capacity change from 0 to 32768
[  347.053301][ T9435] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.113942][   T26] audit: type=1800 audit(1770081330.906:62): pid=12736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2260" name="file1" dev="loop0" ino=4 res=0 errno=0
[  347.338902][ T9435] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.458807][ T9435] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.795141][T12787] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2274'.
[  347.913012][T12787] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2274'.
[  348.523711][T12788] chnl_net:caif_netlink_parms(): no params data found
[  348.745265][T12788] bridge0: port 1(bridge_slave_0) entered blocking state
[  348.752945][T12788] bridge0: port 1(bridge_slave_0) entered disabled state
[  348.762131][T12788] device bridge_slave_0 entered promiscuous mode
[  348.781686][T12788] bridge0: port 2(bridge_slave_1) entered blocking state
[  348.788974][T12788] bridge0: port 2(bridge_slave_1) entered disabled state
[  348.797855][T12788] device bridge_slave_1 entered promiscuous mode
[  348.915902][T12788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  348.988052][T12788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  349.109177][T12788] team0: Port device team_slave_0 added
[  349.138694][T12788] team0: Port device team_slave_1 added
[  349.156698][ T5293] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  349.246058][T12788] batman_adv: batadv0: Adding interface: batadv_slave_0
[  349.285151][T12788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  349.339612][T12788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  349.411082][T12788] batman_adv: batadv0: Adding interface: batadv_slave_1
[  349.418100][T12788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  349.495732][T12788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  349.685216][T12788] device hsr_slave_0 entered promiscuous mode
[  349.746157][T12788] device hsr_slave_1 entered promiscuous mode
[  349.785171][T12788] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  349.804272][T12788] Cannot create hsr debugfs directory
[  349.829357][ T9435] device hsr_slave_0 left promiscuous mode
[  349.842631][ T9435] device hsr_slave_1 left promiscuous mode
[  349.849217][T12842] loop0: detected capacity change from 0 to 512
[  349.857363][ T5455] Bluetooth: hci4: command 0x0406 tx timeout
[  349.860588][T12402] Bluetooth: hci2: command 0x0409 tx timeout
[  349.878668][ T9435] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  349.893760][ T9435] batman_adv: batadv0: Removing interface: batadv_slave_0
[  349.914151][ T9435] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  349.933184][ T9435] batman_adv: batadv0: Removing interface: batadv_slave_1
[  349.975526][ T9435] batman_adv: batadv0: Removing interface: ipvlan2
[  350.023051][ T9435] device bridge_slave_1 left promiscuous mode
[  350.040403][ T9435] bridge0: port 2(bridge_slave_1) entered disabled state
[  350.079776][ T9435] device bridge_slave_0 left promiscuous mode
[  350.086474][T12842] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  350.099931][T12842] ext4 filesystem being mounted at /426/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  350.189611][ T9435] bridge0: port 1(bridge_slave_0) entered disabled state
[  350.302713][ T9435] device veth1_macvtap left promiscuous mode
[  350.308835][ T9435] device veth0_macvtap left promiscuous mode
[  350.325745][ T9435] device veth1_vlan left promiscuous mode
[  350.352729][ T9435] device veth0_vlan left promiscuous mode
[  350.861940][T12848] loop2: detected capacity change from 0 to 32768
[  350.948232][   T26] audit: type=1800 audit(1770081334.736:63): pid=12848 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2285" name="file1" dev="loop2" ino=4 res=0 errno=0
[  351.411294][ T9435] team0 (unregistering): Port device team_slave_0 removed
[  351.463594][ T9435] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  351.504605][ T9435] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  351.704985][ T9435] bond0 (unregistering): Released all slaves
[  351.933934][ T8042] Bluetooth: hci2: command 0x041b tx timeout
[  352.744764][T12904] loop0: detected capacity change from 0 to 1024
[  352.988100][T12904] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  353.073137][   T26] audit: type=1800 audit(1770081336.866:64): pid=12904 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2301" name="file1" dev="loop0" ino=15 res=0 errno=0
[  353.103555][T12914] bridge0: port 3(vlan2) entered blocking state
[  353.129716][T12914] bridge0: port 3(vlan2) entered disabled state
[  353.161005][T12914] device vlan2 entered promiscuous mode
[  353.176505][T12914] bridge0: mtu less than device minimum
[  353.402833][T12788] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  353.496402][T12788] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  353.537856][T12788] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  353.577739][T12788] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  353.671858][T12944] loop0: detected capacity change from 0 to 128
[  353.877496][T12944] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,. Quota mode: none.
[  353.936751][T12944] ext4 filesystem being mounted at /434/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  354.009760][ T5455] Bluetooth: hci2: command 0x040f tx timeout
[  354.095828][T12944] EXT4-fs error (device loop0): dx_make_map:1328: inode #2: block 20: comm syz.0.2311: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[  354.129763][T12788] 8021q: adding VLAN 0 to HW filter on device bond0
[  354.168181][T12944] EXT4-fs (loop0): Remounting filesystem read-only
[  354.187321][T12944] EXT4-fs error (device loop0) in do_split:2095: Corrupt filesystem
[  354.204936][T12944] EXT4-fs (loop0): Remounting filesystem read-only
[  354.231840][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  354.241822][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  354.283410][T12788] 8021q: adding VLAN 0 to HW filter on device team0
[  354.321657][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  354.372759][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  354.432281][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[  354.439416][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  354.504787][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  354.520663][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  354.570339][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  354.599909][  T154] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.607040][  T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[  354.647668][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  354.687570][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  354.747328][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  354.789203][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  354.820498][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  354.875005][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  354.917938][T12788] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  354.947323][T12933] loop2: detected capacity change from 0 to 32768
[  354.999542][T12788] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  355.034337][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  355.078344][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  355.179229][T12933] XFS (loop2): Mounting V5 Filesystem
[  355.220195][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  355.295097][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  355.396392][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  355.459542][T12933] XFS (loop2): Ending clean mount
[  355.480921][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  355.500885][T12933] XFS (loop2): Quotacheck needed: Please wait.
[  355.687321][T12933] XFS (loop2): Quotacheck: Done.
[  355.759868][T12961] loop0: detected capacity change from 0 to 32768
[  355.906589][T12961] XFS (loop0): Mounting V5 Filesystem
[  356.007183][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  356.069954][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  356.085309][T12788] 8021q: adding VLAN 0 to HW filter on device batadv0
[  356.092816][ T4748] Bluetooth: hci2: command 0x0419 tx timeout
[  356.111540][T12961] XFS (loop0): Ending clean mount
[  356.118862][T12961] XFS (loop0): Quotacheck needed: Please wait.
[  356.187587][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  356.217616][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  356.304240][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  356.321041][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  356.357392][T12961] XFS (loop0): Quotacheck: Done.
[  356.375394][T12788] device veth0_vlan entered promiscuous mode
[  356.390958][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  356.405837][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  356.438170][T12788] device veth1_vlan entered promiscuous mode
[  356.462480][T11479] XFS (loop2): Unmounting Filesystem
[  356.487324][T12961] XFS (loop0): Unmounting Filesystem
[  356.633590][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  356.660557][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  356.709246][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  356.741137][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  356.790181][T12788] device veth0_macvtap entered promiscuous mode
[  356.816513][T12788] device veth1_macvtap entered promiscuous mode
[  356.903166][T12788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  356.930042][T12788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  356.952650][T12788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  356.981092][T12788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.016058][T12788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.047755][T12788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.094401][T12788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.134743][T12788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.166945][T12788] batman_adv: batadv0: Interface activated: batadv_slave_0
[  357.208979][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  357.235350][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  357.261722][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  357.302769][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  357.343426][T12788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.374264][T12788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.403081][T12788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.454560][T12788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.499648][T12788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.545906][T12788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.576533][T12788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.607959][T12788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.651056][T12788] batman_adv: batadv0: Interface activated: batadv_slave_1
[  357.664169][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  357.778758][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  357.811672][T12788] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  357.840868][T12788] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  357.869593][T12788] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  357.889123][T12788] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  358.245933][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  358.281995][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  358.298606][ T9432] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  358.319665][ T9432] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  358.363029][ T5293] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  358.423200][ T5293] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  358.741565][T13037] xt_hashlimit: size too large, truncated to 1048576
[  361.634860][T13184] loop2: detected capacity change from 0 to 4096
[  361.769336][T13184] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  361.939691][T13191] loop3: detected capacity change from 0 to 512
[  362.024610][T13191] EXT4-fs (loop3): Test dummy encryption mode enabled
[  362.044369][T13191] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  362.117647][T13184] Quota error (device loop2): find_block_dqentry: Quota for id 0 referenced but not present
[  362.145557][T13184] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  362.159709][T13184] EXT4-fs error (device loop2): ext4_acquire_dquot:6234: comm syz.2.2361: Failed to acquire dquot type 1
[  362.190467][T13191] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.2363: bad orphan inode 131083
[  362.234301][T13191] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable,noload,,errors=continue. Quota mode: none.
[  363.055108][T13184] EXT4-fs warning (device loop2): ext4_enable_quotas:6486: Failed to enable quota tracking (type=1, err=-5, ino=4). Please run e2fsck to fix.
[  363.128728][T13196] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  363.231863][T13196] Quota error (device loop2): find_block_dqentry: Quota for id 0 referenced but not present
[  363.247030][T13196] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  363.267391][T13196] EXT4-fs error (device loop2): ext4_acquire_dquot:6234: comm syz.2.2361: Failed to acquire dquot type 1
[  363.283257][T13196] EXT4-fs warning (device loop2): ext4_enable_quotas:6486: Failed to enable quota tracking (type=1, err=-5, ino=4). Please run e2fsck to fix.
[  365.184802][T13285] "syz.8.2384" (13285) uses obsolete ecb(arc4) skcipher
[  365.600684][T13299] bridge0: port 3(wlan1) entered blocking state
[  365.624396][T13299] bridge0: port 3(wlan1) entered disabled state
[  365.692754][T13299] device wlan1 entered promiscuous mode
[  365.733483][T13299] bridge0: port 3(wlan1) entered blocking state
[  365.739903][T13299] bridge0: port 3(wlan1) entered forwarding state
[  366.066443][T13280] chnl_net:caif_netlink_parms(): no params data found
[  366.331971][ T4734] bridge0: port 3(wlan1) entered disabled state
[  366.409296][T13280] bridge0: port 1(bridge_slave_0) entered blocking state
[  366.418002][T13280] bridge0: port 1(bridge_slave_0) entered disabled state
[  366.426944][T13280] device bridge_slave_0 entered promiscuous mode
[  366.436788][T13280] bridge0: port 2(bridge_slave_1) entered blocking state
[  366.446233][T13280] bridge0: port 2(bridge_slave_1) entered disabled state
[  366.461931][T13280] device bridge_slave_1 entered promiscuous mode
[  366.545495][T13280] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  366.568803][T13280] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  366.686533][T13280] team0: Port device team_slave_0 added
[  366.725371][T13280] team0: Port device team_slave_1 added
[  366.848729][T13280] batman_adv: batadv0: Adding interface: batadv_slave_0
[  366.887209][T13280] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  367.047493][T13280] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  367.110866][T13280] batman_adv: batadv0: Adding interface: batadv_slave_1
[  367.140286][T13280] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  367.209814][ T5453] Bluetooth: hci1: command 0x0409 tx timeout
[  367.310875][T13280] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  367.619713][T13280] device hsr_slave_0 entered promiscuous mode
[  367.641357][T13280] device hsr_slave_1 entered promiscuous mode
[  367.680285][T13280] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  367.687931][T13280] Cannot create hsr debugfs directory
[  367.845138][T13355] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  368.127504][T13362] 9pnet: p9_errstr2errno: server reported unknown error õ1 g;-‡~	
[  369.170137][T13381] 9pnet: p9_errstr2errno: server reported unknown error �è00000000000000000000004
[  369.289812][ T5453] Bluetooth: hci1: command 0x041b tx timeout
[  369.412144][T13388] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2414'.
[  369.446294][T13388] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2414'.
[  369.636258][T13401] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2419'.
[  369.671927][T13401] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2419'.
[  369.740524][T13401] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2419'.
[  369.771736][T13401] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2419'.
[  369.819820][T13280] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  369.844270][T13280] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  369.876891][T13280] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  369.904451][T13280] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  370.225990][T13280] 8021q: adding VLAN 0 to HW filter on device bond0
[  370.264568][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  370.273556][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  370.285844][T13280] 8021q: adding VLAN 0 to HW filter on device team0
[  370.298370][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  370.318361][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  370.328879][ T9435] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.336038][ T9435] bridge0: port 1(bridge_slave_0) entered forwarding state
[  370.356922][    C0] vxcan0: j1939_tp_rxtimer: 0xffff888020378400: rx timeout, send abort
[  370.363990][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  370.367714][    C0] vxcan0: j1939_xtp_rx_abort_one: 0xffff888020378400: 0x20000: (3) A timeout occurred and this is the connection abort to close the session.
[  370.380506][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  370.397906][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  370.415427][ T9435] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.422663][ T9435] bridge0: port 2(bridge_slave_1) entered forwarding state
[  370.451521][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  370.487362][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  370.522407][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  370.556037][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  370.595775][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  370.620686][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  370.650712][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  370.675279][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  370.698947][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  370.731829][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  370.746664][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  370.787572][T13280] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  370.948090][T13452] overlayfs: upper fs does not support file handles, falling back to index=off.
[  371.204791][T13464] netlink: 'syz.3.2432': attribute type 10 has an invalid length.
[  371.258889][T13468] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2432'.
[  371.339771][T13464] bridge0: port 3(wlan1) entered disabled state
[  371.369912][ T4748] Bluetooth: hci1: command 0x040f tx timeout
[  371.380342][T13464] device wlan1 left promiscuous mode
[  371.400348][T13464] bridge0: port 3(wlan1) entered disabled state
[  371.449334][T13464] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  371.561910][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  371.576314][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  371.609279][T13280] 8021q: adding VLAN 0 to HW filter on device batadv0
[  371.636637][T13480] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2434'.
[  372.115449][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  372.125432][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  372.153532][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  372.163104][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  372.184519][T13280] device veth0_vlan entered promiscuous mode
[  372.194965][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  372.214182][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  372.247568][T13280] device veth1_vlan entered promiscuous mode
[  372.356558][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  372.398709][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  372.413945][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  372.458458][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  372.478838][T13280] device veth0_macvtap entered promiscuous mode
[  372.507908][T13280] device veth1_macvtap entered promiscuous mode
[  372.584777][T13280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.619635][T13280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.639211][T13280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.659110][T13280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.683338][T13280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.706711][T13280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.718175][T13539] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  372.736676][T13280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.747871][T13280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.758228][T13280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.769164][T13280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.783687][T13280] batman_adv: batadv0: Interface activated: batadv_slave_0
[  372.801244][T13534] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2449'.
[  372.834905][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  372.853833][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  372.879416][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  372.893830][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  372.930577][T13536] netlink: 'syz.4.2450': attribute type 1 has an invalid length.
[  372.942114][T13536] netlink: 352 bytes leftover after parsing attributes in process `syz.4.2450'.
[  372.964760][T13280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.984391][T13280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.018255][T13280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  373.044786][T13280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.062831][T13280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  373.078201][T13280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.097573][T13280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  373.117993][T13280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.129337][T13280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  373.148682][T13280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.171610][T13280] batman_adv: batadv0: Interface activated: batadv_slave_1
[  373.179408][T13536] netlink: 'syz.4.2450': attribute type 1 has an invalid length.
[  373.199190][T13553] device batadv_slave_1 entered promiscuous mode
[  373.272576][T13556] device bridge0 entered promiscuous mode
[  373.330564][T13556] bridge0: port 4(macvtap1) entered blocking state
[  373.354012][T13556] bridge0: port 4(macvtap1) entered disabled state
[  373.386326][T13556] device bridge0 left promiscuous mode
[  373.449716][ T4192] Bluetooth: hci1: command 0x0419 tx timeout
[  373.475771][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  373.491501][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  373.505161][T13280] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  373.515732][T13280] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  373.534572][T13280] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  373.556534][T13280] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  373.739644][T13551] device batadv_slave_1 left promiscuous mode
[  373.799789][T13580] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off.
[  373.866796][ T9435] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.892120][T13580] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  373.919760][ T9435] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  373.945868][ T4323] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.977428][ T4323] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  374.010137][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  374.060189][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  374.909658][ T5453] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  374.922991][T13622] device ip6tnl1 entered promiscuous mode
[  374.991018][T13600] loop7: detected capacity change from 0 to 32768
[  375.026032][T13625] netlink: 'syz.0.2471': attribute type 5 has an invalid length.
[  375.271174][ T5453] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  375.302409][ T5453] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  375.429912][ T5453] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  375.439033][ T5453] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  375.506189][ T5453] usb 4-1: SerialNumber: syz
[  375.723432][T13662] __nla_validate_parse: 1 callbacks suppressed
[  375.723452][T13662] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2483'.
[  375.740951][T13663] fuse: root generation should be zero
[  375.812584][ T5453] usb 4-1: 0:2 : does not exist
[  375.855238][T13668] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2485'.
[  375.900355][ T5453] usb 4-1: USB disconnect, device number 8
[  375.913283][T13668] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2485'.
[  376.151838][ T5732] udevd[5732]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  376.455393][T13697] loop3: detected capacity change from 0 to 65
[  376.512753][T13699] Set syz1 is full, maxelem 1023 reached
[  376.609223][T13697] BFS-fs: bfs_fill_super(): NOTE: filesystem loop3 was created with 512 inodes, the real maximum is 511, mounting anyway
[  376.667618][T13704] loop7: detected capacity change from 0 to 512
[  376.769717][T13704] EXT4-fs (loop7): Ignoring removed bh option
[  376.808906][T13704] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  376.895265][T13704] EXT4-fs (loop7): 1 truncate cleaned up
[  376.902339][T13704] EXT4-fs (loop7): mounted filesystem without journal. Opts: noload,max_dir_size_kb=0x0000000000000001,bh,noload,data_err=ignore,usrjquota=,,errors=continue. Quota mode: none.
[  377.031978][T13704] EXT4-fs error (device loop7): ext4_ind_map_blocks:604: inode #12: comm syz.7.2497: Can't allocate blocks for non-extent mapped inodes with bigalloc
[  377.583173][T13739] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2506'.
[  377.753567][T13749] overlayfs: failed to clone upperpath
[  377.791923][T13749] overlayfs: failed to clone upperpath
[  378.266503][T13764] loop3: detected capacity change from 0 to 512
[  378.347859][T13764] EXT4-fs (loop3): Ignoring removed oldalloc option
[  378.466379][T13764] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,inode_readahead_blks=0x0000000000000000,lazytime,oldalloc,. Quota mode: writeback.
[  378.499271][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  378.506202][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  378.576060][T13764] ext4 filesystem being mounted at /43/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  378.627690][T13778] netlink: 2036 bytes leftover after parsing attributes in process `syz.8.2516'.
[  378.670702][T13780] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.2513: bg 0: block 217: padding at end of block bitmap is not set
[  378.671717][T13779] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.2513: bg 0: block 217: padding at end of block bitmap is not set
[  378.709530][T13780] EXT4-fs (loop3): Remounting filesystem read-only
[  378.725042][T13779] EXT4-fs (loop3): Remounting filesystem read-only
[  378.737159][T13779] EXT4-fs error (device loop3): ext4_xattr_block_set:2194: inode #15: comm syz.3.2513: bad block 33
[  378.757358][T13778] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2516'.
[  378.766691][T13779] EXT4-fs (loop3): Remounting filesystem read-only
[  379.519292][T13800] loop3: detected capacity change from 0 to 8192
[  379.939966][ T4192] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  379.954508][T13824] netlink: 32 bytes leftover after parsing attributes in process `syz.8.2528'.
[  379.990978][T13822] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2529'.
[  380.020939][T12788] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  380.050929][T13825] netlink: 32 bytes leftover after parsing attributes in process `syz.8.2528'.
[  380.074195][T12788] FAT-fs (loop3): Filesystem has been set read-only
[  380.082679][T13822] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2529'.
[  380.330627][ T4192] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  380.361971][ T4192] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  380.489922][ T4192] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  380.509571][ T4192] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  380.554163][ T4192] usb 8-1: SerialNumber: syz
[  380.863531][ T4192] usb 8-1: 0:2 : does not exist
[  380.921145][ T4192] usb 8-1: USB disconnect, device number 3
[  381.224361][ T5732] udevd[5732]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  382.160523][T13893] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2545'.
[  382.559934][T13908] netlink: 'syz.3.2549': attribute type 4 has an invalid length.
[  382.957462][T13930] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2555'.
[  384.265380][T13978] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2569'.
[  384.324515][T13978] unsupported nlmsg_type 40
[  384.642914][T13994] overlayfs: failed to clone upperpath
[  384.734326][T13999] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2575'.
[  386.696721][T14059] mmap: syz.0.2587 (14059) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  387.606950][T14081] loop3: detected capacity change from 0 to 64
[  387.879775][   T26] audit: type=1800 audit(1770081627.667:65): pid=14091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2595" name=2E02 dev="loop3" ino=22 res=0 errno=0
[  388.218103][T12788] hfs: node 4:3 still has 2 user(s)!
[  388.302628][T14106] Invalid ELF header magic: != ELF
[  388.497365][T14113] batadv_slave_0: Caught tx_queue_len zero misconfig
[  388.754751][T14124] loop3: detected capacity change from 0 to 512
[  388.885766][T14122] nbd0: detected capacity change from 0 to 549764202496
[  389.010466][T14124] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  389.042233][T14124] ext4 filesystem being mounted at /52/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  389.064367][ T4203] block nbd0: Receive control failed (result -104)
[  389.247022][T14141] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2614'.
[  389.271650][T14141] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2614'.
[  389.404174][T14146] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2616'.
[  390.171756][T14154] block device autoloading is deprecated and will be removed.
[  390.272341][   T26] audit: type=1326 audit(1770081630.067:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14166 comm="syz.3.2620" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8978de7eb9 code=0x0
[  390.496107][T14176] loop7: detected capacity change from 0 to 256
[  390.740104][T14176] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  390.985075][T14176] exFAT-fs (loop7): hint_cluster is invalid (17)
[  391.103885][T14191] exFAT-fs (loop7): error, broken FAT chain.
[  391.193412][T14191] exFAT-fs (loop7): Filesystem has been set read-only
[  391.250857][T14191] exFAT-fs (loop7): error, failed to bmap (inode : ffff8880607a8160 iblock : 16, err : -5)
[  391.352615][T14205] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  391.600513][T14210] netlink: 'syz.7.2633': attribute type 9 has an invalid length.
[  391.620179][T14210] netlink: 209836 bytes leftover after parsing attributes in process `syz.7.2633'.
[  392.255222][   T26] audit: type=1804 audit(1770081632.037:67): pid=14237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.2637" name="/newroot/27/bus/file0" dev="overlay" ino=188 res=1 errno=0
[  392.709231][T14248] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  392.779197][T14248] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  393.149288][T14266] netlink: 304 bytes leftover after parsing attributes in process `syz.8.2646'.
[  393.953941][T14291] overlayfs: failed to clone upperpath
[  394.159592][ T4413] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  394.461848][ T4413] usb 8-1: Using ep0 maxpacket: 16
[  394.600074][ T4413] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  394.646820][ T4413] usb 8-1: config 0 has no interface number 0
[  394.874134][ T4413] usb 8-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  394.946589][ T4413] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.989297][ T4413] usb 8-1: Product: syz
[  395.016417][ T4413] usb 8-1: Manufacturer: syz
[  395.067474][ T4413] usb 8-1: SerialNumber: syz
[  395.110943][ T4413] usb 8-1: config 0 descriptor??
[  395.183285][ T4413] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  395.718004][T14317] futex_wake_op: syz.8.2658 tries to shift op by 144; fix this program
[  396.214989][T14333] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  396.294528][T14333] bridge0: port 1(bridge_slave_0) entered disabled state
[  396.349213][T14333] bridge0: mtu less than device minimum
[  396.365268][T14333] device bridge_slave_1 left promiscuous mode
[  396.389145][T14333] bridge0: port 2(bridge_slave_1) entered disabled state
[  396.419782][T14333] bridge0: mtu less than device minimum
[  396.451339][T14333] bond0: (slave bond_slave_0): Releasing backup interface
[  396.546685][T14333] bond0: (slave bond_slave_1): Releasing backup interface
[  396.854261][T14333] team0: Port device team_slave_0 removed
[  396.930842][T14333] team0: Port device team_slave_1 removed
[  396.934673][ T4413] gspca_spca1528: reg_r err -71
[  396.968605][ T4413] spca1528: probe of 8-1:0.1 failed with error -71
[  397.008065][T14333] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  397.031111][ T4413] usb 8-1: USB disconnect, device number 4
[  397.060835][T14350] loop3: detected capacity change from 0 to 8
[  397.099815][T14333] batman_adv: batadv0: Removing interface: batadv_slave_0
[  397.121645][T14333] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  397.138527][T14333] batman_adv: batadv0: Removing interface: batadv_slave_1
[  397.158121][T14350] Major/Minor mismatch, older Squashfs -21500.208 filesystems are unsupported
[  397.360193][T14333] bond1: (slave gretap1): Releasing active interface
[  397.423876][T14333] device vlan2 left promiscuous mode
[  397.442898][T14333] device bridge_slave_0 left promiscuous mode
[  397.464674][T14333] bridge0: port 3(vlan2) entered disabled state
[  397.597227][T14336] team0: Mode changed to "activebackup"
[  397.883471][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!!
[  401.974565][T14412] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2685'.
[  402.090101][T14414] loop3: detected capacity change from 0 to 128
[  402.474005][T14414] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  402.583018][T14414] ext4 filesystem being mounted at /69/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  402.767656][T14414] EXT4-fs (loop3): shut down requested (2)
[  403.258990][T14446] netlink: 2028 bytes leftover after parsing attributes in process `syz.3.2691'.
[  403.286546][T14446] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2691'.
[  403.320291][T14449] netlink: 'syz.8.2696': attribute type 2 has an invalid length.
[  403.341573][T14449] netlink: 14 bytes leftover after parsing attributes in process `syz.8.2696'.
[  405.429880][T14513] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2713'.
[  405.534622][T14475] loop7: detected capacity change from 0 to 32768
[  405.690162][T14526] loop3: detected capacity change from 0 to 128
[  405.853802][T14475] XFS (loop7): Mounting V5 Filesystem
[  406.084247][T14475] XFS (loop7): Ending clean mount
[  406.112852][T14475] XFS (loop7): Quotacheck needed: Please wait.
[  406.584126][T14475] XFS (loop7): Quotacheck: Done.
[  406.846381][T14562] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2723'.
[  407.211403][T14568] netlink: 14556 bytes leftover after parsing attributes in process `syz.0.2726'.
[  407.361076][T14575] netlink: 176 bytes leftover after parsing attributes in process `syz.0.2726'.
[  407.396910][T14578] netlink: 140 bytes leftover after parsing attributes in process `syz.4.2729'.
[  407.543439][T13280] XFS (loop7): Unmounting Filesystem
[  409.191915][T14630] netlink: 'syz.0.2747': attribute type 1 has an invalid length.
[  410.891702][T14667] sctp: [Deprecated]: syz.8.2756 (pid 14667) Use of struct sctp_assoc_value in delayed_ack socket option.
[  410.891702][T14667] Use struct sctp_sack_info instead
[  411.034993][T14670] sctp: [Deprecated]: syz.8.2756 (pid 14670) Use of struct sctp_assoc_value in delayed_ack socket option.
[  411.034993][T14670] Use struct sctp_sack_info instead
[  412.615767][T14713] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2769'.
[  413.296982][T14725] loop3: detected capacity change from 0 to 128
[  413.495250][T14725] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  413.513209][T14725] ext4 filesystem being mounted at /88/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  413.757153][   T26] audit: type=1326 audit(1770081653.547:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14724 comm="syz.3.2773" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8978de7eb9 code=0x0
[  415.119858][   T26] audit: type=1326 audit(1770081654.917:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14759 comm="syz.3.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8978de7eb9 code=0x7fc00000
[  415.296830][   T26] audit: type=1326 audit(1770081654.967:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14759 comm="syz.3.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8978de7eb9 code=0x7fc00000
[  415.465858][   T26] audit: type=1326 audit(1770081654.967:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14759 comm="syz.3.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8978de7eb9 code=0x7fc00000
[  415.670812][   T26] audit: type=1326 audit(1770081654.967:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14759 comm="syz.3.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8978de7eb9 code=0x7fc00000
[  415.838200][   T26] audit: type=1326 audit(1770081654.967:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14759 comm="syz.3.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8978de7eb9 code=0x7fc00000
[  415.965661][   T26] audit: type=1326 audit(1770081654.967:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14759 comm="syz.3.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8978de7eb9 code=0x7fc00000
[  416.160196][   T26] audit: type=1326 audit(1770081654.987:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14759 comm="syz.3.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8978de7eb9 code=0x7fc00000
[  416.343344][   T26] audit: type=1326 audit(1770081654.987:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14759 comm="syz.3.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8978de7eb9 code=0x7fc00000
[  416.519571][   T26] audit: type=1326 audit(1770081654.987:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14759 comm="syz.3.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8978de7eb9 code=0x7fc00000
[  417.347664][T14812] loop3: detected capacity change from 0 to 8192
[  417.598449][T14812] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  417.656599][T14812] REISERFS (device loop3): using ordered data mode
[  417.715497][T14826] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2801'.
[  417.739629][T14812] reiserfs: using flush barriers
[  417.828052][T14812] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  417.921556][T14812] REISERFS (device loop3): checking transaction log (loop3)
[  418.003019][T14812] REISERFS (device loop3): Using r5 hash to sort names
[  418.069015][T14812] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  419.450768][ T1283] block nbd0: Possible stuck request ffff888020d28000: control (read@0,4096B). Runtime 30 seconds
[  421.190542][T14906] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2824'.
[  421.507300][T14920] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  421.554300][T14881] loop3: detected capacity change from 0 to 32768
[  421.892324][T14881] XFS (loop3): Mounting V5 Filesystem
[  422.018659][T14932] netlink: 76 bytes leftover after parsing attributes in process `syz.7.2830'.
[  422.219337][T14881] XFS (loop3): Ending clean mount
[  422.242883][T14881] XFS (loop3): Quotacheck needed: Please wait.
[  422.654253][T14881] XFS (loop3): Quotacheck: Done.
[  422.752175][T12788] XFS (loop3): Unmounting Filesystem
[  423.072472][T14965] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2840'.
[  424.239155][T15004] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2851'.
[  424.795803][T15016] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2853'.
[  425.570928][T15038] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2859'.
[  425.870532][T15044] overlayfs: failed to clone upperpath
[  426.076751][T15050] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2862'.
[  426.138988][T15050] netlink: 'syz.3.2862': attribute type 20 has an invalid length.
[  426.196838][T15050] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  426.211721][T15050] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  426.225097][T15050] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  426.237276][T15050] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  426.275302][T15050] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2862'.
[  426.335810][T15050] netlink: 'syz.3.2862': attribute type 20 has an invalid length.
[  428.082146][T15112] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2879'.
[  428.244263][T15118] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2881'.
[  428.329579][T15125] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2881'.
[  428.458484][T15129] netlink: 'syz.3.2886': attribute type 1 has an invalid length.
[  428.520738][T15129] device bond1 entered promiscuous mode
[  428.533923][T15129] 8021q: adding VLAN 0 to HW filter on device bond1
[  428.615319][T15135] bond1: (slave erspan1): making interface the new active one
[  428.704786][T15135] device erspan1 entered promiscuous mode
[  428.752730][T15135] bond1: (slave erspan1): Enslaving as an active interface with an up link
[  428.799592][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  428.825883][T15141] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2888'.
[  428.881657][T15135] syz.3.2886 (15135) used greatest stack depth: 19000 bytes left
[  429.256147][T15164] overlayfs: failed to clone upperpath
[  429.652379][T15178] netlink: 'syz.7.2887': attribute type 10 has an invalid length.
[  429.925702][T15178] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  432.161810][T15209] netlink: 'syz.0.2906': attribute type 9 has an invalid length.
[  432.208270][T15213] loop3: detected capacity change from 0 to 512
[  432.295638][T15209] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2906'.
[  432.669361][T15213] EXT4-fs (loop3): 1 orphan inode deleted
[  432.703948][T15213] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  432.849713][T15213] ext4 filesystem being mounted at /111/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  433.111227][T15213] EXT4-fs (loop3): shut down requested (0)
[  433.574456][T15233] overlayfs: failed to clone upperpath
[  434.121250][T15248] overlayfs: failed to clone upperpath
[  434.178094][T15211] loop7: detected capacity change from 0 to 32768
[  434.388570][T15211] XFS (loop7): Mounting V5 Filesystem
[  434.576356][T15211] XFS (loop7): Ending clean mount
[  434.626024][T15211] XFS (loop7): Quotacheck needed: Please wait.
[  434.772712][T15211] XFS (loop7): Quotacheck: Done.
[  435.074449][T13280] XFS (loop7): Unmounting Filesystem
[  435.450345][T15291] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2921'.
[  435.928666][T15310] overlayfs: failed to clone upperpath
[  436.029052][T15310] overlayfs: failed to clone lowerpath
[  436.757175][T15334] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  437.531665][T15357] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  437.643678][T15357] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  437.668796][T15357] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  437.728043][T15357] device bridge_slave_0 left promiscuous mode
[  437.743999][T15357] bridge0: port 1(bridge_slave_0) entered disabled state
[  437.782174][T15357] device bridge_slave_1 left promiscuous mode
[  437.817962][T15357] bridge0: port 2(bridge_slave_1) entered disabled state
[  437.865034][T15357] bond0: (slave bond_slave_0): Releasing backup interface
[  437.959271][T15357] bond0: (slave bond_slave_1): Releasing backup interface
[  438.448739][T15357] team0: Port device team_slave_0 removed
[  438.493642][T15357] team0: Port device team_slave_1 removed
[  438.510825][T15357] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  438.530923][T15357] batman_adv: batadv0: Removing interface: batadv_slave_0
[  438.571405][T15357] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  438.587114][T15357] batman_adv: batadv0: Removing interface: batadv_slave_1
[  438.624803][T15357] bond0: (slave wlan1): Releasing backup interface
[  438.711420][T15357] bond1: (slave erspan1): Releasing active interface
[  438.728350][T15357] device erspan1 left promiscuous mode
[  438.770298][T15365] kthread_run failed with err -4
[  438.866284][T15360] team0: Mode changed to "activebackup"
[  439.597473][T15416] loop7: detected capacity change from 0 to 8
[  439.702161][T15416] Major/Minor mismatch, older Squashfs -21500.208 filesystems are unsupported
[  439.939975][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  439.948865][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  440.200736][T15430] team0: Port device bond0 removed
[  440.259113][T15430] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  440.307889][T15430] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  440.602415][T15431] team0: Mode changed to "activebackup"
[  441.040583][T15455] netlink: 'syz.0.2962': attribute type 1 has an invalid length.
[  441.262458][T15455] device bond2 entered promiscuous mode
[  441.274806][T15455] 8021q: adding VLAN 0 to HW filter on device bond2
[  441.444336][T15456] bond2: (slave erspan1): making interface the new active one
[  441.589492][T15456] device erspan1 entered promiscuous mode
[  441.627304][T15456] bond2: (slave erspan1): Enslaving as an active interface with an up link
[  441.889345][  T157] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  442.349007][T15478] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2970'.
[  443.125474][T15487] tipc: Started in network mode
[  443.175639][T15487] tipc: Node identity 84e, cluster identity 4711
[  443.235292][T15487] tipc: Node number set to 2126
[  446.321883][T15545] loop3: detected capacity change from 0 to 32768
[  446.678189][T15545] XFS (loop3): Mounting V5 Filesystem
[  446.766727][T15582] ODEBUG: Out of memory. ODEBUG disabled
[  447.070333][T15545] XFS (loop3): Ending clean mount
[  447.109918][T15545] XFS (loop3): Quotacheck needed: Please wait.
[  447.206650][T15596] netlink: 7 bytes leftover after parsing attributes in process `syz.7.2998'.
[  447.566007][T15545] XFS (loop3): Quotacheck: Done.
[  447.690274][T12788] XFS (loop3): Unmounting Filesystem
[  448.601429][T15620] bridge0: port 2(bridge_slave_1) entered disabled state
[  448.611176][T15620] bridge0: port 1(bridge_slave_0) entered disabled state
[  448.811411][T15623] device bridge_slave_1 left promiscuous mode
[  448.898897][T15623] bridge0: port 2(bridge_slave_1) entered disabled state
[  448.994401][T15623] device bridge_slave_0 left promiscuous mode
[  449.029749][T15623] bridge0: port 1(bridge_slave_0) entered disabled state
[  449.540655][ T1283] block nbd0: Possible stuck request ffff888020d28000: control (read@0,4096B). Runtime 60 seconds
[  449.672038][T15648] overlayfs: failed to clone upperpath
[  449.707415][T15646] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3009'.
[  450.055260][T15658] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3012'.
[  450.532064][T15673] overlayfs: failed to clone upperpath
[  451.048055][T15695] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3024'.
[  451.170875][T15699] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3024'.
[  452.211923][T15728] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3031'.
[  452.766135][T15740] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3033'.
[  453.647538][T15763] loop7: detected capacity change from 0 to 512
[  453.896209][T15763] EXT4-fs error (device loop7): ext4_orphan_get:1400: inode #15: comm syz.7.3038: inode has both inline data and extents flags
[  453.974716][T15763] EXT4-fs error (device loop7): ext4_orphan_get:1405: comm syz.7.3038: couldn't read orphan inode 15 (err -117)
[  454.153930][T15763] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  454.752309][T15784] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3044'.
[  456.569915][T15820] loop7: detected capacity change from 0 to 512
[  456.986557][T15820] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  458.934173][T15885] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  458.970963][T15885] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  459.188846][T15850] loop3: detected capacity change from 0 to 256
[  459.388255][T15850] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  459.459710][T15850] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  459.580903][T15850] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x3537acc1, utbl_chksum : 0xe619d30d)
[  459.692215][T15850] exFAT-fs (loop3): error, invalid access to FAT (entry 0x00000005) bogus content (0xffff0000)
[  459.769871][T15850] exFAT-fs (loop3): Filesystem has been set read-only
[  459.820636][T15850] exFAT-fs (loop3): failed to initialize root inode
[  461.034691][T15945] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3081'.
[  461.129764][T15941] loop3: detected capacity change from 0 to 32768
[  461.331473][T15941] JBD2: Ignoring recovery information on journal
[  461.586070][T15941] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  461.785199][T15957] overlayfs: failed to clone upperpath
[  461.897852][   T26] kauditd_printk_skb: 25 callbacks suppressed
[  461.897871][   T26] audit: type=1800 audit(1770081701.687:103): pid=15941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3080" name="bus" dev="loop3" ino=17058 res=0 errno=0
[  462.407894][T12788] ocfs2: Unmounting device (7,3) on (node local)
[  463.390563][T15993] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  463.819741][T16006] overlayfs: failed to clone upperpath
[  466.098874][T16062] loop3: detected capacity change from 0 to 512
[  466.265014][T16066] loop7: detected capacity change from 0 to 1024
[  466.387074][T16062] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[  466.495416][T16066] EXT4-fs (loop7): Ignoring removed nobh option
[  466.528095][T16066] EXT4-fs (loop7): Ignoring removed bh option
[  466.587631][T16066] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  466.700404][T16062] EXT4-fs (loop3): 1 truncate cleaned up
[  466.752171][T16066] EXT4-fs (loop7): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  466.760237][T16062] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,grpjquota="errors=continue,noload,nombcache,usrjquota="errors=continue,usrjquota=,barrier,,errors=continue. Quota mode: writeback.
[  466.932305][   T26] audit: type=1326 audit(1770081706.727:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16075 comm="syz.0.3113" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2e60dfaeb9 code=0x0
[  467.013575][T16066] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:3887: comm syz.7.3111: Allocating blocks 385-513 which overlap fs metadata
[  467.082241][T16063] EXT4-fs (loop7): pa ffff88801c298d20: logic 16, phys. 129, len 24
[  467.107707][T16063] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:4904: group 0, free 0, pa_free 8
[  467.283535][T16082] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  467.300520][T16082] IPv6: NLM_F_CREATE should be set when creating new route
[  467.313952][T16082] IPv6: NLM_F_CREATE should be set when creating new route
[  467.610007][T12788] EXT4-fs error (device loop3): ext4_map_blocks:629: inode #2: block 4: comm syz-executor: lblock 0 mapped to illegal pblock 4 (length 1)
[  467.811791][T16087] netlink: 104 bytes leftover after parsing attributes in process `syz.7.3115'.
[  470.034731][T16146] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3133'.
[  470.145950][T16146] (unnamed net_device) (uninitialized): peer notification delay (2365) is not a multiple of miimon (6), value rounded to 2364 ms
[  470.486952][T16149] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3133'.
[  470.532632][T16149] bond3: Unable to set peer notification delay as MII monitoring is disabled
[  471.870651][T16166] chnl_net:caif_netlink_parms(): no params data found
[  471.994809][T16157] loop7: detected capacity change from 0 to 32768
[  472.181652][T16157] XFS (loop7): Mounting V5 Filesystem
[  472.257227][T16201] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3142'.
[  472.529345][T16157] XFS (loop7): Ending clean mount
[  472.664685][T16157] XFS (loop7): Quotacheck needed: Please wait.
[  472.737839][T16166] bridge0: port 1(bridge_slave_0) entered blocking state
[  472.824450][T16166] bridge0: port 1(bridge_slave_0) entered disabled state
[  472.848284][   T26] audit: type=1326 audit(1770081712.637:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.4.3146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a8cfadeb9 code=0x7ffc0000
[  472.900164][ T4410] Bluetooth: hci2: command 0x0409 tx timeout
[  472.938723][T16166] device bridge_slave_0 entered promiscuous mode
[  473.004310][T16166] bridge0: port 2(bridge_slave_1) entered blocking state
[  473.049661][T16166] bridge0: port 2(bridge_slave_1) entered disabled state
[  473.088088][   T26] audit: type=1326 audit(1770081712.727:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.4.3146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a8cfadeb9 code=0x7ffc0000
[  473.174812][T16166] device bridge_slave_1 entered promiscuous mode
[  473.366120][T16166] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  473.401978][T16157] XFS (loop7): Quotacheck: Done.
[  473.412911][   T26] audit: type=1326 audit(1770081712.727:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.4.3146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1a8cfadeb9 code=0x7ffc0000
[  473.528399][T16225] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3147'.
[  473.570129][   T26] audit: type=1326 audit(1770081712.757:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.4.3146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a8cfadeb9 code=0x7ffc0000
[  473.667307][T13280] XFS (loop7): Unmounting Filesystem
[  473.900424][T16166] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  473.936278][   T26] audit: type=1326 audit(1770081712.757:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.4.3146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a8cfadeb9 code=0x7ffc0000
[  474.206857][   T26] audit: type=1326 audit(1770081712.757:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.4.3146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1a8cfadeb9 code=0x7ffc0000
[  474.570457][   T26] audit: type=1326 audit(1770081712.757:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.4.3146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a8cfadeb9 code=0x7ffc0000
[  474.851984][   T26] audit: type=1326 audit(1770081712.757:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.4.3146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a8cfadeb9 code=0x7ffc0000
[  474.970555][ T4413] Bluetooth: hci2: command 0x041b tx timeout
[  474.993130][T16166] team0: Port device team_slave_0 added
[  475.112293][   T26] audit: type=1326 audit(1770081712.757:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.4.3146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1a8cfadeb9 code=0x7ffc0000
[  475.210732][T16166] team0: Port device team_slave_1 added
[  475.283076][   T26] audit: type=1326 audit(1770081712.757:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.4.3146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a8cfadeb9 code=0x7ffc0000
[  475.447368][T16253] netlink: 10 bytes leftover after parsing attributes in process `syz.4.3154'.
[  475.492103][T16166] batman_adv: batadv0: Adding interface: batadv_slave_0
[  475.542296][T16166] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  475.732214][T16166] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  475.845733][T16166] batman_adv: batadv0: Adding interface: batadv_slave_1
[  475.909525][T16166] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  476.139523][T16166] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  476.535519][T16268] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3149'.
[  476.686835][T16166] device hsr_slave_0 entered promiscuous mode
[  476.802582][T16166] device hsr_slave_1 entered promiscuous mode
[  476.829814][T16166] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  476.913467][T16166] Cannot create hsr debugfs directory
[  476.950257][T16278] netlink: 'syz.7.3149': attribute type 1 has an invalid length.
[  477.051157][ T4410] Bluetooth: hci2: command 0x040f tx timeout
[  477.223548][T16289] netlink: 'syz.7.3162': attribute type 5 has an invalid length.
[  479.129990][ T1326] Bluetooth: hci2: command 0x0419 tx timeout
[  479.366013][T16334] netlink: 'syz.4.3172': attribute type 13 has an invalid length.
[  479.619687][ T1283] block nbd0: Possible stuck request ffff888020d28000: control (read@0,4096B). Runtime 90 seconds
[  480.936971][T16359] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  482.094889][ T4323] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  482.211152][ T4323] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.607868][ T4323] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  482.773860][ T4323] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  483.308871][ T4323] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  483.372549][ T4323] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  483.526904][ T4323] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  483.589655][ T4323] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  483.651632][T16399] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3192'.
[  484.141622][T16405] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3195'.
[  484.316648][T16412] overlayfs: failed to clone upperpath
[  484.431267][T16166] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  484.591912][T16166] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  484.646560][T16166] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  484.783753][T16166] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  484.826362][T16420] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  485.399612][T16434] device erspan0 entered promiscuous mode
[  485.686267][T16166] 8021q: adding VLAN 0 to HW filter on device bond0
[  485.896052][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  485.957398][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  486.250769][T16166] 8021q: adding VLAN 0 to HW filter on device team0
[  486.432766][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  486.466616][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  486.493250][  T466] bridge0: port 1(bridge_slave_0) entered blocking state
[  486.526664][  T466] bridge0: port 1(bridge_slave_0) entered forwarding state
[  486.651366][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  486.726632][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  486.755692][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  486.811554][  T466] bridge0: port 2(bridge_slave_1) entered blocking state
[  486.827743][  T466] bridge0: port 2(bridge_slave_1) entered forwarding state
[  486.978334][ T4323] device hsr_slave_0 left promiscuous mode
[  487.090250][ T4323] device hsr_slave_1 left promiscuous mode
[  487.160920][ T4323] device veth1_macvtap left promiscuous mode
[  487.183574][ T4323] device veth0_macvtap left promiscuous mode
[  487.207558][ T4323] device veth1_vlan left promiscuous mode
[  487.229073][ T4323] device veth0_vlan left promiscuous mode
[  487.706627][ T4323] bond1 (unregistering): Released all slaves
[  488.089697][ T4409] Bluetooth: hci1: command 0x0406 tx timeout
[  488.304055][T16474] overlayfs: failed to clone upperpath
[  488.675363][ T4323] bond0 (unregistering): Released all slaves
[  488.799260][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  488.973683][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  489.049642][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  489.144657][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  489.333337][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  489.398310][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  489.487207][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  489.613155][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  489.706610][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  489.809905][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  489.869555][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  489.945257][T16166] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  490.754130][T16501] overlayfs: failed to clone upperpath
[  491.040238][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  491.062237][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  491.135571][T16166] 8021q: adding VLAN 0 to HW filter on device batadv0
[  492.486815][  T458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  492.562177][  T458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  492.755755][ T3563] udevd[3563]: worker [9175] /devices/virtual/block/nbd0 is taking a long time
[  492.810251][ T5293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  492.897810][ T5293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  492.971507][ T5293] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  493.062032][ T5293] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  493.153069][T16166] device veth0_vlan entered promiscuous mode
[  493.266390][T16166] device veth1_vlan entered promiscuous mode
[  493.462160][T16564] loop7: detected capacity change from 0 to 2048
[  493.489825][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  493.521775][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  493.589011][ T5732]  loop7: p3 p4 < >
[  493.629408][T16166] device veth0_macvtap entered promiscuous mode
[  493.649223][ T5732] loop7: p3 start 11362048 is beyond EOD, truncated
[  493.710151][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  493.739153][T16564]  loop7: p3 p4 < >
[  493.790291][T16564] loop7: p3 start 11362048 is beyond EOD, truncated
[  493.830273][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  493.892795][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  493.994004][T16166] device veth1_macvtap entered promiscuous mode
[  494.204249][T16166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  494.290552][T16166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  494.382607][T16166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  494.469471][T16166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  494.565901][T16166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  494.661188][T16166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  494.738936][T16166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  494.823095][T16166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  494.911311][T16166] batman_adv: batadv0: Interface activated: batadv_slave_0
[  494.962943][T16166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  495.075653][ T5732] udevd[5732]: inotify_add_watch(7, /dev/loop7p4, 10) failed: No such file or directory
[  495.088919][T16166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.257260][T16166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  495.308806][ T5732] udevd[5732]: inotify_add_watch(7, /dev/loop7p4, 10) failed: No such file or directory
[  495.418726][T16166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.499807][ T5732] udevd[5732]: inotify_add_watch(7, /dev/loop7p4, 10) failed: No such file or directory
[  495.527336][T16166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  495.595672][T16166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.707790][T16166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  495.844658][T16166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.955984][T16166] batman_adv: batadv0: Interface activated: batadv_slave_1
[  496.091983][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  496.147584][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  496.189254][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  496.303881][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  496.383697][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  496.653960][T16166] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  496.703873][T16166] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  496.806573][T16166] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  496.880995][T16166] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  497.593393][  T466] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  497.668158][  T466] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  497.729624][ T4239] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  497.885681][T16627] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3256'.
[  498.041917][ T4239] usb 8-1: Using ep0 maxpacket: 32
[  498.103093][   T26] kauditd_printk_skb: 13 callbacks suppressed
[  498.103115][   T26] audit: type=1326 audit(1770081737.898:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16635 comm="syz.0.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e60dfaeb9 code=0x7fc00000
[  498.278466][   T26] audit: type=1326 audit(1770081737.898:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16635 comm="syz.0.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2e60dfaeb9 code=0x7fc00000
[  498.461809][ T4239] usb 8-1: New USB device found, idVendor=06a2, idProduct=0003, bcdDevice=b4.8c
[  498.507393][   T26] audit: type=1326 audit(1770081737.968:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16635 comm="syz.0.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e60dfaeb9 code=0x7fc00000
[  498.608084][ T4239] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  498.630083][ T4239] usb 8-1: Product: syz
[  498.635711][ T4239] usb 8-1: Manufacturer: syz
[  498.699578][ T4239] usb 8-1: SerialNumber: syz
[  498.766019][ T4239] usb 8-1: config 0 descriptor??
[  498.810172][   T26] audit: type=1326 audit(1770081737.968:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16635 comm="syz.0.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e60dfaeb9 code=0x7fc00000
[  498.892411][ T4239] gspca_main: gspca_topro-2.14.0 probing 06a2:0003
[  499.029633][   T26] audit: type=1326 audit(1770081737.968:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16635 comm="syz.0.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e60dfaeb9 code=0x7fc00000
[  499.211322][   T26] audit: type=1326 audit(1770081737.968:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16635 comm="syz.0.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e60dfaeb9 code=0x7fc00000
[  499.333340][  T458] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  499.381451][   T26] audit: type=1326 audit(1770081737.968:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16635 comm="syz.0.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e60dfaeb9 code=0x7fc00000
[  499.458831][T16656] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3266'.
[  499.492071][  T157] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  499.555227][  T157] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  499.657065][   T26] audit: type=1326 audit(1770081737.968:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16635 comm="syz.0.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e60dfaeb9 code=0x7fc00000
[  499.713898][   T26] audit: type=1326 audit(1770081737.968:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16635 comm="syz.0.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e60dfaeb9 code=0x7fc00000
[  499.806977][T16656] 8021q: adding VLAN 0 to HW filter on device bond4
[  499.874714][   T26] audit: type=1326 audit(1770081737.968:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16635 comm="syz.0.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e60dfaeb9 code=0x7fc00000
[  499.993341][T16658] 8021q: adding VLAN 0 to HW filter on device bond0
[  500.045777][T16658] bond4: (slave bond0): Enslaving as an active interface with an up link
[  500.182579][T16660] bond4 (unregistering): (slave bond0): Releasing backup interface
[  500.292450][T16660] bond4 (unregistering): Released all slaves
[  500.391358][ T5291] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  500.502520][ T4239] gspca_topro: Sensor cx0342
[  500.749793][ T4239] usb 8-1: USB disconnect, device number 5
[  501.383086][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  501.393101][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  501.924297][T16691] loop7: detected capacity change from 0 to 2048
[  502.277335][T16697] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  505.363240][T16742] loop7: detected capacity change from 0 to 512
[  505.708923][T16742] EXT4-fs error (device loop7): ext4_orphan_get:1400: inode #15: comm syz.7.3286: iget: bad i_size value: 38620345925642
[  505.741471][T16742] EXT4-fs error (device loop7): ext4_orphan_get:1405: comm syz.7.3286: couldn't read orphan inode 15 (err -117)
[  505.836804][T16742] EXT4-fs (loop7): mounted filesystem without journal. Opts: errors=continue,delalloc,data_err=ignore,journal_ioprio=0x0000000000000002,data_err=ignore,nojournal_checksum,,errors=continue. Quota mode: writeback.
[  506.100632][T16742] EXT4-fs error (device loop7): ext4_validate_block_bitmap:429: comm syz.7.3286: bg 0: block 5: invalid block bitmap
[  506.173982][T16759] netlink: 168 bytes leftover after parsing attributes in process `syz.5.3290'.
[  506.336183][T16742] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 64 with error 28
[  506.397550][T16765] netlink: 7 bytes leftover after parsing attributes in process `syz.0.3291'.
[  506.430366][T16742] EXT4-fs (loop7): This should not happen!! Data will be lost
[  506.430366][T16742] 
[  506.662040][T16742] EXT4-fs (loop7): Total free blocks count 0
[  506.689944][T16742] EXT4-fs (loop7): Free/Dirty block details
[  506.810064][T16742] EXT4-fs (loop7): free_blocks=0
[  506.878931][T16742] EXT4-fs (loop7): dirty_blocks=65
[  506.951668][T16742] EXT4-fs (loop7): Block reservation details
[  507.004897][T16742] EXT4-fs (loop7): i_reserved_data_blocks=65
[  507.246109][  T458] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 131587 with max blocks 1 with error 28
[  507.292414][T16785] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  507.337730][  T458] EXT4-fs (loop7): This should not happen!! Data will be lost
[  507.337730][  T458] 
[  507.788824][T16797] loop7: detected capacity change from 0 to 128
[  508.093617][T16797] EXT4-fs (loop7): Unrecognized mount option "subj_type=tmpfs" or missing value
[  509.201169][T16815] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3303'.
[  509.670591][ T5291] tipc: Subscription rejected, illegal request
[  509.700900][ T1283] block nbd0: Possible stuck request ffff888020d28000: control (read@0,4096B). Runtime 120 seconds
[  509.801202][T16829] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3306'.
[  512.068364][T16863] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3312'.
[  512.139551][T16863] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3312'.
[  513.116057][T16881] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3316'.
[  513.808751][T16898] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  514.021151][T16900] netlink: 'syz.0.3321': attribute type 10 has an invalid length.
[  514.411946][T16912] loop7: detected capacity change from 0 to 2048
[  514.519646][ T5732] Dev loop7: RDB in block 1 has bad checksum
[  514.567378][T16912] Dev loop7: RDB in block 1 has bad checksum
[  514.680331][T16922] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3327'.
[  514.732223][ T4267] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  515.044286][ T4267] usb 6-1: Using ep0 maxpacket: 32
[  515.200278][ T4267] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[  515.239757][ T4267] usb 6-1: config 0 has no interface number 0
[  515.428547][T16938] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3330'.
[  515.450621][ T4267] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  515.491414][ T4267] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  515.539458][ T4267] usb 6-1: Product: syz
[  515.568234][ T4267] usb 6-1: Manufacturer: syz
[  515.581010][ T4267] usb 6-1: SerialNumber: syz
[  515.627087][ T4267] usb 6-1: config 0 descriptor??
[  515.678035][    C0] vcan0: j1939_tp_rxtimer: 0xffff888022da4800: rx timeout, send abort
[  515.693583][ T4267] smsc95xx v2.0.0
[  516.140179][ T4267] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  516.185802][ T4267] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  516.713791][T16956] chnl_net:caif_netlink_parms(): no params data found
[  516.957569][T16956] bridge0: port 1(bridge_slave_0) entered blocking state
[  516.969755][T16956] bridge0: port 1(bridge_slave_0) entered disabled state
[  516.988520][T16956] device bridge_slave_0 entered promiscuous mode
[  517.002493][T16956] bridge0: port 2(bridge_slave_1) entered blocking state
[  517.013636][T16956] bridge0: port 2(bridge_slave_1) entered disabled state
[  517.024763][T16956] device bridge_slave_1 entered promiscuous mode
[  517.091385][T16956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  517.114172][T16956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  517.229234][T16956] team0: Port device team_slave_0 added
[  517.285035][T16956] team0: Port device team_slave_1 added
[  517.348133][T16956] batman_adv: batadv0: Adding interface: batadv_slave_0
[  517.359573][ T4267] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000104: -71
[  517.380749][T16956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  517.430632][ T4267] smsc95xx: probe of 6-1:0.67 failed with error -71
[  517.451715][ T4267] usb 6-1: USB disconnect, device number 12
[  517.483466][T16956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  517.509328][T16983] device erspan0 entered promiscuous mode
[  517.532729][T16985] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3339'.
[  517.547930][T16985] device erspan0 left promiscuous mode
[  517.647672][T16956] batman_adv: batadv0: Adding interface: batadv_slave_1
[  517.681292][T16956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  517.745030][T16956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  517.862849][T16956] device hsr_slave_0 entered promiscuous mode
[  517.901172][T16956] device hsr_slave_1 entered promiscuous mode
[  517.979663][T16956] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  518.017881][T17003] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3346'.
[  518.065697][T16956] Cannot create hsr debugfs directory
[  518.089764][ T4239] Bluetooth: hci5: command 0x0409 tx timeout
[  518.198100][T17003] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3346'.
[  518.246055][T17010] loop5: detected capacity change from 0 to 2048
[  518.475032][T17010] EXT4-fs (loop5): mounted filesystem without journal. Opts: nobarrier,noinit_itable,i_version,init_itable,,errors=continue. Quota mode: none.
[  518.506671][T17010] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  518.871806][T17038] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3352'.
[  519.094865][T17045] device gre0 entered promiscuous mode
[  519.228376][T16956] netdevsim netdevsim6 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  519.429542][T16956] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.513917][T17050] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3356'.
[  519.602647][T16956] netdevsim netdevsim6 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  519.660341][T16956] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.746634][T16956] netdevsim netdevsim6 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  519.810038][T16956] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.864891][T17075] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3362'.
[  519.894768][T17075] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3362'.
[  519.942468][T16956] netdevsim netdevsim6 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  519.979132][T16956] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  520.022590][T17077] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3362'.
[  520.179968][ T4748] Bluetooth: hci5: command 0x041b tx timeout
[  520.425339][T16956] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  520.624562][T16956] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  520.723460][T16956] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  520.783803][T16956] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  520.858197][T17111] loop7: detected capacity change from 0 to 512
[  520.989948][T17111] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[  520.998784][T17111] EXT4-fs (loop7): inline encryption not supported
[  521.288545][T17111] EXT4-fs error (device loop7): ext4_do_update_inode:5222: inode #16: comm syz.7.3371: corrupted inode contents
[  521.370057][T17111] EXT4-fs error (device loop7): ext4_dirty_inode:6058: inode #16: comm syz.7.3371: mark_inode_dirty error
[  521.409987][T17111] EXT4-fs error (device loop7): ext4_do_update_inode:5222: inode #16: comm syz.7.3371: corrupted inode contents
[  521.446716][T17111] EXT4-fs error (device loop7): __ext4_ext_dirty:183: inode #16: comm syz.7.3371: mark_inode_dirty error
[  521.466799][T17136] overlayfs: failed to clone upperpath
[  521.492192][T16956] 8021q: adding VLAN 0 to HW filter on device bond0
[  521.499904][T17111] EXT4-fs error (device loop7): ext4_do_update_inode:5222: inode #16: comm syz.7.3371: corrupted inode contents
[  521.561655][  T458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  521.577406][T17111] EXT4-fs error (device loop7) in ext4_orphan_del:303: Corrupt filesystem
[  521.591642][  T458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  521.604711][T17111] EXT4-fs error (device loop7): ext4_do_update_inode:5222: inode #16: comm syz.7.3371: corrupted inode contents
[  521.662813][T17111] EXT4-fs error (device loop7): ext4_truncate:4279: inode #16: comm syz.7.3371: mark_inode_dirty error
[  521.682059][T16956] 8021q: adding VLAN 0 to HW filter on device team0
[  521.718564][T17111] EXT4-fs error (device loop7) in ext4_process_orphan:345: Corrupt filesystem
[  521.739252][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  521.765780][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  521.778871][T17111] EXT4-fs (loop7): 1 truncate cleaned up
[  521.796985][ T9435] bridge0: port 1(bridge_slave_0) entered blocking state
[  521.805189][ T9435] bridge0: port 1(bridge_slave_0) entered forwarding state
[  521.817983][T17111] EXT4-fs (loop7): mounted filesystem without journal. Opts: resuid=0x0000000000000000,nomblk_io_submit,dioread_nolock,noblock_validity,norecovery,inlinecrypt,,errors=continue. Quota mode: writeback.
[  521.884296][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  521.909578][T17111] ext4 filesystem being mounted at /152/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  521.932802][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  521.980496][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  522.023194][ T9435] bridge0: port 2(bridge_slave_1) entered blocking state
[  522.032361][ T9435] bridge0: port 2(bridge_slave_1) entered forwarding state
[  522.094904][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  522.125492][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  522.168962][  T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  522.221137][  T157] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  522.250037][ T8042] Bluetooth: hci5: command 0x040f tx timeout
[  522.275898][T17111] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3371'.
[  522.276087][  T157] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  522.330165][  T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  522.371092][  T157] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  522.402766][  T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  522.440216][  T157] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  522.487557][T16956] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  522.530182][T16956] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  522.610791][  T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  522.644576][  T157] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  522.675572][T17160] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  522.802276][T17160] device batadv_slave_0 entered promiscuous mode
[  523.319555][  T157] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  523.335024][  T157] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  523.389622][T16956] 8021q: adding VLAN 0 to HW filter on device batadv0
[  524.168163][T17215] 9pnet: p9_errstr2errno: server reported unknown error ��n$Ž[#

“

[  524.219874][  T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  524.238581][  T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  524.318543][ T5293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  524.337391][ T5293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  524.347070][ T5455] Bluetooth: hci5: command 0x0419 tx timeout
[  524.385300][ T5293] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  524.416343][ T5293] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  524.449274][T16956] device veth0_vlan entered promiscuous mode
[  524.622356][T17237] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3393'.
[  524.873141][T16956] device veth1_vlan entered promiscuous mode
[  524.956671][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  524.978976][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  525.025036][T16956] device veth0_macvtap entered promiscuous mode
[  525.061344][T16956] device veth1_macvtap entered promiscuous mode
[  525.149172][T17249] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3396'.
[  525.322261][T16956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  525.358054][T16956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  525.405436][T16956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  525.437646][T16956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  525.479042][T16956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  525.518578][T16956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  525.569299][T16956] batman_adv: batadv0: Interface activated: batadv_slave_0
[  525.637692][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  525.662806][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  525.693231][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  525.746546][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  525.821153][T16956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  525.839741][T16956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  525.889469][T16956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  525.913773][T16956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  525.926017][T16956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  525.946100][T16956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  525.967082][T16956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  525.989320][T16956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  526.012614][T16956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  526.038601][T16956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  526.101021][T16956] batman_adv: batadv0: Interface activated: batadv_slave_1
[  526.174137][  T458] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  526.185303][  T458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  526.217713][T16956] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  526.249667][T16956] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  526.285354][T16956] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  526.310400][T16956] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  526.640686][ T9432] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  526.663829][ T9432] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  526.786089][ T5293] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  526.829316][T17312] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3413'.
[  526.830573][ T9432] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  526.876377][ T9432] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  526.954984][T17312] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3413'.
[  526.992725][ T9435] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  527.331121][T17319] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  527.436072][T17319] wlan1: mtu greater than device maximum
[  527.801029][T17335] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3417'.
[  528.291066][T17335] team0: Port device team_slave_0 removed
[  528.708860][ T4323] device hsr_slave_0 left promiscuous mode
[  528.793804][ T4323] device hsr_slave_1 left promiscuous mode
[  528.833302][ T4323] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  528.850499][ T4323] batman_adv: batadv0: Removing interface: batadv_slave_0
[  528.883508][ T4323] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  528.920517][ T4323] batman_adv: batadv0: Removing interface: batadv_slave_1
[  528.963182][ T4323] device bridge_slave_1 left promiscuous mode
[  528.992772][ T4323] bridge0: port 2(bridge_slave_1) entered disabled state
[  529.035420][ T4323] device bridge_slave_0 left promiscuous mode
[  529.065876][ T4323] bridge0: port 1(bridge_slave_0) entered disabled state
[  529.188258][ T4323] device veth1_macvtap left promiscuous mode
[  529.214696][ T4323] device veth0_macvtap left promiscuous mode
[  529.233834][ T4323] device veth1_vlan left promiscuous mode
[  529.248048][ T4323] device veth0_vlan left promiscuous mode
[  530.595416][ T4323] team0 (unregistering): Port device team_slave_1 removed
[  530.673757][ T4323] team0 (unregistering): Port device team_slave_0 removed
[  530.710874][ T4323] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  530.820818][ T4323] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  531.123748][ T4323] bond0 (unregistering): Released all slaves
[  531.268737][T17370] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3425'.
[  532.002285][T17434] loop7: detected capacity change from 0 to 1024
[  532.052932][T17434] EXT4-fs (loop7): Ignoring removed bh option
[  532.073265][T17434] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  532.204437][T17434] EXT4-fs (loop7): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000003,nodioread_nolock,bh,max_dir_size_kb=0x00000000004007b1,data_err=ignore,nouid32,noblock_validity,user_xattr,minixdf,dioread_nolock,,errors=continue. Quota mode: none.
[  532.518397][T17432] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:3887: comm syz.7.3442: Allocating blocks 497-513 which overlap fs metadata
[  532.557376][T17432] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:3887: comm syz.7.3442: Allocating blocks 497-513 which overlap fs metadata
[  532.576500][T17432] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:3887: comm syz.7.3442: Allocating blocks 497-513 which overlap fs metadata
[  532.593746][T17432] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:3887: comm syz.7.3442: Allocating blocks 497-513 which overlap fs metadata
[  532.615115][T17434] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:3887: comm syz.7.3442: Allocating blocks 497-513 which overlap fs metadata
[  532.683377][T17434] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:3887: comm syz.7.3442: Allocating blocks 497-513 which overlap fs metadata
[  532.928950][T17470] loop5: detected capacity change from 0 to 512
[  533.091520][T17470] EXT4-fs (loop5): Test dummy encryption mode enabled
[  533.129818][T17470] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  533.153444][T17470] EXT4-fs (loop5): SIPHASH is not a valid default hash value
[  533.258678][T17485] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  533.689706][T17492] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3459'.
[  534.650184][   T27] INFO: task udevd:9175 blocked for more than 143 seconds.
[  534.658227][   T27]       Not tainted syzkaller #0
[  534.689790][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  534.749540][   T27] task:udevd           state:D stack:24720 pid: 9175 ppid:  3563 flags:0x00004002
[  534.790858][   T27] Call Trace:
[  534.800748][   T27]  <TASK>
[  534.807111][   T27]  __schedule+0x11ef/0x43c0
[  534.819636][   T27]  ? release_firmware_map_entry+0x190/0x190
[  534.826420][   T27]  ? preempt_schedule+0xbc/0xd0
[  534.923021][   T27]  ? preempt_schedule_common+0xa5/0xd0
[  534.928913][   T27]  ? release_firmware_map_entry+0x190/0x190
[  534.979772][   T27]  ? preempt_schedule+0xbc/0xd0
[  534.989709][   T27]  ? schedule_preempt_disabled+0x20/0x20
[  535.007160][   T27]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  535.033191][   T27]  ? lock_chain_count+0x20/0x20
[  535.049484][   T27]  schedule+0x11b/0x1e0
[  535.065876][   T27]  io_schedule+0x7c/0xd0
[  535.081137][   T27]  wait_on_page_bit_common+0x83b/0xe50
[  535.109558][   T27]  ? wait_on_page_bit+0x50/0x50
[  535.133478][   T27]  ? blkdev_fallocate+0x4d0/0x4d0
[  535.156900][   T27]  ? rcu_lock_release+0x20/0x20
[  535.191718][   T27]  ? add_to_page_cache_lru+0x2a8/0x4a0
[  535.233874][   T27]  do_read_cache_page+0xb05/0x1030
[  535.271217][   T27]  read_part_sector+0xd4/0x4f0
[  535.299816][   T27]  ? vsnprintf+0x14e/0x1c20
[  535.325528][   T27]  adfspart_check_ICS+0xc3/0xe40
[  535.361772][   T27]  ? vsnprintf+0x1b21/0x1c20
[  535.419736][   T27]  ? adfspart_check_ADFS+0x840/0x840
[  535.450814][   T27]  ? snprintf+0xe5/0x140
[  535.482421][   T27]  ? vscnprintf+0x80/0x80
[  535.508123][   T27]  bdev_disk_changed+0x933/0x16c0
[  535.539506][   T27]  ? blk_drop_partitions+0x1b0/0x1b0
[  535.549476][   T27]  ? _atomic_dec_and_lock+0x8f/0x110
[  535.555211][   T27]  blkdev_get_whole+0x2f9/0x390
[  535.589544][   T27]  blkdev_get_by_dev+0x2d0/0xa60
[  535.646239][   T27]  blkdev_open+0x12d/0x2c0
[  535.676654][   T27]  ? block_ioctl+0xf0/0xf0
[  535.713908][   T27]  do_dentry_open+0x7ff/0xf80
[  535.736779][   T27]  path_openat+0x26f5/0x2fa0
[  535.749545][   T27]  ? verify_lock_unused+0x140/0x140
[  535.769530][   T27]  ? slab_post_alloc_hook+0x4c/0x380
[  535.786293][   T27]  ? do_filp_open+0x410/0x410
[  535.802692][   T27]  do_filp_open+0x1e2/0x410
[  535.820091][   T27]  ? vfs_tmpfile+0x300/0x300
[  535.824971][   T27]  ? _raw_spin_unlock+0x24/0x40
[  535.850831][   T27]  ? alloc_fd+0x598/0x630
[  535.855503][   T27]  do_sys_openat2+0x150/0x4b0
[  535.892864][   T27]  ? __lock_acquire+0x7d10/0x7d10
[  535.898276][   T27]  ? do_sys_open+0xe0/0xe0
[  535.918745][   T27]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  535.949435][   T27]  ? lock_chain_count+0x20/0x20
[  535.964940][   T27]  ? vtime_user_exit+0x2c8/0x3e0
[  535.979446][   T27]  __x64_sys_openat+0x135/0x160
[  535.999480][   T27]  do_syscall_64+0x4c/0xa0
[  536.004925][   T27]  ? clear_bhb_loop+0x30/0x80
[  536.031814][   T27]  ? clear_bhb_loop+0x30/0x80
[  536.038975][   T27]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  536.057685][   T27] RIP: 0033:0x7f6a6a464407
[  536.082562][   T27] RSP: 002b:00007ffd41c07c60 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[  536.111854][   T27] RAX: ffffffffffffffda RBX: 00007f6a6a376880 RCX: 00007f6a6a464407
[  536.132197][   T27] RDX: 00000000000a0800 RSI: 00005595bf573520 RDI: ffffffffffffff9c
[  536.162636][   T27] RBP: 00005595bf572910 R08: 0000000000000000 R09: 0000000000000000
[  536.193274][   T27] R10: 0000000000000000 R11: 0000000000000202 R12: 00005595bf5fd7e0
[  536.223625][   T27] R13: 00005595bf58a410 R14: 0000000000000000 R15: 00005595bf5fd7e0
[  536.250663][   T27]  </TASK>
[  536.256835][   T27] 
[  536.256835][   T27] Showing all locks held in the system:
[  536.295981][   T27] 1 lock held by khungtaskd/27:
[  536.315870][   T27]  #0: ffffffff8c31eaa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30
[  536.349969][   T27] 2 locks held by getty/3948:
[  536.366515][   T27]  #0: ffff88814cc86098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  536.402240][   T27]  #1: ffffc900025e62e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x5df/0x1a70
[  536.452858][   T27] 3 locks held by kworker/0:4/4192:
[  536.474433][   T27]  #0: ffff888016c70938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x761/0x1010
[  536.511336][   T27]  #1: ffffc90002f7fd00 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_one_work+0x79f/0x1010
[  536.547958][   T27]  #2: ffffffff8c323528 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x2d1/0x750
[  536.583508][   T27] 3 locks held by kworker/u4:6/4323:
[  536.602099][   T27] 2 locks held by kworker/0:16/4748:
[  536.624471][   T27]  #0: ffff888016c72138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x761/0x1010
[  536.651069][   T27]  #1: ffffc90003f1fd00 ((work_completion)(&rew.rew_work)){+.+.}-{0:0}, at: process_one_work+0x79f/0x1010
[  536.692807][   T27] 1 lock held by udevd/9175:
[  536.709176][   T27]  #0: ffff888020774518 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x157/0xa60
[  536.752409][   T27] 2 locks held by syz.8.3268/16678:
[  536.771144][   T27] 2 locks held by syz.6.3457/17482:
[  536.790817][   T27] 1 lock held by syz.4.3460/17500:
[  536.807394][   T27] 
[  536.819186][   T27] =============================================
[  536.819186][   T27] 
[  536.848863][   T27] NMI backtrace for cpu 0
[  536.853840][   T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0
[  536.861509][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  536.874470][   T27] Call Trace:
[  536.878146][   T27]  <TASK>
[  536.882150][   T27]  dump_stack_lvl+0x188/0x250
[  536.887394][   T27]  ? show_regs_print_info+0x20/0x20
[  536.893153][   T27]  ? load_image+0x400/0x400
[  536.898448][   T27]  ? tick_nohz_tick_stopped+0x7b/0xb0
[  536.904601][   T27]  ? nmi_cpu_backtrace+0x1b2/0x3d0
[  536.910476][   T27]  nmi_cpu_backtrace+0x3a2/0x3d0
[  536.916711][   T27]  ? nmi_trigger_cpumask_backtrace+0x280/0x280
[  536.922953][   T27]  ? _printk+0xda/0x130
[  536.927549][   T27]  ? load_image+0x400/0x400
[  536.932539][   T27]  ? load_image+0x400/0x400
[  536.937601][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  536.944088][   T27]  nmi_trigger_cpumask_backtrace+0x163/0x280
[  536.951202][   T27]  watchdog+0xe0f/0xe50
[  536.956189][   T27]  kthread+0x436/0x520
[  536.960492][   T27]  ? hungtask_pm_notify+0x40/0x40
[  536.966425][   T27]  ? kthread_blkcg+0xd0/0xd0
[  536.972336][   T27]  ret_from_fork+0x1f/0x30
[  536.977179][   T27]  </TASK>
[  536.981448][   T27] Sending NMI from CPU 0 to CPUs 1:
[  536.987475][    C1] NMI backtrace for cpu 1
[  536.987492][    C1] CPU: 1 PID: 17500 Comm: syz.4.3460 Not tainted syzkaller #0
[  536.987510][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  536.987521][    C1] RIP: 0010:___might_sleep+0x0/0x610
[  536.987546][    C1] Code: ff 49 89 fc 4c 89 f7 89 d5 41 89 f5 e8 69 27 6a 00 4c 89 e7 44 89 ee 89 ea e9 50 ff ff ff 66 2e 0f 1f 84 00 00 00 00 00 66 90 <55> 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 81 ec e0 00
[  536.987562][    C1] RSP: 0018:ffffc90004157c98 EFLAGS: 00000246
[  536.987578][    C1] RAX: ffffffff87da3497 RBX: 0000000000000000 RCX: ffff88801ad93b80
[  536.987591][    C1] RDX: 0000000000000000 RSI: 0000000000000b12 RDI: ffffffff8b1e4ec0
[  536.987602][    C1] RBP: ffffc90004157e50 R08: ffffffff8d89d8af R09: 1ffffffff1b13b15
[  536.987616][    C1] R10: dffffc0000000000 R11: fffffbfff1b13b16 R12: 1ffff9200082afa0
[  536.987629][    C1] R13: 000000000000de1c R14: 00002000000000c0 R15: dffffc0000000000
[  536.987642][    C1] FS:  00007f1a8b1e86c0(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[  536.987658][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  536.987670][    C1] CR2: 0000200000378030 CR3: 000000006300f000 CR4: 00000000003506e0
[  536.987686][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  536.987696][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  536.987707][    C1] Call Trace:
[  536.987714][    C1]  <TASK>
[  536.987720][    C1]  do_recvmmsg+0x56f/0x850
[  536.987759][    C1]  ? __sys_recvmmsg+0x290/0x290
[  536.987787][    C1]  ? __lock_acquire+0x7d10/0x7d10
[  536.987815][    C1]  __x64_sys_recvmmsg+0x195/0x250
[  536.987837][    C1]  ? do_recvmmsg+0x850/0x850
[  536.987858][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  536.987881][    C1]  do_syscall_64+0x4c/0xa0
[  536.987898][    C1]  ? clear_bhb_loop+0x30/0x80
[  536.987915][    C1]  ? clear_bhb_loop+0x30/0x80
[  536.987933][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  536.987951][    C1] RIP: 0033:0x7f1a8cfadeb9
[  536.987980][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  536.987994][    C1] RSP: 002b:00007f1a8b1e8028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  536.988010][    C1] RAX: ffffffffffffffda RBX: 00007f1a8d229090 RCX: 00007f1a8cfadeb9
[  536.988023][    C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000004
[  536.988034][    C1] RBP: 00007f1a8d01bc1f R08: 0000000000000000 R09: 0000000000000000
[  536.988045][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  536.988055][    C1] R13: 00007f1a8d229128 R14: 00007f1a8d229090 R15: 00007ffe80519828
[  536.988077][    C1]  </TASK>
[  537.301301][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[  537.308580][   T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0
[  537.316731][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  537.328059][   T27] Call Trace:
[  537.331786][   T27]  <TASK>
[  537.335502][   T27]  dump_stack_lvl+0x188/0x250
[  537.340806][   T27]  ? show_regs_print_info+0x20/0x20
[  537.346294][   T27]  ? load_image+0x400/0x400
[  537.351376][   T27]  panic+0x2e5/0x810
[  537.355672][   T27]  ? schedule_preempt_disabled+0x20/0x20
[  537.361686][   T27]  ? bpf_jit_dump+0xd0/0xd0
[  537.366960][   T27]  ? nmi_trigger_cpumask_backtrace+0x260/0x280
[  537.373861][   T27]  watchdog+0xe4e/0xe50
[  537.378582][   T27]  kthread+0x436/0x520
[  537.382848][   T27]  ? hungtask_pm_notify+0x40/0x40
[  537.388187][   T27]  ? kthread_blkcg+0xd0/0xd0
[  537.393186][   T27]  ret_from_fork+0x1f/0x30
[  537.398328][   T27]  </TASK>
[  537.402030][   T27] Kernel Offset: disabled
[  537.406895][   T27] Rebooting in 86400 seconds..