last executing test programs:

10.605258874s ago: executing program 1 (id=1632):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r3 = socket(0x2, 0x3, 0x6)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, 0x0, 0x0)
sendto$inet(r3, 0x0, 0x0, 0x24000040, &(0x7f0000000340)={0x2, 0x0, @remote}, 0x10)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f00000009c0)={[{@noload}, {@noauto_da_alloc}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@noload}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1}}, {@nouid32}]}, 0xff, 0x47b, &(0x7f0000000540)="$eJzs3MtvVFUYAPDvTl+Uh62IDxC0ikbio6XluXCD0cSFJia6wLiqbUGkUKU1EUIUXeDSkLg3Lk38C1zpxqgrE7e6NySEsAFNTMbcO/dOh2Gm7XRKpzK/X3LhnLmnc8537z0z554zMwF0rZH0nyRia0T8ERFDleztBUYq/926cXHq7xsXp5Iol9+8nmTlbt64OFUULf5uSyVTLuf5gQb1Xn4nYnJ2duZcnh9bOPPB2Pz5Cy+cOjN5cubkzNmJo0cPHtjTf3ji0OqD619MpnHd3PXJ3O6dr7595fWp41fe/eW7tL1b8/21cbRX06KRytFt6Ok2KtuIttWkk94ONoSW9EREerr6sv4/FD0xWN03FK983tHGAXdVuVwuN3p/zl0qA/ewJDrdAqAzijf69P632NZp6LEhXDsW8eGRSvy38q2ypzdKeZm+uvvbtTQSEccv/fN1ukX78xAAAMv64VhEPN9o/FeKh2rK3ZevoQxHxP0RsT0iHoiIHRHxYERW9uGIeKTF+utXSO4c/5SuriqwFUrHfy/ma1vV8d+/5Sz+3HBPntuWxd+XnDg1O7M/Pyb7om8gzY8vUcePL//+ZbN9teO/dEvrL8aCFaWrvXUTdNOTC5Nthl117bOIXb118WeSKJZxkojYGRG7WnrmxTuMU89+u7tZqeXjX8IarDOVv4l4pnL+L0Vd/IWk6frk+JHDE4fGNsXszP6x4qq406+/XX6jWf1txb8G0vO/uf76z1TjH042Rcyfv3A6W6+db72Oy39+0fSeZrXXf3/yVpYuFl4/nlxYODce0Z+8dufjE4t/W+SL8mn8+/Y2ir8U22NT9Ug8GhHpRbwnIh6LiMfztj8REU9GxN4l4v/5pafebz3+gXx17u5K459e7vxH7flvPdFz+qfvW4+/kJ7/g1lqX/7ISl7/VtrAdo4dAAAA/F+Uss/AJ6XRarpUGh2tfIZ/R2wuzc7NLzx3Yu6js9OVz8oPR1+pmOkaqpkPHc/nhov8RF3+QD5v/FXPYJYfnZqbne508NDltjTp/6m/7v70I9Bp2TraYKdbAXTCkuvoXhfgnub72tC99H/oXvo/dK9G/f/TDrQDWH+1/X+og+0A1p/xP3Qv/R+6l/4PXanpd+NLbX3lv2sT722JWNMnvJ7/jMpGCbCaiNLtjyTLXVEz5+Z7Y4M0vpoYjA3RjKUSvSv+MYtVJgYa7urwCxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAa+S8AAP//A7vthw==")
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x389492, 0x0, 0xfd, 0x0, &(0x7f0000000140))
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f00000003c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@volatile}]})
umount2(&(0x7f0000000040)='./file0\x00', 0x0)
getpid()
timer_create(0x1, 0x0, &(0x7f0000bbdffc))
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f00000006c0)={{0x3, 0x3, 0xfb4, 0x3, 0xfffffffc}})
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000001c0)=[{&(0x7f0000002500)=""/4113, 0x1011}], 0x1)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x0, 0x1}, 0x20)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

9.814654623s ago: executing program 0 (id=1637):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000180)={[{@nombcache}, {@resgid}, {@norecovery}, {@commit={'commit', 0x3d, 0x5}}, {@nombcache}]}, 0x8, 0x5fc, &(0x7f00000004c0)="$eJzs3c1vVFUbAPDn3n7Svu/bQt6ouJAmxkCitLSAIcZE2BOCHztXlRaCFEpojRZJLAluTIwbFyauXIj/hZK4deHWhRtXhoQYw0IMkTF3em+ZTmdKv+aDmd8vufSce5l7zi08fe6cnnMngK41lv2RRuyPiKtJxEjFsd7ID46t/L37f944l21JlEpv/5HEjU+S5cpzJfnX4fzF/4xE8nMasa9nfbsLS9cvTc/NzV7L6xOLl69OLCxdP3zx8vSF2QuzV6ZenTpx/NjxE5NHdnR9pVxWPn3r/Q9HPjvz7rdfP0wmv/v1TBIn41Het+y6ql87sKOWs+/ZWNH+g8r92ff1xA7P3S7+Gin+nzyWVO+gbZ2PiCzC+iLi2RiJnop/zZH49M2Wdg5oqFLyOEcC3SbZVvwP7n5HgCYr7gOK9/a13gevlzb4rgRohnunVgakVmK/LyKK+O9dGRuMwfLYwND9ZM04T5KPG+xU1sZPP565lW1RZxwOaIzlm8Uod3X+T8qxORqD5drQ/XRN/KcVW7b/rW22P1ZVF//QPMs3I+K5PP/3x5bif6wi/t/bZvviHwAAAAAAAHbPnVMR8Uqt+X/p6vyf/hrzf4Yj4uQutP/k3/+ld/NCsgvNARXunYp4veb839U5vqM9ee2/5fkAfcn5i3OzRyLifxFxKPoGsvpk1XkrZwgf/nzfV/Xar5z/l21Z+8VcwPxMd3urFuLOTC9O7/S6gYh7NyOeL8//PZDvWTv/J8v/SY38n8X31U22se+l22frHXty/AONUvom4mDN/P/4djvZ+PkcE+X7gYnirmC9Fz7+4vt67Yt/aJ0s/w9tHP8DSeXzeha2dv7+iDi61Fuqd3y79//9yTs9xfkzH00vLl6bjOhPTq/fP7W1PkOnKuKhiJcs/g+9uPH43+r9f0Uc7omI5U22+cyj4d/qHZP/oXWy+J/ZOP+Prs3/Wy9M3R79oV77ZzeV/4+Vc/qhfI/xP6i0/nkcmw3QlnQXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5yaUT8J5J0fLWcpuPjEcMR8f8YSufmFxZfPj//wZWZ7Fj58//T4pN+R1bqSfH5/6MV9amq+tGI2BsRX/bsKdfHz83PzbT64gEAAAAAAAAAAAAAAAAAAKBNDJfX/JcGqtf/Z37vaXXvgIbrzb+Kd+g+vdt+ZWlgVzsCNN324x942m0+/vsa2g+g+erH/4OHpbKmdgdoIvf/0L22Gf9+XQAdQP6HbrXJMb3BRvcDaAX5HwAAAAAAOsreA3d+SSJi+bU95S3Tnx8z2R86W9rqDgAtYw4vdK/e+Vb3AGgV7/GBZLX0d83F/vVn/yeN6RAAAAAAAAAAAAAAsM7B/db/Q7faeP2/uf3QyTZY/18r+D0uADpI/Y/+kPuh03mPDzwp21v/DwAAAAAAAAAAAABtYPD6pem5udlrC0tPX+GN9ujG1grL023RjV0tPGrMmfsioj0usNmF4hEcLexGi38uAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAq/4NAAD//yOCL58=")
socket$netlink(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0xd, 0x8d}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
arch_prctl$ARCH_GET_XCOMP_GUEST_PERM(0x1024, 0x0)
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000100)=ANY=[], &(0x7f00000000c0)='GPL\x00'}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r3, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0xfffffffffffffffc, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffc0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)
epoll_pwait(0xffffffffffffffff, &(0x7f0000000140)=[{}], 0x1, 0x2d516fb6, 0x0, 0x0)
epoll_wait(0xffffffffffffffff, &(0x7f0000000040)=[{}], 0x1, 0x400)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="080000000400"], 0x48)
r4 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000080)={0x8, 0x6, 0x2}, 0x10)
write(r4, &(0x7f0000000480)="1c0000001a009b8a140000003b000000000000000000000000000000fda35065733173ae72a0d270d958f739b6d44c893b03599f77a332b446ea93568ae2ff534952656c6a18b6c0fdcec321127ee28705f2496eb43654255c5cc688f71db82bab173f4e19361ac01c1b0a2d2229993c8308ab7721e4c33c5fc214cd64a17d552a0fa33011d3ccceb56738a8c7e690d5843333a2a6d60f38798d000000003991f3787269de5382929be107a698db9edbc0257c0bb0205084640cc1c859d69828feab5d0ac72f62c0bf387044a185428df3ab4cc2525d41adb01c8c13c71b6a98dac98f678e2472d5a6a8a5b2f69ac595a8bea681e962033baf38e57deb", 0xfd)
recvmmsg(r4, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})

8.696795262s ago: executing program 1 (id=1638):
socket$inet6_udp(0xa, 0x2, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet(0x2, 0x1, 0x100)
statx(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x100, 0x2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, r1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = fsopen(&(0x7f0000000280)='ext4\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, 0x0, &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0xc3, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2031}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x2}]}, @IFLA_GROUP={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20048054}, 0x0)

8.696376022s ago: executing program 4 (id=1639):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, 0x0, &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb}, 0x94)
r3 = socket$inet6(0xa, 0x80002, 0x0)
r4 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x80)
r6 = openat$cgroup_procs(r5, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000001c00), 0x12)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r7, 0x8982, &(0x7f00000023c0)={0x0, 'vlan1\x00', {}, 0xef})
ioctl$KVM_GET_MSRS_cpu(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000100)={0x1, 0x0, [{0xcd}]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8922, &(0x7f0000000140)={'vlan1\x00', @random="02000000002b"})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85823d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2ba9c29faa38c409d32b6b7d6cf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e933119c5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fa62fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120bed64069dcf82d3e5e0361e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a1000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0daca8d4c1090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000004f9e02a3b51a97c4b1c1b411cc6bee2a56f29c55a6aac46a0cfc318fae02922a403431d4e5a4396cad2c8dd34037bc041a2ba1505ba2c4889122ca04e85881aad5f8bfc12e6741872aad21bf5301cd4c607ef50a991c410f7c60e45b5c193f813a36d841165b91b5e170f6ba24558df57145eb8142a6ed87c6d5cbae3e52d569996604669a6e9ca1a3689c795970b4bcd00881faff52a6766fafa07ed7d4a49f47d34fd76a394adcb33a270b6a14e74bca7c2ea92dd845d3f774fde1bbea911c1ea76d52f7912e2597e6a33380647ed44956730b5b84662b8e659124379c0d86b1d28fdfa3cd2013103e3048c4ad4f5a4dcd133b2fc8fae3b51e4433cee7c08e67c7d7ed4432045e10f8718e5c163b1704fa2c707b61a1a9f63edfceff1a0cd7baf4a15b2fd607a09d398d73243bdcc664fbd5f582e48af2a18b02f0184a7bdd95ac78241e6749e74b152702333c56588375f806f10578eaae329c4f8dfb83e5524e2c9aa59ce7828bd1f146b2a4150fb2a8ced08e2ffac81e921e8a6f0071361a0acdbd125fb5f5e9ffe98e38508582a496afd30ca460dbfca77915a18b7b9ef6c1d6e13bc12fe43063cfecfafb05bf2339ad61533fbf3e410b403182742fa2d40c402cb83c2fef46a36f17c1abf97b0e2d114bd1472ab4207aa060f9e5d91c4a4911b1a1df47b858be141ab3386f26f561df35678489dc1b9f10eee1b2ab3dfdaedd7e06ff8a127f1743fcb32d7f80d40aebc1ea72edc348f5f9ba4bace97db948c24c679c74cd4336a7233d836082bb0e8b013bd1ee3612cd43cd2a3cb83754bb3408"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x8, 0x1000000}, 0xfffffedf, 0x10, &(0x7f0000000040), 0xeafcf7e0, 0x0, 0xffffffffffffffff, 0xd}, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r10, 0x1, 0x32, &(0x7f00000000c0)=r9, 0x4)
sendmsg$inet(r11, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000200)="1648", 0x2}], 0x1}, 0x850)

7.686593188s ago: executing program 4 (id=1640):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000340)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mount(0x0, 0x0, &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x7, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="850000009e000000620a00ff0000000061008c0500000000950000000000000018100000", @ANYRES32, @ANYBLOB="000000000000000005000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)

7.655060749s ago: executing program 3 (id=1641):
r0 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x1c9a82, 0x20)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xbc44)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000240)={[{@noblock_validity}, {}, {@sysvgroups}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@grpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket(0x10, 0x803, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
fchmod(0xffffffffffffffff, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, 0x0, 0x0)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000400)=@filter={'filter\x00', 0x2, 0x4, 0x3b8, 0xffffffff, 0xd0, 0xd0, 0xd0, 0xfeffffff, 0xffffffff, 0x2e8, 0x2e8, 0x2e8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@remote, @mcast1, [], [0xff000000], 'macsec0\x00', 'bond_slave_0\x00', {}, {}, 0x0, 0x0, 0x2}, 0x2f2, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x6}}}, {{@uncond, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "ddabf53d9b1435965491f6531877000001e770b667f10900000000000000e3121114449fd20ba2be6e45cae72a972f25170163232ed996b4789b9d00"}}}, {{@uncond, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@ah={{0x30}, {[0x4d4, 0x4d6], 0x1, 0x3, 0x3}}]}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x418)
chmod(&(0x7f0000000380)='./file1\x00', 0x122)
sendfile(r0, r1, 0x0, 0xe3aa6e6)

7.653087759s ago: executing program 2 (id=1642):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000080)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000180)="aabb", 0x2}], 0x1}}], 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb0100180000000000000010d6b365a5cc2c4d3b025841000000100000000300000001000000000000"], 0x0, 0x2b, 0x0, 0x5}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f000001a240)=""/102400, 0x19000, 0x1000000000)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))

6.790566049s ago: executing program 0 (id=1643):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000080)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000180)="aabb", 0x2}], 0x1}}], 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb0100180000000000000010d6b365a5cc2c4d3b025841000000100000000300000001000000000000"], 0x0, 0x2b, 0x0, 0x5}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f000001a240)=""/102400, 0x19000, 0x1000000000)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x810}, 0x20000080)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000c80)=ANY=[@ANYBLOB='\f\a\x00\x00', @ANYRES16=0x0, @ANYBLOB="080027bd7000fddbdf25390000000c009900030000007500000098025a8028000080110002000e0b294419424f0e3e2c29221b000000100001000902166c4803183660183016180000801400030002000a999f790f143efee3a947b3fd29f677000b000f00b9000000050001006c00008005000700000000000500040002000000140003006600020002000002ff7f07000500750f1400050004000200010404004909010102004000050007000100000014000300000109000d001c0301004000030008001400030009000101c6f900000000b305960004002c0003802800020051494d14161a184e1b154b33143841413a500f0a060f51252956202f0b42292c1931024c48000280140005000500070009000900090010f010000600050004000000000028000200391217251701061a103e521735571b150431211914284947410a1e4f442f4138284b231c4400008013000100060660060b011b0416480506481b1700050004000000000008000200480837180500070000000000140003005a9008080c0005001000ff0006000900ac00038014000200291a451d065648130812043a3a54311a05000600020000000500060001000000050004000000000005000600000000000500070001000000090002002d4e00411d0000004e0002003d2731473d351a1036120b4740300b2f021f3c401d2e224916014b3d2451394102240425423c38100227083c3d562b553b4d3e1d0b183e53393f47433c3d1c453f2938073246384d1c340000050004000100000005000600010000003c000080050006000100000005000700020000001400030002000600070060270800e500030005001400050001800800010000000800050005000700480002801400050007000100ff070000920c000009007859140005000500020000010800040000000100feff0500040000000000140005000000040001b9050001000500c6310700d8025a80580003801d00010030040b0201180b0c120002041b0c0b300b240c606c7405050400000014000500000405002008080008000800ff030000050004000000000006000100246c0000070002001e2d4c0005000400010000003800018032000200281c0f23243b13532a310f02424d352449562a4f56304e17182045373d561e2b2c201102140c1b50514b4f2337010000a400038005000600010000001600010016480b0204300c091b09123005480401240400000500040002000000140003000700e30009000f00ff0f060008000800140003000200040006000300ff03dee700fc2b0014000500940000000300010000007f00050004000500060001000000340002002631392a4101003d254940470824541f161f3b0926570152474801180d24032141141d2226503d1a422b384c0f120c3018000280140005000400080003000800ff010002000409002000008014000500000008000700faff010008000300090005000400010000008400038043000200300e3738092912412d512b1f4b4d213412481d421a28194050202156431c2b0f37094548332f514b332f0820033129031f3d3a40374c490f01091801344a2300140005008000c1000f00050003000080550b090014000500018008000800040008000600588f06001400050003000500050006000500ff010e005a0648000280130001001b24020202360204006024020b690300160001000541060c36013600161b6c0605060b003006000005000700020000000500060002000000050002000900000074000180050004000200000014000500ce009167060002000004ff03060000000500060001000000050006000200000041000200503b2d0419394929513b130a16015138494b540c084f533310533c470a1a31000f0f1a57404d280c570d4c0b4d0220011f380235491046415734084b1f0000002800028006000200520900000a0001001203024801120000050007000200000005000600010000007c015a8018000080140005009f0f02007f000a00000807000b00420028000180050007000000000005000600000000001400050002000700ef00b70402000900550000003c00008014000300a200050005b60400050006008100010005000700020000000500060001000000130001000482160c2402364806130312000c0000c00003800500040001000000310002003b051f31493208340e0b2601093d01382835535132471b354d49415339134846550544081210492a503935400c00000005000700010000001200010001024802030b186000360b484830000014000500ffff09000b00060000000d0030060300140003000000070001000600ce0501000104040014000500cb5e060006004a0000005b0dff0f020028000200274a544255251f3b44050442470f1b142e533b2b54430101382d1103264e4619312f20193c00008005000700020000000500060002000000140005000004060021fb0900000004000600800014000500ffbfadfd85dd5084844464e7875b1c3dd1ecff3d1cd1b7a2a3110ba009e2d2"], 0x70c}, 0x1, 0x0, 0x0, 0x44}, 0x8880)
r4 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
request_key(&(0x7f0000000100)='asymmetric\x00', &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000180)='asymmetPic@\xe6u\x18\x8f\x8d\xd0\xb9\xb4d\x97\xee\x9bY\xb3\xa0dI$(\xed\x98S\xdcB\xdf\x99J\x9c&#m\xd0\xb0\x134m\xa7se\x8fvS\x84:\"-\x94\x84\xbd\xf4X\xf2F6\xe44\x1f\xa7f\x82\xd7aLt@%a\x8a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xb4\xc6m39\x9e)\xa5\xe7\xdb\xdc\xb3\xb6\x1f\x1d5\x13\xde\xab\x86\xf5`S<\xd5\xc7@-X0\xa9\xe4l\xab\xf0}\xf0\xeaco\x85kM\x8a<Z\x02\xfc\xb6E\x8c&\f\xb4)l\x93\xb8\xb1\xcfK\x0e\xben \xc3\xc5xH\xa5\t\xcc\"\xcd\xe2\xbb>S\x1bZ\xa1\xba\xb4E\xbc', r4)
add_key$keyring(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, r4)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect={0x0, 0x5517, 0xffffffffffffffec})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x10, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000028000000bca30000000000003403000040feffff720af0ff0000000071a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000e6114440000000000db430000000000007a0a00fe0000001f61141c0000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000000c0), 0x10}, 0x94)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0066000e0600000034e803e18b7123eb50af618f5bc1d31d54d4ceb28d6424ff8678e53a9d9aa294c1635d6514706667ba3fef", @ANYRES16, @ANYBLOB="010000000000000000000c000000180003801400038010000180050002000000000004000300200001801400020076657468305f746f5f626f6e640000000800030003000000"], 0x4c}}, 0x0)

6.78691592s ago: executing program 3 (id=1644):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x6e23, 0x7ffe, @mcast2, 0x9}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x0, 0x0, {0xa, 0x4e21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}, 0x32)
r2 = timerfd_create(0x0, 0x0)
r3 = timerfd_create(0x0, 0x80000)
timerfd_settime(r3, 0x3, &(0x7f000000b000)={{}, {0x0, 0x989680}}, 0x0)
timerfd_settime(r2, 0x3, &(0x7f0000000440)={{0x0, 0x3938700}}, 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c09425, &(0x7f0000000380)={"b8e50a31a002b94fcd8fc4db3056309d", 0x0, 0x0, {0x7, 0x100}, {0xffffffffffffff7f, 0x5}, 0x51, [0x7, 0x3, 0xe, 0x2, 0x9, 0x8, 0xd8e, 0x7fc0000, 0x5, 0x0, 0x6, 0x3, 0x5, 0x49, 0xfffffffffffffffe, 0xc]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0xffffffffffffff7c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee7, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x94)
epoll_create(0x5)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000200)='./file0\x00', 0xc8d0, &(0x7f0000000280)=ANY=[], 0x1, 0x314, &(0x7f0000000600)="$eJzs3M9rE1sUwPGTNEnTlHayeLzHE6QX3ehmaONeDNKCNGCpjfgDxGkz0ZAxKZlQiYhtV25ciH+Ei9JldwXtP9CNO1du3HUjuLALcSQzkx9tE1vTpLH2+4Eyh7n3zNybacK5AzM7d14/yWdtPWuUJRhVEhAR2RWJS1BqAv426MYRabYil4e/fjx/6+696WQqNTmr1FRy7kpCKTU69u7p8yG/2+agbMcf7HxJfN7+d/v/nR9zj3O2ytmqUCwrQ80XP5WNectUmZyd15WasUzDNlWuYJslr91ZFrFMlbWKi4sVZRQyI7HFkmnbyihUVN6sqHJRlUsVZTwycgWl67oaiQkOk16bnTWSHSYvdHkw6JFSKWkMiMjQgZb0Wl8GBAAA+sqv/+vVfrBa0ndS/4emk6mQv7NR/69f2CoP394Y9ev/zUi1/hdpqv8fNo5lqkywXv9HRaRR/xe99UG36/+DFdHp9mrvxRHHqYeRVv2PVf/jlKjW/zH/++tavb8+7gbU/wAAAAAAAAAAAAAAAAAAAAAAnAa7jqM5jqN52wF/r6MNikjUfYLEa+/zMNEje69/44/rfzY0XtwRGhWxXi6ll9Le1u+wJSKWmDIumnx3/x981TiyotxOqiou761lP395Ke39liSzknPzJ0ST+P58x5m6kZqcUJ69+WGJNecnRJN/Wucn9ueHq9uIXLrYlK+LJh8WpCiWZPwn42r5LyaUun4zte/8Q24/AAAAAAD+Brqqq6/fB5vb9YPt3vrYa/fW1yFpfX/AW1+Pt1zfh+RcqF+zBgAAAADgbLErz/KGZZmlHgWrItLjU7QJajM8albtBblt+gQk0K6pC0Ht5J2lV8fWtfGEj/SJBTsa6ljkNy9Ky6B226hdH5np5MiOJnLcz/C/N2+//bqPd2dM5CgHvLoRPWSmnQaRw2YaPrEfIAAAAAAnplH01/Zc6++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4g07iVXz9niMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwp/gZAAD//8mG/kg=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x103a42, 0x32)

5.62951285s ago: executing program 0 (id=1645):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x80002, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(0xffffffffffffffff, 0x0, 0x80)
r5 = openat$cgroup_procs(r4, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f0000001c00), 0x12)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85823d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2ba9c29faa38c409d32b6b7d6cf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e933119c5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fa62fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120bed64069dcf82d3e5e0361e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a1000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0daca8d4c1090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000004f9e02a3b51a97c4b1c1b411cc6bee2a56f29c55a6aac46a0cfc318fae02922a403431d4e5a4396cad2c8dd34037bc041a2ba1505ba2c4889122ca04e85881aad5f8bfc12e6741872aad21bf5301cd4c607ef50a991c410f7c60e45b5c193f813a36d841165b91b5e170f6ba24558df57145eb8142a6ed87c6d5cbae3e52d569996604669a6e9ca1a3689c795970b4bcd00881faff52a6766fafa07ed7d4a49f47d34fd76a394adcb33a270b6a14e74bca7c2ea92dd845d3f774fde1bbea911c1ea76d52f7912e2597e6a33380647ed44956730b5b84662b8e659124379c0d86b1d28fdfa3cd2013103e3048c4ad4f5a4dcd133b2fc8fae3b51e4433cee7c08e67c7d7ed4432045e10f8718e5c163b1704fa2c707b61a1a9f63edfceff1a0cd7baf4a15b2fd607a09d398d73243bdcc664fbd5f582e48af2a18b02f0184a7bdd95ac78241e6749e74b152702333c56588375f806f10578eaae329c4f8dfb83e5524e2c9aa59ce7828bd1f146b2a4150fb2a8ced08e2ffac81e921e8a6f0071361a0acdbd125fb5f5e9ffe98e38508582a496afd30ca460dbfca77915a18b7b9ef6c1d6e13bc12fe43063cfecfafb05bf2339ad61533fbf3e410b403182742fa2d40c402cb83c2fef46a36f17c1abf97b0e2d114bd1472ab4207aa060f9e5d91c4a4911b1a1df47b858be141ab3386f26f561df35678489dc1b9f10eee1b2ab3dfdaedd7e06ff8a127f1743fcb32d7f80d40aebc1ea72edc348f5f9ba4bace97db948c24c679c74cd4336a7233d836082bb0e8b013bd1ee3612cd43cd2a3cb83754bb3408"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x8, 0x1000000}, 0xfffffedf, 0x10, &(0x7f0000000040), 0xeafcf7e0, 0x0, 0xffffffffffffffff, 0xd}, 0x48)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

5.222666475s ago: executing program 3 (id=1646):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1208002, &(0x7f0000000100)={[{@grpquota}, {@delalloc}, {@resuid}, {@debug}, {@dioread_nolock}, {}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
sched_setscheduler(0x0, 0x1, &(0x7f00000001c0)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$msdos(&(0x7f00000006c0), &(0x7f0000000280)='./file0\x00', 0xc0, &(0x7f0000000080)=ANY=[@ANYBLOB="646f74732c6e66732c71756965742c6e6f646f74732c636865636b3d7374726963742c6e66733d7374616c655f72772c646f74732c6572726f72733d636f6e74696e7565008000000000000074732c00"], 0x1, 0x246, &(0x7f00000002c0)="$eJzs3TFu01AcBvB/2rQNZaAzYrDEwlQBN7BQkBCWkII8wISlwtIiJHcxTDkGZ+BIHKNTNyNqixS3MFRu3ca/nxT5Uz45eW/Jy/Be8uHR58ODL8ef6p/fYzZLYhqxjNOIvdiIzWhM2uvGWd6O85YBANw1i0WRDj0GejS5+FRZpsVWROxcaPIfNzMoAAAAAAAAAAAA+mb/PwCMj/3/668s02K3/f72N/v/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOGc1vWD+j+PoccHAPTP+g8A42P9B4Dxsf4DwPi8fff+dZpl80WSzCJOllVe5c216V++yuZPkzN7q7tOqirfanM2f9b0Sbffbe9/fmm/HU8eN/3v7sWbrNPvxMF1Tx4AAAAAAAAAAAAAAAAAAABuif3kj875/s2m3/9X36Rzvw/QOb8/jYfTG5sGAAAAAAAAAAAAAAAAAAAA3GnHX78dFkdHH0thpOH+JdW9uMILzuI2TEfoKQz9yQQAAAAAAAAAAAAAAAAAAOOzOvQ79EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDir//+/vtB9z0lMhpksAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsNZ+BQAA///TbZE4")
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@empty, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x0, 0x1, 0x4e24, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xff}, {}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x2}, 0x0, 0x32}, 0x0, @in=@remote, 0x0, 0x4}}, 0xe8)
connect$pppl2tp(r3, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x4, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x32)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

5.127038149s ago: executing program 4 (id=1647):
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x88c81, 0x0)
syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./bus\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x41, 0x14fe, &(0x7f0000001c00)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x101042, 0x80)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW2(r2, 0x402c542c, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
mmap(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x1000001, 0x11, 0xffffffffffffffff, 0xffffc000)
writev(r3, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@ipv4_newrule={0x1c, 0x20, 0x301, 0xffffffff, 0x25dfdbfe, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x2}}, 0x1c}}, 0x0)

5.067977831s ago: executing program 2 (id=1648):
r0 = socket(0x10, 0x2, 0x0)
write(r0, &(0x7f0000000480)="1c0000001a009b8a140000003b000000000000000000000000000000fda35065", 0x20)
recvmmsg(r0, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})

5.031282492s ago: executing program 1 (id=1649):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000180)={[{@nombcache}, {@resgid}, {@norecovery}, {@commit={'commit', 0x3d, 0x5}}, {@nombcache}]}, 0x8, 0x5fc, &(0x7f00000004c0)="$eJzs3c1vVFUbAPDn3n7Svu/bQt6ouJAmxkCitLSAIcZE2BOCHztXlRaCFEpojRZJLAluTIwbFyauXIj/hZK4deHWhRtXhoQYw0IMkTF3em+ZTmdKv+aDmd8vufSce5l7zi08fe6cnnMngK41lv2RRuyPiKtJxEjFsd7ID46t/L37f944l21JlEpv/5HEjU+S5cpzJfnX4fzF/4xE8nMasa9nfbsLS9cvTc/NzV7L6xOLl69OLCxdP3zx8vSF2QuzV6ZenTpx/NjxE5NHdnR9pVxWPn3r/Q9HPjvz7rdfP0wmv/v1TBIn41Het+y6ql87sKOWs+/ZWNH+g8r92ff1xA7P3S7+Gin+nzyWVO+gbZ2PiCzC+iLi2RiJnop/zZH49M2Wdg5oqFLyOEcC3SbZVvwP7n5HgCYr7gOK9/a13gevlzb4rgRohnunVgakVmK/LyKK+O9dGRuMwfLYwND9ZM04T5KPG+xU1sZPP565lW1RZxwOaIzlm8Uod3X+T8qxORqD5drQ/XRN/KcVW7b/rW22P1ZVF//QPMs3I+K5PP/3x5bif6wi/t/bZvviHwAAAAAAAHbPnVMR8Uqt+X/p6vyf/hrzf4Yj4uQutP/k3/+ld/NCsgvNARXunYp4veb839U5vqM9ee2/5fkAfcn5i3OzRyLifxFxKPoGsvpk1XkrZwgf/nzfV/Xar5z/l21Z+8VcwPxMd3urFuLOTC9O7/S6gYh7NyOeL8//PZDvWTv/J8v/SY38n8X31U22se+l22frHXty/AONUvom4mDN/P/4djvZ+PkcE+X7gYnirmC9Fz7+4vt67Yt/aJ0s/w9tHP8DSeXzeha2dv7+iDi61Fuqd3y79//9yTs9xfkzH00vLl6bjOhPTq/fP7W1PkOnKuKhiJcs/g+9uPH43+r9f0Uc7omI5U22+cyj4d/qHZP/oXWy+J/ZOP+Prs3/Wy9M3R79oV77ZzeV/4+Vc/qhfI/xP6i0/nkcmw3QlnQXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5yaUT8J5J0fLWcpuPjEcMR8f8YSufmFxZfPj//wZWZ7Fj58//T4pN+R1bqSfH5/6MV9amq+tGI2BsRX/bsKdfHz83PzbT64gEAAAAAAAAAAAAAAAAAAKBNDJfX/JcGqtf/Z37vaXXvgIbrzb+Kd+g+vdt+ZWlgVzsCNN324x942m0+/vsa2g+g+erH/4OHpbKmdgdoIvf/0L22Gf9+XQAdQP6HbrXJMb3BRvcDaAX5HwAAAAAAOsreA3d+SSJi+bU95S3Tnx8z2R86W9rqDgAtYw4vdK/e+Vb3AGgV7/GBZLX0d83F/vVn/yeN6RAAAAAAAAAAAAAAsM7B/db/Q7faeP2/uf3QyTZY/18r+D0uADpI/Y/+kPuh03mPDzwp21v/DwAAAAAAAAAAAABtYPD6pem5udlrC0tPX+GN9ujG1grL023RjV0tPGrMmfsioj0usNmF4hEcLexGi38uAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAq/4NAAD//yOCL58=")
socket$netlink(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0xd, 0x8d}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
arch_prctl$ARCH_GET_XCOMP_GUEST_PERM(0x1024, 0x0)
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000100)=ANY=[], &(0x7f00000000c0)='GPL\x00'}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r4, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0xfffffffffffffffc, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffc0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f0000010640)={'sit0\x00', &(0x7f00000001c0)=@ethtool_cmd={0x2b, 0x5, 0x2, 0x0, 0x8, 0x3, 0x3, 0xfc, 0x0, 0xfc, 0x0, 0x0, 0x0, 0xff, 0x0, 0x45, [0x0, 0x89ff]}})
epoll_pwait(0xffffffffffffffff, &(0x7f0000000140)=[{}], 0x1, 0x2d516fb6, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="080000000400"], 0x48)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000080)={0x8, 0x6, 0x2}, 0x10)
write(0xffffffffffffffff, &(0x7f0000000480)="1c0000001a009b8a140000003b000000000000000000000000000000fda35065733173ae72a0d270d958f739b6d44c893b03599f77a332b446ea93568ae2ff534952656c6a18b6c0fdcec321127ee28705f2496eb43654255c5cc688f71db82bab173f4e19361ac01c1b0a2d2229993c8308ab7721e4c33c5fc214cd64a17d552a0fa33011d3ccceb56738a8c7e690d5843333a2a6d60f38798d000000003991f3787269de5382929be107a698db9edbc0257c0bb0205084640cc1c859d69828feab5d0ac72f62c0bf387044a185428df3ab4cc2525d41adb01c8c13c71b6a98dac98f678e2472d5a6a8a5b2f69ac595a8bea681e962033baf38e57deb", 0xfd)
recvmmsg(0xffffffffffffffff, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})

4.900986766s ago: executing program 2 (id=1650):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, 0x0, &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb}, 0x94)
r3 = socket$inet6(0xa, 0x80002, 0x0)
r4 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x80)
r6 = openat$cgroup_procs(r5, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000001c00), 0x12)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r7, 0x8982, &(0x7f00000023c0)={0x0, 'vlan1\x00', {}, 0xef})
ioctl$KVM_GET_MSRS_cpu(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000100)={0x1, 0x0, [{0xcd}]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8922, &(0x7f0000000140)={'vlan1\x00', @random="02000000002b"})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85823d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2ba9c29faa38c409d32b6b7d6cf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e933119c5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fa62fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120bed64069dcf82d3e5e0361e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a1000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0daca8d4c1090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000004f9e02a3b51a97c4b1c1b411cc6bee2a56f29c55a6aac46a0cfc318fae02922a403431d4e5a4396cad2c8dd34037bc041a2ba1505ba2c4889122ca04e85881aad5f8bfc12e6741872aad21bf5301cd4c607ef50a991c410f7c60e45b5c193f813a36d841165b91b5e170f6ba24558df57145eb8142a6ed87c6d5cbae3e52d569996604669a6e9ca1a3689c795970b4bcd00881faff52a6766fafa07ed7d4a49f47d34fd76a394adcb33a270b6a14e74bca7c2ea92dd845d3f774fde1bbea911c1ea76d52f7912e2597e6a33380647ed44956730b5b84662b8e659124379c0d86b1d28fdfa3cd2013103e3048c4ad4f5a4dcd133b2fc8fae3b51e4433cee7c08e67c7d7ed4432045e10f8718e5c163b1704fa2c707b61a1a9f63edfceff1a0cd7baf4a15b2fd607a09d398d73243bdcc664fbd5f582e48af2a18b02f0184a7bdd95ac78241e6749e74b152702333c56588375f806f10578eaae329c4f8dfb83e5524e2c9aa59ce7828bd1f146b2a4150fb2a8ced08e2ffac81e921e8a6f0071361a0acdbd125fb5f5e9ffe98e38508582a496afd30ca460dbfca77915a18b7b9ef6c1d6e13bc12fe43063cfecfafb05bf2339ad61533fbf3e410b403182742fa2d40c402cb83c2fef46a36f17c1abf97b0e2d114bd1472ab4207aa060f9e5d91c4a4911b1a1df47b858be141ab3386f26f561df35678489dc1b9f10eee1b2ab3dfdaedd7e06ff8a127f1743fcb32d7f80d40aebc1ea72edc348f5f9ba4bace97db948c24c679c74cd4336a7233d836082bb0e8b013bd1ee3612cd43cd2a3cb83754bb3408"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x8, 0x1000000}, 0xfffffedf, 0x10, &(0x7f0000000040), 0xeafcf7e0, 0x0, 0xffffffffffffffff, 0xd}, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r10, 0x1, 0x32, &(0x7f00000000c0)=r9, 0x4)
sendmsg$inet(r11, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000200)="1648", 0x2}], 0x1}, 0x850)

4.178199762s ago: executing program 4 (id=1651):
r0 = socket$nl_route(0x10, 0x3, 0x0)
statx(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x100, 0x2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2031}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x2}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x20048054}, 0x0)

4.099248364s ago: executing program 3 (id=1652):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x88ce359bdb00143c, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x400448dd, &(0x7f0000000040))

3.3838647s ago: executing program 2 (id=1653):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000180)={[{@nombcache}, {@resgid}, {@norecovery}, {@commit={'commit', 0x3d, 0x5}}, {@nombcache}]}, 0x8, 0x5fc, &(0x7f00000004c0)="$eJzs3c1vVFUbAPDn3n7Svu/bQt6ouJAmxkCitLSAIcZE2BOCHztXlRaCFEpojRZJLAluTIwbFyauXIj/hZK4deHWhRtXhoQYw0IMkTF3em+ZTmdKv+aDmd8vufSce5l7zi08fe6cnnMngK41lv2RRuyPiKtJxEjFsd7ID46t/L37f944l21JlEpv/5HEjU+S5cpzJfnX4fzF/4xE8nMasa9nfbsLS9cvTc/NzV7L6xOLl69OLCxdP3zx8vSF2QuzV6ZenTpx/NjxE5NHdnR9pVxWPn3r/Q9HPjvz7rdfP0wmv/v1TBIn41Het+y6ql87sKOWs+/ZWNH+g8r92ff1xA7P3S7+Gin+nzyWVO+gbZ2PiCzC+iLi2RiJnop/zZH49M2Wdg5oqFLyOEcC3SbZVvwP7n5HgCYr7gOK9/a13gevlzb4rgRohnunVgakVmK/LyKK+O9dGRuMwfLYwND9ZM04T5KPG+xU1sZPP565lW1RZxwOaIzlm8Uod3X+T8qxORqD5drQ/XRN/KcVW7b/rW22P1ZVF//QPMs3I+K5PP/3x5bif6wi/t/bZvviHwAAAAAAAHbPnVMR8Uqt+X/p6vyf/hrzf4Yj4uQutP/k3/+ld/NCsgvNARXunYp4veb839U5vqM9ee2/5fkAfcn5i3OzRyLifxFxKPoGsvpk1XkrZwgf/nzfV/Xar5z/l21Z+8VcwPxMd3urFuLOTC9O7/S6gYh7NyOeL8//PZDvWTv/J8v/SY38n8X31U22se+l22frHXty/AONUvom4mDN/P/4djvZ+PkcE+X7gYnirmC9Fz7+4vt67Yt/aJ0s/w9tHP8DSeXzeha2dv7+iDi61Fuqd3y79//9yTs9xfkzH00vLl6bjOhPTq/fP7W1PkOnKuKhiJcs/g+9uPH43+r9f0Uc7omI5U22+cyj4d/qHZP/oXWy+J/ZOP+Prs3/Wy9M3R79oV77ZzeV/4+Vc/qhfI/xP6i0/nkcmw3QlnQXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5yaUT8J5J0fLWcpuPjEcMR8f8YSufmFxZfPj//wZWZ7Fj58//T4pN+R1bqSfH5/6MV9amq+tGI2BsRX/bsKdfHz83PzbT64gEAAAAAAAAAAAAAAAAAAKBNDJfX/JcGqtf/Z37vaXXvgIbrzb+Kd+g+vdt+ZWlgVzsCNN324x942m0+/vsa2g+g+erH/4OHpbKmdgdoIvf/0L22Gf9+XQAdQP6HbrXJMb3BRvcDaAX5HwAAAAAAOsreA3d+SSJi+bU95S3Tnx8z2R86W9rqDgAtYw4vdK/e+Vb3AGgV7/GBZLX0d83F/vVn/yeN6RAAAAAAAAAAAAAAsM7B/db/Q7faeP2/uf3QyTZY/18r+D0uADpI/Y/+kPuh03mPDzwp21v/DwAAAAAAAAAAAABtYPD6pem5udlrC0tPX+GN9ujG1grL023RjV0tPGrMmfsioj0usNmF4hEcLexGi38uAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAq/4NAAD//yOCL58=")
socket$netlink(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0xd, 0x8d}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
arch_prctl$ARCH_GET_XCOMP_GUEST_PERM(0x1024, 0x0)
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000100)=ANY=[], &(0x7f00000000c0)='GPL\x00'}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r3, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0xfffffffffffffffc, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffc0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)
epoll_pwait(0xffffffffffffffff, &(0x7f0000000140)=[{}], 0x1, 0x2d516fb6, 0x0, 0x0)
r4 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000080)={0x8, 0x6, 0x2}, 0x10)
write(r4, &(0x7f0000000480)="1c0000001a009b8a140000003b000000000000000000000000000000fda35065733173ae72a0d270d958f739b6d44c893b03599f77a332b446ea93568ae2ff534952656c6a18b6c0fdcec321127ee28705f2496eb43654255c5cc688f71db82bab173f4e19361ac01c1b0a2d2229993c8308ab7721e4c33c5fc214cd64a17d552a0fa33011d3ccceb56738a8c7e690d5843333a2a6d60f38798d000000003991f3787269de5382929be107a698db9edbc0257c0bb0205084640cc1c859d69828feab5d0ac72f62c0bf387044a185428df3ab4cc2525d41adb01c8c13c71b6a98dac98f678e2472d5a6a8a5b2f69ac595a8bea681e962033baf38e57deb", 0xfd)
recvmmsg(r4, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})

3.344824541s ago: executing program 1 (id=1654):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x800448d2, &(0x7f0000000040))

3.344400731s ago: executing program 1 (id=1655):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x80002, 0x0)
r4 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x80)
r6 = openat$cgroup_procs(r5, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000001c00), 0x12)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r7, 0x8982, &(0x7f00000023c0)={0x0, 'vlan1\x00', {}, 0xef})
ioctl$KVM_GET_MSRS_cpu(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000100)={0x1, 0x0, [{0xcd}]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8922, &(0x7f0000000140)={'vlan1\x00', @random="02000000002b"})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85823d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2ba9c29faa38c409d32b6b7d6cf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e933119c5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fa62fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120bed64069dcf82d3e5e0361e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a1000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0daca8d4c1090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000004f9e02a3b51a97c4b1c1b411cc6bee2a56f29c55a6aac46a0cfc318fae02922a403431d4e5a4396cad2c8dd34037bc041a2ba1505ba2c4889122ca04e85881aad5f8bfc12e6741872aad21bf5301cd4c607ef50a991c410f7c60e45b5c193f813a36d841165b91b5e170f6ba24558df57145eb8142a6ed87c6d5cbae3e52d569996604669a6e9ca1a3689c795970b4bcd00881faff52a6766fafa07ed7d4a49f47d34fd76a394adcb33a270b6a14e74bca7c2ea92dd845d3f774fde1bbea911c1ea76d52f7912e2597e6a33380647ed44956730b5b84662b8e659124379c0d86b1d28fdfa3cd2013103e3048c4ad4f5a4dcd133b2fc8fae3b51e4433cee7c08e67c7d7ed4432045e10f8718e5c163b1704fa2c707b61a1a9f63edfceff1a0cd7baf4a15b2fd607a09d398d73243bdcc664fbd5f582e48af2a18b02f0184a7bdd95ac78241e6749e74b152702333c56588375f806f10578eaae329c4f8dfb83e5524e2c9aa59ce7828bd1f146b2a4150fb2a8ced08e2ffac81e921e8a6f0071361a0acdbd125fb5f5e9ffe98e38508582a496afd30ca460dbfca77915a18b7b9ef6c1d6e13bc12fe43063cfecfafb05bf2339ad61533fbf3e410b403182742fa2d40c402cb83c2fef46a36f17c1abf97b0e2d114bd1472ab4207aa060f9e5d91c4a4911b1a1df47b858be141ab3386f26f561df35678489dc1b9f10eee1b2ab3dfdaedd7e06ff8a127f1743fcb32d7f80d40aebc1ea72edc348f5f9ba4bace97db948c24c679c74cd4336a7233d836082bb0e8b013bd1ee3612cd43cd2a3cb83754bb3408"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x8, 0x1000000}, 0xfffffedf, 0x10, &(0x7f0000000040), 0xeafcf7e0, 0x0, 0xffffffffffffffff, 0xd}, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r10, 0x1, 0x32, &(0x7f00000000c0)=r9, 0x4)
sendmsg$inet(r11, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000200)="1648", 0x2}], 0x1}, 0x850)

3.266433774s ago: executing program 0 (id=1656):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1208002, &(0x7f0000000100)={[{@grpquota}, {@delalloc}, {@resuid}, {@debug}, {@dioread_nolock}, {}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
sched_setscheduler(0x0, 0x1, &(0x7f00000001c0)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$msdos(&(0x7f00000006c0), &(0x7f0000000280)='./file0\x00', 0xc0, &(0x7f0000000080)=ANY=[@ANYBLOB="646f74732c6e66732c71756965742c6e6f646f74732c636865636b3d7374726963742c6e66733d7374616c655f72772c646f74732c6572726f72733d636f6e74696e7565008000000000000074732c00"], 0x1, 0x246, &(0x7f00000002c0)="$eJzs3TFu01AcBvB/2rQNZaAzYrDEwlQBN7BQkBCWkII8wISlwtIiJHcxTDkGZ+BIHKNTNyNqixS3MFRu3ca/nxT5Uz45eW/Jy/Be8uHR58ODL8ef6p/fYzZLYhqxjNOIvdiIzWhM2uvGWd6O85YBANw1i0WRDj0GejS5+FRZpsVWROxcaPIfNzMoAAAAAAAAAAAA+mb/PwCMj/3/668s02K3/f72N/v/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOGc1vWD+j+PoccHAPTP+g8A42P9B4Dxsf4DwPi8fff+dZpl80WSzCJOllVe5c216V++yuZPkzN7q7tOqirfanM2f9b0Sbffbe9/fmm/HU8eN/3v7sWbrNPvxMF1Tx4AAAAAAAAAAAAAAAAAAABuif3kj875/s2m3/9X36Rzvw/QOb8/jYfTG5sGAAAAAAAAAAAAAAAAAAAA3GnHX78dFkdHH0thpOH+JdW9uMILzuI2TEfoKQz9yQQAAAAAAAAAAAAAAAAAAOOzOvQ79EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDir//+/vtB9z0lMhpksAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsNZ+BQAA///TbZE4")
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@empty, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x0, 0x1, 0x4e24, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xff}, {}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x2}, 0x0, 0x32}, 0x0, @in=@remote, 0x0, 0x4}}, 0xe8)
connect$pppl2tp(r3, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x4, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x32)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

3.233458715s ago: executing program 4 (id=1657):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff6)
ioctl$PPPIOCGUNIT(r0, 0x80047456, 0x0)

2.881159108s ago: executing program 4 (id=1658):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000340)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mount(0x0, 0x0, &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x7, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="850000009e000000620a00ff0000000061008c0500000000950000000000000018100000", @ANYRES32, @ANYBLOB="000000000000000005000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)

1.726435239s ago: executing program 1 (id=1659):
socket$inet6_udp(0xa, 0x2, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet(0x2, 0x1, 0x100)
statx(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x100, 0x2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, r1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = fsopen(&(0x7f0000000280)='ext4\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, 0x0, &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0xc3, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2031}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x2}]}, @IFLA_GROUP={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20048054}, 0x0)

1.572935434s ago: executing program 2 (id=1660):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000080)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000180)="aabb", 0x2}], 0x1}}], 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb0100180000000000000010d6b365a5cc2c4d3b025841000000100000000300000001000000000000"], 0x0, 0x2b, 0x0, 0x5}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f000001a240)=""/102400, 0x19000, 0x1000000000)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))

1.310418403s ago: executing program 0 (id=1661):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x6e23, 0x7ffe, @mcast2, 0x9}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x0, 0x0, {0xa, 0x4e21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}, 0x32)
r2 = timerfd_create(0x0, 0x0)
r3 = timerfd_create(0x0, 0x80000)
timerfd_settime(r3, 0x3, &(0x7f000000b000)={{}, {0x0, 0x989680}}, 0x0)
timerfd_settime(r2, 0x3, &(0x7f0000000440)={{0x0, 0x3938700}}, 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c09425, &(0x7f0000000380)={"b8e50a31a002b94fcd8fc4db3056309d", 0x0, 0x0, {0x7, 0x100}, {0xffffffffffffff7f, 0x5}, 0x51, [0x7, 0x3, 0xe, 0x2, 0x9, 0x8, 0xd8e, 0x7fc0000, 0x5, 0x0, 0x6, 0x3, 0x5, 0x49, 0xfffffffffffffffe, 0xc]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0xffffffffffffff7c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee7, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x94)
r7 = epoll_create(0x5)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r2, &(0x7f0000000100))
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000200)='./file0\x00', 0xc8d0, &(0x7f0000000280)=ANY=[], 0x1, 0x314, &(0x7f0000000600)="$eJzs3M9rE1sUwPGTNEnTlHayeLzHE6QX3ehmaONeDNKCNGCpjfgDxGkz0ZAxKZlQiYhtV25ciH+Ei9JldwXtP9CNO1du3HUjuLALcSQzkx9tE1vTpLH2+4Eyh7n3zNybacK5AzM7d14/yWdtPWuUJRhVEhAR2RWJS1BqAv426MYRabYil4e/fjx/6+696WQqNTmr1FRy7kpCKTU69u7p8yG/2+agbMcf7HxJfN7+d/v/nR9zj3O2ytmqUCwrQ80XP5WNectUmZyd15WasUzDNlWuYJslr91ZFrFMlbWKi4sVZRQyI7HFkmnbyihUVN6sqHJRlUsVZTwycgWl67oaiQkOk16bnTWSHSYvdHkw6JFSKWkMiMjQgZb0Wl8GBAAA+sqv/+vVfrBa0ndS/4emk6mQv7NR/69f2CoP394Y9ev/zUi1/hdpqv8fNo5lqkywXv9HRaRR/xe99UG36/+DFdHp9mrvxRHHqYeRVv2PVf/jlKjW/zH/++tavb8+7gbU/wAAAAAAAAAAAAAAAAAAAAAAnAa7jqM5jqN52wF/r6MNikjUfYLEa+/zMNEje69/44/rfzY0XtwRGhWxXi6ll9Le1u+wJSKWmDIumnx3/x981TiyotxOqiou761lP395Ke39liSzknPzJ0ST+P58x5m6kZqcUJ69+WGJNecnRJN/Wucn9ueHq9uIXLrYlK+LJh8WpCiWZPwn42r5LyaUun4zte/8Q24/AAAAAAD+Brqqq6/fB5vb9YPt3vrYa/fW1yFpfX/AW1+Pt1zfh+RcqF+zBgAAAADgbLErz/KGZZmlHgWrItLjU7QJajM8albtBblt+gQk0K6pC0Ht5J2lV8fWtfGEj/SJBTsa6ljkNy9Ky6B226hdH5np5MiOJnLcz/C/N2+//bqPd2dM5CgHvLoRPWSmnQaRw2YaPrEfIAAAAAAnplH01/Zc6++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4g07iVXz9niMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwp/gZAAD//8mG/kg=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)

1.309830133s ago: executing program 3 (id=1662):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000"], 0x48)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
open(&(0x7f0000000240)='./file1\x00', 0x26142, 0xc)
clock_gettime(0x7, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffd000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x1, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='system.posix_acl_access\x00', 0x0, 0x1c, 0x2)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e23, 0x8001, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3d}}, 0x7}, 0x1c)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd170000000000040000000000000000", 0x39}], 0x1)

395.936326ms ago: executing program 2 (id=1663):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x6e23, 0x7ffe, @mcast2, 0x9}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x0, 0x0, {0xa, 0x4e21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}, 0x32)
r2 = timerfd_create(0x0, 0x0)
r3 = timerfd_create(0x0, 0x80000)
timerfd_settime(r3, 0x3, &(0x7f000000b000)={{}, {0x0, 0x989680}}, 0x0)
timerfd_settime(r2, 0x3, &(0x7f0000000440)={{0x0, 0x3938700}}, 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c09425, &(0x7f0000000380)={"b8e50a31a002b94fcd8fc4db3056309d", 0x0, 0x0, {0x7, 0x100}, {0xffffffffffffff7f, 0x5}, 0x51, [0x7, 0x3, 0xe, 0x2, 0x9, 0x8, 0xd8e, 0x7fc0000, 0x5, 0x0, 0x6, 0x3, 0x5, 0x49, 0xfffffffffffffffe, 0xc]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0xffffffffffffff7c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee7, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x94)
r7 = epoll_create(0x5)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r2, &(0x7f0000000100))
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000200)='./file0\x00', 0xc8d0, &(0x7f0000000280)=ANY=[], 0x1, 0x314, &(0x7f0000000600)="$eJzs3M9rE1sUwPGTNEnTlHayeLzHE6QX3ehmaONeDNKCNGCpjfgDxGkz0ZAxKZlQiYhtV25ciH+Ei9JldwXtP9CNO1du3HUjuLALcSQzkx9tE1vTpLH2+4Eyh7n3zNybacK5AzM7d14/yWdtPWuUJRhVEhAR2RWJS1BqAv426MYRabYil4e/fjx/6+696WQqNTmr1FRy7kpCKTU69u7p8yG/2+agbMcf7HxJfN7+d/v/nR9zj3O2ytmqUCwrQ80XP5WNectUmZyd15WasUzDNlWuYJslr91ZFrFMlbWKi4sVZRQyI7HFkmnbyihUVN6sqHJRlUsVZTwycgWl67oaiQkOk16bnTWSHSYvdHkw6JFSKWkMiMjQgZb0Wl8GBAAA+sqv/+vVfrBa0ndS/4emk6mQv7NR/69f2CoP394Y9ev/zUi1/hdpqv8fNo5lqkywXv9HRaRR/xe99UG36/+DFdHp9mrvxRHHqYeRVv2PVf/jlKjW/zH/++tavb8+7gbU/wAAAAAAAAAAAAAAAAAAAAAAnAa7jqM5jqN52wF/r6MNikjUfYLEa+/zMNEje69/44/rfzY0XtwRGhWxXi6ll9Le1u+wJSKWmDIumnx3/x981TiyotxOqiou761lP395Ke39liSzknPzJ0ST+P58x5m6kZqcUJ69+WGJNecnRJN/Wucn9ueHq9uIXLrYlK+LJh8WpCiWZPwn42r5LyaUun4zte/8Q24/AAAAAAD+Brqqq6/fB5vb9YPt3vrYa/fW1yFpfX/AW1+Pt1zfh+RcqF+zBgAAAADgbLErz/KGZZmlHgWrItLjU7QJajM8albtBblt+gQk0K6pC0Ht5J2lV8fWtfGEj/SJBTsa6ljkNy9Ky6B226hdH5np5MiOJnLcz/C/N2+//bqPd2dM5CgHvLoRPWSmnQaRw2YaPrEfIAAAAAAnplH01/Zc6++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4g07iVXz9niMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwp/gZAAD//8mG/kg=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)

393.343076ms ago: executing program 3 (id=1664):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xb, 0x0, 0x0, &(0x7f0000000c40)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf51c}, 0x94)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000080)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000180)="aabb", 0x2}], 0x1}}], 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb0100180000000000000010d6b365a5cc2c4d3b025841000000100000000300000001000000000000"], 0x0, 0x2b, 0x0, 0x5}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r1, &(0x7f000001a240)=""/102400, 0x19000, 0x1000000000)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)=ANY=[@ANYBLOB="01010000", @ANYRES16=0x0, @ANYBLOB="05002dbd7000fcdbdf251b000000"], 0x14}, 0x1, 0x0, 0x0, 0x810}, 0x20000080)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000c80)=ANY=[@ANYBLOB='\f\a\x00\x00', @ANYRES16=0x0, @ANYBLOB="080027bd7000fddbdf25390000000c009900030000007500000098025a8028000080110002000e0b294419424f0e3e2c29221b000000100001000902166c4803183660183016180000801400030002000a999f790f143efee3a947b3fd29f677000b000f00b9000000050001006c00008005000700000000000500040002000000140003006600020002000002ff7f07000500750f1400050004000200010404004909010102004000050007000100000014000300000109000d001c0301004000030008001400030009000101c6f900000000b305960004002c0003802800020051494d14161a184e1b154b33143841413a500f0a060f51252956202f0b42292c1931024c48000280140005000500070009000900090010f010000600050004000000000028000200391217251701061a103e521735571b150431211914284947410a1e4f442f4138284b231c4400008013000100060660060b011b0416480506481b1700050004000000000008000200480837180500070000000000140003005a9008080c0005001000ff0006000900ac00038014000200291a451d065648130812043a3a54311a05000600020000000500060001000000050004000000000005000600000000000500070001000000090002002d4e00411d0000004e0002003d2731473d351a1036120b4740300b2f021f3c401d2e224916014b3d2451394102240425423c38100227083c3d562b553b4d3e1d0b183e53393f47433c3d1c453f2938073246384d1c340000050004000100000005000600010000003c000080050006000100000005000700020000001400030002000600070060270800e500030005001400050001800800010000000800050005000700480002801400050007000100ff070000920c000009007859140005000500020000010800040000000100feff0500040000000000140005000000040001b9050001000500c6310700d8025a80580003801d00010030040b0201180b0c120002041b0c0b300b240c606c7405050400000014000500000405002008080008000800ff030000050004000000000006000100246c0000070002001e2d4c0005000400010000003800018032000200281c0f23243b13532a310f02424d352449562a4f56304e17182045373d561e2b2c201102140c1b50514b4f2337010000a400038005000600010000001600010016480b0204300c091b09123005480401240400000500040002000000140003000700e30009000f00ff0f060008000800140003000200040006000300ff03dee700fc2b0014000500940000000300010000007f00050004000500060001000000340002002631392a4101003d254940470824541f161f3b0926570152474801180d24032141141d2226503d1a422b384c0f120c3018000280140005000400080003000800ff010002000409002000008014000500000008000700faff010008000300090005000400010000008400038043000200300e3738092912412d512b1f4b4d213412481d421a28194050202156431c2b0f37094548332f514b332f0820033129031f3d3a40374c490f01091801344a2300140005008000c1000f00050003000080550b090014000500018008000800040008000600588f06001400050003000500050006000500ff010e005a0648000280130001001b24020202360204006024020b690300160001000541060c36013600161b6c0605060b003006000005000700020000000500060002000000050002000900000074000180050004000200000014000500ce009167060002000004ff03060000000500060001000000050006000200000041000200503b2d0419394929513b130a16015138494b540c084f533310533c470a1a31000f0f1a57404d280c570d4c0b4d0220011f380235491046415734084b1f0000002800028006000200520900000a0001001203024801120000050007000200000005000600010000007c015a8018000080140005009f0f02007f000a00000807000b00420028000180050007000000000005000600000000001400050002000700ef00b70402000900550000003c00008014000300a200050005b60400050006008100010005000700020000000500060001000000130001000482160c2402364806130312000c0000c00003800500040001000000310002003b051f31493208340e0b2601093d01382835535132471b354d49415339134846550544081210492a503935400c00000005000700010000001200010001024802030b186000360b484830000014000500ffff09000b00060000000d0030060300140003000000070001000600ce0501000104040014000500cb5e060006004a0000005b0dff0f020028000200274a544255251f3b44050442470f1b142e533b2b54430101382d1103264e4619312f20193c00008005000700020000000500060002000000140005000004060021fb0900000004000600800014000500ffbfadfd85dd5084844464e7875b1c3dd1ecff3d1cd1b7a2a3110ba009e2d2"], 0x70c}, 0x1, 0x0, 0x0, 0x44}, 0x8880)
r5 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
request_key(&(0x7f0000000100)='asymmetric\x00', &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000180)='asymmetPic@\xe6u\x18\x8f\x8d\xd0\xb9\xb4d\x97\xee\x9bY\xb3\xa0dI$(\xed\x98S\xdcB\xdf\x99J\x9c&#m\xd0\xb0\x134m\xa7se\x8fvS\x84:\"-\x94\x84\xbd\xf4X\xf2F6\xe44\x1f\xa7f\x82\xd7aLt@%a\x8a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xb4\xc6m39\x9e)\xa5\xe7\xdb\xdc\xb3\xb6\x1f\x1d5\x13\xde\xab\x86\xf5`S<\xd5\xc7@-X0\xa9\xe4l\xab\xf0}\xf0\xeaco\x85kM\x8a<Z\x02\xfc\xb6E\x8c&\f\xb4)l\x93\xb8\xb1\xcfK\x0e\xben \xc3\xc5xH\xa5\t\xcc\"\xcd\xe2\xbb>S\x1bZ\xa1\xba\xb4E\xbc', r5)
r6 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, r5)
keyctl$chown(0x4, r6, 0xee01, 0x0)

0s ago: executing program 0 (id=1665):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

se_xattr:  getxattr returned 5 for dev=loop0 ino=13
[  297.865828][  T283] EXT4-fs (loop0): unmounting filesystem.
[  297.883444][ T3890] loop4: detected capacity change from 0 to 128
[  297.890412][ T3890] /dev/loop4: Can't open blockdev
[  297.940385][ T3893] loop0: detected capacity change from 0 to 1024
[  297.980067][ T3893] EXT4-fs: Ignoring removed nomblk_io_submit option
[  298.078543][  T309] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  298.123445][ T3893] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  298.196725][   T28] audit: type=1400 audit(1775009693.741:217): avc:  denied  { create } for  pid=3889 comm="syz.4.878" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  298.326606][  T283] EXT4-fs (loop0): unmounting filesystem.
[  298.327114][ T3900] loop4: detected capacity change from 0 to 512
[  298.341745][ T3900] /dev/loop4: Can't open blockdev
[  299.809960][ T3910] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3910 comm=syz.2.881
[  302.689868][ T3921] loop4: detected capacity change from 0 to 1024
[  302.770794][ T3921] EXT4-fs: Ignoring removed nomblk_io_submit option
[  302.790259][ T3926] loop1: detected capacity change from 0 to 512
[  303.074927][ T3921] /dev/loop4: Can't open blockdev
[  303.140459][ T3926] EXT4-fs (loop1): 1 truncate cleaned up
[  303.146196][ T3926] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  303.195065][ T3924] overlayfs: upper fs needs to support d_type.
[  304.242509][ T3938] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  304.255121][ T3938] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  304.263162][ T3938] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  304.326380][  T284] EXT4-fs (loop1): unmounting filesystem.
[  304.438217][ T3946] loop4: detected capacity change from 0 to 512
[  304.451095][ T3946] /dev/loop4: Can't open blockdev
[  304.776584][ T3944] netlink: 12 bytes leftover after parsing attributes in process `syz.3.888'.
[  305.395057][ T3960] loop4: detected capacity change from 0 to 128
[  305.425591][ T3960] /dev/loop4: Can't open blockdev
[  305.432352][   T28] audit: type=1400 audit(1775009700.971:218): avc:  denied  { connect } for  pid=3959 comm="syz.4.892" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  305.487669][ T3964] loop4: detected capacity change from 0 to 512
[  305.500813][ T3964] /dev/loop4: Can't open blockdev
[  305.595316][ T3966] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  305.615642][ T3966] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  305.652758][ T3970] loop2: detected capacity change from 0 to 128
[  305.737310][ T3966] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  305.787048][ T3966] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  306.104298][ T3978] loop2: detected capacity change from 0 to 1024
[  306.143896][ T3978] EXT4-fs: Ignoring removed nomblk_io_submit option
[  306.195591][ T3978] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  307.216219][  T286] EXT4-fs (loop2): unmounting filesystem.
[  308.561953][ T4002] loop2: detected capacity change from 0 to 512
[  308.650590][ T4007] overlayfs: failed to resolve './file0': -2
[  308.669626][ T4002] EXT4-fs (loop2): 1 truncate cleaned up
[  308.675598][ T4002] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  308.693270][ T4001] overlayfs: upper fs needs to support d_type.
[  309.233753][ T4009] netlink: 12 bytes leftover after parsing attributes in process `syz.0.904'.
[  309.247229][  T286] EXT4-fs (loop2): unmounting filesystem.
[  309.378492][ T4023] random: crng reseeded on system resumption
[  309.391855][ T3995] loop3: detected capacity change from 0 to 40427
[  309.415396][ T3995] F2FS-fs (loop3): fault_injection options not supported
[  309.422626][ T3995] F2FS-fs (loop3): fault_type options not supported
[  309.429773][ T3995] F2FS-fs (loop3): invalid crc value
[  309.437123][ T4026] loop2: detected capacity change from 0 to 256
[  309.455361][ T4026] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  309.466939][ T3995] F2FS-fs (loop3): Found nat_bits in checkpoint
[  309.475240][ T4026] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  309.492968][ T4026] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  309.691098][ T4031] loop0: detected capacity change from 0 to 512
[  309.892568][ T4031] EXT4-fs (loop0): 1 truncate cleaned up
[  309.898575][ T4031] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  309.907499][ T3995] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  309.946677][ T4030] overlayfs: upper fs needs to support d_type.
[  310.003886][  T282] syz-executor: attempt to access beyond end of device
[  310.003886][  T282] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  311.568751][ T4055] loop3: detected capacity change from 0 to 1024
[  311.587044][ T4055] EXT4-fs: Ignoring removed nomblk_io_submit option
[  312.601535][  T283] EXT4-fs (loop0): unmounting filesystem.
[  312.646311][ T4055] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  312.665251][    C0] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  312.755504][ T4069] loop0: detected capacity change from 0 to 1024
[  312.775857][ T4069] EXT4-fs: Ignoring removed nomblk_io_submit option
[  312.864616][ T4069] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  313.149380][ T4073] loop2: detected capacity change from 0 to 512
[  313.160071][ T4073] EXT4-fs (loop2): 1 truncate cleaned up
[  313.165934][ T4073] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  313.178095][ T4073] overlayfs: upper fs needs to support d_type.
[  313.209087][  T282] EXT4-fs (loop3): unmounting filesystem.
[  313.518228][ T4088] random: crng reseeded on system resumption
[  313.551594][ T4088] loop4: detected capacity change from 0 to 256
[  313.561490][ T4088] /dev/loop4: Can't open blockdev
[  313.567841][  T283] EXT4-fs (loop0): unmounting filesystem.
[  313.602434][  T286] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[  313.608961][ T4091] loop3: detected capacity change from 0 to 128
[  313.623825][  T286] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[  313.640603][ T3919] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  313.648233][ T4091] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  313.660135][ T4091] ext4 filesystem being mounted at /172/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  313.751686][   T28] audit: type=1400 audit(1775009709.291:219): avc:  denied  { bind } for  pid=4089 comm="syz.3.926" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  313.780936][  T286] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[  313.798056][  T282] EXT4-fs (loop3): unmounting filesystem.
[  313.815229][   T28] audit: type=1400 audit(1775009709.291:220): avc:  denied  { listen } for  pid=4089 comm="syz.3.926" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  313.848323][  T286] EXT4-fs (loop2): unmounting filesystem.
[  313.931160][   T28] audit: type=1400 audit(1775009709.321:221): avc:  denied  { accept } for  pid=4089 comm="syz.3.926" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  315.764058][ T4128] loop3: detected capacity change from 0 to 1024
[  315.802023][ T4128] EXT4-fs: Ignoring removed nomblk_io_submit option
[  315.826870][ T4128] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  317.145236][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  317.154957][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  317.164655][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  317.316840][ T4145] random: crng reseeded on system resumption
[  317.659511][ T4150] loop4: detected capacity change from 0 to 256
[  317.673651][ T4150] /dev/loop4: Can't open blockdev
[  317.850716][ T4159] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  317.879196][  T282] EXT4-fs (loop3): unmounting filesystem.
[  318.020482][ T4163] loop1: detected capacity change from 0 to 512
[  318.099129][ T4159] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  318.103876][ T4163] EXT4-fs (loop1): 1 truncate cleaned up
[  318.112183][ T4163] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  318.112731][ T4159] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  318.222970][ T4163] overlayfs: upper fs needs to support d_type.
[  318.249200][ T4170] random: crng reseeded on system resumption
[  318.266331][ T4168] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  318.276520][ T4168] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  318.289620][ T4168] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  318.297665][ T4168] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  318.319130][ T4171] loop0: detected capacity change from 0 to 256
[  318.356129][ T4171] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  318.373646][ T4171] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  318.407281][ T4171] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  318.788388][  T284] EXT4-fs (loop1): unmounting filesystem.
[  319.898240][ T4185] netlink: 12 bytes leftover after parsing attributes in process `syz.2.949'.
[  319.999611][ T4193] random: crng reseeded on system resumption
[  320.089664][ T4199] loop3: detected capacity change from 0 to 256
[  320.104274][ T4201] loop0: detected capacity change from 0 to 1024
[  320.111100][ T4201] EXT4-fs: Ignoring removed nomblk_io_submit option
[  320.118661][ T4199] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  320.155537][ T4202] loop1: detected capacity change from 0 to 512
[  320.265272][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  320.275020][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  320.397970][ T4202] EXT4-fs (loop1): 1 truncate cleaned up
[  320.403752][ T4202] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  320.447554][ T4202] overlayfs: upper fs needs to support d_type.
[  320.481892][ T4199] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  320.495611][ T4201] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  320.502718][ T4199] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  321.404098][  T283] EXT4-fs (loop0): unmounting filesystem.
[  321.710462][ T4219] random: crng reseeded on system resumption
[  321.784101][ T4219] loop0: detected capacity change from 0 to 256
[  321.804709][ T4219] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  321.816542][ T4219] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  321.832880][ T4219] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  321.924387][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  321.991870][  T284] EXT4-fs (loop1): unmounting filesystem.
[  323.385395][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  323.395119][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  323.809568][ T4243] loop3: detected capacity change from 0 to 128
[  323.958141][ T3919] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  324.045946][ T4255] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  324.053973][ T4255] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  324.063739][ T4255] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  324.076540][ T4255] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  324.084421][ T4255] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  325.312038][ T4277] loop0: detected capacity change from 0 to 1024
[  325.344512][ T4277] EXT4-fs: Ignoring removed nomblk_io_submit option
[  325.376651][ T4277] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  325.466144][ T4290] loop4: detected capacity change from 0 to 512
[  325.472905][ T4290] /dev/loop4: Can't open blockdev
[  326.391346][ T4295] random: crng reseeded on system resumption
[  326.401423][  T283] EXT4-fs (loop0): unmounting filesystem.
[  326.442907][ T4297] loop3: detected capacity change from 0 to 256
[  326.449907][ T4297] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  326.456341][ T3923] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  326.461031][ T4297] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  326.480740][ T4297] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  326.505327][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  326.507116][ T4300] loop0: detected capacity change from 0 to 1024
[  326.515347][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  326.530951][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  326.568740][ T4300] EXT4-fs: Ignoring removed nomblk_io_submit option
[  326.724363][ T4300] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  327.454632][  T283] EXT4-fs (loop0): unmounting filesystem.
[  327.738648][ T4327] loop0: detected capacity change from 0 to 512
[  329.102171][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  329.133093][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  329.144015][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  329.413872][ T4327] EXT4-fs (loop0): 1 truncate cleaned up
[  329.419664][ T4327] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  329.476687][ T4319] overlayfs: upper fs needs to support d_type.
[  330.182354][  T283] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[  330.200289][  T283] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[  330.215438][  T283] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[  330.233114][  T283] EXT4-fs (loop0): unmounting filesystem.
[  330.260407][ T4345] loop3: detected capacity change from 0 to 1024
[  330.276999][ T4345] EXT4-fs: Ignoring removed nomblk_io_submit option
[  330.352345][ T4345] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  330.585228][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  330.594938][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  330.604641][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  331.213382][  T282] EXT4-fs (loop3): unmounting filesystem.
[  332.217936][ T4375] loop4: detected capacity change from 0 to 512
[  332.226481][ T4375] /dev/loop4: Can't open blockdev
[  332.757476][ T4380] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4380 comm=syz.0.997
[  333.032475][ T4383] loop1: detected capacity change from 0 to 512
[  333.103719][ T4383] EXT4-fs (loop1): 1 truncate cleaned up
[  333.109538][ T4383] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  333.129378][ T4383] overlayfs: upper fs needs to support d_type.
[  333.348058][  T284] EXT4-fs (loop1): unmounting filesystem.
[  333.412721][ T4390] random: crng reseeded on system resumption
[  333.434947][ T4393] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  333.459471][ T4393] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  333.469142][ T4393] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  333.636290][ T4395] loop1: detected capacity change from 0 to 256
[  333.675108][ T4395] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  333.689681][ T4395] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  333.785210][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  333.794937][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  334.205996][ T4395] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  334.460203][ T4406] loop4: detected capacity change from 0 to 1024
[  334.501928][ T4406] EXT4-fs: Ignoring removed nomblk_io_submit option
[  334.516397][ T4406] /dev/loop4: Can't open blockdev
[  334.670730][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  334.684385][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  334.692643][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  334.791276][ T4416] loop0: detected capacity change from 0 to 512
[  334.959733][ T4416] EXT4-fs (loop0): 1 truncate cleaned up
[  334.965556][ T4416] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  335.008370][ T4416] overlayfs: upper fs needs to support d_type.
[  335.681882][  T283] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[  335.811675][ T4437] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1010'.
[  336.905252][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  336.915015][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  336.924697][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  337.541440][ T4424] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  337.554205][ T4424] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  337.562203][ T4424] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  338.265278][    C0] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  339.775365][  T283] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[  339.859076][ T4447] loop4: detected capacity change from 0 to 512
[  339.866907][ T4447] /dev/loop4: Can't open blockdev
[  339.975897][  T283] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[  340.132188][  T283] EXT4-fs (loop0): unmounting filesystem.
[  340.193717][ T4456] loop0: detected capacity change from 0 to 512
[  340.261243][ T4456] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  340.294527][ T4456] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  340.591980][ T4464] random: crng reseeded on system resumption
[  340.794697][ T4465] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  340.827548][ T4465] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  340.838835][ T4465] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  341.103030][ T4466] loop2: detected capacity change from 0 to 256
[  341.142257][ T4466] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  341.161796][ T4470] loop3: detected capacity change from 0 to 128
[  341.204340][ T4466] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  341.228939][ T4466] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  341.554691][ T4475] loop3: detected capacity change from 0 to 1024
[  341.594400][ T4475] EXT4-fs: Ignoring removed nomblk_io_submit option
[  341.633390][ T4473] loop0: detected capacity change from 0 to 40427
[  341.640677][ T4473] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  341.648474][ T4473] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  341.658002][ T4473] F2FS-fs (loop0): invalid crc value
[  341.691698][ T4475] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  341.806520][ T4473] F2FS-fs (loop0): Found nat_bits in checkpoint
[  341.911901][ T4473] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  341.919669][ T4473] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  342.804768][  T282] EXT4-fs (loop3): unmounting filesystem.
[  342.825560][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  342.835276][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  343.440877][ T4498] loop2: detected capacity change from 0 to 512
[  343.574932][ T4498] EXT4-fs (loop2): 1 truncate cleaned up
[  343.580797][ T4498] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  343.637302][ T4496] overlayfs: upper fs needs to support d_type.
[  343.648809][ T4505] loop3: detected capacity change from 0 to 1024
[  343.661863][ T4505] EXT4-fs: Ignoring removed nomblk_io_submit option
[  343.696657][ T4505] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  344.767604][ T4513] loop4: detected capacity change from 0 to 512
[  344.774374][ T4513] /dev/loop4: Can't open blockdev
[  344.873131][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  344.896633][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  344.906188][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  344.960908][  T282] EXT4-fs (loop3): unmounting filesystem.
[  345.019090][ T4450] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  345.092287][  T286] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[  345.118607][ T4518] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  345.119212][  T286] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[  345.141336][ T4518] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  345.150149][ T4518] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  345.156239][  T286] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[  345.175139][  T286] EXT4-fs (loop2): unmounting filesystem.
[  345.545090][ T4526] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  345.560030][ T4526] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  345.585299][ T4526] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  345.595043][ T4526] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  345.778511][ T4528] random: crng reseeded on system resumption
[  345.805531][ T4528] loop4: detected capacity change from 0 to 256
[  345.812143][ T4528] /dev/loop4: Can't open blockdev
[  346.474522][ T4534] loop4: detected capacity change from 0 to 512
[  346.482342][ T4534] /dev/loop4: Can't open blockdev
[  346.585653][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  346.595414][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  346.839253][ T4539] loop0: detected capacity change from 0 to 1024
[  346.865436][ T4539] EXT4-fs: Ignoring removed nomblk_io_submit option
[  346.889989][ T4537] kvm: pic: non byte write
[  346.896045][ T4539] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  346.946531][ T4449] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  347.714310][ T4545] netlink: 'syz.3.1035': attribute type 4 has an invalid length.
[  348.206499][  T283] EXT4-fs (loop0): unmounting filesystem.
[  348.351272][ T4559] loop0: detected capacity change from 0 to 1024
[  348.755269][ T4560] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1036'.
[  349.945231][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  349.954950][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  351.457512][ T4566] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  351.466525][ T4566] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  351.483541][ T4566] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  351.510847][ T4566] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  351.521392][ T4566] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  351.719329][ T4570] random: crng reseeded on system resumption
[  351.731122][ T4449] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  351.784452][ T4570] loop1: detected capacity change from 0 to 256
[  351.801272][ T4570] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  351.832658][ T4570] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  352.127142][ T4582] loop3: detected capacity change from 0 to 512
[  352.137196][ T4583] loop4: detected capacity change from 0 to 512
[  352.146181][ T4583] /dev/loop4: Can't open blockdev
[  352.184431][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  352.210093][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  352.220141][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  352.433514][ T4582] EXT4-fs (loop3): 1 truncate cleaned up
[  352.439285][ T4582] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  352.453080][ T4582] overlayfs: upper fs needs to support d_type.
[  352.474389][ T4570] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  352.983260][  T282] EXT4-fs (loop3): unmounting filesystem.
[  353.958250][ T4605] loop3: detected capacity change from 0 to 512
[  353.986516][ T4607] loop4: detected capacity change from 0 to 512
[  353.994560][ T4607] /dev/loop4: Can't open blockdev
[  354.150498][ T4605] EXT4-fs (loop3): 1 truncate cleaned up
[  354.156255][ T4605] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  354.298932][ T4605] overlayfs: upper fs needs to support d_type.
[  354.426074][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  354.435790][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  354.567096][ T4621] netlink: 'syz.2.1051': attribute type 4 has an invalid length.
[  354.887836][ T4623] loop1: detected capacity change from 0 to 512
[  354.940224][ T4623] EXT4-fs (loop1): 1 truncate cleaned up
[  354.946008][ T4623] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  354.974241][ T4623] overlayfs: upper fs needs to support d_type.
[  355.014932][  T282] EXT4-fs (loop3): unmounting filesystem.
[  355.247509][ T4626] loop3: detected capacity change from 0 to 1024
[  355.271967][ T4626] EXT4-fs: Ignoring removed nomblk_io_submit option
[  355.344684][ T4630] loop2: detected capacity change from 0 to 1024
[  355.361148][ T4630] EXT4-fs: Ignoring removed nomblk_io_submit option
[  355.381348][  T284] EXT4-fs (loop1): unmounting filesystem.
[  355.392446][ T4626] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  355.502291][ T4630] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  355.635831][ T4638] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  356.149262][  T282] EXT4-fs (loop3): unmounting filesystem.
[  356.162291][ T4640] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1056'.
[  356.243007][ T4642] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  356.927442][  T286] EXT4-fs (loop2): unmounting filesystem.
[  356.946471][ T4644] random: crng reseeded on system resumption
[  357.317940][ T4644] loop3: detected capacity change from 0 to 256
[  357.335615][ T4644] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  357.358589][ T4649] loop2: detected capacity change from 0 to 1024
[  357.365726][ T4644] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  357.417498][ T4649] EXT4-fs: Ignoring removed nomblk_io_submit option
[  357.434343][ T4644] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  357.516810][ T4652] x_tables: duplicate underflow at hook 3
[  357.545207][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  357.554927][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  357.755913][ T4649] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  357.896346][ T4660] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  357.987521][ T4665] loop4: detected capacity change from 0 to 256
[  358.011066][ T4665] /dev/loop4: Can't open blockdev
[  358.197014][  T286] EXT4-fs (loop2): unmounting filesystem.
[  358.746771][ T4675] netlink: 'syz.2.1063': attribute type 4 has an invalid length.
[  359.457654][ T4689] loop2: detected capacity change from 0 to 1024
[  359.508801][ T4689] EXT4-fs: Ignoring removed nomblk_io_submit option
[  359.547318][ T4693] loop3: detected capacity change from 0 to 512
[  359.585586][ T4689] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  359.663923][ T4693] EXT4-fs (loop3): 1 truncate cleaned up
[  359.733948][ T4693] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  359.783823][ T4703] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4703 comm=syz.1.1070
[  359.843856][ T4704] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  360.665246][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  360.675044][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  360.684775][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  360.694431][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  360.929591][ T4693] overlayfs: upper fs needs to support d_type.
[  360.999259][  T286] EXT4-fs (loop2): unmounting filesystem.
[  361.733128][ T4714] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1071'.
[  361.743172][ T4712] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  361.750930][ T4712] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  361.760738][ T4712] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  361.773247][ T4712] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  361.781191][ T4712] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  362.182305][ T4719] loop2: detected capacity change from 0 to 512
[  362.199619][ T4719] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  362.219071][ T4719] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  362.622479][  T282] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[  362.645632][  T282] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[  362.667510][  T282] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[  362.685249][  T282] EXT4-fs (loop3): unmounting filesystem.
[  363.077360][ T4728] loop1: detected capacity change from 0 to 1024
[  363.084080][ T4728] EXT4-fs: Ignoring removed nomblk_io_submit option
[  363.092954][ T4726] loop2: detected capacity change from 0 to 40427
[  363.100062][ T4726] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  363.107856][ T4726] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  363.116150][  T320] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  363.124476][ T4726] F2FS-fs (loop2): invalid crc value
[  363.145035][ T4726] F2FS-fs (loop2): Found nat_bits in checkpoint
[  363.181425][ T4728] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  363.190216][ T4726] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  363.197913][ T4726] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  363.305794][ T4740] loop3: detected capacity change from 0 to 512
[  363.598458][  T320] usb 5-1: config 220 has an invalid interface number: 76 but max is 2
[  363.665574][ T4740] EXT4-fs (loop3): 1 truncate cleaned up
[  363.671308][ T4740] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  363.700252][ T4740] overlayfs: upper fs needs to support d_type.
[  363.819573][  T320] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  363.828617][  T320] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  363.839046][  T320] usb 5-1: config 220 has no interface number 2
[  363.845651][  T320] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  363.859276][  T320] usb 5-1: config 220 interface 0 has no altsetting 0
[  363.866367][  T320] usb 5-1: config 220 interface 76 has no altsetting 0
[  363.873384][  T320] usb 5-1: config 220 interface 1 has no altsetting 0
[  363.969477][  T320] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  363.984657][  T284] EXT4-fs (loop1): unmounting filesystem.
[  363.990068][  T320] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  364.000854][  T320] usb 5-1: Product: syz
[  364.005502][  T320] usb 5-1: Manufacturer: syz
[  364.010133][  T320] usb 5-1: SerialNumber: syz
[  364.019996][ T4749] netlink: 'syz.0.1080': attribute type 4 has an invalid length.
[  364.025312][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  364.044164][ T4752] random: crng reseeded on system resumption
[  364.065652][  T282] EXT4-fs (loop3): unmounting filesystem.
[  364.116787][ T4753] loop1: detected capacity change from 0 to 256
[  364.146281][ T4753] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  364.162208][ T4753] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  364.172380][ T4753] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  364.313586][  T320] usb 5-1: selecting invalid altsetting 0
[  364.332817][  T320] usb 5-1: Found UVC 7.01 device syz (8086:0b07)
[  364.341991][  T320] usb 5-1: No valid video chain found.
[  364.374665][  T320] usb 5-1: USB disconnect, device number 4
[  365.445401][ T4768] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4768 comm=syz.4.1084
[  366.275225][ T4772] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1086'.
[  366.978871][ T4777] x_tables: duplicate underflow at hook 3
[  367.282471][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  367.290370][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  367.300201][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  367.313540][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  367.321462][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  367.355273][ T4789] random: crng reseeded on system resumption
[  367.419101][ T4789] loop0: detected capacity change from 0 to 256
[  367.440374][ T4789] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  367.451446][ T4789] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  367.462742][ T4789] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  367.533626][ T4793] loop1: detected capacity change from 0 to 1024
[  367.550302][ T4793] EXT4-fs: Ignoring removed nomblk_io_submit option
[  367.566789][ T4793] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  368.343299][ T4803] netlink: 'syz.4.1093': attribute type 4 has an invalid length.
[  368.776080][  T284] EXT4-fs (loop1): unmounting filesystem.
[  368.916353][ T4811] loop1: detected capacity change from 0 to 1024
[  368.926188][ T4811] EXT4-fs: Ignoring removed nomblk_io_submit option
[  369.316364][ T4811] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  369.577852][ T4825] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  369.859134][  T284] EXT4-fs (loop1): unmounting filesystem.
[  369.871043][ T4826] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1098'.
[  369.940744][ T4833] random: crng reseeded on system resumption
[  369.987687][ T4836] loop1: detected capacity change from 0 to 256
[  370.003005][ T4836] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  370.023817][ T4836] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  370.045024][ T4836] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  370.065719][ T4821] x_tables: duplicate underflow at hook 3
[  370.102395][ T4828] x_tables: duplicate underflow at hook 3
[  370.415163][ T4849] x_tables: duplicate underflow at hook 3
[  370.651731][ T4852] loop3: detected capacity change from 0 to 1024
[  370.684302][ T4852] EXT4-fs: Ignoring removed nomblk_io_submit option
[  370.727769][ T4852] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  371.212819][ T4857] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  371.223214][ T4857] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  371.235847][ T4857] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  371.243724][ T4857] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  371.530678][  T282] EXT4-fs (loop3): unmounting filesystem.
[  373.188906][ T4886] random: crng reseeded on system resumption
[  374.614375][ T4905] loop4: detected capacity change from 0 to 1024
[  374.626382][ T4905] EXT4-fs: Ignoring removed nomblk_io_submit option
[  374.634748][ T4905] /dev/loop4: Can't open blockdev
[  375.031446][ T4908] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  375.038293][ T4910] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  375.339558][ T4914] loop0: detected capacity change from 0 to 1024
[  375.356493][ T4914] EXT4-fs: Ignoring removed nomblk_io_submit option
[  375.396728][ T4914] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  375.422291][ T4919] loop1: detected capacity change from 0 to 1024
[  375.436472][ T4919] EXT4-fs: Ignoring removed nomblk_io_submit option
[  375.559559][ T4919] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  375.706721][ T4931] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  375.771463][  T283] EXT4-fs (loop0): unmounting filesystem.
[  376.774462][ T4942] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  376.784699][ T4942] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  376.804088][ T4942] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  376.836088][ T4942] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  376.846933][ T4942] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  376.972437][  T284] EXT4-fs (loop1): unmounting filesystem.
[  379.518542][ T4963] loop3: detected capacity change from 0 to 512
[  379.710820][ T4963] EXT4-fs (loop3): 1 truncate cleaned up
[  379.716644][ T4963] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  379.755046][ T4946] overlayfs: upper fs needs to support d_type.
[  379.943446][ T4976] loop2: detected capacity change from 0 to 512
[  380.002695][ T4976] EXT4-fs (loop2): 1 truncate cleaned up
[  380.008462][ T4976] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  380.033396][ T4978] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  380.060163][ T4976] overlayfs: upper fs needs to support d_type.
[  380.363124][  T282] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[  380.387735][  T282] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[  380.407442][  T282] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[  380.481523][ T4983] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  380.739528][  T282] EXT4-fs (loop3): unmounting filesystem.
[  380.812458][ T4987] loop3: detected capacity change from 0 to 1024
[  380.835024][ T4987] EXT4-fs: Ignoring removed nomblk_io_submit option
[  380.876377][ T4987] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  380.962456][  T286] EXT4-fs (loop2): unmounting filesystem.
[  381.348742][ T5001] loop0: detected capacity change from 0 to 512
[  381.392887][ T5001] EXT4-fs (loop0): 1 truncate cleaned up
[  381.398662][ T5001] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  381.433084][ T5001] overlayfs: upper fs needs to support d_type.
[  381.697918][  T282] EXT4-fs (loop3): unmounting filesystem.
[  381.793380][ T5004] x_tables: duplicate underflow at hook 3
[  381.908769][  T283] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[  381.944739][ T5007] x_tables: duplicate underflow at hook 3
[  381.944893][  T283] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[  381.987331][  T283] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[  382.036805][  T283] EXT4-fs (loop0): unmounting filesystem.
[  382.048296][ T5019] loop4: detected capacity change from 0 to 1024
[  382.064296][ T5021] random: crng reseeded on system resumption
[  382.156594][ T5025] loop1: detected capacity change from 0 to 512
[  382.197595][ T5019] EXT4-fs: Ignoring removed nomblk_io_submit option
[  382.228734][ T5019] /dev/loop4: Can't open blockdev
[  382.249565][ T5025] EXT4-fs (loop1): 1 truncate cleaned up
[  382.255466][ T5025] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  382.285488][ T5025] overlayfs: upper fs needs to support d_type.
[  382.330117][ T5029] loop3: detected capacity change from 0 to 256
[  382.425807][ T5029] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  382.445346][ T5029] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  382.470820][ T5029] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  382.517695][ T5032] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  382.951213][ T5037] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5037 comm=syz.2.1153
[  383.282472][  T284] EXT4-fs (loop1): unmounting filesystem.
[  383.838644][ T5043] loop3: detected capacity change from 0 to 1024
[  383.866674][ T5043] EXT4-fs: Ignoring removed nomblk_io_submit option
[  383.909463][ T5043] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  384.151697][ T5055] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  384.367163][ T5056] loop2: detected capacity change from 0 to 512
[  384.385607][ T5056] EXT4-fs (loop2): 1 truncate cleaned up
[  384.391319][ T5056] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  384.420638][ T5056] overlayfs: upper fs needs to support d_type.
[  384.920056][  T286] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[  384.938321][  T286] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[  384.941084][  T282] EXT4-fs (loop3): unmounting filesystem.
[  384.972925][  T286] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[  385.014279][  T286] EXT4-fs (loop2): unmounting filesystem.
[  385.191142][ T5062] x_tables: duplicate underflow at hook 3
[  385.229413][ T5077] loop2: detected capacity change from 0 to 512
[  385.262090][ T5077] EXT4-fs (loop2): 1 truncate cleaned up
[  385.267867][ T5077] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  385.355335][ T5080] loop3: detected capacity change from 0 to 512
[  385.367715][ T5077] overlayfs: upper fs needs to support d_type.
[  385.516293][ T5080] EXT4-fs (loop3): 1 truncate cleaned up
[  385.522046][ T5080] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  385.552523][ T5080] overlayfs: upper fs needs to support d_type.
[  385.670302][ T5083] random: crng reseeded on system resumption
[  385.868131][ T5086] loop1: detected capacity change from 0 to 1024
[  385.876127][ T5086] EXT4-fs: Ignoring removed nomblk_io_submit option
[  385.886555][ T5086] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  386.077468][ T5091] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  386.489297][  T286] EXT4-fs (loop2): unmounting filesystem.
[  386.678536][  T282] EXT4-fs (loop3): unmounting filesystem.
[  386.742802][  T284] EXT4-fs (loop1): unmounting filesystem.
[  386.887136][ T5101] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  386.896889][ T5101] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  386.909459][ T5101] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  386.917402][ T5101] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  387.051564][ T5111] loop3: detected capacity change from 0 to 128
[  388.609305][ T5132] loop2: detected capacity change from 0 to 1024
[  388.647316][ T5132] EXT4-fs: Ignoring removed nomblk_io_submit option
[  388.748611][ T5132] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  388.914868][ T5137] loop1: detected capacity change from 0 to 1024
[  388.945208][ T5137] EXT4-fs: Ignoring removed nomblk_io_submit option
[  389.812463][  T286] EXT4-fs (loop2): unmounting filesystem.
[  389.840237][ T5137] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  389.955966][ T5145] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  389.966192][ T5145] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  389.978309][ T5145] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  389.989310][ T5145] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  390.042412][ T5152] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  390.630562][ T5156] overlayfs: missing 'lowerdir'
[  390.631355][  T284] EXT4-fs (loop1): unmounting filesystem.
[  390.788244][ T5148] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  390.798867][ T5148] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  390.817518][ T5148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  390.826908][ T5148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  390.936929][ T5170] loop4: detected capacity change from 0 to 512
[  390.944940][ T5170] /dev/loop4: Can't open blockdev
[  391.044998][ T4449] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  391.492199][ T5178] random: crng reseeded on system resumption
[  391.523413][ T5175] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  391.533593][ T5175] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  391.545804][ T5175] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  391.553720][ T5175] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  391.607838][ T5181] loop1: detected capacity change from 0 to 1024
[  391.641369][ T5181] EXT4-fs: Ignoring removed nomblk_io_submit option
[  391.696730][ T5181] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  392.926355][ T5194] loop2: detected capacity change from 0 to 512
[  392.954345][  T284] EXT4-fs (loop1): unmounting filesystem.
[  392.991350][ T5194] EXT4-fs (loop2): 1 truncate cleaned up
[  392.997556][ T5194] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  393.008505][ T5186] overlayfs: upper fs needs to support d_type.
[  393.223605][ T5207] loop4: detected capacity change from 0 to 512
[  393.230455][ T5207] /dev/loop4: Can't open blockdev
[  393.249481][ T5208] loop1: detected capacity change from 0 to 512
[  393.610533][ T5208] EXT4-fs (loop1): 1 truncate cleaned up
[  393.616428][ T5208] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  393.649285][ T5208] overlayfs: upper fs needs to support d_type.
[  393.730622][  T286] EXT4-fs (loop2): unmounting filesystem.
[  393.731747][ T4449] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  394.014838][  T284] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[  394.029808][  T284] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[  394.044317][  T284] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[  394.063490][  T284] EXT4-fs (loop1): unmounting filesystem.
[  394.167425][ T5226] loop0: detected capacity change from 0 to 1024
[  394.195352][ T5226] EXT4-fs: Ignoring removed nomblk_io_submit option
[  394.233287][ T5226] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  394.234820][ T5220] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  394.367757][ T5220] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  394.410891][ T5234] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  394.636085][ T5220] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  394.676579][ T5220] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  394.736600][ T5236] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1201'.
[  395.206678][  T283] EXT4-fs (loop0): unmounting filesystem.
[  395.498705][ T5246] loop3: detected capacity change from 0 to 1024
[  395.536631][ T5246] EXT4-fs: Ignoring removed nomblk_io_submit option
[  395.668549][ T5246] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  396.608973][ T5264] loop2: detected capacity change from 0 to 1024
[  396.652333][ T5264] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  397.182716][ T5264] EXT4-fs error (device loop2): ext4_get_journal_inode:5743: comm syz.2.1209: inode #4294967295: comm syz.2.1209: iget: illegal inode #
[  397.212662][ T5264] EXT4-fs (loop2): no journal found
[  397.268697][  T282] EXT4-fs (loop3): unmounting filesystem.
[  397.366454][ T5264] EXT4-fs (loop2): can't get journal size
[  397.489295][ T5271] loop0: detected capacity change from 0 to 1024
[  397.525683][ T5271] EXT4-fs: Ignoring removed nomblk_io_submit option
[  397.534822][ T5264] EXT4-fs (loop2): failed to initialize system zone (-22)
[  397.546030][ T5264] EXT4-fs (loop2): mount failed
[  397.670322][ T5280] loop1: detected capacity change from 0 to 512
[  397.704199][ T5280] EXT4-fs (loop1): 1 truncate cleaned up
[  397.710107][ T5280] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  397.722335][ T5280] overlayfs: upper fs needs to support d_type.
[  397.729828][ T5271] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  398.791838][  T284] EXT4-fs (loop1): unmounting filesystem.
[  398.841223][ T5294] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  398.850679][ T5296] loop1: detected capacity change from 0 to 1024
[  398.865778][ T5296] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  398.876315][ T5296] EXT4-fs error (device loop1): ext4_get_journal_inode:5743: comm syz.1.1216: inode #4294967295: comm syz.1.1216: iget: illegal inode #
[  398.890588][ T5296] EXT4-fs (loop1): no journal found
[  398.896070][ T5296] EXT4-fs (loop1): can't get journal size
[  398.904449][ T5296] EXT4-fs (loop1): failed to initialize system zone (-22)
[  398.911849][ T5296] EXT4-fs (loop1): mount failed
[  398.998166][  T283] EXT4-fs (loop0): unmounting filesystem.
[  399.028561][   T28] audit: type=1400 audit(1775009794.571:222): avc:  denied  { write } for  pid=5300 comm="syz.4.1218" name="001" dev="devtmpfs" ino=188 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  401.462920][ T5320] loop1: detected capacity change from 0 to 1024
[  401.486891][ T5320] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  401.505659][ T5320] EXT4-fs error (device loop1): ext4_get_journal_inode:5743: comm syz.1.1221: inode #4294967295: comm syz.1.1221: iget: illegal inode #
[  401.655410][   T28] audit: type=1400 audit(1775009797.171:223): avc:  denied  { write } for  pid=5325 comm="syz.0.1225" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  401.787804][ T5320] EXT4-fs (loop1): no journal found
[  401.793047][ T5320] EXT4-fs (loop1): can't get journal size
[  401.805265][ T5320] EXT4-fs (loop1): failed to initialize system zone (-22)
[  401.812478][ T5320] EXT4-fs (loop1): mount failed
[  402.559722][ T5342] loop1: detected capacity change from 0 to 1024
[  402.595426][ T5342] EXT4-fs: Ignoring removed nomblk_io_submit option
[  402.655949][ T5342] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  403.750288][ T5353] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1230'.
[  403.845430][  T284] EXT4-fs (loop1): unmounting filesystem.
[  404.492891][ T5363] loop3: detected capacity change from 0 to 1024
[  404.508897][ T5363] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  404.519973][ T5363] EXT4-fs error (device loop3): ext4_get_journal_inode:5743: comm syz.3.1233: inode #4294967295: comm syz.3.1233: iget: illegal inode #
[  404.534032][ T5363] EXT4-fs (loop3): no journal found
[  404.547612][ T5363] EXT4-fs (loop3): can't get journal size
[  404.558554][ T5363] EXT4-fs (loop3): failed to initialize system zone (-22)
[  404.566016][ T5363] EXT4-fs (loop3): mount failed
[  404.724811][ T5368] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  404.732477][ T5368] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  404.742270][ T5368] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  404.754852][ T5368] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  404.762745][ T5368] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  405.100582][ T5374] loop0: detected capacity change from 0 to 512
[  405.294802][ T5374] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  405.308868][ T5365] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  405.339937][ T5365] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  405.355181][ T5374] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  405.401551][ T5365] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  405.494471][ T5365] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  405.649980][ T5385] loop0: detected capacity change from 0 to 40427
[  405.662189][ T5385] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  405.669983][ T5385] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  405.678582][ T5385] F2FS-fs (loop0): invalid crc value
[  405.700417][ T5385] F2FS-fs (loop0): Found nat_bits in checkpoint
[  405.738925][ T5385] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  405.746065][ T5385] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  405.839223][ T5395] loop1: detected capacity change from 0 to 1024
[  405.854828][ T5395] EXT4-fs: Ignoring removed nomblk_io_submit option
[  405.921312][ T5395] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  406.245321][   T28] audit: type=1400 audit(1775009801.781:224): avc:  denied  { read } for  pid=5403 comm="syz.0.1242" path="socket:[36491]" dev="sockfs" ino=36491 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  406.304049][   T28] audit: type=1400 audit(1775009801.841:225): avc:  denied  { read write } for  pid=5403 comm="syz.0.1242" name="ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  406.485858][   T28] audit: type=1400 audit(1775009801.841:226): avc:  denied  { open } for  pid=5403 comm="syz.0.1242" path="/dev/ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  406.513490][   T28] audit: type=1400 audit(1775009801.871:227): avc:  denied  { write } for  pid=5403 comm="syz.0.1242" path="socket:[35397]" dev="sockfs" ino=35397 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  406.689223][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  406.699184][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  406.711737][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  406.719931][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  406.810035][  T284] EXT4-fs (loop1): unmounting filesystem.
[  406.949887][ T5417] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  406.959928][ T5417] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  406.972413][ T5417] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  406.980472][ T5417] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  407.063397][ T5419] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1246'.
[  408.357899][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  408.491681][ T5423] netlink: 'syz.1.1247': attribute type 4 has an invalid length.
[  408.787005][ T5428] hub 9-0:1.0: USB hub found
[  409.521897][ T5428] hub 9-0:1.0: 1 port detected
[  409.614661][ T5435] loop1: detected capacity change from 0 to 512
[  409.623419][ T5433] loop3: detected capacity change from 0 to 1024
[  409.641844][ T5433] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  409.656015][ T5433] EXT4-fs error (device loop3): ext4_get_journal_inode:5743: comm syz.3.1249: inode #4294967295: comm syz.3.1249: iget: illegal inode #
[  409.670146][ T5433] EXT4-fs (loop3): no journal found
[  409.675436][ T5433] EXT4-fs (loop3): can't get journal size
[  409.701021][ T5435] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  409.721901][ T5433] EXT4-fs (loop3): failed to initialize system zone (-22)
[  409.742442][   T43] Bluetooth: hci0: Frame reassembly failed (-84)
[  409.749524][ T5435] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  409.755946][ T5433] EXT4-fs (loop3): mount failed
[  410.370107][ T5448] loop1: detected capacity change from 0 to 40427
[  410.380909][ T5448] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  410.388763][ T5448] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  410.687633][ T5448] F2FS-fs (loop1): invalid crc value
[  410.705044][ T5453] loop0: detected capacity change from 0 to 1024
[  410.722461][ T5453] EXT4-fs: Ignoring removed nomblk_io_submit option
[  410.733398][ T5448] F2FS-fs (loop1): Found nat_bits in checkpoint
[  410.771452][ T5448] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  410.772690][ T5453] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  410.778687][ T5448] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  410.888233][ T5462] loop3: detected capacity change from 0 to 1024
[  410.921934][ T5462] EXT4-fs: Ignoring removed nomblk_io_submit option
[  410.957545][ T5465] loop2: detected capacity change from 0 to 1024
[  410.974987][ T5462] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  411.020786][   T28] audit: type=1400 audit(1775009806.561:228): avc:  denied  { connect } for  pid=5467 comm="syz.1.1258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  411.045886][ T5465] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  411.071269][ T5465] EXT4-fs error (device loop2): ext4_get_journal_inode:5743: comm syz.2.1257: inode #4294967295: comm syz.2.1257: iget: illegal inode #
[  411.091976][ T5465] EXT4-fs (loop2): no journal found
[  411.097265][ T5465] EXT4-fs (loop2): can't get journal size
[  411.107650][ T5465] EXT4-fs (loop2): failed to initialize system zone (-22)
[  411.115022][ T5465] EXT4-fs (loop2): mount failed
[  411.311442][ T5478] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1259'.
[  412.408577][ T5406] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  412.963479][  T283] EXT4-fs (loop0): unmounting filesystem.
[  412.970074][  T282] EXT4-fs (loop3): unmounting filesystem.
[  413.012673][ T5492] netlink: 'syz.1.1262': attribute type 4 has an invalid length.
[  413.137694][ T5494] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  413.148396][ T5494] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  413.169246][ T5494] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  413.197792][ T5494] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  413.345084][ T5505] x_tables: duplicate underflow at hook 3
[  413.877281][ T5517] loop1: detected capacity change from 0 to 512
[  413.887081][ T5517] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  413.896300][ T5517] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  414.158339][ T5521] loop0: detected capacity change from 0 to 1024
[  414.168557][ T5521] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  414.178360][ T5521] EXT4-fs error (device loop0): ext4_get_journal_inode:5743: comm syz.0.1270: inode #4294967295: comm syz.0.1270: iget: illegal inode #
[  414.179943][ T5519] loop1: detected capacity change from 0 to 40427
[  414.197290][ T5521] EXT4-fs (loop0): no journal found
[  414.205161][ T5519] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  414.212918][ T5519] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  414.221548][ T5519] F2FS-fs (loop1): invalid crc value
[  414.223581][ T5521] EXT4-fs (loop0): can't get journal size
[  414.253713][ T5519] F2FS-fs (loop1): Found nat_bits in checkpoint
[  414.289447][ T5521] EXT4-fs (loop0): failed to initialize system zone (-22)
[  414.296691][ T5521] EXT4-fs (loop0): mount failed
[  414.315817][ T5519] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  414.322915][ T5519] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  414.345773][ T5529] netlink: 'syz.3.1271': attribute type 4 has an invalid length.
[  414.585231][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  414.853502][ T5535] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1272'.
[  415.145211][ T5406] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  415.427824][ T5538] loop0: detected capacity change from 0 to 1024
[  415.476906][ T5538] EXT4-fs: Ignoring removed nomblk_io_submit option
[  415.544890][ T5542] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  415.556188][ T5542] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  415.568900][ T5542] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  415.576974][ T5542] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  415.638222][ T5538] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  415.661903][ T5547] loop1: detected capacity change from 0 to 1024
[  415.795740][ T5547] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  415.806839][ T5547] EXT4-fs error (device loop1): ext4_get_journal_inode:5743: comm syz.1.1273: inode #4294967295: comm syz.1.1273: iget: illegal inode #
[  415.821102][ T5547] EXT4-fs (loop1): no journal found
[  415.826505][ T5547] EXT4-fs (loop1): can't get journal size
[  415.833043][ T5547] EXT4-fs (loop1): failed to initialize system zone (-22)
[  415.840923][ T5547] EXT4-fs (loop1): mount failed
[  415.853425][ T5554] loop2: detected capacity change from 0 to 1024
[  415.871325][ T5554] EXT4-fs: Ignoring removed nomblk_io_submit option
[  415.936427][ T5554] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  415.958832][ T5554] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  416.003154][ T5554] System zones: 0-1, 3-36
[  416.013955][ T5554] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  417.273714][ T5566] netlink: 'syz.1.1279': attribute type 4 has an invalid length.
[  417.329375][  T286] EXT4-fs (loop2): unmounting filesystem.
[  417.420126][   T43] Bluetooth: hci0: Frame reassembly failed (-84)
[  417.428783][ T5571] Bluetooth: hci0: Frame reassembly failed (-84)
[  417.455279][ T5571] Bluetooth: hci0: Frame reassembly failed (-84)
[  417.481091][  T283] EXT4-fs (loop0): unmounting filesystem.
[  417.629998][ T5578] loop4: detected capacity change from 0 to 512
[  417.647089][ T5578] /dev/loop4: Can't open blockdev
[  418.114829][ T5584] hub 9-0:1.0: USB hub found
[  418.119708][ T5584] hub 9-0:1.0: 1 port detected
[  418.142310][ T5582] loop4: detected capacity change from 0 to 40427
[  418.161877][ T5588] loop1: detected capacity change from 0 to 1024
[  418.168687][ T5588] EXT4-fs: Ignoring removed nomblk_io_submit option
[  418.186555][ T4450] I/O error, dev loop4, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  418.210314][ T5588] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  418.429967][ T5592] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  418.653032][   T43] Bluetooth: hci1: Frame reassembly failed (-84)
[  418.666526][ T5594] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  418.677878][ T5594] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  418.692168][ T5594] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  418.700401][ T5594] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  418.968172][ T5602] hub 9-0:1.0: USB hub found
[  418.973445][ T5602] hub 9-0:1.0: 1 port detected
[  419.100100][  T284] EXT4-fs (loop1): unmounting filesystem.
[  419.119523][ T5607] loop1: detected capacity change from 0 to 1024
[  419.137089][ T5607] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  419.158524][ T5607] EXT4-fs error (device loop1): ext4_get_journal_inode:5743: comm syz.1.1293: inode #4294967295: comm syz.1.1293: iget: illegal inode #
[  419.172832][ T5607] EXT4-fs (loop1): no journal found
[  419.178308][ T5607] EXT4-fs (loop1): can't get journal size
[  419.184437][ T5607] EXT4-fs (loop1): failed to initialize system zone (-22)
[  419.191698][ T5607] EXT4-fs (loop1): mount failed
[  419.465195][ T5500] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  419.585445][ T5612] hub 9-0:1.0: USB hub found
[  419.590213][ T5612] hub 9-0:1.0: 1 port detected
[  419.846524][   T43] Bluetooth: hci0: Frame reassembly failed (-84)
[  419.924027][ T5625] netlink: 'syz.0.1296': attribute type 4 has an invalid length.
[  419.993458][ T5627] Bluetooth: hci2: Frame reassembly failed (-84)
[  420.000341][ T5627] Bluetooth: hci2: Frame reassembly failed (-84)
[  420.022940][ T5629] hub 9-0:1.0: USB hub found
[  420.027806][ T5629] hub 9-0:1.0: 1 port detected
[  420.092277][ T5631] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  420.100258][ T5631] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  420.109591][ T5631] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  420.121128][ T5631] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  420.128889][ T5631] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  420.172104][ T5633] loop1: detected capacity change from 0 to 1024
[  420.179943][ T5633] EXT4-fs: Ignoring removed nomblk_io_submit option
[  420.187143][ T5633] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  420.199552][ T5633] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  420.207821][ T5633] System zones: 0-1, 3-36
[  420.213594][ T5633] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  420.665180][ T5406] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  420.665617][ T5407] Bluetooth: hci1: command 0x1003 tx timeout
[  420.731193][ T5642] loop0: detected capacity change from 0 to 1024
[  420.750306][ T5642] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  420.763391][ T5642] EXT4-fs error (device loop0): ext4_get_journal_inode:5743: comm syz.0.1304: inode #4294967295: comm syz.0.1304: iget: illegal inode #
[  420.778007][ T5642] EXT4-fs (loop0): no journal found
[  420.787095][ T5642] EXT4-fs (loop0): can't get journal size
[  420.793321][ T5642] EXT4-fs (loop0): failed to initialize system zone (-22)
[  420.800731][ T5642] EXT4-fs (loop0): mount failed
[  421.749271][ T5645] hub 9-0:1.0: USB hub found
[  421.782963][ T5645] hub 9-0:1.0: 1 port detected
[  422.538067][ T5500] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  422.544423][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  422.550722][ T5638] Bluetooth: hci0: command 0x1003 tx timeout
[  422.561573][  T284] EXT4-fs (loop1): unmounting filesystem.
[  423.464253][ T5665] loop0: detected capacity change from 0 to 1024
[  423.482910][ T5665] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  424.168885][ T5660] hub 9-0:1.0: USB hub found
[  424.173879][ T5660] hub 9-0:1.0: 1 port detected
[  424.183692][   T28] audit: type=1400 audit(1775009819.731:229): avc:  denied  { ioctl } for  pid=5656 comm="syz.2.1309" path="socket:[35723]" dev="sockfs" ino=35723 ioctlcmd=0x48dd scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  424.276171][ T5665] EXT4-fs error (device loop0): ext4_get_journal_inode:5743: comm syz.0.1310: inode #4294967295: comm syz.0.1310: iget: illegal inode #
[  424.580385][ T5676] loop2: detected capacity change from 0 to 1024
[  424.623835][ T5678] loop4: detected capacity change from 0 to 1024
[  424.631512][ T5678] EXT4-fs: Ignoring removed nomblk_io_submit option
[  424.638380][ T5678] /dev/loop4: Can't open blockdev
[  424.651836][ T5665] EXT4-fs (loop0): no journal found
[  424.662418][ T5665] EXT4-fs (loop0): can't get journal size
[  424.669138][ T5676] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  424.684305][ T5676] EXT4-fs error (device loop2): ext4_get_journal_inode:5743: comm syz.2.1313: inode #4294967295: comm syz.2.1313: iget: illegal inode #
[  424.698593][ T5676] EXT4-fs (loop2): no journal found
[  424.705382][ T5676] EXT4-fs (loop2): can't get journal size
[  424.728935][ T5665] EXT4-fs (loop0): failed to initialize system zone (-22)
[  424.736894][ T5665] EXT4-fs (loop0): mount failed
[  424.742158][ T5676] EXT4-fs (loop2): failed to initialize system zone (-22)
[  424.749666][ T5676] EXT4-fs (loop2): mount failed
[  424.896856][ T5688] netlink: 'syz.1.1314': attribute type 4 has an invalid length.
[  425.072633][ T5690] loop4: detected capacity change from 0 to 512
[  425.307511][ T5687] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  425.315554][ T5687] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  425.329762][ T5687] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  425.351503][ T5687] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  425.360798][ T5687] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  425.676602][ T5694] loop3: detected capacity change from 0 to 1024
[  426.721485][ T5694] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  426.750514][ T5694] EXT4-fs error (device loop3): ext4_get_journal_inode:5743: comm syz.3.1318: inode #4294967295: comm syz.3.1318: iget: illegal inode #
[  426.765055][ T5694] EXT4-fs (loop3): no journal found
[  426.796964][ T5694] EXT4-fs (loop3): can't get journal size
[  427.104206][ T5694] EXT4-fs (loop3): failed to initialize system zone (-22)
[  427.112783][ T5701] loop2: detected capacity change from 0 to 1024
[  427.123061][ T5694] EXT4-fs (loop3): mount failed
[  427.155870][ T5701] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  427.225411][ T5701] EXT4-fs error (device loop2): ext4_get_journal_inode:5743: comm syz.2.1320: inode #4294967295: comm syz.2.1320: iget: illegal inode #
[  427.239484][ T5701] EXT4-fs (loop2): no journal found
[  427.244695][ T5701] EXT4-fs (loop2): can't get journal size
[  427.250738][ T5701] EXT4-fs (loop2): failed to initialize system zone (-22)
[  427.267403][ T5701] EXT4-fs (loop2): mount failed
[  427.334180][ T5706] hub 9-0:1.0: USB hub found
[  427.339288][ T5706] hub 9-0:1.0: 1 port detected
[  428.722688][ T5726] loop1: detected capacity change from 0 to 1024
[  428.741447][ T5726] EXT4-fs: Ignoring removed nomblk_io_submit option
[  428.753333][ T5728] loop0: detected capacity change from 0 to 1024
[  428.786057][ T5726] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  428.797571][ T5728] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  428.827074][ T5730] loop3: detected capacity change from 0 to 512
[  428.839849][ T5728] EXT4-fs error (device loop0): ext4_get_journal_inode:5743: comm syz.0.1327: inode #4294967295: comm syz.0.1327: iget: illegal inode #
[  429.145159][ T5736] netlink: 'syz.2.1323': attribute type 4 has an invalid length.
[  429.164933][ T5728] EXT4-fs (loop0): no journal found
[  429.170824][ T5728] EXT4-fs (loop0): can't get journal size
[  429.333518][ T5738] netlink: 'syz.4.1329': attribute type 4 has an invalid length.
[  429.357904][ T5730] EXT4-fs (loop3): 1 truncate cleaned up
[  429.363633][ T5730] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  429.374158][ T5730] overlayfs: upper fs needs to support d_type.
[  429.394474][ T5726] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  429.402792][ T5726] System zones: 0-1, 3-36
[  429.408690][ T5726] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  429.474198][ T5728] EXT4-fs (loop0): failed to initialize system zone (-22)
[  429.481438][ T5728] EXT4-fs (loop0): mount failed
[  429.520576][  T282] EXT4-fs (loop3): unmounting filesystem.
[  430.076604][ T5746] loop3: detected capacity change from 0 to 1024
[  430.083579][ T5746] EXT4-fs: Ignoring removed nomblk_io_submit option
[  430.206765][  T284] EXT4-fs (loop1): unmounting filesystem.
[  430.218280][   T43] Bluetooth: hci0: Frame reassembly failed (-84)
[  430.253616][ T5746] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  430.300960][ T5760] netlink: 'syz.2.1331': attribute type 4 has an invalid length.
[  430.736378][  T282] EXT4-fs (loop3): unmounting filesystem.
[  430.820137][ T5772] hub 9-0:1.0: USB hub found
[  430.826049][ T5772] hub 9-0:1.0: 1 port detected
[  431.144853][ T5778] hub 9-0:1.0: USB hub found
[  431.150230][ T5778] hub 9-0:1.0: 1 port detected
[  431.637902][   T28] audit: type=1400 audit(1775009827.181:230): avc:  denied  { write } for  pid=5786 comm="syz.0.1340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  431.847124][ T5790] loop3: detected capacity change from 0 to 1024
[  431.872963][ T5790] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  431.895314][ T5790] EXT4-fs error (device loop3): ext4_get_journal_inode:5743: comm syz.3.1342: inode #4294967295: comm syz.3.1342: iget: illegal inode #
[  431.910302][ T5790] EXT4-fs (loop3): no journal found
[  431.915859][ T5790] EXT4-fs (loop3): can't get journal size
[  431.921994][ T5790] EXT4-fs (loop3): failed to initialize system zone (-22)
[  431.929392][ T5790] EXT4-fs (loop3): mount failed
[  432.684448][ T5793] netlink: 'syz.0.1341': attribute type 4 has an invalid length.
[  432.696570][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  434.140338][ T5805] loop1: detected capacity change from 0 to 1024
[  434.171132][ T5805] EXT4-fs: Ignoring removed nomblk_io_submit option
[  434.179703][ T5808] loop4: detected capacity change from 0 to 1024
[  434.201744][ T5805] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  434.225590][ T5808] EXT4-fs: Ignoring removed nomblk_io_submit option
[  434.236758][ T5808] /dev/loop4: Can't open blockdev
[  434.249332][ T5805] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  434.257608][ T5805] System zones: 0-1
[  434.257627][ T5813] loop2: detected capacity change from 0 to 1024
[  434.257630][ T5805] , 3-36
[  434.261647][ T5813] EXT4-fs: Ignoring removed nomblk_io_submit option
[  434.277402][ T5805] 
[  434.280150][ T5813] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  434.292617][ T5672] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  434.294201][ T5813] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  434.310504][ T5813] System zones: 0-1, 3-36
[  434.315838][ T5813] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  434.344923][ T5817] netlink: 'syz.0.1347': attribute type 4 has an invalid length.
[  434.446887][ T5805] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  435.323419][ T5821] loop4: detected capacity change from 0 to 512
[  435.908883][  T286] EXT4-fs (loop2): unmounting filesystem.
[  437.123713][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  437.212081][ T5500] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  437.252841][  T284] EXT4-fs (loop1): unmounting filesystem.
[  437.311175][ T5839] hub 9-0:1.0: USB hub found
[  437.317430][ T5839] hub 9-0:1.0: 1 port detected
[  438.041191][ T5846] hub 9-0:1.0: USB hub found
[  438.183671][ T2505] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  438.191620][   T28] audit: type=1400 audit(1775009833.721:231): avc:  denied  { write } for  pid=5841 comm="syz.1.1356" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  438.407548][ T5846] hub 9-0:1.0: 1 port detected
[  438.503666][ T5852] loop1: detected capacity change from 0 to 1024
[  438.598125][ T5852] EXT4-fs: Ignoring removed nomblk_io_submit option
[  438.606233][ T2505] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  438.616116][ T5852] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  438.617814][ T2505] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  438.633054][ T5852] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  438.866680][ T5860] netlink: 'syz.4.1359': attribute type 4 has an invalid length.
[  438.875424][ T5862] netlink: 'syz.0.1357': attribute type 4 has an invalid length.
[  438.884059][ T5852] System zones: 0-1, 3-36
[  438.889412][ T2505] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  438.901330][ T2505] usb 3-1: config 220 has no interface number 2
[  438.907853][ T2505] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  438.921048][ T2505] usb 3-1: config 220 interface 0 has no altsetting 0
[  438.927913][ T2505] usb 3-1: config 220 interface 76 has no altsetting 0
[  438.934833][ T2505] usb 3-1: config 220 interface 1 has no altsetting 0
[  438.973187][ T2505] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  438.993696][ T5852] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  439.055906][ T2505] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.224818][ T2505] usb 3-1: Product: syz
[  439.230242][ T2505] usb 3-1: Manufacturer: syz
[  439.234993][ T2505] usb 3-1: SerialNumber: syz
[  439.504132][ T2505] usb 3-1: selecting invalid altsetting 0
[  439.560514][ T2505] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  439.671127][ T2505] usb 3-1: No valid video chain found.
[  439.699683][  T284] EXT4-fs (loop1): unmounting filesystem.
[  439.723006][ T5874] loop3: detected capacity change from 0 to 512
[  439.745292][ T2505] usb 3-1: USB disconnect, device number 2
[  440.009367][ T5874] EXT4-fs (loop3): 1 truncate cleaned up
[  440.039212][ T5874] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  440.287965][ T5874] overlayfs: upper fs needs to support d_type.
[  440.313286][ T5884] device syzkaller0 entered promiscuous mode
[  440.630557][ T5889] loop0: detected capacity change from 0 to 1024
[  440.650087][ T5889] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  440.664534][ T5889] EXT4-fs error (device loop0): ext4_get_journal_inode:5743: comm syz.0.1366: inode #4294967295: comm syz.0.1366: iget: illegal inode #
[  440.694164][ T5889] EXT4-fs (loop0): no journal found
[  440.700916][ T5889] EXT4-fs (loop0): can't get journal size
[  440.715476][ T5889] EXT4-fs (loop0): failed to initialize system zone (-22)
[  440.725332][ T5889] EXT4-fs (loop0): mount failed
[  440.870987][ T5891] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  440.886198][ T5891] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  440.920447][ T5891] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  440.979714][ T5891] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  440.995081][ T5891] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  441.367147][  T282] EXT4-fs (loop3): unmounting filesystem.
[  443.171090][ T5917] netlink: 'syz.0.1372': attribute type 4 has an invalid length.
[  443.975166][ T5923] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5923 comm=syz.2.1373
[  444.636868][ T5928] netlink: 'syz.3.1371': attribute type 4 has an invalid length.
[  445.094422][ T5937] loop0: detected capacity change from 0 to 1024
[  445.149564][ T5937] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  445.197717][ T5937] EXT4-fs error (device loop0): ext4_get_journal_inode:5743: comm syz.0.1378: inode #4294967295: comm syz.0.1378: iget: illegal inode #
[  445.212514][ T5937] EXT4-fs (loop0): no journal found
[  445.219037][ T5937] EXT4-fs (loop0): can't get journal size
[  445.247618][ T5937] EXT4-fs (loop0): failed to initialize system zone (-22)
[  445.263092][ T5937] EXT4-fs (loop0): mount failed
[  445.302572][ T5941] loop1: detected capacity change from 0 to 1024
[  445.499864][ T5941] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  445.519743][ T5941] EXT4-fs error (device loop1): ext4_get_journal_inode:5743: comm syz.1.1380: inode #4294967295: comm syz.1.1380: iget: illegal inode #
[  445.856788][ T5941] EXT4-fs (loop1): no journal found
[  445.870094][ T5941] EXT4-fs (loop1): can't get journal size
[  445.915255][ T5941] EXT4-fs (loop1): failed to initialize system zone (-22)
[  445.924555][ T5941] EXT4-fs (loop1): mount failed
[  446.142052][ T5952] hub 9-0:1.0: USB hub found
[  446.147350][ T5952] hub 9-0:1.0: 1 port detected
[  446.507326][ T5955] loop3: detected capacity change from 0 to 1024
[  446.514118][ T5955] EXT4-fs: Ignoring removed nomblk_io_submit option
[  446.529241][ T5955] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  446.558757][ T5955] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  446.578016][ T5955] System zones: 0-1, 3-36
[  446.589274][ T5955] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  448.891260][  T282] EXT4-fs (loop3): unmounting filesystem.
[  448.907487][ T5974] random: crng reseeded on system resumption
[  448.934658][ T5974] loop1: detected capacity change from 0 to 256
[  448.941657][ T5974] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  448.960253][ T5976] device syzkaller0 entered promiscuous mode
[  448.983984][ T5974] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  449.007245][ T5974] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  449.305227][    C0] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  449.335869][ T5982] netlink: 'syz.0.1387': attribute type 4 has an invalid length.
[  450.666660][ T5996] netlink: 'syz.1.1393': attribute type 4 has an invalid length.
[  452.083734][ T6000] hub 9-0:1.0: USB hub found
[  452.088844][ T6000] hub 9-0:1.0: 1 port detected
[  453.068550][ T6010] loop3: detected capacity change from 0 to 1024
[  453.152582][ T6010] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  453.975127][ T6014] hub 9-0:1.0: USB hub found
[  453.980190][ T6014] hub 9-0:1.0: 1 port detected
[  454.006538][ T6010] EXT4-fs error (device loop3): ext4_get_journal_inode:5743: comm syz.3.1397: inode #4294967295: comm syz.3.1397: iget: illegal inode #
[  454.026461][ T6010] EXT4-fs (loop3): no journal found
[  454.032141][ T6010] EXT4-fs (loop3): can't get journal size
[  454.104189][ T6018] hub 9-0:1.0: USB hub found
[  454.109399][ T6018] hub 9-0:1.0: 1 port detected
[  454.364121][ T6010] EXT4-fs (loop3): failed to initialize system zone (-22)
[  454.371505][ T6010] EXT4-fs (loop3): mount failed
[  454.386532][ T6021] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  454.394559][ T6021] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  454.404527][ T6021] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  454.417871][ T6021] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  454.426747][ T6021] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  454.630585][ T6032] loop1: detected capacity change from 0 to 1024
[  454.654959][ T6032] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  454.667486][ T6032] EXT4-fs error (device loop1): ext4_get_journal_inode:5743: comm syz.1.1404: inode #4294967295: comm syz.1.1404: iget: illegal inode #
[  454.743518][ T6032] EXT4-fs (loop1): no journal found
[  454.749071][ T6032] EXT4-fs (loop1): can't get journal size
[  454.761377][ T6032] EXT4-fs (loop1): failed to initialize system zone (-22)
[  454.774913][ T6032] EXT4-fs (loop1): mount failed
[  454.850988][ T6039] netlink: 'syz.4.1405': attribute type 4 has an invalid length.
[  456.221186][ T6049] hub 9-0:1.0: USB hub found
[  456.872741][ T6049] hub 9-0:1.0: 1 port detected
[  456.909515][ T6050] tty tty26: ldisc open failed (-12), clearing slot 25
[  457.959385][   T28] audit: type=1400 audit(1775009853.501:232): avc:  denied  { ioctl } for  pid=6065 comm="syz.2.1412" path="/dev/usbmon5" dev="devtmpfs" ino=174 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  457.989426][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  457.997185][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  458.006702][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  458.018952][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  458.027125][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  458.447831][ T6082] hub 9-0:1.0: USB hub found
[  458.669894][ T6082] hub 9-0:1.0: 1 port detected
[  458.913053][ T6084] netlink: 'syz.1.1413': attribute type 4 has an invalid length.
[  458.944762][ T6077] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  458.956841][ T6077] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  458.964702][ T6077] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  459.153559][ T6088] netlink: 'syz.3.1418': attribute type 4 has an invalid length.
[  459.663330][ T6094] loop0: detected capacity change from 0 to 1024
[  459.723040][ T6094] EXT4-fs: Ignoring removed nomblk_io_submit option
[  459.769316][ T6094] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  459.938211][ T6094] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  459.947058][ T6094] System zones: 0-1, 3-36
[  459.958377][ T6094] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  460.713111][  T283] EXT4-fs (loop0): unmounting filesystem.
[  461.742014][ T4003] Bluetooth: hci0: Frame reassembly failed (-84)
[  461.863415][ T6127] hub 9-0:1.0: USB hub found
[  462.122171][ T6127] hub 9-0:1.0: 1 port detected
[  462.242586][ T6133] loop3: detected capacity change from 0 to 512
[  462.319652][ T6133] EXT4-fs (loop3): 1 truncate cleaned up
[  462.325539][ T6133] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  462.343585][ T6133] overlayfs: upper fs needs to support d_type.
[  463.604348][  T282] EXT4-fs (loop3): unmounting filesystem.
[  463.785141][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  463.791401][ T5500] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  464.296816][ T6158] loop4: detected capacity change from 0 to 1024
[  464.315848][ T6158] EXT4-fs: Ignoring removed nomblk_io_submit option
[  464.322796][ T6158] /dev/loop4: Can't open blockdev
[  465.348992][ T6164] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1438'.
[  465.810598][ T6169] loop4: detected capacity change from 0 to 1024
[  465.844701][ T6169] EXT4-fs: Ignoring removed nomblk_io_submit option
[  465.851453][ T6169] /dev/loop4: Can't open blockdev
[  466.894562][ T6174] netlink: 'syz.3.1433': attribute type 4 has an invalid length.
[  467.144765][ T6186] loop1: detected capacity change from 0 to 128
[  467.241598][ T6186] FAT-fs (loop1): error, invalid access to FAT (entry 0x0fff0000)
[  467.249543][ T6186] FAT-fs (loop1): Filesystem has been set read-only
[  467.387760][ T6187] loop3: detected capacity change from 0 to 1024
[  467.394601][ T6187] EXT4-fs: Ignoring removed nomblk_io_submit option
[  467.430642][ T6187] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  467.522351][ T6193] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  467.677937][ T6193] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  467.707614][ T6193] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  467.834598][ T6196] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  467.867032][  T304] Bluetooth: hci0: Frame reassembly failed (-84)
[  468.025734][  T282] EXT4-fs (loop3): unmounting filesystem.
[  468.099084][ T6204] loop0: detected capacity change from 0 to 512
[  468.122948][ T6204] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  468.136414][ T6204] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  469.442362][ T6215] loop0: detected capacity change from 0 to 40427
[  471.622870][ T5500] Bluetooth: hci0: command 0x1003 tx timeout
[  471.629524][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  471.646294][ T6215] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  471.654091][ T6215] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  471.664353][ T6215] F2FS-fs (loop0): invalid crc value
[  471.697434][ T6215] F2FS-fs (loop0): Found nat_bits in checkpoint
[  471.769674][ T6215] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  471.776798][ T6215] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  471.782024][ T6225] loop4: detected capacity change from 0 to 1024
[  471.816555][ T6225] EXT4-fs: Ignoring removed nomblk_io_submit option
[  471.823498][ T6225] /dev/loop4: Can't open blockdev
[  472.084873][ T6229] loop1: detected capacity change from 0 to 1024
[  472.227702][ T6229] EXT4-fs: Ignoring removed nomblk_io_submit option
[  472.276425][ T6230] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  472.293521][ T6229] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  472.391582][ T6238] loop3: detected capacity change from 0 to 1024
[  472.401793][ T6238] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  472.412244][ T6238] EXT4-fs error (device loop3): ext4_get_journal_inode:5743: comm syz.3.1455: inode #4294967295: comm syz.3.1455: iget: illegal inode #
[  472.426527][ T6238] EXT4-fs (loop3): no journal found
[  472.431805][ T6238] EXT4-fs (loop3): can't get journal size
[  472.439077][ T6238] EXT4-fs (loop3): failed to initialize system zone (-22)
[  472.446896][ T6238] EXT4-fs (loop3): mount failed
[  472.484920][ T6241] netlink: 'syz.0.1454': attribute type 4 has an invalid length.
[  473.198430][ T6251] loop0: detected capacity change from 0 to 1024
[  473.205989][ T6251] EXT4-fs: Ignoring removed nomblk_io_submit option
[  473.245930][ T6251] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  473.365204][  T284] EXT4-fs (loop1): unmounting filesystem.
[  473.533672][ T6264] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  476.342892][ T6281] loop3: detected capacity change from 0 to 1024
[  476.354597][ T6282] loop2: detected capacity change from 0 to 512
[  476.365885][  T283] EXT4-fs (loop0): unmounting filesystem.
[  476.372005][ T6281] EXT4-fs: Ignoring removed nomblk_io_submit option
[  476.380708][ T6282] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  476.389943][ T6282] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  476.477811][ T6286] loop0: detected capacity change from 0 to 1024
[  476.485414][ T6286] EXT4-fs: Ignoring removed nomblk_io_submit option
[  476.698986][ T6292] loop2: detected capacity change from 0 to 40427
[  477.711759][ T6294] hub 9-0:1.0: USB hub found
[  477.745862][ T6294] hub 9-0:1.0: 1 port detected
[  477.976562][ T6292] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  477.984358][ T6292] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  477.993362][ T6281] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  478.002636][ T6286] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  478.011997][ T6292] F2FS-fs (loop2): invalid crc value
[  478.069138][ T6292] F2FS-fs (loop2): Found nat_bits in checkpoint
[  478.183926][ T6281] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  478.200649][ T6305] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  478.222894][ T6292] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  478.230128][ T6292] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  478.232485][  T282] EXT4-fs (loop3): unmounting filesystem.
[  478.397352][  T283] EXT4-fs (loop0): unmounting filesystem.
[  478.424139][  T724] Bluetooth: hci1: Frame reassembly failed (-84)
[  478.510903][ T6318] netlink: 'syz.3.1470': attribute type 4 has an invalid length.
[  479.397632][ T6329] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  479.405515][ T6329] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  479.415284][ T6329] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  479.427850][ T6329] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  479.436078][ T6329] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  480.037302][ T6344] x_tables: duplicate underflow at hook 3
[  480.105212][ T5500] Bluetooth: hci0: command 0x1003 tx timeout
[  480.105500][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  480.136030][ T6347] loop1: detected capacity change from 0 to 1024
[  480.145383][ T6347] EXT4-fs: Ignoring removed nomblk_io_submit option
[  480.184126][ T6347] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  480.265412][ T6347] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  480.302190][  T284] EXT4-fs (loop1): unmounting filesystem.
[  480.319870][ T6353] loop2: detected capacity change from 0 to 512
[  480.328561][ T6353] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  480.341807][ T6353] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  480.432587][   T45] Bluetooth: hci1: command 0x1003 tx timeout
[  480.438753][ T5638] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  480.571184][ T6360] loop1: detected capacity change from 0 to 128
[  480.821365][ T6366] loop3: detected capacity change from 0 to 1024
[  480.846498][ T6366] EXT4-fs: Ignoring removed nomblk_io_submit option
[  480.898304][ T6366] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  481.082397][ T6364] loop2: detected capacity change from 0 to 40427
[  481.117367][ T6364] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  481.150712][ T6374] netlink: 'syz.4.1485': attribute type 4 has an invalid length.
[  481.184481][ T6364] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  481.215622][ T6364] F2FS-fs (loop2): invalid crc value
[  481.260847][ T6364] F2FS-fs (loop2): Found nat_bits in checkpoint
[  481.364463][ T6364] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  481.374907][ T6364] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  481.404905][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  481.412822][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  481.423188][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  481.436271][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  481.444174][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  481.675318][  T282] EXT4-fs (loop3): unmounting filesystem.
[  482.184992][ T6397] device syzkaller0 entered promiscuous mode
[  482.253555][ T6401] loop1: detected capacity change from 0 to 1024
[  482.367886][ T6401] EXT4-fs: Ignoring removed nomblk_io_submit option
[  482.376960][ T6401] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  482.394544][ T6401] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  482.404336][ T6401] System zones: 0-1, 3-36
[  482.499643][ T6401] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  484.922325][  T284] EXT4-fs (loop1): unmounting filesystem.
[  484.929098][ T6419] loop3: detected capacity change from 0 to 512
[  484.943106][ T4003] Bluetooth: hci0: Frame reassembly failed (-84)
[  484.958802][ T6419] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  484.975119][ T6419] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  485.382738][ T6426] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  485.453988][ T6426] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  485.462264][ T6426] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  485.641722][ T6430] x_tables: duplicate underflow at hook 3
[  485.822021][ T6428] loop3: detected capacity change from 0 to 40427
[  485.853322][ T6428] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  485.885818][ T6428] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  485.910098][ T6435] loop2: detected capacity change from 0 to 1024
[  485.928332][ T6435] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  485.936420][ T6428] F2FS-fs (loop3): invalid crc value
[  485.943415][ T6435] EXT4-fs error (device loop2): ext4_get_journal_inode:5743: comm syz.2.1501: inode #4294967295: comm syz.2.1501: iget: illegal inode #
[  485.978175][ T6435] EXT4-fs (loop2): no journal found
[  485.983417][ T6435] EXT4-fs (loop2): can't get journal size
[  486.007980][ T6428] F2FS-fs (loop3): Found nat_bits in checkpoint
[  486.017607][ T6435] EXT4-fs (loop2): failed to initialize system zone (-22)
[  486.037650][ T6435] EXT4-fs (loop2): mount failed
[  486.182268][ T6442] netlink: 'syz.1.1500': attribute type 4 has an invalid length.
[  486.213748][ T6428] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  486.235143][ T6428] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  487.116855][ T5638] Bluetooth: hci0: command 0x1003 tx timeout
[  487.123491][ T5406] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  487.146914][ T6420] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  487.238180][ T6448] hub 9-0:1.0: USB hub found
[  487.243487][ T6448] hub 9-0:1.0: 1 port detected
[  487.573884][ T6452] loop4: detected capacity change from 0 to 1024
[  487.624535][ T6452] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  487.649230][ T6452] EXT4-fs error (device loop4): ext4_get_journal_inode:5743: comm syz.4.1505: inode #4294967295: comm syz.4.1505: iget: illegal inode #
[  487.663249][ T6452] EXT4-fs (loop4): no journal found
[  487.671441][ T6452] EXT4-fs (loop4): can't get journal size
[  487.704546][ T6455] loop0: detected capacity change from 0 to 1024
[  487.711530][ T6452] EXT4-fs (loop4): failed to initialize system zone (-22)
[  487.716252][ T6455] EXT4-fs: Ignoring removed nomblk_io_submit option
[  487.734941][ T6455] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  488.047933][ T6459] hub 9-0:1.0: USB hub found
[  488.761865][ T6458] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  488.769849][ T6458] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  488.779734][ T6458] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  488.792531][ T6458] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  488.800555][ T6458] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  488.824859][ T6459] hub 9-0:1.0: 1 port detected
[  488.861205][ T6452] EXT4-fs (loop4): mount failed
[  488.896538][ T6455] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  488.904748][ T6455] System zones: 0-1, 3-36
[  488.928890][ T6455] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  489.228544][ T6469] hub 9-0:1.0: USB hub found
[  490.126230][ T6469] hub 9-0:1.0: 1 port detected
[  491.761584][  T283] EXT4-fs (loop0): unmounting filesystem.
[  493.138272][ T6493] loop1: detected capacity change from 0 to 1024
[  493.255632][ T6493] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  493.265570][ T6493] EXT4-fs error (device loop1): ext4_get_journal_inode:5743: comm syz.1.1514: inode #4294967295: comm syz.1.1514: iget: illegal inode #
[  493.287897][ T6493] EXT4-fs (loop1): no journal found
[  493.295167][ T6493] EXT4-fs (loop1): can't get journal size
[  493.306955][ T6493] EXT4-fs (loop1): failed to initialize system zone (-22)
[  493.314217][ T6493] EXT4-fs (loop1): mount failed
[  493.378758][ T6499] hub 9-0:1.0: USB hub found
[  493.383502][ T6499] hub 9-0:1.0: 1 port detected
[  496.287256][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  496.297472][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  496.310894][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  496.319747][ T6514] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  498.372031][ T6546] kvm: vcpu 2: requested 148514 ns lapic timer period limited to 200000 ns
[  498.387223][ T6551] loop3: detected capacity change from 0 to 1024
[  498.424989][ T6551] EXT4-fs: Ignoring removed nomblk_io_submit option
[  498.433110][ T6546] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (200000 ns). Using initial count to start timer.
[  498.501143][ T6551] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  498.512631][ T6553] ------------[ cut here ]------------
[  498.518195][ T6553] WARNING: CPU: 1 PID: 6553 at arch/x86/kvm/x86.c:11259 kvm_arch_vcpu_ioctl_run+0x1a8c/0x1fa0
[  498.528541][ T6553] Modules linked in:
[  498.532466][ T6553] CPU: 1 PID: 6553 Comm: syz.1.1529 Not tainted syzkaller #0
[  498.539896][ T6553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  498.550012][ T6553] RIP: 0010:kvm_arch_vcpu_ioctl_run+0x1a8c/0x1fa0
[  498.556703][ T6553] Code: e8 f9 7d a6 00 e9 a4 f2 ff ff 44 89 f9 80 e1 07 38 c1 0f 8c ef e8 ff ff 4c 89 ff e8 7e 7d a6 00 e9 e2 e8 ff ff e8 d4 2a 61 00 <0f> 0b e9 93 fc ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 09 ef
[  498.576414][ T6553] RSP: 0018:ffffc90000e57bf8 EFLAGS: 00010287
[  498.582516][ T6553] RAX: ffffffff811043fc RBX: ffff888137efc980 RCX: 0000000000080000
[  498.590555][ T6553] RDX: ffffc90001e9c000 RSI: 0000000000000059 RDI: 000000000000005a
[  498.598585][ T6553] RBP: ffffc90000e57cb0 R08: ffff888138656547 R09: 1ffff110270caca8
[  498.606603][ T6553] R10: dffffc0000000000 R11: ffffed10270caca9 R12: ffff888112313000
[  498.614629][ T6553] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888137efc9f8
[  498.617950][ T6555] hub 9-0:1.0: USB hub found
[  498.622761][ T6553] FS:  00007f22449cb6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  498.627943][ T6555] hub 9-0:1.0: 1 port detected
[  498.636198][ T6553] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  498.647597][ T6553] CR2: 00007f22449caff8 CR3: 000000011d3cb000 CR4: 00000000003526a0
[  498.655626][ T6553] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  498.663629][ T6553] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  498.671664][ T6553] Call Trace:
[  498.674970][ T6553]  <TASK>
[  498.677963][ T6553]  ? mutex_lock_killable+0x10c/0x1b0
[  498.683288][ T6553]  ? __cfi_mutex_lock_killable+0x10/0x10
[  498.688986][ T6553]  kvm_vcpu_ioctl+0x8f2/0xc00
[  498.693711][ T6553]  ? __kasan_check_write+0x14/0x20
[  498.698896][ T6553]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  498.704146][ T6553]  ? selinux_file_ioctl+0x3a0/0x4d0
[  498.709415][ T6553]  ? __cfi_selinux_file_ioctl+0x10/0x10
[  498.715002][ T6553]  ? _raw_spin_lock_irqsave+0xc2/0x130
[  498.720533][ T6553]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[  498.726502][ T6553]  ? __set_current_blocked+0x204/0x230
[  498.732012][ T6553]  ? __fget_files+0x2d5/0x330
[  498.736745][ T6553]  ? security_file_ioctl+0x95/0xc0
[  498.741900][ T6553]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  498.747159][ T6553]  __se_sys_ioctl+0x12f/0x1b0
[  498.751900][ T6553]  __x64_sys_ioctl+0x7b/0x90
[  498.756558][ T6553]  x64_sys_call+0x58b/0x9a0
[  498.761121][ T6553]  do_syscall_64+0x4c/0xa0
[  498.765622][ T6553]  ? clear_bhb_loop+0x30/0x80
[  498.770346][ T6553]  ? clear_bhb_loop+0x30/0x80
[  498.775060][ T6553]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  498.781014][ T6553] RIP: 0033:0x7f2243b9c819
[  498.785495][ T6553] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  498.805156][ T6553] RSP: 002b:00007f22449cb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  498.813603][ T6553] RAX: ffffffffffffffda RBX: 00007f2243e16090 RCX: 00007f2243b9c819
[  498.821627][ T6553] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  498.829638][ T6553] RBP: 00007f2243c32c91 R08: 0000000000000000 R09: 0000000000000000
[  498.837702][ T6553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  498.841202][ T6556] hub 9-0:1.0: USB hub found
[  498.845729][ T6553] R13: 00007f2243e16128 R14: 00007f2243e16090 R15: 00007ffda56d2298
[  498.858386][ T6553]  </TASK>
[  498.861428][ T6553] ---[ end trace 0000000000000000 ]---
[  498.867863][ T6556] hub 9-0:1.0: 1 port detected
[  498.884359][ T6551] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  498.892821][ T6551] System zones: 0-1, 3-36
[  498.936113][ T6551] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  498.992497][ T6565] loop0: detected capacity change from 0 to 1024
[  499.001854][ T6565] EXT4-fs: Ignoring removed nomblk_io_submit option
[  499.027823][ T6565] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  499.802812][  T282] EXT4-fs (loop3): unmounting filesystem.
[  499.859543][  T283] EXT4-fs (loop0): unmounting filesystem.
[  500.335096][ T6593] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1541'.
[  502.509274][ T6605] loop4: detected capacity change from 0 to 1024
[  502.543514][ T6605] EXT4-fs: Ignoring removed nomblk_io_submit option
[  502.571768][ T6605] /dev/loop4: Can't open blockdev
[  502.615524][ T5672] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  503.070916][ T6611] hub 9-0:1.0: USB hub found
[  503.554771][ T6611] hub 9-0:1.0: 1 port detected
[  503.668904][ T6614] loop4: detected capacity change from 0 to 512
[  504.033701][ T6625] random: crng reseeded on system resumption
[  505.121906][ T6634] loop1: detected capacity change from 0 to 512
[  505.136790][ T6628] loop4: detected capacity change from 0 to 256
[  505.205701][ T6628] /dev/loop4: Can't open blockdev
[  505.225340][ T6634] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  505.248948][ T6634] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  505.357258][ T6632] netlink: 'syz.2.1551': attribute type 4 has an invalid length.
[  505.928582][ T6651] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1554'.
[  506.478129][ T6652] loop1: detected capacity change from 0 to 40427
[  506.487177][ T6654] hub 9-0:1.0: USB hub found
[  507.449158][ T6654] hub 9-0:1.0: 1 port detected
[  507.458415][ T6652] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  507.466212][ T6652] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  507.477616][ T6652] F2FS-fs (loop1): invalid crc value
[  507.640945][ T6652] F2FS-fs (loop1): Found nat_bits in checkpoint
[  507.761719][ T6652] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  507.768899][ T6652] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  508.456635][ T6676] random: crng reseeded on system resumption
[  508.517415][ T6676] loop0: detected capacity change from 0 to 256
[  508.552015][ T6676] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  508.571338][ T6676] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  508.623983][ T6676] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  508.654613][ T6680] loop2: detected capacity change from 0 to 1024
[  508.678462][ T6680] EXT4-fs: Ignoring removed nomblk_io_submit option
[  508.784258][ T6680] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  508.893695][ T6680] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  508.932497][  T286] EXT4-fs (loop2): unmounting filesystem.
[  509.031568][ T6693] loop1: detected capacity change from 0 to 256
[  509.076164][ T6693] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  509.089798][ T6693] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  509.136439][ T6693] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  509.227877][ T6697] netlink: 'syz.2.1566': attribute type 4 has an invalid length.
[  509.967099][ T6706] hub 9-0:1.0: USB hub found
[  510.223306][ T6706] hub 9-0:1.0: 1 port detected
[  510.846365][ T6719] loop1: detected capacity change from 0 to 512
[  510.865266][   T28] audit: type=1400 audit(1775009905.901:233): avc:  denied  { connect } for  pid=6712 comm="syz.0.1570" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  511.005617][ T6719] EXT4-fs (loop1): 1 truncate cleaned up
[  511.011494][ T6719] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  511.033454][ T6719] overlayfs: upper fs needs to support d_type.
[  511.132239][ T6724] random: crng reseeded on system resumption
[  511.200608][  T284] EXT4-fs (loop1): unmounting filesystem.
[  511.245341][ T6724] loop4: detected capacity change from 0 to 256
[  511.252045][ T6724] /dev/loop4: Can't open blockdev
[  511.295316][ T5672] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  512.346802][ T6743] loop0: detected capacity change from 0 to 256
[  512.404526][ T6744] netlink: 'syz.3.1577': attribute type 4 has an invalid length.
[  512.496747][ T6743] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  512.535438][ T6743] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  512.552984][ T6743] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  512.762623][ T6751] loop2: detected capacity change from 0 to 256
[  512.946376][ T6751] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  513.028529][ T6749] random: crng reseeded on system resumption
[  513.046641][ T6751] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  513.066806][ T6751] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  513.349186][ T6759] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  513.374063][ T6759] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  513.416739][ T6759] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  513.439235][ T6759] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  513.481413][ T6760] netlink: 'syz.1.1582': attribute type 4 has an invalid length.
[  513.542517][ T6764] Zero length message leads to an empty skb
[  513.678344][  T724] Bluetooth: hci0: Frame reassembly failed (-84)
[  513.695037][ T6768] Bluetooth: hci0: Frame reassembly failed (-84)
[  513.710244][ T6768] Bluetooth: hci0: Frame reassembly failed (-84)
[  513.959291][ T6775] loop2: detected capacity change from 0 to 512
[  514.096162][ T6775] EXT4-fs (loop2): 1 truncate cleaned up
[  514.101937][ T6775] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  514.122441][ T6775] overlayfs: upper fs needs to support d_type.
[  514.557651][ T6787] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  514.567349][ T6787] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  514.586981][ T6787] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  514.652617][ T6787] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  514.660630][ T6787] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  514.671517][   T28] audit: type=1400 audit(1775009910.211:234): avc:  denied  { unmount } for  pid=282 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  514.711315][  T286] EXT4-fs (loop2): unmounting filesystem.
[  514.848909][ T6793] netlink: 'syz.2.1591': attribute type 4 has an invalid length.
[  515.705816][ T5638] Bluetooth: hci0: command 0x1003 tx timeout
[  515.711907][ T5406] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  515.982659][ T6812] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6812 comm=syz.3.1595
[  516.358640][ T6815] loop0: detected capacity change from 0 to 16
[  516.371340][ T6815] erofs: (device loop0): mounted with root inode @ nid 36.
[  516.450195][ T6817] random: crng reseeded on system resumption
[  516.734618][ T6819] loop4: detected capacity change from 0 to 256
[  516.783552][ T6819] /dev/loop4: Can't open blockdev
[  517.318210][ T6818] netlink: 'syz.2.1594': attribute type 4 has an invalid length.
[  517.654158][ T6832] loop2: detected capacity change from 0 to 512
[  517.952033][ T6832] EXT4-fs (loop2): 1 truncate cleaned up
[  517.958149][ T6832] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  519.521483][ T6847] netlink: 'syz.4.1604': attribute type 4 has an invalid length.
[  519.921475][  T304] Bluetooth: hci0: Frame reassembly failed (-84)
[  519.948254][  T286] EXT4-fs (loop2): unmounting filesystem.
[  520.728040][ T6865] hub 9-0:1.0: USB hub found
[  521.839480][ T6865] hub 9-0:1.0: 1 port detected
[  521.900191][ T6870] loop0: detected capacity change from 0 to 1024
[  521.913995][ T6870] EXT4-fs: Ignoring removed nomblk_io_submit option
[  521.945233][ T5406] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  522.014960][ T6872] loop4: detected capacity change from 0 to 128
[  522.165163][ T6870] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  522.195120][ T5672] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  522.398537][ T6876] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  522.498671][ T6883] random: crng reseeded on system resumption
[  522.534981][ T6883] loop2: detected capacity change from 0 to 256
[  522.544509][ T6883] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  522.560435][ T6883] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  522.579580][ T6883] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  523.503688][ T6893] loop1: detected capacity change from 0 to 512
[  523.535924][ T6851] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  523.564355][  T283] EXT4-fs (loop0): unmounting filesystem.
[  523.699954][ T6893] EXT4-fs (loop1): 1 truncate cleaned up
[  523.705743][ T6893] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  523.981519][ T6903] netlink: 'syz.2.1618': attribute type 4 has an invalid length.
[  523.999966][  T284] EXT4-fs (loop1): unmounting filesystem.
[  524.092803][ T6909] loop4: detected capacity change from 0 to 16
[  524.100843][ T6909] /dev/loop4: Can't open blockdev
[  524.143929][ T6910] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  524.182388][ T6907] loop1: detected capacity change from 0 to 1024
[  524.329891][ T6907] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  524.349650][ T6907] EXT4-fs error (device loop1): ext4_get_journal_inode:5743: comm syz.1.1621: inode #4294967295: comm syz.1.1621: iget: illegal inode #
[  524.371366][ T6910] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  524.388476][ T6907] EXT4-fs (loop1): no journal found
[  524.395871][ T6907] EXT4-fs (loop1): can't get journal size
[  524.554535][ T6910] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  524.559849][ T6907] EXT4-fs (loop1): failed to initialize system zone (-22)
[  524.577545][ T6910] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  524.582809][ T6907] EXT4-fs (loop1): mount failed
[  524.592024][ T6910] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  524.603854][ T6911] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  524.815860][ T6911] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  525.193068][   T28] audit: type=1400 audit(1775009920.731:235): avc:  denied  { bind } for  pid=6916 comm="syz.2.1622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  525.255381][  T332] Bluetooth: hci0: Frame reassembly failed (-84)
[  525.268268][ T6911] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  525.307896][ T6911] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  525.489100][ T6929] loop3: detected capacity change from 0 to 1024
[  525.507003][ T6929] EXT4-fs: Ignoring removed nomblk_io_submit option
[  525.551400][ T6929] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  525.624791][ T6933] netlink: 'syz.0.1628': attribute type 4 has an invalid length.
[  525.808535][ T6937] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  526.306175][ T6944] hub 9-0:1.0: USB hub found
[  526.311523][ T6944] hub 9-0:1.0: 1 port detected
[  526.482616][  T282] EXT4-fs (loop3): unmounting filesystem.
[  526.648093][  T332] Bluetooth: hci1: Frame reassembly failed (-84)
[  526.727115][ T6952] loop1: detected capacity change from 0 to 512
[  526.780174][ T6952] EXT4-fs (loop1): 1 truncate cleaned up
[  526.785991][ T6952] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  526.804544][ T6952] overlayfs: upper fs needs to support d_type.
[  527.097083][ T6955] loop4: detected capacity change from 0 to 1024
[  527.111656][ T6955] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  527.124130][ T6955] EXT4-fs error (device loop4): ext4_get_journal_inode:5743: comm syz.4.1634: inode #4294967295: comm syz.4.1634: iget: illegal inode #
[  527.139350][ T6955] EXT4-fs (loop4): no journal found
[  527.144605][ T6955] EXT4-fs (loop4): can't get journal size
[  527.151056][ T6955] EXT4-fs (loop4): failed to initialize system zone (-22)
[  527.163628][ T6958] random: crng reseeded on system resumption
[  527.166897][ T6955] EXT4-fs (loop4): mount failed
[  527.188386][ T6958] loop0: detected capacity change from 0 to 256
[  527.198425][ T6958] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  527.209324][ T6958] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  527.219411][ T6958] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  527.305376][ T5638] Bluetooth: hci0: command 0x1003 tx timeout
[  527.311519][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  528.522702][  T284] EXT4-fs (loop1): unmounting filesystem.
[  528.524776][ T6964] loop0: detected capacity change from 0 to 1024
[  528.610520][ T6964] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  528.621598][ T6964] EXT4-fs error (device loop0): ext4_get_journal_inode:5743: comm syz.0.1637: inode #4294967295: comm syz.0.1637: iget: illegal inode #
[  528.644069][ T6972] loop2: detected capacity change from 0 to 128
[  528.699707][ T5406] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  529.485166][ T6964] EXT4-fs (loop0): no journal found
[  529.490438][ T6964] EXT4-fs (loop0): can't get journal size
[  529.552965][ T6964] EXT4-fs (loop0): failed to initialize system zone (-22)
[  529.592915][ T6964] EXT4-fs (loop0): mount failed
[  529.603987][ T6980] loop3: detected capacity change from 0 to 1024
[  529.622520][ T6980] EXT4-fs: Ignoring removed nomblk_io_submit option
[  529.657279][ T6980] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  529.866059][ T6989] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  530.283984][ T6991] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  530.296029][ T6991] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  530.314293][ T6991] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  530.374354][ T6991] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  530.434622][  T282] EXT4-fs (loop3): unmounting filesystem.
[  530.480453][ T6991] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  530.795303][ T7001] hub 9-0:1.0: USB hub found
[  530.801919][ T7001] hub 9-0:1.0: 1 port detected
[  531.693043][ T7005] loop3: detected capacity change from 0 to 128
[  531.724920][ T7005] FAT-fs (loop3): error, invalid access to FAT (entry 0x0fff0000)
[  531.732931][ T7005] FAT-fs (loop3): Filesystem has been set read-only
[  532.029459][ T7008] loop3: detected capacity change from 0 to 1024
[  532.076977][ T7008] EXT4-fs: Ignoring removed nomblk_io_submit option
[  532.108562][ T7011] random: crng reseeded on system resumption
[  532.115186][ T7008] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  532.165520][ T7008] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  532.182112][ T7011] loop4: detected capacity change from 0 to 256
[  532.195252][ T7008] System zones: 0-1, 3-36
[  532.203031][ T7008] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  532.216317][ T7016] loop1: detected capacity change from 0 to 1024
[  532.226864][ T7016] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  532.255526][ T7011] /dev/loop4: Can't open blockdev
[  532.290164][ T7016] EXT4-fs error (device loop1): ext4_get_journal_inode:5743: comm syz.1.1649: inode #4294967295: comm syz.1.1649: iget: illegal inode #
[  532.349012][ T7016] EXT4-fs (loop1): no journal found
[  532.354331][ T7016] EXT4-fs (loop1): can't get journal size
[  533.023041][ T7016] EXT4-fs (loop1): failed to initialize system zone (-22)
[  533.033649][ T7016] EXT4-fs (loop1): mount failed
[  533.119883][  T282] EXT4-fs (loop3): unmounting filesystem.
[  533.148453][ T2246] Bluetooth: hci0: Frame reassembly failed (-84)
[  533.859508][ T7034] loop2: detected capacity change from 0 to 1024
[  533.879435][ T7034] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  533.952887][ T7034] EXT4-fs error (device loop2): ext4_get_journal_inode:5743: comm syz.2.1653: inode #4294967295: comm syz.2.1653: iget: illegal inode #
[  533.968962][ T7034] EXT4-fs (loop2): no journal found
[  533.974254][ T7034] EXT4-fs (loop2): can't get journal size
[  533.987875][ T7041] loop0: detected capacity change from 0 to 1024
[  533.994577][ T7041] EXT4-fs: Ignoring removed nomblk_io_submit option
[  534.004809][ T7041] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  534.004981][ T7034] EXT4-fs (loop2): failed to initialize system zone (-22)
[  534.023783][ T7034] EXT4-fs (loop2): mount failed
[  534.115372][   T28] audit: type=1400 audit(1775009929.581:236): avc:  denied  { ioctl } for  pid=7043 comm="syz.4.1657" path="/dev/ppp" dev="devtmpfs" ino=158 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  534.265431][ T7041] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  534.316717][ T7041] System zones: 0-1, 3-36
[  534.425819][ T7041] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  535.550131][ T5406] Bluetooth: hci0: command 0x1003 tx timeout
[  535.569392][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  535.655398][ T7028] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  535.908276][  T283] EXT4-fs (loop0): unmounting filesystem.
[  536.337350][ T7066] netlink: 'syz.3.1662': attribute type 4 has an invalid length.
[  536.724572][ T7070] loop0: detected capacity change from 0 to 128
[  537.037710][ T7072] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  537.048332][ T7072] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  537.061111][ T7072] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  537.069914][ T7072] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1.0: link becomes ready
[  537.603353][ T7083] loop2: detected capacity change from 0 to 128
[  537.705082][    C1] ==================================================================
[  537.713200][    C1] BUG: KASAN: use-after-free in __run_timers+0x340/0x9f0
[  537.720262][    C1] Write of size 8 at addr ffff88811fb6ca00 by task syz.2.1663/7074
[  537.728177][    C1] 
[  537.730550][    C1] CPU: 1 PID: 7074 Comm: syz.2.1663 Tainted: G        W          syzkaller #0
[  537.739419][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  537.749519][    C1] Call Trace:
[  537.752824][    C1]  <IRQ>
[  537.755685][    C1]  __dump_stack+0x21/0x24
[  537.760058][    C1]  dump_stack_lvl+0x110/0x170
[  537.764817][    C1]  ? __cfi_dump_stack_lvl+0x8/0x8
[  537.769874][    C1]  ? __run_timers+0x340/0x9f0
[  537.774587][    C1]  print_address_description+0x71/0x200
[  537.780173][    C1]  print_report+0x4a/0x60
[  537.784534][    C1]  kasan_report+0x122/0x150
[  537.789069][    C1]  ? __run_timers+0x340/0x9f0
[  537.793777][    C1]  __asan_report_store8_noabort+0x17/0x20
[  537.799552][    C1]  __run_timers+0x340/0x9f0
[  537.804089][    C1]  ? sched_clock+0x9/0x10
[  537.808453][    C1]  ? sched_clock_cpu+0x6e/0x260
[  537.813327][    C1]  ? calc_index+0x200/0x200
[  537.817874][    C1]  ? kvm_sched_clock_read+0x18/0x40
[  537.823111][    C1]  run_timer_softirq+0x6a/0xf0
[  537.827909][    C1]  handle_softirqs+0x1d7/0x600
[  537.832700][    C1]  __irq_exit_rcu+0x52/0xf0
[  537.837249][    C1]  irq_exit_rcu+0x9/0x10
[  537.841515][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  537.847183][    C1]  </IRQ>
[  537.850132][    C1]  <TASK>
[  537.853087][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  537.859102][    C1] RIP: 0010:schedule+0x2b/0x170
[  537.863974][    C1] Code: 48 89 e5 41 57 41 56 53 49 bf 00 00 00 00 00 fc ff df 65 48 8b 1d 35 d1 02 7b 4c 8d 73 18 4c 89 f0 48 c1 e8 03 42 0f b6 04 38 <84> c0 0f 85 ea 00 00 00 41 83 3e 00 74 61 4c 8d 73 2c 4c 89 f0 48
[  537.883604][    C1] RSP: 0018:ffffc9000ef4f518 EFLAGS: 00000a02
[  537.889705][    C1] RAX: 0000000000000000 RBX: ffff8881134c2880 RCX: 0000000000080000
[  537.897696][    C1] RDX: ffffc90002a9f000 RSI: 000000000007ffff RDI: 0000000000080000
[  537.905688][    C1] RBP: ffffc9000ef4f530 R08: ffffc9000ef4f597 R09: ffffc9000ef4f560
[  537.913684][    C1] R10: dffffc0000000000 R11: fffff52001de9eb3 R12: ffffc9000ef4f560
[  537.921687][    C1] R13: dffffc0000000000 R14: ffff8881134c2898 R15: dffffc0000000000
[  537.929682][    C1]  ? memset+0x35/0x40
[  537.933716][    C1]  schedule_timeout+0xba/0x340
[  537.938510][    C1]  ? __cfi_schedule_timeout+0x10/0x10
[  537.943915][    C1]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[  537.949752][    C1]  ? prepare_to_wait_exclusive+0x191/0x1d0
[  537.955593][    C1]  unix_wait_for_peer+0x1f2/0x2e0
[  537.960663][    C1]  ? unix_find_other+0x820/0x820
[  537.965668][    C1]  ? __cfi_autoremove_wake_function+0x10/0x10
[  537.971770][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[  537.976982][    C1]  ? security_unix_may_send+0x8c/0xb0
[  537.982349][    C1]  unix_dgram_sendmsg+0xea8/0x16f0
[  537.987460][    C1]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[  537.992999][    C1]  ? __switch_to+0x517/0xe60
[  537.997590][    C1]  ? security_socket_sendmsg+0x93/0xb0
[  538.003068][    C1]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[  538.008608][    C1]  ____sys_sendmsg+0x5cc/0x990
[  538.013382][    C1]  ? __sys_sendmsg_sock+0x40/0x40
[  538.018411][    C1]  ? import_iovec+0x7c/0xb0
[  538.022916][    C1]  ___sys_sendmsg+0x2a2/0x360
[  538.027615][    C1]  ? __cfi___futex_queue+0x10/0x10
[  538.032745][    C1]  ? __sys_sendmsg+0x290/0x290
[  538.037512][    C1]  ? futex_unqueue+0x132/0x160
[  538.042280][    C1]  ? __cfi_futex_wait+0x10/0x10
[  538.047126][    C1]  ? __fdget+0x19c/0x220
[  538.051364][    C1]  __sys_sendmmsg+0x2cc/0x4e0
[  538.056037][    C1]  ? __cfi___sys_sendmmsg+0x10/0x10
[  538.061234][    C1]  ? fpregs_restore_userregs+0x128/0x260
[  538.066864][    C1]  __x64_sys_sendmmsg+0xa0/0xb0
[  538.071705][    C1]  x64_sys_call+0x3f5/0x9a0
[  538.076203][    C1]  do_syscall_64+0x4c/0xa0
[  538.080629][    C1]  ? clear_bhb_loop+0x30/0x80
[  538.085306][    C1]  ? clear_bhb_loop+0x30/0x80
[  538.089985][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  538.095880][    C1] RIP: 0033:0x7fd43639c819
[  538.100293][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  538.119898][    C1] RSP: 002b:00007fd437205028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  538.128304][    C1] RAX: ffffffffffffffda RBX: 00007fd436615fa0 RCX: 00007fd43639c819
[  538.136277][    C1] RDX: 0400000000000041 RSI: 0000200000000000 RDI: 0000000000000008
[  538.144234][    C1] RBP: 00007fd436432c91 R08: 0000000000000000 R09: 0000000000000000
[  538.152192][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  538.160154][    C1] R13: 00007fd436616038 R14: 00007fd436615fa0 R15: 00007ffdfa108378
[  538.168123][    C1]  </TASK>
[  538.171136][    C1] 
[  538.173448][    C1] Allocated by task 7028:
[  538.177766][    C1]  kasan_set_track+0x4b/0x70
[  538.182355][    C1]  kasan_save_alloc_info+0x25/0x30
[  538.187466][    C1]  __kasan_kmalloc+0x95/0xb0
[  538.192047][    C1]  __kmalloc+0xb1/0x1e0
[  538.196190][    C1]  hci_alloc_dev_priv+0x27/0x1bd0
[  538.201211][    C1]  hci_uart_tty_ioctl+0x3c8/0xa20
[  538.206234][    C1]  tty_ioctl+0x8ef/0xc60
[  538.210489][    C1]  __se_sys_ioctl+0x12f/0x1b0
[  538.215170][    C1]  __x64_sys_ioctl+0x7b/0x90
[  538.219754][    C1]  x64_sys_call+0x58b/0x9a0
[  538.224250][    C1]  do_syscall_64+0x4c/0xa0
[  538.228694][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  538.234592][    C1] 
[  538.236904][    C1] Freed by task 7028:
[  538.240885][    C1]  kasan_set_track+0x4b/0x70
[  538.245471][    C1]  kasan_save_free_info+0x31/0x50
[  538.250497][    C1]  ____kasan_slab_free+0x132/0x180
[  538.255606][    C1]  __kasan_slab_free+0x11/0x20
[  538.260366][    C1]  slab_free_freelist_hook+0xc2/0x190
[  538.265741][    C1]  __kmem_cache_free+0xb7/0x1b0
[  538.270586][    C1]  kfree+0x6f/0xf0
[  538.274320][    C1]  hci_release_dev+0x12a3/0x13b0
[  538.279250][    C1]  bt_host_release+0x82/0x90
[  538.283836][    C1]  device_release+0xa4/0x1d0
[  538.288426][    C1]  kobject_put+0x19d/0x280
[  538.292867][    C1]  put_device+0x1f/0x30
[  538.297039][    C1]  hci_dev_cmd+0x279/0x740
[  538.301476][    C1]  hci_sock_ioctl+0x41e/0x7f0
[  538.306149][    C1]  sock_do_ioctl+0x114/0x330
[  538.310733][    C1]  sock_ioctl+0x4bd/0x710
[  538.315054][    C1]  __se_sys_ioctl+0x12f/0x1b0
[  538.319721][    C1]  __x64_sys_ioctl+0x7b/0x90
[  538.324302][    C1]  x64_sys_call+0x58b/0x9a0
[  538.328796][    C1]  do_syscall_64+0x4c/0xa0
[  538.333210][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  538.339130][    C1] 
[  538.341455][    C1] Last potentially related work creation:
[  538.347177][    C1]  kasan_save_stack+0x3a/0x60
[  538.351847][    C1]  __kasan_record_aux_stack+0xb6/0xc0
[  538.357303][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[  538.363104][    C1]  insert_work+0x51/0x300
[  538.367429][    C1]  __queue_work+0x9b1/0xd30
[  538.371937][    C1]  queue_work_on+0xde/0x150
[  538.376803][    C1]  __hci_cmd_sync_sk+0xa7f/0xd30
[  538.381758][    C1]  hci_cmd_sync_status+0x53/0x120
[  538.386786][    C1]  hci_dev_cmd+0x35b/0x740
[  538.391191][    C1]  hci_sock_ioctl+0x41e/0x7f0
[  538.395871][    C1]  sock_do_ioctl+0x114/0x330
[  538.400449][    C1]  sock_ioctl+0x4bd/0x710
[  538.404788][    C1]  __se_sys_ioctl+0x12f/0x1b0
[  538.409468][    C1]  __x64_sys_ioctl+0x7b/0x90
[  538.414045][    C1]  x64_sys_call+0x58b/0x9a0
[  538.418539][    C1]  do_syscall_64+0x4c/0xa0
[  538.422945][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  538.428826][    C1] 
[  538.431141][    C1] Second to last potentially related work creation:
[  538.437717][    C1]  kasan_save_stack+0x3a/0x60
[  538.442390][    C1]  __kasan_record_aux_stack+0xb6/0xc0
[  538.447758][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[  538.453563][    C1]  insert_work+0x51/0x300
[  538.457891][    C1]  __queue_work+0x9b1/0xd30
[  538.462401][    C1]  queue_work_on+0xde/0x150
[  538.466896][    C1]  hci_cmd_timeout+0x191/0x200
[  538.471643][    C1]  process_one_work+0x71f/0xc40
[  538.476476][    C1]  worker_thread+0xa29/0x11e0
[  538.481168][    C1]  kthread+0x281/0x320
[  538.485249][    C1]  ret_from_fork+0x1f/0x30
[  538.489665][    C1] 
[  538.492012][    C1] The buggy address belongs to the object at ffff88811fb6c000
[  538.492012][    C1]  which belongs to the cache kmalloc-8k of size 8192
[  538.506054][    C1] The buggy address is located 2560 bytes inside of
[  538.506054][    C1]  8192-byte region [ffff88811fb6c000, ffff88811fb6e000)
[  538.519499][    C1] 
[  538.521822][    C1] The buggy address belongs to the physical page:
[  538.528217][    C1] page:ffffea00047eda00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11fb68
[  538.538446][    C1] head:ffffea00047eda00 order:3 compound_mapcount:0 compound_pincount:0
[  538.546755][    C1] flags: 0x4000000000010200(slab|head|zone=1)
[  538.552847][    C1] raw: 4000000000010200 ffffea00044da600 dead000000000005 ffff888100043500
[  538.561427][    C1] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000
[  538.570014][    C1] page dumped because: kasan: bad access detected
[  538.576635][    C1] page_owner tracks the page as allocated
[  538.582346][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 6401, tgid 6400 (syz.1.1493), ts 482390517645, free_ts 482247323272
[  538.605097][    C1]  post_alloc_hook+0x1f5/0x210
[  538.609871][    C1]  prep_new_page+0x1c/0x110
[  538.614374][    C1]  get_page_from_freelist+0x2d12/0x2d80
[  538.619923][    C1]  __alloc_pages+0x1fa/0x610
[  538.624517][    C1]  alloc_slab_page+0x6e/0xf0
[  538.629101][    C1]  new_slab+0x98/0x3d0
[  538.633170][    C1]  ___slab_alloc+0x6bd/0xb20
[  538.637762][    C1]  __slab_alloc+0x5e/0xa0
[  538.642084][    C1]  __kmem_cache_alloc_node+0x203/0x2c0
[  538.647556][    C1]  __kmalloc+0xa1/0x1e0
[  538.651700][    C1]  mb_cache_create+0x187/0x5a0
[  538.656457][    C1]  ext4_xattr_create_cache+0x13/0x20
[  538.661741][    C1]  ext4_fill_super+0x5201/0x7590
[  538.666670][    C1]  get_tree_bdev+0x447/0x690
[  538.671249][    C1]  ext4_get_tree+0x1c/0x20
[  538.675650][    C1]  vfs_get_tree+0x9a/0x270
[  538.680059][    C1] page last free stack trace:
[  538.684722][    C1]  free_unref_page_prepare+0x742/0x750
[  538.690177][    C1]  free_unref_page+0x95/0x540
[  538.694874][    C1]  __free_pages+0x67/0x100
[  538.699276][    C1]  __free_slab+0xca/0x1a0
[  538.703594][    C1]  __unfreeze_partials+0x160/0x190
[  538.708704][    C1]  put_cpu_partial+0xa9/0x100
[  538.713372][    C1]  __slab_free+0x1c4/0x280
[  538.717782][    C1]  ___cache_free+0xbf/0xd0
[  538.722187][    C1]  qlist_free_all+0xc6/0x140
[  538.726764][    C1]  kasan_quarantine_reduce+0x14a/0x170
[  538.732215][    C1]  __kasan_slab_alloc+0x24/0x80
[  538.737053][    C1]  slab_post_alloc_hook+0x4f/0x2d0
[  538.742155][    C1]  kmem_cache_alloc+0x16e/0x330
[  538.746999][    C1]  prepare_creds+0x2f/0x640
[  538.751500][    C1]  do_faccessat+0xeb/0xa20
[  538.755961][    C1]  __x64_sys_faccessat2+0x9a/0xb0
[  538.760982][    C1] 
[  538.763299][    C1] Memory state around the buggy address:
[  538.768938][    C1]  ffff88811fb6c900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  538.777440][    C1]  ffff88811fb6c980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  538.785489][    C1] >ffff88811fb6ca00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  538.793530][    C1]                    ^
[  538.797587][    C1]  ffff88811fb6ca80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  538.805637][    C1]  ffff88811fb6cb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  538.813686][    C1] ==================================================================
[  538.821733][    C1] Disabling lock debugging due to kernel taint
[  538.828148][    C1] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  538.839916][    C1] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  538.848345][    C1] CPU: 1 PID: 7074 Comm: syz.2.1663 Tainted: G    B   W          syzkaller #0
[  538.857210][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  538.867287][    C1] RIP: 0010:__queue_work+0x575/0xd30
[  538.872606][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 18 45 29 00 4c 89 ff e8 60 dd b8 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 1c 98 6e 00 49 8b 7d 00 e8 f3 d8
[  538.892234][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[  538.898320][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff8881134c2880
[  538.906313][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  538.914299][    C1] RBP: ffffc900001b0d08 R08: 0000000000000007 R09: fffffffffffffffb
[  538.922282][    C1] R10: dffffc0000000000 R11: ffffed1023f6d939 R12: dffffc0000000000
[  538.930265][    C1] R13: 0000000000000000 R14: ffff88811fb6c9c8 R15: 0000000000000008
[  538.938255][    C1] FS:  00007fd4372056c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  538.947199][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  538.953792][    C1] CR2: 0000001b2e721ff8 CR3: 0000000132b54000 CR4: 00000000003526a0
[  538.961793][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  538.969780][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  538.977778][    C1] Call Trace:
[  538.981084][    C1]  <IRQ>
[  538.983953][    C1]  delayed_work_timer_fn+0x61/0x80
[  538.989108][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  538.994963][    C1]  call_timer_fn+0x46/0x2a0
[  538.999503][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  539.005337][    C1]  __run_timers+0x689/0x9f0
[  539.009868][    C1]  ? calc_index+0x200/0x200
[  539.014410][    C1]  ? kvm_sched_clock_read+0x18/0x40
[  539.019666][    C1]  run_timer_softirq+0x6a/0xf0
[  539.024495][    C1]  handle_softirqs+0x1d7/0x600
[  539.029281][    C1]  __irq_exit_rcu+0x52/0xf0
[  539.033805][    C1]  irq_exit_rcu+0x9/0x10
[  539.038075][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  539.043739][    C1]  </IRQ>
[  539.046685][    C1]  <TASK>
[  539.049627][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  539.055642][    C1] RIP: 0010:schedule+0x2b/0x170
[  539.060510][    C1] Code: 48 89 e5 41 57 41 56 53 49 bf 00 00 00 00 00 fc ff df 65 48 8b 1d 35 d1 02 7b 4c 8d 73 18 4c 89 f0 48 c1 e8 03 42 0f b6 04 38 <84> c0 0f 85 ea 00 00 00 41 83 3e 00 74 61 4c 8d 73 2c 4c 89 f0 48
[  539.080143][    C1] RSP: 0018:ffffc9000ef4f518 EFLAGS: 00000a02
[  539.086245][    C1] RAX: 0000000000000000 RBX: ffff8881134c2880 RCX: 0000000000080000
[  539.094242][    C1] RDX: ffffc90002a9f000 RSI: 000000000007ffff RDI: 0000000000080000
[  539.102246][    C1] RBP: ffffc9000ef4f530 R08: ffffc9000ef4f597 R09: ffffc9000ef4f560
[  539.110251][    C1] R10: dffffc0000000000 R11: fffff52001de9eb3 R12: ffffc9000ef4f560
[  539.118252][    C1] R13: dffffc0000000000 R14: ffff8881134c2898 R15: dffffc0000000000
[  539.126252][    C1]  ? memset+0x35/0x40
[  539.130282][    C1]  schedule_timeout+0xba/0x340
[  539.135082][    C1]  ? __cfi_schedule_timeout+0x10/0x10
[  539.140522][    C1]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[  539.146362][    C1]  ? prepare_to_wait_exclusive+0x191/0x1d0
[  539.152196][    C1]  unix_wait_for_peer+0x1f2/0x2e0
[  539.157244][    C1]  ? unix_find_other+0x820/0x820
[  539.162201][    C1]  ? __cfi_autoremove_wake_function+0x10/0x10
[  539.168291][    C1]  ? __cfi__raw_spin_lock+0x10/0x10
[  539.173514][    C1]  ? security_unix_may_send+0x8c/0xb0
[  539.178907][    C1]  unix_dgram_sendmsg+0xea8/0x16f0
[  539.184048][    C1]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[  539.189632][    C1]  ? __switch_to+0x517/0xe60
[  539.194258][    C1]  ? security_socket_sendmsg+0x93/0xb0
[  539.199735][    C1]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[  539.205291][    C1]  ____sys_sendmsg+0x5cc/0x990
[  539.210082][    C1]  ? __sys_sendmsg_sock+0x40/0x40
[  539.215125][    C1]  ? import_iovec+0x7c/0xb0
[  539.219641][    C1]  ___sys_sendmsg+0x2a2/0x360
[  539.224357][    C1]  ? __cfi___futex_queue+0x10/0x10
[  539.229472][    C1]  ? __sys_sendmsg+0x290/0x290
[  539.234254][    C1]  ? futex_unqueue+0x132/0x160
[  539.239030][    C1]  ? __cfi_futex_wait+0x10/0x10
[  539.243881][    C1]  ? __fdget+0x19c/0x220
[  539.248137][    C1]  __sys_sendmmsg+0x2cc/0x4e0
[  539.252819][    C1]  ? __cfi___sys_sendmmsg+0x10/0x10
[  539.258060][    C1]  ? fpregs_restore_userregs+0x128/0x260
[  539.263705][    C1]  __x64_sys_sendmmsg+0xa0/0xb0
[  539.268582][    C1]  x64_sys_call+0x3f5/0x9a0
[  539.273102][    C1]  do_syscall_64+0x4c/0xa0
[  539.277531][    C1]  ? clear_bhb_loop+0x30/0x80
[  539.282207][    C1]  ? clear_bhb_loop+0x30/0x80
[  539.286886][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  539.292781][    C1] RIP: 0033:0x7fd43639c819
[  539.297212][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  539.316827][    C1] RSP: 002b:00007fd437205028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  539.325283][    C1] RAX: ffffffffffffffda RBX: 00007fd436615fa0 RCX: 00007fd43639c819
[  539.333262][    C1] RDX: 0400000000000041 RSI: 0000200000000000 RDI: 0000000000000008
[  539.341247][    C1] RBP: 00007fd436432c91 R08: 0000000000000000 R09: 0000000000000000
[  539.349224][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  539.357206][    C1] R13: 00007fd436616038 R14: 00007fd436615fa0 R15: 00007ffdfa108378
[  539.365187][    C1]  </TASK>
[  539.368205][    C1] Modules linked in:
[  539.372108][    C1] ---[ end trace 0000000000000000 ]---
[  539.377570][    C1] RIP: 0010:__queue_work+0x575/0xd30
[  539.382886][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 18 45 29 00 4c 89 ff e8 60 dd b8 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 1c 98 6e 00 49 8b 7d 00 e8 f3 d8
[  539.402526][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[  539.408614][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff8881134c2880
[  539.416597][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  539.424584][    C1] RBP: ffffc900001b0d08 R08: 0000000000000007 R09: fffffffffffffffb
[  539.432556][    C1] R10: dffffc0000000000 R11: ffffed1023f6d939 R12: dffffc0000000000
[  539.440538][    C1] R13: 0000000000000000 R14: ffff88811fb6c9c8 R15: 0000000000000008
[  539.448516][    C1] FS:  00007fd4372056c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  539.457474][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  539.464060][    C1] CR2: 0000001b2e721ff8 CR3: 0000000132b54000 CR4: 00000000003526a0
[  539.472058][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  539.480034][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  539.488020][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  539.495834][    C1] Kernel Offset: disabled
[  539.500173][    C1] Rebooting in 86400 seconds..