last executing test programs:

10m47.217345519s ago: executing program 32 (id=347):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file1\x00', 0x4000, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x110)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8080c61)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = open(&(0x7f00000001c0)='./file1\x00', 0x4040, 0xd7)
preadv2(r1, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0)

10m35.928869941s ago: executing program 33 (id=413):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x11)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000100)={{0x100}, 'syz1\x00', 0x19})
ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0x9)
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

10m4.810453278s ago: executing program 34 (id=594):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @rand_addr, 0x5}, 0x1c)
listen(r0, 0x10040)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f00000001c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x16}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x67, 0x0, 0x2, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000140)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0xfffe, 0x0, 0x95, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x6, 0x4, 0xca, 0x0, 0x1000, {[@sack={0x5, 0x2}]}}}}}}}, 0x0)

8m39.066828659s ago: executing program 35 (id=1172):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x4d6, &(0x7f0000000540)="$eJzs3U1oXNUeAPBzZ5o0SdPXj/cobR+8FvqgftB8Ik3UjSt1URAL3SjUmExjzSQTMpPahC5S3RV0IYqCuHDvzp0bu7II4lr34kIqWiOoIIzce2faZDoTB01n2tzfD27m3I+Z/zkd/qf3c04AMut4/CcKYTCE8FUIYV86u3mD4+nL+q0r0/EUhWr17I9Rsl08X9+0/r49IYS1EEJfCOH5p0N4Obo7bnlldW6qWCws1eaHK/OLw+WV1VMX56dmC7OFhdGJ05OTEyPjY5Pb1tZrb7167cynz/Z+/OsbN2+8/flncbUGa+s2tmM7pU3vCQc2LNsVQnjyXgTrgnytPf3drgh/S/z9/TuEcCLJ/30hn3ybQBZUq9XqH9XdrVavVYEdK5fsA0e5oRBCWs7lhobSffj/hIFcsVSuPHqhtLwwk+4r7w89uQsXi4WR2rHC/tATxfOjSfnO/FjD/HgIyT7wO/n+ZH5oulSc6WxXBzTY05D/v+TT/AcywiE/ZNem/G95LgDYifz/D9kl/yG75D9kl/yH7JL/kF3yH7JL/kN2yX/ILvkPmfTcmTPxVK0//z5zaWV5rnTp1EyhPDc0vzw9NF1aWhyaLZVmk2d25v/q84ql0uLoY2H58nClUK4Ml1dWz8+Xlhcq55Pn+s8XejrSKqAdB45d/yYKIaw93p9Msd7aOrkKO1u1GoVuP4MMdEe+2x0Q0DVtnvp7c++9rgjQcY7xIcOi9Ld6G3+it3G/oK/V+xfvnC8EHiy5blcA6JqTRzZd/6tGrv9BZjQ//3+u2vGKAB3n1l/ILvv4QJMh+jbZ6vw/8GBy/h+ya7DF+F9707G7Dn1S2+5fIYSv8z2762N9ATtB7vuotv9/ct//BxvX9ka/JZcIekMIr31w9r3LU5XK0mi8/Kfbyyvv15aPbXhjywMGoFvqeVrPYwAgu9ZvXZmuT52M+8NT6U0Id8ffVTs32ZdcoxxYjzbdqxBt070La1dDCIebxY9q452nBzID6/m74h+svUbpRyT13ZWMm96Z+Ec2xP/fhvhH//G/CmTD9bj/GWmWf7kkp8Pt/Nvc/wxu070Trfu/3O3+L9+i/zvWZoxXPnz9u5bxr4ZwtGn8ery+JFZj/LhuJ9uMf/PFc4darat+lH5Os/h1cWm4Mr84XF5ZPZX8jtxsYWF04vTk5MTI+Njk8IWLxcJI+rdpjCcOf3ljq/YPtIi/VfvjZQ+32f7f//vFC8e3iP/Qiebf/8Et4veHEB5pM/7PY9++1GpdHH+mRftzW8SPl423Gb/87jMGFQaA+0h5ZXVuqlgsLCkoKHSlcPX+qEZDods9E3CvlVfiQ/M46btdEwAAAAAAAAAAAKBdnbiduNttBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYCf4MAAD//1o61z8=")
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x1a2)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0xa4c42, 0x108)
write$sndseq(r1, &(0x7f0000000240)=[{0x9, 0xd3, 0xf, 0x5, @time={0x1, 0xf00d}, {0x5, 0x3}, {0x96, 0x9}, @queue={0xff, {0x2, 0x20000000}}}], 0x1c)
fallocate(r0, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x7, 0xbb, 0xa, 0xfffffffffe000001})

8m25.294982235s ago: executing program 36 (id=1250):
userfaultfd(0x801)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

6m16.362774395s ago: executing program 37 (id=2149):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x185)
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f00000000c0)='.\x00', 0x5000009)
fallocate(r0, 0x0, 0x1000000, 0x3)
mmap(&(0x7f00002d6000/0xe000)=nil, 0xe000, 0xc, 0x11, r0, 0xffff9000)

5m35.321568535s ago: executing program 5 (id=2371):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x2, 0x1, 0x23, 0x0, 0x1, 0x3}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000020000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000040000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r5, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001480)={{r2}, &(0x7f0000001400), &(0x7f0000001440)=r4}, 0x20)
sendmsg$unix(r1, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

5m34.89824032s ago: executing program 5 (id=2374):
r0 = gettid()
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x3938700}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
futex(&(0x7f0000000200)=0x1, 0x6, 0x0, 0x0, 0x0, 0x1)
rt_sigqueueinfo(r0, 0x21, &(0x7f0000000040)={0x0, 0x0, 0xfffffffb})

5m34.410083098s ago: executing program 3 (id=2378):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r0, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r1, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
listen(r0, 0xfffefffa)
listen(r1, 0x4)

5m34.05593335s ago: executing program 3 (id=2381):
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000140)={0x28, 0x0, 0x2710, @host}, 0x10)
setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(0xffffffffffffffff, 0x28, 0x2, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
memfd_create(0x0, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000180)={'bridge_slave_0\x00', {0x2, 0x4e22, @broadcast}})

5m33.697434197s ago: executing program 3 (id=2385):
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_int(r1, 0x0, 0x8, &(0x7f00000000c0)=0x7, 0x4)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x66, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @multicast1}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0x63, 0x0, &(0x7f0000000000)="ff", 0x0, 0x149d, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x50)

5m33.025185024s ago: executing program 5 (id=2389):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0a00000004000000070000007f"], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ec0)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000001000010700930000ffffffff0a000000060001001000000008000a00", @ANYRES32=r0], 0x24}}, 0x24008000)

5m32.659700509s ago: executing program 5 (id=2391):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x200000, &(0x7f0000000500), 0xfc, 0x57c, &(0x7f0000000680)="$eJzs3U1rG9caAOB3xnbifNxrB0K4t4tiyKIpaaTY7kcKXaTL0oYG2n0qbMUEy1Gw5BC7gSaLZtNNCYVSGijtvvsuQ/9Af0WgDYQSTLvoxmXkkaPEki078kei54Gxz5kZ+ZxXM+/xGY2EAuhbY9mPNOL/EfF1EjHSsm0w8o1jq/stP745lS1JrKx88mcSSb6uuX+S/z6SV/4XEb9+GXE6Xd9ubXFptlSplOfzejGSa8Xa4tKZK3OlmfJM+erE5OS5tyYn3n3n7Z7F+vrFv7/7+P4H5746ufztzw+P3U3ifBzNt7XG8RxutVbGYix/Tobi/DM7jvegsf0k2esOsC0DeZ4PRTYGjMRAnvVtrYzsZteAHfZFltZAn0rkP/Sp5jygeW3fo+vgF8aj91cvgNbHP7j62kgMN66NDi8nT10ZZde7oz1oP2vjlz/u3c2W6N3rEACbunU7Is4ODq4f/5J8/Nu+s13s82wbxj/YPfez+c8b7eY/6dr8J9rMf460yd3t2Dz/04c9aKajbP73Xtv579pNq9GBvPafxpxvKLl8pVLOxrb/RsSpGDqY1Te4n/NZuvxgpdPG1vlftmTtN+eCeT8eDh58+jHTpXrpuYJu8eh2xCtt57/J2vFP2hz/7Pm42GUbJ8r3Xu20bfP4d9bKjxGvtT3+T+5oZaVifa7T/cli43woNs+K9f66c+K3Tu3vdfzZ8T+8cfyjSev92trW2/hh+J9yp23bPf8PJJ82ygfydTdK9fr8eMSB5KP16yeePLZZb+6fxX/q5MbjX7vz/1CW2F3Gf+f4ndZdh7cW/87K4p/e0vHfeuHBh59/36n97o7/m43SqXxNN+Nftx18nucOAAAAAAAA9ps0Io5GkhbWymlaKKy+v+N4HE4r1Vr99OXqwtXpaHxWdjSG0uad7pGW90OM5++HbdYnnqlPRsSxiPhm4FCjXpiqVqb3OngAAAAAAAAAAAAAAAAAAADYJ45EDLf7/H/m94G97h2w4zb4ym/gJdc5//MtvfimJ2Bfas3/g3vYD2D3mf9D/+oi/9Pd6Aew+/z/h/4l/6F/yX/oX/If+tdW8v+nCzvYEQAAAAAAAAAAAAAAAAAAAAAAAAAAAHg5XLxwIVtWlh/fnMrq09cXF2ar189Ml2uzhbmFqcJUdf5aYaZanamUC1PVuc3+XqVavTY+EQs3ivVyrV6sLS5dmqsuXK1fujJXmilfKg/tSlQAAAAAAAAAAAAAAAAAAADwYqktLs2WKpXyvILCtgqD+6MbnQppfqLvl/68MIU9HpgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMW/AQAA//+LGzah")
creat(&(0x7f0000000380)='./bus\x00', 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef35bf413db93852f7bda4ae6dddfbd1ce5d29c2eeee09e737e60edf110f5bcb7639c2eb4b78c6df701905b9aafab4af000055a3f6a00400", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000c700e6d602000000000000080000000001", [0xa, 0x1]})
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)

5m32.08652114s ago: executing program 3 (id=2392):
r0 = syz_open_procfs(0x0, &(0x7f00000006c0)='mounts\x00')
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)={0x2000})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x100)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0/../file0\x00')

5m31.78340522s ago: executing program 5 (id=2394):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c000000020603000000000000000000000000001400078008001240000000000500150002000000050001000600000005000500020000000500040000000000090002"], 0x4c}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200e19}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffff7fff}, 0x94)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd608a37f200082c"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000080900010073797a30000000005c000000030a03000000000000000000050000000900010073797a30000000000900030073797a300000000008000c40000000032800048008000240000000120800014000000000140004"], 0xa4}}, 0x0)

5m31.681429877s ago: executing program 3 (id=2396):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_ethernet(0x3e, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x24, &(0x7f0000000080)=0x1, 0x4)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f0000001f00)=[{{0x0, 0x0, &(0x7f0000001300)=[{&(0x7f00000000c0)=""/47}, {&(0x7f0000000100)=""/224}, {&(0x7f0000000200)=""/4096}, {&(0x7f0000001200)=""/124}, {&(0x7f0000001280)=""/60}]}}, {{0x0, 0x20, 0x0, 0x0, &(0x7f0000000040)=""/26, 0x11}}, {{&(0x7f0000001380)=@pppoe={0x18, 0x0, {0x0, @local}}, 0x0, &(0x7f0000001840)=[{&(0x7f0000001400)=""/149}, {&(0x7f0000001b00)=""/118}, {&(0x7f0000001540)=""/188}, {&(0x7f0000001600)=""/57}, {&(0x7f0000001640)=""/135}, {&(0x7f00000014c0)=""/101}, {&(0x7f0000001780)=""/171}], 0x56, &(0x7f00000018c0)=""/176}}, {{&(0x7f0000001700)=@ieee802154={0x24, @short}, 0x0, &(0x7f0000001e80)=[{&(0x7f0000001d00)=""/213}, {&(0x7f0000001e00)=""/53}, {&(0x7f0000001e40)=""/2}], 0x0, &(0x7f0000001ec0)}, 0x3}], 0x15cbc1ab4c0933f, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x6, 0x0, 0x0, 0x0, 0x2, 0x9b, &(0x7f0000001c40)=""/155, 0x41000, 0x80, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)

5m30.278408363s ago: executing program 3 (id=2402):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x7})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)

5m29.218253534s ago: executing program 38 (id=2402):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x7})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)

5m27.870695968s ago: executing program 5 (id=2414):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040001}, 0x8000)
setresuid(0x0, 0xee01, 0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, 0x0)

5m26.75623993s ago: executing program 39 (id=2414):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040001}, 0x8000)
setresuid(0x0, 0xee01, 0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, 0x0)

3m3.229161755s ago: executing program 4 (id=3225):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x9, &(0x7f0000000040)={0x0, 0x20c8a1, 0x1c881, 0x8, 0xd1})
r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x7, 0x20002f7})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x5c8c, 0x0, @empty, @mcast1, 0x80, 0x0, 0x0, 0x20000000}})
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x2d, 0x0, 0x1f, 0x2}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x4)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
rt_sigqueueinfo(0x0, 0x30, &(0x7f0000000240)={0x20, 0x6})
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

3m2.913289947s ago: executing program 4 (id=3228):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100))
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x18)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

3m1.84803144s ago: executing program 4 (id=3236):
sendmmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(0xffffffffffffffff, 0x0, 0x4044000)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x25dfdbfb, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

3m0.421395904s ago: executing program 4 (id=3242):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000280)={[{@dioread_lock}, {@resgid}]}, 0x6, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==")
symlink(&(0x7f0000000040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0/file0\x00', &(0x7f0000000280)='./file0\x00')
creat(&(0x7f0000000100)='./bus\x00', 0x1fb978507dcbbbd6)
statfs(&(0x7f0000000400)='./file0\x00', 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100)={0x2400, 0x0, 0x20}, 0x18)

2m59.988965286s ago: executing program 8 (id=3244):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ff4000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x7a22, 0xc000, 0x7, 0x337})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x0, 0xffff}}}, 0x24}}, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)='9', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
socket$inet_smc(0x2b, 0x1, 0x0)

2m59.544580726s ago: executing program 4 (id=3246):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0xc, &(0x7f0000000040)={0x0, 0xc8a1, 0xdb00, 0x8, 0x29})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
io_uring_enter(r1, 0x2219, 0x7721, 0x1f, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x3}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f00000003c0)="c274386d178550cb864bd57221bc", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

2m59.022315763s ago: executing program 8 (id=3247):
symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffe1c)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file7\x00', 0x1ac)
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file7/file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)

2m57.984796964s ago: executing program 8 (id=3250):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r2, &(0x7f0000000000), 0x10)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, 0x0, 0x0)

2m57.140736659s ago: executing program 4 (id=3254):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1ec)
syz_mount_image$fuse(0x0, &(0x7f0000000480)='./bus\x00', 0x3010039, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0xf00, 0x0)
fanotify_mark(r1, 0x1, 0x5000003a, r0, 0x0)
close(0x3)
read$FUSE(r1, &(0x7f0000000f40)={0x2020}, 0x2020)

2m56.543135703s ago: executing program 40 (id=3254):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1ec)
syz_mount_image$fuse(0x0, &(0x7f0000000480)='./bus\x00', 0x3010039, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0xf00, 0x0)
fanotify_mark(r1, 0x1, 0x5000003a, r0, 0x0)
close(0x3)
read$FUSE(r1, &(0x7f0000000f40)={0x2020}, 0x2020)

2m53.864381546s ago: executing program 8 (id=3270):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0xc8d0, &(0x7f0000000500)=ANY=[], 0x4, 0x2d5, &(0x7f0000000200)="$eJzs3L9PE2EYwPGnpZRSAtfBaDQxvNFFlwvU3dgYSIxNJEiNPxLjAVdterak12BqjOjkavwjHAgjG4nyD7C4Obm4sZg4yGA80/tRChTBQjmg309C7oHnfcr7XoE874W79fvvnxfztp43qhJNKImIiGyIpCQqgYh/jLpxXJq9kasDP79evPvg4e1MNjs2qdR4ZupaWik1NPzpxat+f9hKn6ylHq//SH9fO7t2fv3P1LOCrQq2KpWrylDT5W9VY9oy1WzBLupKTVimYZuqULLNipcve/m8VZ6bqymjNDuYnKuYtq2MUk0VzZqqllW1UlPGU6NQUrquq8GkYC+5xclJI9Nm8cwhTwYdUqlkjB4R6d+RyS2GMiEAABAqv/9vdPvRekvfTv8fa9n/L11arQ7cWx7y+/+VeL3/F2nq/59svtaW/j8hIh3v/3d2RKeL4/w7f6D+HydEvf9P+r+/rrePlkbcgP4fAAAAAAAAAAAAAAAAAAAAAICTYMNxNMdxtOAYfPSJSMK9g8T7POx5ojN4/7vb5oM7YkMi1rv53HzOO/oDVkXEElNGRJPf7s+Drx4H9wKqupR8thb8+oX5XI+byeSl4NaPiiap7fWOM34rOzaqPFvreyXZXJ8WTc60rk+3rI/LlctN9bpo8mVGymLJrH9nXFD/elSpm3ey2+r73XEAAAAAAJwGumpo7N/7mvP6zry3P/byjf11y+sD3v56pOX+PCYXYmGtGgAAAACA7mLXXhYNyzIrpy4IVrjfquB/GXYZE5HIbqlDCIJvfjxO3T6CaFtTHY7/55vSMgguG+02RibaeWVHEznoaTn34eOvwzvP15cTe6y0Y0Hv0f0FAgAAAHBUNpv+4Cs3wp0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABd6CgeJxb2GgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDj4m8AAAD//87sChQ=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x48)
pwrite64(r0, &(0x7f0000003a80)='\t', 0x1, 0x8000c61)
open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(0x0, 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x6000, 0x69)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x3, 0x0, 0x0, 0x4, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000007700000c00002000", "036c47c678082004cb59d654cb9b1b165263bdbcef549ba197fce47ddfdd753abd950100172a00ffffff00f7ffffff000000f3e7f20000000200000000000600", "b7326736181c208220fffff2ff00000000000000000e00", [0x4]})
fallocate(0xffffffffffffffff, 0x8, 0x2000000, 0x10000)

2m52.566101012s ago: executing program 8 (id=3280):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x4e24, 0x0, @empty}, 0x1c)
sendmmsg(r2, &(0x7f00000092c0), 0x4ff, 0xf401)

2m51.38722733s ago: executing program 8 (id=3284):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x20}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty, 0xac800000}}, 0x0, 0x0, 0x318, 0x1, 0x24}, 0x9c)

2m50.074122327s ago: executing program 41 (id=3284):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x20}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty, 0xac800000}}, 0x0, 0x0, 0x318, 0x1, 0x24}, 0x9c)

16.048496077s ago: executing program 1 (id=3906):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x2, 0x0, 0x0)
bind$can_raw(r0, &(0x7f0000000480), 0x10)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0)
close(r0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010800d972a440b72040155ab7010203010902120001000000000904000000ff"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$uac2(r1, 0x0, &(0x7f0000000bc0)={0x44, &(0x7f0000000900)=ANY=[@ANYBLOB="e0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r1, 0x0, &(0x7f0000000040)={0x2c, &(0x7f0000000080)={0x40, 0x0, 0xd6, "e2132ee5208c0d05eb8ed8269f43ff9fcd35abaadac2687f0cd6f2f66964891a5dd429920fb6213a9c89997f4d153db5ac21c78d1bcd3eb370e26ffcb57593411fd86554d4ddbfc829c78333979078550d78969315f7bb2d878785ad28e597fdd7bb4fd8ff2e49e735d10918752a8b7a398868b4ba229cfca5f94b2353e5673b4ebd0d20979d738e350545dc48490e88e24e507a36943343c8b9e36180ec33ca3a000000000000000069b8153b24b288602ca49820d908db096457ee3b9ab251257d8532c5d34f0f1c4b8ec22c7b34c524a69d811e7d"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r1, 0x0, &(0x7f00000003c0)={0x24, &(0x7f0000000180)={0x20, 0x11, 0x1, "1a"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r1, 0x0, &(0x7f0000001140)={0x84, &(0x7f0000001200)=ANY=[@ANYBLOB="001367"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

14.431774512s ago: executing program 1 (id=3911):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="611234000000000061134c0000000000bf3000000000000015000200000000103d030100000000009500000000000000bc26080000000000bf67000000000000070300000fff07006702000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f909ad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305865050df26469fac5202d6293c3d5e11f4f83e7455baeeba4f"], &(0x7f0000000100)='GPL\x00'}, 0x48)

14.382477854s ago: executing program 9 (id=3912):
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1451c2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000f4b000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00007fd000/0x800000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
socket$kcm(0x21, 0x2, 0x2)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x7, 0x20002f9})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000580), 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
r1 = socket$inet(0x2, 0x80001, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x85, &(0x7f0000000000)={0x0, @in={{0x2, 0x0, @empty}}, 0x27c0}, 0x90)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)='8', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

12.69290128s ago: executing program 1 (id=3915):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000000)='./file0\x00')
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
write$FUSE_DIRENTPLUS(r0, &(0x7f0000001580)=ANY=[], 0x3d0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$P9_RMKDIR(r0, &(0x7f0000000240)={0x14, 0x49, 0x2, {0x40, 0x3, 0x1}}, 0x14)
write$char_usb(r0, &(0x7f0000000600)="b56511e72c6cba780ce701ed0b2db27a336692892a6491e2488652ff00c468d353d809d5b20d8ee0f9fefa6cd7bd1036ed25f0e37053d291887c707a892884c2b4aa2ebac156ef8288264449eea05c4f51c3bb4355eb108744fe34e5d0e851d51a855854135f04dd5d854459226f090b6f0d6135e8f2824eed7469236cad2251116a381d8cd30bae59c1fe71e028a667cb910d523aa5d7208286755075ee8be937304cca20e234303df72ad4e2bdc71219456229460a7c6a2df61e8b21b4a4941dcba5c257b90bbf0a976a73973319258ad7f738c04dfbdee4ea0e1b77a909a154fd934f791ebea03db6f06c8f14bc40924e46cbb9b343f25d63f332f9b3f176601f842a4e40401cbc62ee7803c3a2d71f3878f61d8fb8cb5ee90a696b22fb97bbdfd36af05c2e34dfb3d36cf7333ea9dc98af537780ae7bc701053b9009d654d84f04c851b311341efcec16ef3d5c8a7e8af494068dbad55bfa7b7bf4475ceb03a6f4ef11ce14652dc36f279671b7184586c7aab57d50ca23deaeeeaebc2ed024d91f399c84834e7802ad28b6ffec7ed089e8af35d15f2713e70ce55b3f60b9c002496e110c3a68e4c01faf901df4e39d007bf99f3a2d2e33c58b92b961937060a92ab6347995c09eb6a363092e3a45b68bd5e734d43b0bc98070d66c8d03490897a7d05e894da6d92c46cb1d961d11a7d1cd9d3c437c07e9f090690d2b344a93fdc5d7276b74231f1ad050024359e7a73ee913e9a7eba72f23482de94c572d07491328ca363762c44ddcdb1623ec6d639b368d407ffafbb265de19bd5e52ec86c12167dfe2a3de629af1d66612c3f313e07a301d8378fc6eb551196b51680d1194d682ff6cdbb0f811608d6321b41664108ef6dd1dfcc7df602901b0c0d549fb8d0c1aa9b542b99d76b6b8c360c9bcb01ed819a57441948465279d0b2652be1058065929bffae3e9c8923ba01c954f3c49298db8ffad96b73684daf2e608046be2ffb0de70237e044d4be3e6ccc1984ebd2f6e0f57e99fcb0ec30598f121bd93a4003e0ba0815e5ddbeba9f3f8600ef86258a5423fb1f30da5be531e573bf5322a5842eeb23107f02021dc332e0e687bd1f4f0ac09293c3638603279484dd552d534089e0b5b903c4ceeedef410662ec12e17e9b616950874e24d313d770e84b488544a8b829039d06637269367c108dc37712d46ef6601ef4e937a120c607e570446d6216366a72ced5d543ba92a929cef7c4fb03307e88174ad88381b16de1c3f9985f483ff75e9b40fc0e001d037dda41df9a583009baa3b246c19ab5a20cb4e62accb7a86090717c17db68b0d14905ed0ce6e49555de65448782fc0899f631393b5ccd65da59265d1b4ba9ff4d8a328cb42d2e3a465db23cfa9f159ce5716df7ccf393a561a1783679048570f2467c5336106bc8954569c047e854b2211141d169b27ca796b42c544f70123bd9f6ae23f87d1be164cd7bb2da3dc79e6f12a687296942c9c8f2d99b6961b48e046028bd69dcda162510ad235b7bf28a0ff994e23f08e807437dcd1a426a31e818b918e5c28725bf12f42d6f719d9d81100e529b9f7e4891167aef44ec7afa086e46cf832d144ebe668dbafcbf229be799f33df6c1fb3365f4cb64f360fb70ee140818503a185a44f15d3db5fd5abe8ea3c59f4120c23d3792a4ac791959858dc88286e403ad45b31716e28be7684375c2651f88ed78c2948d673ef2a8a937136ca9842717585894453a83280edc21f3fadb974c36696fe7d8bd136a005a69d14d034a869c4035282ac7c91642a05743814b4cd57df50a4eb15dd7a561637ea4ef6b3bcf89695f125fcd390746357917a6bcf55e0268a09ae5b1195f99a7fe5fec2d4115978052e195d7b5df345b827121a86166c9095e387301fc561654db0183715239247eb9dc15e83c20389aa6271b42125bd475b82db032150aa39fab06fde1034347a8a884c74edb21be34c8cf5b437ad7223970defbb27ca8eb0029fdd4acd4bc92236584ed42f03706376c583a5c8e5cf9f2415ee1f8c1b01f34d7cf1b673db2158eb99d55878ee41b391f8d7339c6f3471ae4af25e5ecb8cea2fbed9f915ce483f1a9411ca5b21776295aa4f52fa31d875f9850f3e07b8093b0f92570d41d77e68e9a79a27b6f5a2c9a100cde02ea745353e996b99b43e0f1aa51288d863859bc618a602c17a15e285e6c189a21a4762b57ce396c852a5453f035c7a2d849a98c30a2e7f797ed13ffae44e4d15a240d092a25b4820e0d2fe3b9cb74b89efc977634d1f37eddc1433f6b06fd13c543bceca1254f91413d8b914bd67f1dca660ad8ef561dfb2ce5f0486b3e1a19a3682dad8a727177a1ea448273c3cd308300e3b4fc4f96efa8d6d723de8b38f7688e13c47b2aa801ba5c33a138208412524250e41eb253520f68324dbdb5e7de6e02dc315e20cf1844cc7a5f15428dd342bcf40895d94b3de0e1acdb698a94e0dd881edfb7569d0c81981213e7186eac0d80dd35e1a48aa5319678db523e9cea10163e3924c52d1d4ff589b3b228d98e64e6ee22990600ac9b272b483520148dac0e26d27ef618c86b0a49075f71d8c21e49bbcf83eb1374f0ad393074e32fa33a257f13fb187ba40b02ee6e688092e81ce0c04e3e53507b4b244fcf3afd4dbf05747a8c81828351558223a7bd0ff6684e94cd264ab3841cca4983c10b627c3c13286872798a3bce148b7f9847cb2b485bb900ad006b08482c801e9f05e5e57591e9c9ed1235c397ebffec2bffdf0eaa4aa2b3927e583f913edb95ce47603bc725ad16c59c4b638668190bd1f9c4b2c9e1b14a85d9e3e81ef3668baf27e59dd14d1ade2d7873d4feb989cdac04675f40b59a1a41453b44e0fdb89f4a7f3f52cb3a6a79d0763f85826fe1b5acb3215a0328c32ccdf2c21bb4ab3310c2d33f9b1255582e0807492ce59953f6cd4422bfa5ea9192177bbf13bd7a83807362036708653bd01b67d3def4ef7041ea29995404c0b10b0eae74bbf614652f887f755e94d390341437d50cecbf2c16fa21638ad3f85f30db17e1af9bf2b4aa8113d6a9170dc4c024f484200a471e9c73f6d2055585bdb499156081d3bc288a2ddd2b9d856c69c22ad3b4ee16555c64d86b7a9d83722860fdbf06b3a1592f3e5832fdf2d3ee078e54b7cee981cec96de0a4c77e052d2f86061cba468f6c5861771014dd56320f5fd4f84b5a890838e9fe72f41620d131cfdb7d0e627dd490acab383d5fc8cfc95e966ced3dfe3d315ad76a0452a50e8b4e9882ca9294eaa12f73629affc9050df48aedc1da6081259226056012decf4a60c3e252860cc7452e6058d8029d2d0971496e19cc94558c96678bd1b074894271b2bff2810f8a684c9329c584641bfeeb2fd4db920aec9d18e1b05803c37bc1b3cd1b3782a713ea754b1a35f137e21e31afd230aa1ba53cbc0af2ec98c860c993441007f910b8814e115725753f7a05d0b0b290048dd6aa97f3ae6f14b9652db8017e23303a3aa52c9fd5b83aa3f8ecb5e280425709237cd6fc6728664168bb2dda083ceab3ca528a78432104912e96a2ff9057885b1aebf1a8423b5c390f32bc5f3f0093870a27d8eee3576aa70a9b1ee21041a64e7dc0bbac8b46e7aa6a825bddeeab7ffbdad2ffa238a6cc77532551ebe4e650faadf67328371563e17b508ace6ed5dfcec60cd4b90ca23260f8ae78d937b7503f9595f233c7b719b837484bb684b2f9ca4df4d716a7de9ceadf0212e7f24574f1f14015ffb583c9ad2747cbddf2f0903d3dfc60eb204c6b581ba9caba16471d1bfb09b8b96ddadadcc97435ad6fe5ed249e25b01e0d5af5fe0430e4fb18eefce981fa6c78abab2a35f186137f256d8719f2053316680c03e7499941efd68a0ff066519f4d02608c320228c8cdc42fde4abecefde9d2113f730529e0215f284732d267c6804a49778a4ee32fb860122b4584a519ced4dfc0c8a3d25d90142d16e9e36eff436881dbddd06b99dee8c4e2ff7dbc19edaa7e1ad5b1f9d713abd72d4e4547b3a46ab6acfaa7d92b6da52b75bd530f6d833d156b95f1da248219c85fe807af0a47ae22c20392c889f5e89a3524cf42412a70277fe98196deb7a4c2b136fba8cc411afa84ab762d9b95b284d95f9220b3789ab54dcfa21cd2b99fcd501263cf23654c332a3aa37c6dac0c9c54e5602a691192707708e53abea4c63b7943b1348d3cf0bdce7e4076e3a4ed9afe8651cd8e953e30104534dcb6e85ab77773b60be7e46f6cd07ea8fc675d27593223dadb9cba83f3976e5133d79afd6e4a83877bd8f0d56bd99f3d996df0295838ffb421781da6c088f18f1f94e149659f02f01b99c73de89826f65bd3dbb44468518e0f0dd5fca324", 0xc1f)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0xfff], 0x0, 0x0, 0x1}}, 0x40)

11.317504547s ago: executing program 9 (id=3916):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x12, 0xa, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x32}, 0x50)
futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0x2)
futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0xfffffffd)
futex(&(0x7f000000cffc)=0x3, 0x5, 0x2, 0x0, &(0x7f0000000000)=0x3, 0x5000000)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000005c0)={r0, &(0x7f00000003c0), &(0x7f0000000580)=@tcp=r2}, 0x20)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000880)=@delchain={0x24, 0x5f, 0x333, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0x5, 0x2}, {0xc, 0xe}}}, 0x24}}, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r0, &(0x7f00000003c0), &(0x7f0000000340)=@tcp=r1, 0x1}, 0x20)
syz_usb_connect$midi(0x0, 0x32, &(0x7f0000000280)=ANY=[@ANYBLOB="1201500200000008ca15010140000102038d09022000010106500c090400000101"], &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0})

11.272993566s ago: executing program 2 (id=3918):
socket(0xa, 0x1, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x7, 0x112})
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)='/', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

10.91789553s ago: executing program 1 (id=3920):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0xb0}]}, 0x28}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000780)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000005000000003a00000008000300", @ANYRES32=r6, @ANYBLOB="05005b"], 0x24}}, 0x0)

10.71526895s ago: executing program 0 (id=3922):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x25, &(0x7f0000000000)={0x1})
fcntl$lock(r0, 0x7, &(0x7f0000001140)={0x1, 0x2, 0x6, 0x10000})
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000380)={0x0, 0x1, 0x8, 0x1})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000380)=[{0x2, 0x2, 0x0, 0x80000003}]})

10.639825328s ago: executing program 6 (id=3923):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file1/file4\x00', &(0x7f00000001c0), 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000200)='./file1/file4/file5\x00', 0x81c0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file1/file4/file7\x00', 0x1c0)
r0 = landlock_create_ruleset(&(0x7f00000002c0)={0x2103}, 0x18, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x2000, r1}, 0x0)
landlock_restrict_self(r0, 0x0)
linkat(0xffffffffffffff9c, &(0x7f0000000500)='./file1/file4/file5\x00', 0xffffffffffffff9c, &(0x7f0000000540)='./file1/file4/file7/file5\x00', 0x0)

10.452237775s ago: executing program 1 (id=3924):
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r1 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
r2 = openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff)
write$binfmt_elf64(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c4602010103fcffffffffffffff03003e005666d37500010000000000004000000000000000df012000040000000000000003003800010007000200010003000000000000000300000000010100ff"], 0x509)
close(r2)
write$binfmt_elf64(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB="7f454c46"], 0x78)
r3 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
write$binfmt_elf64(r3, &(0x7f00000000c0)=ANY=[], 0x40)
close(r3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2000405, 0x0)
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0)

10.340287806s ago: executing program 6 (id=3925):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x87}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000e00)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=r0}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r1, 0x0, r2, 0x0, 0x7, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r3=>0x0, <r4=>0x0})
clock_nanosleep(0x2, 0x0, &(0x7f0000000000)={r3, r4+60000000}, 0xfffffffffffffffe)

10.19873572s ago: executing program 9 (id=3926):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000012c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xb000000}, {{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1c}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x3, 0xa, 0x2}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x4, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)

6.921665169s ago: executing program 2 (id=3927):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet(0x2, 0xa, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x7, 0x20002f9})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000580), 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
r1 = socket$inet(0x2, 0x80001, 0x84)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{0x0, 0x60}], 0x1}, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)='8', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

6.86400875s ago: executing program 6 (id=3928):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001640)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080000000000000001007ba4a70a084bd994ac5e00000000000000000000000000351a30cd97f83d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd680200000091f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf64351668a3f76d5afa958aff76249e0ffdf8e45155536a1a44bfcbfbfd232af000052f9002a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb=0x4, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x382, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48)
close(r0)
socket(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r1}, &(0x7f0000000500), &(0x7f0000000540)=r0}, 0x20)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff4000/0xa000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000693000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)

5.98393691s ago: executing program 7 (id=3929):
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x11c0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000010c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(r0, &(0x7f0000004280)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f00000062c0)="23db5037805f177d136115e6a1a5903469af39c1fb9cb38215fe64cff9f2f0444a57e22b0cc5cb4f74c9792365400d9e1c68539ea5eff0a5ed0864814d39251bee8dfea69aa052d900bc0c792e1c9752b7d3a3222f6a1ad3e44c1f65617b128aea51911861ca36ba7c96b96b2fba0fdaa49ffb2612f3e81fe565327dd9965a60046442c9dcd0d552c6a00388be3b438a08883c7349761531880294ad9887db97d8c2f74921c57910cf1f5cc528e17bd5c3746b6202f26d621535aac5f7872c2cb3295e42524b5acb249b2d1ac1b53a4e31271decfca3fad2e2f740768adf00875c18cb7d115150f83ceb73f77a1f61f1666c2bb9f6bd9f0fb55b3a619446e32bae2a1d99aa49e5f3822e048f8be44b707f2db10d7916ec9a10a695d573d871cf24959c3d15e61344a68309d186956537c6ea8532fc2e1c7649f8409d8dcde4c8ee1530470ac9c870f9f1837574e444ba6addf5ddb2dec67c0e76df79f265b403818dddb4efc27c90985ed69a48b12056e548f9c99edf80d2b195d26acb1127661727a0600257f4b2546513d03930a0638a71bd3223e51fbb75c832ef737907f2f4d3f0505f431ea02783c798b5c4579c99961fb73dc623a0d99c1b306435464d413b537d42c6444851b36482597140b22fbc0ebc7e795b2f96739bf139f5823bc869ede547da4f394fa1b1787836095e1013264042e53d5006ea059d0488cb2f5ccd44b30d25ea53c2dda71d112d7d441dbfc9f8462c99c098b1958c80b237d83c32f2759c9a9c081d7d7666a477cfda59354309b09f2a8b9f6c3077b0df1e8d0c71ac07232de4f437107cb0eb9b47b2267efe31938a337cf11cadad72ced56895bb14763cca5bdadd245d801e829a1eb3bb4ed851a345918efd2dcf8d38f66badc773068e6a2ef59b2bb838abd8b043cf6ac54550f3fde1bbb9e761095e4b8ef1891757d376be1f778142610c0acbbfc697f51fbb7a1602ed46e82813c74f41ee2bae818174809f3692084bea7310ebec3d6166702ae62aad84313e19b4d145167185ea8d53cb21d099fb592d7d7f8bc305dd375b5c0cd73be44f49ff53cee220085d4706bbf50c6f63b02e7e805e8fa4c73046a57a8700886da29ea53e5a316e7b011c44a0f7be5cc5cb5641ba0069ff591eee18966c7f005ef40046a5fe2bf325b2545b009867761264aa9611d184fa372ba3c5c33d9a50717210f7cec7f6dc4418a87a797eb6aaf6ab3892bd3f559547c88d8c29646c8173fad1588f52beb34ff863be65e7ec1598cfb465f270bd5532fa7035aae077eedbc846058fa19f58ffb1cf0f1863f6d33f2e5c454d18b66be766ca369af2cc9656fa34c6c10e4d4da44ce5e2370aaf60c4e130da331d3489e8f44c600246323409fdd35d11da27128c9d64be65dd3a90c1546a6eb9185cb6d3a4a9cfad0e41ea03896fd2346f745eb3563d7a79fd345b037c040e56f0677840bf9b0d295bcfa98b931464c5ce9fcaf745720deac2d8b4edeffc0fe6f089ed7c3880959fcf8e31f7b7054bc4f5c9d3ed3f66c968d0bc20b2d66c374f030f3f1965f43a98519e527caf693362412d523eeb38c8b016ff77f78f833d7513e4b5a53d5ed5143916673f822ceac9967b8788bc6428283181eaf8d99e48286aacf4f658a903e9f08659450f7f9483807c2e013a1d9d199f18886a8cb4e14d41c71e5731455a4394551281eca12a1bb6ae717f5da2949175d0f1f3d718b761dfc1099c7d9d8928c899ac8e936e69d19fcbfcfdee83b68ef8e15eed41a8ac0d54aa92d7d2ee58bb4799f378225ec9ba4709e5ce2b77208ecc85c22c64967a9ef3360c54d311b8917ceb7b432c90cc5e98de9327c1400f8ec89261b1d77d8874b0bbdd2c5eb59df415705de52b08b0e12c07fb7367c6d461c19f282d51e482cb4fb9ceb0249ac2d6400ca170fbd6c0063224179c616bb030a5c10102aa2eea92f1e6f5828590b250b09e6d1a9535c298a68160b7c281fecdd295dc3396c4e6eb3395d5a677d5fa95a732dfdef81f4346545dd1a74bb3aa9b516699bdf0a59165077ab459a5ffe0dbb3ef8afa7a8382a8441e0c36ffabbed8f93f4bbeb97e5f6a704bf63a0de9ccf8fef643ebc530a80920931002003b027014de317c42f861d98ef4fef66d232d9706e6bd263347384dadadaa43a7e106bbb21bd822d468ace171b3f04b996112135b63dcbd612b5888ec40da583ab549c340ddaf5d7406c3e99322c68874214356c1fd9b5f84348e629cc3487a901d1b7a2fa531b1509ac1c93de3da9f1c3773e3a2aba2b29d2419f240ae6d24ed9f14bf0b9b0f1e740a2db06dab64d6386f950bff4e4c94160ef4b832bbde3af4937b7528658b5c16a51cb22193fe99385721ce5b048d9338e289dcb40683140c413eca52c8e4b64b306f47569477379c864cfb3aa3e349262407d3935ab9a0916eb0f6db2be71a7eb8f9968dfac44995d5bff8ef617fceeaa448f5e5f8d4b39e3512fe7ae9ee1d8a0d5912b6148969ab0325f3f76e2340fbd67ce156bdf638140b3ccdb08e5049db15957915cb05db8901249b10c59cc5c3ff836290e3334eee2df387e44c57b4d6198c3749f5dc57f6c3de115ced6b43cbddd762b58f1fb40b2baf3b381febdc073142e30d2e9a1a69e8d86314221e540f195509d223b206173dc5406865d8064817c30c284c034035a63190ab86df3bae4168c58e01d2251748fd5d9d610024129e83a5730fe83cf0918790e6854ab765c78649b91c06655f0cb9e26d8432df78bbadd99583b6a8afcf177ed6f339e08c0b36a16c6d31d8a24cb6f2bc3ba58d7711b6f8b988dc3e3144be619548457d4f40509f17eeb186cb93a2928ecb951593d1907c8bbb9f4c8999caba3059c8e73dce54ad6f87bcd51d559f7759902b14e68d3b845c0b179b38f4e6f0bd3a89cbcd5ebed9972102048647da1eda5c8456442369f4ae871d4037ba26f27d27371ce57e23adca5af8dc93f934f2ef8d69ad3b2db66657b3868dd839c2b522f5461f24407ef091b77242fc70a48b7eec45f3bcbcfbc6bdc36e4b67295020a345233a32a0a0af4d03a53ef67e69716d5ae35342722afbe7558946475a9ebf5b39c18558a0011f68bc8a78590b0cb63618379a512790c42d94bb239dd3ef5b8d1036cf0391aded8802a7a447c38f231ae611aeeab9bba44cd14369473758b64108d0bc9b6bc9e9b497c2d1d2acbae7c620a55c226cf371331688eaddec61fe961c5fcef71dad45820ed0ac8dc7641d82150f1318ac15aa41e7be585b6a50da1b3cd95239ee61cfde15aba80ae8ebc21ba4540883c6f44cd35b6b97da4640c97f5a2b6efa8d184fec823abc754ab8a0db6c45c2293e90d9c154c4a3e0b9ec2b6113ce6583b80f0d234dec9a9815067244733e2134b9ba93bb9692fb44200bb5501bb109f2401e8baaf0115d795bb0346dfafaf953bed8e9a52a5b9b02d490c55fd89daf311ad5e08b070a9571f696d6df4715c8b69b840e4e03d6f361326e20d9546c47b3a63163e7df9bd260621358c166177ee7c69ed63a8c43dd4a78543aa9f922c0ef527f4aa61ff65bb14595f518412ce25a1e103df89cd4b363593da16c11d80a23a9b5ad8e3a7be8f697cecf82c8fbd889a4f743c839b67f7ba5453b10bbf59b1e4f4e821872c061a4125c0c15c1ca5164efe61a58bb54dcedc849800a6021a448d4660c3b85e2362b7cd8ce95156fbf408a09a30a8ccfc3554004e9f9a35382907eec00617e2ae1f8803146bc8c28b4f3bf3c6b183ae9248e7f05c4adce3e0b7ff29252b5be9b19431e3fe612d471f52c5c34cc12c83049189f4d2e5ca516df78766ba3449d07ef9436c68052c986d9dde8802c931194e2ce34acb8cc26663a09348b15c6c145d26306bded0d1f482803ae6dee26562b03fcb183b69ee4a0491e8776ecdadfca395cb4eac2948d4d64321a4e669f2f663eb54f05f12ed9c685835c3e79f982152dbe701073b9a4ab2932b46ee2424a5e18bbe5f25ce0b898ff6937927f4670defe430ac86021226ae055daf39b535cdc0899fcc99d15e67d66bd2dd89bb21b8d2689a8af10a1b0bd44103c469922c36fc0228d7b6febf5e366dceecf8bb1db385c8ab95d86ff09b76c2fa6282de81fd6864c495a4c8295df61a2548e1b81c3e3f30d7a41216801d6c2d1743f66ae2055756083e8bf403d436b8244ac214f4d84a693d13f299ba267401d094f2df70840e8a980622794212f0992ecf5a47980ab2cf7d5a6f12b0a489af3c3c847ac59bc89f36fbb0e08bf283b68213a17de38b3a45eade6f0b198def408f7711c16367bcc0ded794a9a323c7e7f07fad96ea9c4d7344c26e43844a27c21076b8d7cd07677602d91eac825eb5fd0631755c2dd1dbf7bce3eb3c3f7377fc6080ecd0b894e29769845725943e25932d4249abb4ab78d4e2ff2e2df42c8d884cd6bd13886cef080c6491c217abae0eec6e9d4d49eab6657f15cfd38e6cd6d0bd33198c4685ab302d0f46e42f4a5d5bb7d2840a0a8817b98a856700d4de74351896fe7d7d5a0d1bc57fb4c828aa51f9637807aeb905780f239527ed4affd83f68be8b7ad1e10d9e797ba39cdee24f7be0a0ab0ac22ea3968dac61eb4bdd522c9ce570edf63a439abfd9954bf6a16c88d86157d05477200a83255cde279b454979cee4de00e81cb44acdc4295c877566a749ab5b91d250f03d46ecc14210c196700338eea028c930ce104f20a9e7fabb0ad1d314ec1a2d97d1d1b9e09114dee0e3e513eacede01971ff85dc98634156073df4e8acd6c3aadd615adaffa7a81573813bc4ca21886ddd532021bba5c84b34c34665534db48d61903a03c1cca4ed955ca92c1e33b7664b494e3db6d1e637a49e537808a2669ebeca301691acd4fab0af197b9c7db01b7862466b568ab3a4712a25210264fb297a6b679dfc3fceb65bddd1a23d5b507a0d6da83d73b716d971c5179a92e57b9b93451eb943845a549de737f2d082a83682c32649b4941e787758ead9d2c256b2b4ed1e0255952ce83cccecc39e5bbdd38490f1960b26e5379943be3d9a64b5149c84d577e5fd099560baa292befa06ce9065fb03ed432a9e055ca4ad0e952f8368b3d230fd5239726f79f4c98a0b4a9648382b245d324cb61049562f765f923fc657ef36747658494d78590a1e27a2d09856acf50c3b26271c6d5aa96e8ff9bdb9043859665e21ea53a050c335cac414bbf27b0328ac2c7450acb26b093bf232358afd1135ee50ac3fb26b5f0256ccdd37033c8a59740607cfd549d4c6540afe4a6b4425ae1f633872dcfb5da8d0547cf0c4888817b71fbc7c45b2a641e9c1a76b6a6be124402422ada35edc02ed997d6b87b361aee95a16d2c528d89a52fe40dfd83434969bd86f02e63fc1ae72941209af39a08cfbb4c320bc47d853f5dbaf0cd60ec54608aadbc382fa6b5cab3e9cac57bea26609f4c79f6a6b4eb4a9336fa95783b0c0c366f36d5d6b8310b3cfdb800207919a131bc7f984f7fa11fd0bf2c89e060e9d1286e453fe97363ef72bd6eba29a85ffeccdc3bee72e12284333a5a40622c01619558d2750fc45abfa22059ebdf743f8e50ad29770d19f84d8a34232d6918514769b3bb2a1ea5e59e9556332ba669675764458e9349a1835c501a93e91dd3b31018979880a9913f54ec1e8526b8cffcb776b97fbb9424faa5c5eb60d2ac74955bba4b5182571d0d9f84f0df1baa722b20a78c9c0011c667f688b58489c9e450d83e40ac5eb41c5564b6d76a226448abe4a3f499927074125aa9c0e7e704c36df5bb110a0f15f8433a470e81db414827d5ce21ca1da1c8d51d746d1e1ca110127c15e92afd75d3cd05ce0b632cfa03745de3cdd4b57373d46676583c89f045c26c6fc5793e5489555ced08f83ba351135834a2028113c319af30cc85bc01a7f8208822d7d607aed0d2e12c80aa009100441b75beaccfe0adbda7e8bb870edf4963158794c8c3a5baacf6eec7b5efaefb7602dab8409d161beeb281cba21f1da0ccdc092d0433fb940d79699ffeb87ea775829a6e7e3b308a2ee0b7aec8ac5f35eed61be374c7c77196f7119a8882deff68230f461cb917b0ccb2b8597efcbdd1003b7b77b2c601ebd4b45c35b8426f7b9138ab3df0ec00819604ab8e1e64cf2aa2282b1269585af127a268cd207f964edff172e555398a16df44bdc52889538c3a27f8fbfffb61f7aeb55b259952bbfea81d73058d8b0f78ece9dc08e660437d21d4e3ec38b19e5afda7a6e33023f9158db8a1c14dabd9b8b307ddc66927f7b19df5e0da2237d98ddd890b81f1963808977d02198e8ae2e97419dbb1f8e51cad36a3424b955500fbdaab6ff8dbf028708b1f951fe43864b59b6c2368b816c98023d4480a91b3f1059e9c214bf55a7f8c7da907f79ff5568fd787d3aa022ab9d03cde551f7e3295f02c4f3aa37e4cebdd968c0f82f09eb004fbdb1a4ef3a0d426691bde3964c29ea65622f5d3ffd854053545ba1ec164495e4bef4845439c058f9438d13be7922b656db499c246ee6176a15b97e6a68e42f0c703033b699504e1f92b43054c7237199bd013d96faab47433b6b3f91dc66368706439d4ef7da3942ce8b9c1c9a9d0643fc4540e7d3f1c3821267e866cacd3e904be9f9df80381eec09eb2b0d745ff03ffb199b917a14fdd8fbfbffe8bfb0cf7023aa7183301a8a41e7097ff9f5247f8b78f7d08bbfc596a81047807cf0929677222e7e9e921b294e04088c3746d8dc19294645f1c093a21b4c5e6d92e54dd90465b11dd5d9d42af849070edff4ec63970f4088daaa33afdebb28d01df5ee043a8150ab1b25d864ef31e20c84696596cfbea92d02ea29c4a3933c41ec68aee7d68d7eea7f30d8920e14e62be42bcf856d7a58f46fdb2438b023e974f77281c5a462553627e9614504cbd3f1cae6e0fd9f7e89d9bce48946d0508616fbe542303dc542982c61d7bb4afbf3e76bf1fb2381cdc99f2175ef944dcd826aabdca2b7678db5262733c69ce504c38e7deb7adfb9b6d8bb00d8e4251e0438417ea615cde58bd76c2427b3d7a0578bbbff9fde2abbc5d60307aff0050b18176158aaedb34e283886378ff798b4f74e0a0c95d64271f1916280dd247304d9201c67f5e2640d9706add8703cac81795a0190107e2bb2941ed13738595da1c86ba0f68e2283a435cb5f162c74071a13dfe2266d05abaef080dd6b1dade115e883e04f0bb4be4d91f535ae6f822b02e814e65d2b7807d199a23d3f26209f6c9f93602a3a93ccfdebb5f8161b7928059674e15820d1848a980c8d1af5a73aadc5c402fbb6e730ba51227913ca27f0d78d331d6325d0a7926c238296b2a22b10a69cdffeb087dfe175511ed8e2cde8d7dae140e4ce92f892b129d9940e4a30b19f822ef7611b8750eaea8e55502604b7d2358c09a217af8be6c86d67cf6ff6130c971c9765d56631fe6224fbe1e833d497b534fbf6b030af93691f59295279aa1bdfb5d5d9d4668d5aea70e2b8fc117df0042e91c7e6225f27329727ed6e14a87c7943c040dfee4e5c06a20251c39a45ab4865951b0daefb9c05571fdcc21d1761945bd2b8047ccedd6f1e708646fbe61e75bb2728e8cee893d7e6f642119e786155a6cbab057d6d83b77716145119e974ad7355179d2adc3d748fa249cb58e32e6791d646240c05da4427b2f359976c8fd1486c604cb7ee647e24633d8fca8314cf1f85110ca6351156a2b26e44b040f7d2810acd36f45a3969c1fafd1a7e0bc14fd9b26593375be8e750c3f6534ffb85904d15d75fba05dac4a673de97f7543ee931724cd35474cd7ff5cf3e8abaf206f3030e92895633fa9d8499ea763601560260109dad18bd64b990531fc5377e6eaa5da050b98e1c6515ea48c7de1a15b63283d4a694cbad379356bfdac50e6c343879e29f6b9ab425600d51f257ceb35d0ca00f83cf5bd734223de716747614666ba1f1a8fa756e5f3ff0fc94fa4bd4073bddb0098cf565ee40af5732ee9218d262e5b64ad6b8118c54eeaf7072f2e15514a401779b425fa89d8abb1750e56cc3108dffdcf2d3fd86b8af4560d56f7ff0702154211f9949e3992d93e66892b297fa2d4bfe18de3fd74e96c9d30eb14fd458fdbc9e9a34e00f3280dd732520147fa2a8fa83e91dd0687501466a300015bf888c03fc08190c2753d7719acf6f84885c4c5642f466c1984f15a7716a9b608ee5f1b395726bcc8519766667d24d11e396e62ea39640c9e73e4e9e9e5076d7019ca1bebbd7097807f46b3b6fcb96ed4b433b25ec551fb176a5fa252ed1d81b0350cfdfb8069c9916495bef3a262b6668910896c0b37eee40547c663a901e92f41b417ac50e88d058d021a8f9a5783bd936cca4962bec1c9886689cc547970f9215232596392515182e563f720bb79d29baaabf0e2697de6500bc677e346847011ee3450358c0b16ca528368b5cbb8df5ab974a3cef072d20c9906fa585e0f3083ec6d8507b8561f64e65aa1aecf825fc47ad1459c87771549fd5c9a9cc094e7b1179ee1e90eff7158f28f59f029d90e708f4ec50b4f67d8b4bb7140065528354a7e25d63e92977183a0284ec22aa923210f0bfea89cca53547137381e5de0f60bc484bc2daf129b0380244f1ed4bfb674eb2791e76dce33cae684ad36620d5d67cb587f840caed316b7439b0e8c3de0e065e62680f3997369be3466670278168c9a1a644d870e3a8d0a79b2b720e8c3c51bb9133532beee64319e98714bb2e6d5c0b723962d923b0ef454361d4b3cb470bf8c39031ed4a75267f499741be15aacac92d8e6afdcb01a2e7d2dbf549ceb2a2108c4079c620f05ca1bd31d631c2c8d35ca0d73155f56ed020c25e389db356edf510ae088d11b5e4fed51d0dce4d3aa04924b09c28200ede5bec1a8f38cc5f081055e0f28d75afc4d588ca0e828d00085d150beafdda17b8df9e7d9218ea7d81f2e076412901c5ae04d6929d717fea2fcc8e5a1e69dbd7b5258799a2fa5eb108b6cc35dfab599fb27e6d75f1030b83f452af8137830337141f031942eba83123d3f87b5f01623d4613e5a44b4952c300baf3d4d3dbbfb0ad024a19b3810a174ef8453d85a25822f66e45eba2490f29de1077683ccc32e3517f88b51e010672a982f7c8591450c9ab1573143aefb61c17ebb0c92dcb0494d116b970c2a827a6b3608ae10d583d1f7d092263fa873de9f31cd59bc9491ff012059b63a9120af89477f2ccc34eee7bd66de60af64730c879128b49d31da6400c2471e0d5abf707e560574b477b8e20ca45d92182d639eb434e14aea1a3f91ad8fb60e4859b77389753990513181ea3a82884235e8520294359435cfba220502b591fc28ac36ec697442657d290bd7aad7fce53a3f1766f2bf7d55c24d7c0e9c7a71d6f1282ea1478e0a36378b50e4fee281f686bc53f50138036e2a5d6199d40caff084fde7b63b3c0a47da0791107c3218330f7c2e2c7609aba202fae5290243b6033379eb15edc572eee452008e04c9b53efd5f3d88327317b38934745bc3de4c55bd818febc7a7953bf03c4029f77177c2a974310f0485aa46252f1000dc71934947287c38ea5854f29c7b82f630afb8caf1fd880670307b155a6e7feddc019cfbbbdc18f3bc03da3bd371d93ccbf56bcb39eea55c2d113efc148127c30089d21ce6a5088dbfbcf8f8d75c19456bc962c371548634a95382acb5a0886efc46a87bdc111dc0d1e54084cea0d58054f00762c91d7fe0f0fbcf4c280f29f9cd5999a5e8c6f507f8080d7c7ea9a8685be50722cf1a082f3728dec8d6152cdc72f8da6b1805643c042f4f6780ba79cc8a2165d9d7acec8ab2f421bc3e77b51c62c4bbb262b5674ea7d2dcf9acb894d050e91b052364322a5b08bd9667249571c004fb495da7e24fc5620adda3af6848ccf238911a52bdbff766e4e279ac274afa2c2302faba25b5fe98d972a04aa13f77c0c05d7dd82b0a19f1ded8cf5f99c80e392b0aab1264a29e9fbcf0b69f6b0a9f2332e09ab74dea7277106d0883bb264e279c67e5bc69009225bf4fd1a8532f9392a011b55a73a7cf8d16a59d695b2a65b57fad64a2041f8c28804ee1a48845c5dab757d04f1d95520aa9ddb69904d6529c0e14bd789dfe37067073b3e0e136ae2aebb1c34c55b94ce942f786be4b45f801f35f7c768d91a460b92ffa57ff675f0b4b00437a07f871a8650f21b2bf7c722c1d9e860e8955fef5699ee53a5f6fe46fb9e5e17a1c69fe2538af4718b7215ad2c00c3d420589a8653ee511b809945451fb8205b19ce377c8d0253b05493c557cf2bd8ef208e8fc01beceea1acca38d025f328f28d69bcfaa3adc6d9573a3832dc3f3c758fe08cf9cd0c32acfddae81b3682869e8aa9725b64336252aeb2ee8eb78f0721aa3158217a3009948adb297c5ea45ec26cb6d963c7be47ee1b93fa136ebe73a21936df0148fa311206f8bca2e80719aeca8745ff74ddaad5182644762c66333f942d9a93c467d5f9fd5d0dbbe57480362d4bb0f760294f4eba3e1b08047d256dbda157635d21a43aff3a71f6ad574b402bb36e5270d7ed082c6fbae07771721513ae9ddb22d23b00733046c898ee6ac05ef8a51ce41919e1f241cb98e0592ace68214620ba1a748ef81131661f58f1635713ca2873e150a3e848c8d2ebd039769fda112b73050efa4d1c35dbb46ca5a7b7ccbed1dcded36af272f6838b4c1e7e6778e7e9ca3d794f275d49c9e32e768097349118d2337e7c031ada38d0cc5c04c286ff93083f6d58d73a821118c93432fda9a8c76fa2cbcc093a7decac8e4f001ecc9f67faf1c2f102120f0618469cf653bbd5fcefd4ef2bae86dc4f5393b840f9f47140cf7f46a186c21878a43612a71d3b540b9994f010ab623f878264cf46c7366d0bec5d43d481b47846091fd3cda73a9a28ceb7f839eca695c9f084a16c812475f6575ef2368c88cc6655f47663ef69ce4779fe3ccc4dd85a07a9e4c6f39f42690d231f5727f45c247a53fd8df029fcefda4f328658435892519c17205a3c715ad6bb7387d09a5e387c83f008daf626f5977c66203af1143ef7b59ccd8e3c17bb156bca317861f0b9f222ea63c044075a3a74beaf05c23d0a75caa60397d831bbe507234fff154960faf0f02776d3f9038c955bf0c1ec9c92523cf0b855c18d6ac3b35d437796420ba3dfd581dc6adac64315c1cb1a2c3a45ec4655bb2bd6e0b4a3082281ed0697a213d1d93142e96b4fd57431d2f4547451d008ab58bcd9765ccf3ca3297becd5de9e2be0263cfca09935c9334b5e687bc7e7057dc2ed03873be22200c9fe32a9497dd00a336cf4c723ead302340b5cd1fef8cd88330a9089fc93af4ef739295b94407b291bf33f4f39c936736e1166106428f8796a4b92805f4dfcf46d8692b54e40a9e8584c0eaac4caada87bb33f553eafeef5051b889402176ab766936a38ddd7e5205d2c87e133a02e84ab24ba2d889a4c4db8cbe18b271455e84da716f4a32acdbc0a5aaba25a2ec757c73847dd1c4ccb2967c651e5257692a4553dde227846bfe2977021805f46a287c835ea8dc5", 0x2000, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x10, 0xffffffffffffffda, 0x3ff, {0x0, 0xb}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000180)={0x50, 0x0, r1, {0x7, 0x2b, 0x1, 0x30004004, 0x0, 0xfffe, 0x6, 0xfffffffe, 0x0, 0x0, 0x1, 0x100}}, 0x50)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x8)
flock(r2, 0x1)

5.84860429s ago: executing program 1 (id=3930):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10167, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes192\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)

5.819091046s ago: executing program 0 (id=3931):
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
mkdir(&(0x7f0000000080)='./file0\x00', 0x100)
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r0, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
rmdir(&(0x7f0000000100)='./file0\x00')

5.483580333s ago: executing program 6 (id=3932):
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getpid()
syz_usb_connect$rtl8150(0x1, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04050400c8"], 0x7)
r0 = geteuid()
r1 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8)
keyctl$chown(0x4, 0x0, r0, 0x0)
pipe(0x0)

5.39588465s ago: executing program 7 (id=3933):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '-'}]}, 0x24}}, 0x48000)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000026c0)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '\b'}]}, 0x24}}, 0x0)
close(0x4)

5.009157016s ago: executing program 9 (id=3934):
mount$fuseblk(&(0x7f0000000000), 0x0, 0x0, 0x2010002, 0x0)
munmap(&(0x7f000045e000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000e29000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000a88000/0x1000)=nil, 0x1000)
mremap(&(0x7f0000289000/0x3000)=nil, 0x3000, 0x3000, 0x7, &(0x7f0000c67000/0x3000)=nil)
mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil)
madvise(&(0x7f0000492000/0x2000)=nil, 0x2000, 0x12)
mremap(&(0x7f00003d6000/0x8000)=nil, 0x8000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil)
mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)

5.00160441s ago: executing program 2 (id=3946):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x4e328000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000002000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1a00fe00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2}, 0x94)

3.477550888s ago: executing program 2 (id=3935):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000003, 0x50032, 0xffffffffffffffff, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)

3.3451534s ago: executing program 7 (id=3936):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
close(0x3)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r4}, &(0x7f0000000280), &(0x7f0000000240)=r1}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r5, 0x4)
sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

3.22892924s ago: executing program 0 (id=3937):
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000006440), 0x1, 0x0)

3.042749107s ago: executing program 6 (id=3938):
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000ff2000/0x1000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f00000e6000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89d, 0xc000, 0xa, 0x3c})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0xfff0}, {0xe, 0xffff}}}, 0x24}}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)

2.918528816s ago: executing program 9 (id=3939):
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x2}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0), 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
prlimit64(0x0, 0x7, &(0x7f0000000000)={0x7, 0x100}, 0x0)
getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000180)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x4}, @exit, @initr0, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @exit], &(0x7f00000000c0)='GPL\x00'}, 0x78)
sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)

2.664957868s ago: executing program 2 (id=3940):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x40)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1a0)
mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r1 = creat(&(0x7f0000000580)='./file1\x00', 0x0)
r2 = fanotify_init(0xf00, 0x1)
fanotify_mark(r2, 0x105, 0x40009975, r1, 0x0)
fallocate(r0, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)

1.732656554s ago: executing program 7 (id=3941):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000180)='./file0\x00', 0x7e, 0x8a)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff2000/0x1000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, &(0x7f0000001000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x16, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000000), 0x560c89bb)
r3 = creat(&(0x7f0000000200)='./file0\x00', 0x20)
splice(r1, 0x0, r3, 0x0, 0x8000, 0x0)

1.345588267s ago: executing program 6 (id=3942):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x80c8d0, &(0x7f0000000140)=ANY=[], 0x1, 0x34f, &(0x7f00000004c0)="$eJzs3M1vG0UYx/FfjO04qZr1AYE4oD4SF7isknDigrBQKyEiUYUa8SIhts0GrCx25LWCjBBpT1w4IP4IDlWPvVWC/gO5cOOAuHDLBYkDPSAWed+8bpzEdes2L9+PVO00M8/ubGazemalmf0Pf/hyazN0N72eSjXTnCQ9kOoqKTOXHktxuaq6hm7qtQt///by+x99/G5jbe3yutmVxrXXV81s6dLPX32zkDa7N6+9+qf7f63+uffC3kv7/137ohVaK7R2p2eeXe/80fOuB75ttMIt1+xq4Huhb6126HeT+mhXCnzbDDrb233z2gsXF7e7fhia1+7blt+3Xsd63b55n3uttrmuaxcXdbz5CdqcZc3b6+teI/3PG889WvCNWfQIjyca80h3uw1vMLYLB2qat59OrwAAwEmS5v95tl8apPTH5P9Fef5fTvL/3yUV8v879fu9Cx/cXUrz/3vVQf4vFfL/z/JT1WQbpTz/r0ka5v+dZH6Q5/8bTyb/P5gRnW7fjw6OoigvVse1H8n/cUYN8v/F9O83duuTO8txgfwfAAAAAAAAAAAAAAAAAAAAAIDT4EEUOVEUOckxWwEeOfPxghwpSusPCX/EJeM4aUbHf/hvwvHHKTfcuKO8JAXf7TR3mskxbXBfUiBfy3L0b/w8pAbl6k0rrqL7JdhN43d3msmrobGpVhy/Ikf1h+Oj6Mo7a5dXzLJdCwrxFS0W41fl6Hlpfkz8qiXy61cGx6pefaUQ78rRrzfUUaCNdGVcFv/titnb763ZaP8X4nYAAAAAAJwFruXq2fy3uIWg6x6sT+bHSX0yvy5r/PeBZH69/PD8PI4vq1R+VncNAAAAAMD5Eva/3vKCwO/OqHBL0lFtyprN1YffMCaNyjbIPaTNnOaefFdrkuJCdvHpzjPo2xRXr4ytqkz0GytN1dVL1ckHpXpoVfbZ6LBwXZ1mLCInHYvHGNMXf/zpn6PbJF/GpElO+Obd2jF3esQjUT6qTfW4O62MvCRKs30HAQAAAHg6hkl/9pO3pMqz7RMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOfNrPf/K+4sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJx3/wcAAP//QOD4ig==")
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
getsockopt$inet_int(0xffffffffffffffff, 0x0, 0xe, 0x0, 0x0)
pipe2(&(0x7f0000001040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RGETLOCK(r1, &(0x7f00000000c0)=ANY=[], 0xffffff6a)
setfsgid(0x0)
write$binfmt_script(r1, &(0x7f0000001d80)={'#! ', './file0'}, 0xb)

1.265055888s ago: executing program 0 (id=3943):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
close(0x3)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000540)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000580)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x2)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000580)={0x0, 0x3}, 0x8)

1.201914276s ago: executing program 7 (id=3944):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
listen(r1, 0x5)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000180)='u', 0x1}], 0x1)
r3 = accept4$unix(r1, 0x0, 0x0, 0x0)
sendto$packet(r2, &(0x7f0000000600)="5f0efc3e1792a50972d2eb21bdff9ca4ac804c2847fe7bf05ddc63ff512d4074687760a5fbd1fc97772c6f5027dcea15b6658de3b024a6ea22baafb445bf8427c8055d00", 0xffffff3d, 0x0, 0x0, 0x0)
recvmsg(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000003c0)=""/74, 0x4a}], 0x2d}, 0x10000)
close_range(r0, 0xffffffffffffffff, 0x0)

1.175192812s ago: executing program 9 (id=3945):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = userfaultfd(0x1)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x91c6b000)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)

601.375534ms ago: executing program 0 (id=3947):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24040084)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)=@newqdisc={0x40, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r3, {0xfff3}, {0xffff, 0xffff}, {0x7, 0x6}}, [@qdisc_kind_options=@q_etf={{0x5}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x3, 0x1, 0x1}}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4005c}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=@newqdisc={0x30, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfefffdfc, {0x0, 0x0, 0x0, r6, {0xb}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)

316.4795ms ago: executing program 7 (id=3948):
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
sched_setattr(0x0, &(0x7f0000000200)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000040), &(0x7f0000048000), 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)

6.982064ms ago: executing program 2 (id=3949):
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf01b}, {0x0}], 0x2)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000640)=[{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)="b57523cb1a2c90d8acad2e2d98dfc9ea7a5843c3b63b683ced2b3266175599b779617e66e6b3e15c042be90635a2d36160bbf9a2edcacc0bbe015b84150a1928de94397894ff36aa430fc2a0814ba634308d6d0837250dfd1eca5383f9d151449743b1a0c4ffc51242a229c5d6d06f147a61d797ea7ffeda95b76f5623", 0x7d}, {&(0x7f00000001c0)="66f7", 0x3}, {&(0x7f0000000300)='l3', 0x7fffef80}], 0x3}], 0x1, 0x0)

0s ago: executing program 0 (id=3950):
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYRESDEC=r0], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000100)={<r1=>0xffffffffffffffff}, 0x800)
r2 = timerfd_create(0x0, 0x0)
timerfd_settime(r2, 0x3, &(0x7f0000000080)={{}, {0x77359400}}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x8004, &(0x7f00000005c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
clock_adjtime(0x0, &(0x7f0000000280)={0xc979, 0x1, 0xbf, 0x8, 0x8, 0x1, 0x0, 0x4, 0xf27, 0x80000000, 0x6, 0x3ff, 0x8a8, 0x6, 0x5, 0x413, 0x69, 0x2, 0x6, 0x6, 0x10000, 0x168, 0x2cbf, 0x7, 0xe, 0x5})

kernel console output (not intermixed with test programs):

batadv_slave_0
[  433.764898][T12904] overlayfs: failed to clone upperpath
[  433.793875][T12735] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  433.907294][T12735] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  433.926810][T12735] batman_adv: batadv0: Adding interface: batadv_slave_1
[  433.934177][T12868] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  433.943240][T12735] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  433.970373][T12735] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  434.053911][ T5281] 8021q: adding VLAN 0 to HW filter on device eth1
[  434.130000][T12735] hsr_slave_0: entered promiscuous mode
[  434.159946][T12735] hsr_slave_1: entered promiscuous mode
[  434.188468][T12735] debugfs: 'hsr0' already exists in 'hsr'
[  434.201146][T12735] Cannot create hsr debugfs directory
[  434.740467][T12923] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2213'.
[  434.764954][ T7799] ocfs2: Unmounting device (7,8) on (node local)
[  435.063868][T12923] 8021q: adding VLAN 0 to HW filter on device bond2
[  435.228492][T12925] 8021q: adding VLAN 0 to HW filter on device bond2
[  435.283442][T12925] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  435.333491][T12925] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  436.342514][T12928] loop5: detected capacity change from 0 to 131072
[  436.475092][T12928] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  436.490148][T12928] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  436.514797][T12930] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  437.376791][ T6279] netdevsim netdevsim8 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  437.419726][ T6279] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  437.462762][ T6279] netdevsim netdevsim8 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  437.495533][ T6279] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  437.590348][T12974] sctp: [Deprecated]: syz.6.2219 (pid 12974) Use of struct sctp_assoc_value in delayed_ack socket option.
[  437.590348][T12974] Use struct sctp_sack_info instead
[  437.608938][ T6279] netdevsim netdevsim8 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  437.671351][ T6279] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  437.700325][ T6279] netdevsim netdevsim8 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  437.725208][ T6279] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  438.215007][ T5281] 8021q: adding VLAN 0 to HW filter on device eth3
[  438.264486][T12983] xt_hashlimit: size too large, truncated to 1048576
[  438.931746][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  438.941909][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  439.826581][T12735] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  439.910750][T12735] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  439.935660][T12735] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  439.973647][T12735] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  439.993920][T12735] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  440.031083][T12735] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  440.052161][T12735] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  440.099617][T12735] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  440.566699][T12735] 8021q: adding VLAN 0 to HW filter on device bond0
[  440.667352][T12735] 8021q: adding VLAN 0 to HW filter on device team0
[  440.735582][ T6267] bridge0: port 1(bridge_slave_0) entered blocking state
[  440.742841][ T6267] bridge0: port 1(bridge_slave_0) entered forwarding state
[  440.811439][ T6267] bridge0: port 2(bridge_slave_1) entered blocking state
[  440.818643][ T6267] bridge0: port 2(bridge_slave_1) entered forwarding state
[  440.953482][ T5281] 8021q: adding VLAN 0 to HW filter on device eth4
[  442.951101][T12234] Bluetooth: hci2: link tx timeout
[  442.960203][T12234] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  443.175486][T12735] 8021q: adding VLAN 0 to HW filter on device batadv0
[  443.337019][T12735] veth0_vlan: entered promiscuous mode
[  443.375245][T12735] veth1_vlan: entered promiscuous mode
[  443.500036][T12735] veth0_macvtap: entered promiscuous mode
[  443.536980][T12735] veth1_macvtap: entered promiscuous mode
[  443.709260][T12735] batman_adv: batadv0: Interface activated: batadv_slave_0
[  443.769589][T12735] batman_adv: batadv0: Interface activated: batadv_slave_1
[  443.836571][   T58] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  443.888623][   T58] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  443.930118][   T58] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  443.959115][   T58] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  444.500624][ T6278] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  444.517357][T13138] loop8: detected capacity change from 0 to 512
[  444.534337][ T6278] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  444.623462][T13138] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  444.658991][T13138] ext4 filesystem being mounted at /273/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  444.799139][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  444.835437][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  445.004258][T12234] Bluetooth: hci2: command 0x0406 tx timeout
[  445.278580][T13156] fuse: fd is not a fuse device
[  445.510013][ T7799] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  446.299790][   T30] audit: type=1326 audit(1778090068.895:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13158 comm="syz.3.2151" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1cc479cdd9 code=0x0
[  447.002784][ T5627] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  447.007134][T13187] netlink: 116 bytes leftover after parsing attributes in process `syz.2.2268'.
[  447.011515][ T5627] Bluetooth: hci2: Injecting HCI hardware error event
[  447.040065][T12234] Bluetooth: hci2: hardware error 0x00
[  447.092037][T13189] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2279'.
[  449.173465][T12234] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  450.274265][T13214] RDS: rds_bind could not find a transport for 400:0:1200:0:1030:0:ffff:ffff, load rds_tcp or rds_rdma?
[  452.875837][T13280] ip6tnl1: entered promiscuous mode
[  452.926433][T13280] ip6tnl1: entered allmulticast mode
[  455.133438][T13332] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  455.751466][   T30] audit: type=1800 audit(1778090078.355:260): pid=13349 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2311" name="bus" dev="tmpfs" ino=2243 res=0 errno=0
[  456.288154][T13359] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2313'.
[  456.724403][T13369] netlink: 7 bytes leftover after parsing attributes in process `syz.7.2315'.
[  457.848508][T13406] netlink: 'syz.7.2328': attribute type 30 has an invalid length.
[  457.909992][T13406] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2328'.
[  458.040645][T13407] netlink: 'syz.7.2328': attribute type 30 has an invalid length.
[  458.109346][T13407] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2328'.
[  459.603930][T13441] netlink: 687 bytes leftover after parsing attributes in process `syz.6.2336'.
[  464.326884][T13537] overlayfs: failed to clone upperpath
[  464.829347][T13549] loop8: detected capacity change from 0 to 512
[  464.939285][T13549] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  464.980072][T13549] ext4 filesystem being mounted at /293/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  465.051133][T12951] IPVS: starting estimator thread 0...
[  465.189128][T13560] IPVS: using max 21 ests per chain, 50400 per kthread
[  465.716399][ T7799] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  466.186585][T13589] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2370'.
[  466.221725][T13589] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2370'.
[  466.246003][T13591] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2375'.
[  468.294089][T13642] loop5: detected capacity change from 0 to 1024
[  468.367506][T13642] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  468.448831][   T10] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  468.518561][T13630] bridge0: port 2(bridge_slave_1) entered disabled state
[  468.589819][T13630] bridge_slave_1: left allmulticast mode
[  468.631338][T13630] bridge_slave_1: left promiscuous mode
[  468.684889][T13630] bridge0: port 2(bridge_slave_1) entered disabled state
[  468.720005][   T10] usb 9-1: Using ep0 maxpacket: 8
[  468.749584][T13646] loop5: detected capacity change from 1024 to 64
[  468.755877][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  468.799967][T13630] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  468.822046][   T10] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  468.856862][   T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  468.904435][   T10] usb 9-1: config 0 descriptor??
[  468.973877][ T9986] EXT4-fs error (device loop5): ext4_readdir:263: inode #2: block 16: comm syz-executor: path /166/bus: bad entry in directory: inode out of bounds - offset=0, inode=201326592, rec_len=256, size=1024 fake=0
[  469.167168][   T10] iowarrior 9-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  469.402682][   T24] usb 9-1: USB disconnect, device number 6
[  469.408627][    C1] iowarrior 9-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19
[  469.733848][ T9986] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  469.804136][T13643] kmmpd-loop5: attempt to access beyond end of device
[  469.804136][T13643] loop5: rw=14337, sector=128, nr_sectors = 2 limit=64
[  469.836155][T13643] Buffer I/O error on dev loop5, logical block 64, lost sync page write
[  470.562462][T13674] loop8: detected capacity change from 0 to 4096
[  470.663309][T13674] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  470.912513][   T36] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.194372][ T7799] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  471.392418][   T36] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.586619][   T36] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.797559][T13697] loop8: detected capacity change from 0 to 64
[  471.827379][T13697] hfs: creator requires a 4 character value
[  472.046223][   T36] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  472.227269][ T5627] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  472.245983][ T5627] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  472.256943][ T5627] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  472.270541][ T5627] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  472.278251][ T5627] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  473.215250][T13723] loop8: detected capacity change from 0 to 1024
[  473.247864][T13723] EXT4-fs (loop8): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[  473.381382][T13723] EXT4-fs error (device loop8): ext4_map_blocks:833: inode #3: block 1: comm syz.8.2412: lblock 1 mapped to illegal pblock 1 (length 1)
[  473.421234][   T36] bridge_slave_1: left allmulticast mode
[  473.458841][T13723] loop8: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  473.465930][T13723] Quota error (device loop8): write_blk: dquota write failed
[  473.474793][   T36] bridge_slave_1: left promiscuous mode
[  473.475105][    C1] EXT4-fs (loop8): error count since last fsck: 1
[  473.494357][    C1] EXT4-fs (loop8): initial error at time 1778090096: ext4_map_blocks:833: inode 3: block 1
[  473.504515][    C1] EXT4-fs (loop8): last error at time 1778090096: ext4_map_blocks:833: inode 3: block 1
[  473.530327][T13723] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  473.539100][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  473.541133][T13723] EXT4-fs error (device loop8): ext4_acquire_dquot:7032: comm syz.8.2412: Failed to acquire dquot type 0
[  473.563595][T13723] loop8: lost filesystem error report for type 5 error -117
[  473.580448][T13723] EXT4-fs error (device loop8): ext4_free_blocks:6717: comm syz.8.2412: Freeing blocks not in datazone - block = 0, count = 4096
[  473.618144][   T36] bridge_slave_0: left allmulticast mode
[  473.626449][T13723] loop8: lost filesystem error report for type 5 error -117
[  473.647137][   T36] bridge_slave_0: left promiscuous mode
[  473.675471][T13723] EXT4-fs error (device loop8): ext4_read_inode_bitmap:138: comm syz.8.2412: Invalid inode bitmap blk 0 in block_group 0
[  473.691994][ T6278] EXT4-fs error (device loop8): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:18: lblock 1 mapped to illegal pblock 1 (length 1)
[  473.708850][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  473.720826][T13723] loop8: lost filesystem error report for type 5 error -117
[  473.721173][T13723] EXT4-fs error (device loop8) in ext4_free_inode:361: Corrupt filesystem
[  473.740481][T13723] loop8: lost filesystem error report for type 5 error -117
[  473.744390][T13723] EXT4-fs (loop8): 1 orphan inode deleted
[  473.774463][ T6278] loop8: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  473.791834][ T6278] Quota error (device loop8): remove_tree: Can't read quota data block 1
[  473.832520][T13723] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  473.859152][ T6278] EXT4-fs error (device loop8): ext4_release_dquot:7068: comm kworker/u8:18: Failed to release dquot type 0
[  473.926347][T13723] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  474.371997][ T5627] Bluetooth: hci2: command tx timeout
[  474.489852][T12234] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  474.503370][T12234] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  474.519992][T12234] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  474.531788][T12234] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  474.540389][T12234] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  475.060328][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  475.130489][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  475.155533][   T36] bond0 (unregistering): Released all slaves
[  476.439453][ T5627] Bluetooth: hci2: command tx timeout
[  476.599300][ T5627] Bluetooth: hci3: command tx timeout
[  476.731028][   T36] hsr_slave_0: left promiscuous mode
[  476.767251][   T36] hsr_slave_1: left promiscuous mode
[  476.782639][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  476.802937][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  476.832739][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  476.866124][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  476.977610][   T36] veth1_macvtap: left promiscuous mode
[  477.002376][   T36] veth0_macvtap: left promiscuous mode
[  477.022614][   T36] veth1_vlan: left promiscuous mode
[  477.042080][   T36] veth0_vlan: left promiscuous mode
[  478.278446][   T36] team0 (unregistering): Port device team_slave_1 removed
[  478.333849][   T36] team0 (unregistering): Port device team_slave_0 removed
[  478.519156][ T5627] Bluetooth: hci2: command tx timeout
[  478.651918][ T5281] 8021q: adding VLAN 0 to HW filter on device eth5
[  478.679017][ T5627] Bluetooth: hci3: command tx timeout
[  479.067976][T13849] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2442'.
[  479.636870][T13869] fuse: fd is not a fuse device
[  480.442564][T13707] bridge0: port 1(bridge_slave_0) entered blocking state
[  480.450232][T13707] bridge0: port 1(bridge_slave_0) entered disabled state
[  480.457466][T13707] bridge_slave_0: entered allmulticast mode
[  480.466395][T13707] bridge_slave_0: entered promiscuous mode
[  480.495585][T13707] bridge0: port 2(bridge_slave_1) entered blocking state
[  480.508931][T13707] bridge0: port 2(bridge_slave_1) entered disabled state
[  480.526881][T13707] bridge_slave_1: entered allmulticast mode
[  480.538417][T13707] bridge_slave_1: entered promiscuous mode
[  480.599167][ T5627] Bluetooth: hci2: command tx timeout
[  480.758944][ T5627] Bluetooth: hci3: command tx timeout
[  480.777834][T13707] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  480.863742][T13707] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  481.040256][T13746] bridge0: port 1(bridge_slave_0) entered blocking state
[  481.070923][T13746] bridge0: port 1(bridge_slave_0) entered disabled state
[  481.098954][T13746] bridge_slave_0: entered allmulticast mode
[  481.115790][T13746] bridge_slave_0: entered promiscuous mode
[  481.147750][T13707] team0: Port device team_slave_0 added
[  481.162757][T13746] bridge0: port 2(bridge_slave_1) entered blocking state
[  481.189303][T13746] bridge0: port 2(bridge_slave_1) entered disabled state
[  481.219761][T13746] bridge_slave_1: entered allmulticast mode
[  481.243420][T13746] bridge_slave_1: entered promiscuous mode
[  481.265521][T13707] team0: Port device team_slave_1 added
[  481.485480][ T5281] 8021q: adding VLAN 0 to HW filter on device eth6
[  481.545442][T13707] batman_adv: batadv0: Adding interface: batadv_slave_0
[  481.563341][T13707] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  481.620242][T13707] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  481.661761][T13746] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  481.675517][T13707] batman_adv: batadv0: Adding interface: batadv_slave_1
[  481.683300][T13707] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  481.720713][T13707] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  481.747330][T13746] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  481.908946][T13746] team0: Port device team_slave_0 added
[  481.933573][T13746] team0: Port device team_slave_1 added
[  481.970615][T13707] hsr_slave_0: entered promiscuous mode
[  481.997563][T13707] hsr_slave_1: entered promiscuous mode
[  482.014255][T13707] debugfs: 'hsr0' already exists in 'hsr'
[  482.031735][T13707] Cannot create hsr debugfs directory
[  482.341204][T13746] batman_adv: batadv0: Adding interface: batadv_slave_0
[  482.363656][T13746] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  482.437045][T13746] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  482.438559][T13906] loop8: detected capacity change from 0 to 32768
[  482.494452][T13746] batman_adv: batadv0: Adding interface: batadv_slave_1
[  482.532455][T13746] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  482.651415][T13746] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  482.843556][ T5627] Bluetooth: hci3: command tx timeout
[  483.087451][T13746] hsr_slave_0: entered promiscuous mode
[  483.107588][T13746] hsr_slave_1: entered promiscuous mode
[  483.139863][T13746] debugfs: 'hsr0' already exists in 'hsr'
[  483.161337][T13746] Cannot create hsr debugfs directory
[  483.948642][ T5281] 8021q: adding VLAN 0 to HW filter on device eth7
[  484.697463][ T5281] 8021q: adding VLAN 0 to HW filter on device eth8
[  484.978611][T13707] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  485.011682][T13707] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  485.021606][T13707] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  485.043059][T13707] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  485.052675][T13707] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  485.067072][T13707] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  485.076118][T13707] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  485.089473][T13707] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  485.246417][T13746] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  485.261578][T13746] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  485.271071][T13746] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  485.282098][T13746] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  485.299890][T13746] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  485.310996][T13746] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  485.321668][T13746] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  485.339696][T13746] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  485.433921][T13707] 8021q: adding VLAN 0 to HW filter on device bond0
[  485.487196][T13707] 8021q: adding VLAN 0 to HW filter on device team0
[  485.508386][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  485.515559][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  485.526558][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  485.533739][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  485.642874][T13746] 8021q: adding VLAN 0 to HW filter on device bond0
[  485.692586][T13746] 8021q: adding VLAN 0 to HW filter on device team0
[  485.721630][ T6279] bridge0: port 1(bridge_slave_0) entered blocking state
[  485.728840][ T6279] bridge0: port 1(bridge_slave_0) entered forwarding state
[  485.753271][ T6279] bridge0: port 2(bridge_slave_1) entered blocking state
[  485.760466][ T6279] bridge0: port 2(bridge_slave_1) entered forwarding state
[  486.617161][T13707] 8021q: adding VLAN 0 to HW filter on device batadv0
[  486.722783][T13746] 8021q: adding VLAN 0 to HW filter on device batadv0
[  486.858370][T13746] veth0_vlan: entered promiscuous mode
[  486.907669][T13746] veth1_vlan: entered promiscuous mode
[  486.996317][T13746] veth0_macvtap: entered promiscuous mode
[  487.032438][T13746] veth1_macvtap: entered promiscuous mode
[  487.068537][T13746] batman_adv: batadv0: Interface activated: batadv_slave_0
[  487.103834][T13746] batman_adv: batadv0: Interface activated: batadv_slave_1
[  487.151901][ T6279] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  487.177117][ T6279] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  487.186574][ T6279] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  487.218175][ T6279] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  487.434755][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  487.438316][T13707] veth0_vlan: entered promiscuous mode
[  487.463120][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  487.516134][T13707] veth1_vlan: entered promiscuous mode
[  487.544564][ T3294] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  487.555624][ T3294] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  487.628575][T13707] veth0_macvtap: entered promiscuous mode
[  487.661011][T13707] veth1_macvtap: entered promiscuous mode
[  487.812868][T13707] batman_adv: batadv0: Interface activated: batadv_slave_0
[  487.882640][T13707] batman_adv: batadv0: Interface activated: batadv_slave_1
[  487.956911][   T36] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  487.997993][   T36] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  488.049911][   T36] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  488.094759][   T36] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  488.592381][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  488.624076][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  488.713949][ T6265] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  488.723105][ T6265] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  489.303345][T14081] 9pnet: p9_errstr2errno: server reported unknown error Àñ'IÓ$íÛ·
[  489.557199][T14090] loop4: detected capacity change from 0 to 1024
[  489.997402][T14103] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2480'.
[  490.025395][T14108] fuse: fd is not a fuse device
[  490.792634][T14127] syzkaller1: entered promiscuous mode
[  490.831877][T14127] syzkaller1: entered allmulticast mode
[  490.880566][T14127] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 22
[  491.083193][   T30] audit: type=1800 audit(1778090113.685:261): pid=14136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2491" name="bus" dev="tmpfs" ino=44 res=0 errno=0
[  491.585321][T14147] loop8: detected capacity change from 0 to 256
[  491.617009][T14147] vfat: Unknown parameter 'uni_xla©e'
[  492.534789][T14164] netlink: 'syz.7.2498': attribute type 4 has an invalid length.
[  492.942823][T14175] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.2501'.
[  493.028409][T14171] loop1: detected capacity change from 0 to 1024
[  493.071201][T14171] hfsplus: failed to load extents file
[  495.052397][T14234] netlink: 149 bytes leftover after parsing attributes in process `syz.6.2516'.
[  496.148624][T14264] bond0: (slave bond_slave_1): Releasing backup interface
[  496.201742][T14264] bond_slave_1: left promiscuous mode
[  496.538207][T14274] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  496.576957][T14274] batadv_slave_0: entered promiscuous mode
[  496.923325][T14297] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2534'.
[  496.996923][T14301] netlink: 'syz.8.2533': attribute type 4 has an invalid length.
[  497.004219][T14302] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2534'.
[  499.944992][T14362] loop8: detected capacity change from 0 to 2048
[  500.124556][T14362] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  500.333876][T14362] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1314: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  500.374889][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  500.394267][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  500.440384][T14362] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[  500.462732][T14384] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  500.488407][T14362] EXT4-fs (loop8): This should not happen!! Data will be lost
[  500.488407][T14362] 
[  500.547793][T14362] EXT4-fs (loop8): Total free blocks count 0
[  500.574907][T14384] EXT4-fs (loop8): This should not happen!! Data will be lost
[  500.574907][T14384] 
[  500.624421][T14362] EXT4-fs (loop8): Free/Dirty block details
[  500.676200][T14384] EXT4-fs (loop8): Total free blocks count 0
[  500.733413][T14362] EXT4-fs (loop8): free_blocks=2415919104
[  500.785088][T14384] EXT4-fs (loop8): Free/Dirty block details
[  500.951316][T14395] batadv_slave_0: entered promiscuous mode
[  500.961604][T14395] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2560'.
[  500.961764][T14395] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  501.028003][T14395] batadv_slave_0 (unregistering): left promiscuous mode
[  501.028123][T14395] batman_adv: batadv0: Removing interface: batadv_slave_0
[  502.173158][T14422] netlink: 55 bytes leftover after parsing attributes in process `syz.4.2571'.
[  502.682195][T14431] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2575'.
[  504.679534][T14475] fuse: fd is not a fuse device
[  505.748089][T14499] loop1: detected capacity change from 0 to 512
[  505.803715][T14499] EXT4-fs: Ignoring removed mblk_io_submit option
[  505.927799][T14499] EXT4-fs (loop1): corrupt root inode, run e2fsck
[  505.962987][T14499] EXT4-fs (loop1): mount failed
[  506.260418][   T10] IPVS: starting estimator thread 0...
[  506.274382][T14509] loop8: detected capacity change from 0 to 1024
[  506.306618][T14509] EXT4-fs: Ignoring removed orlov option
[  506.443032][T14509] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  506.592754][T14511] IPVS: using max 23 ests per chain, 55200 per kthread
[  506.660026][T14522] fuse: fd is not a fuse device
[  507.386276][T14551] fuse: fd is not a fuse device
[  507.397661][T14552] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2601'.
[  507.511896][ T7799] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  507.709022][T14561] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2606'.
[  507.766484][T14565] loop8: detected capacity change from 0 to 128
[  507.791307][T14561] lo: Master is either lo or non-ether device
[  507.963630][T14565] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  508.183919][T14575] overlayfs: failed to clone upperpath
[  508.279531][   T10] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  508.442388][   T10] usb 9-1: Using ep0 maxpacket: 16
[  508.456914][   T10] usb 9-1: unable to get BOS descriptor or descriptor too short
[  508.477953][T14581] team0: Port device syz_tun added
[  508.486946][   T10] usb 9-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  508.520534][   T10] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  508.548262][   T10] usb 9-1: New USB device found, idVendor=04b4, idProduct=931c, bcdDevice= 0.40
[  508.567481][   T10] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  508.592776][   T10] usb 9-1: Product: syz
[  508.605607][   T10] usb 9-1: Manufacturer: syz
[  508.620921][   T10] usb 9-1: SerialNumber: syz
[  509.788254][   T10] usb 9-1: unit 6: unexpected type 0x0d
[  509.794145][   T10] usb 9-1: unit 0 not found!
[  510.563089][   T10] usb 9-1: USB disconnect, device number 7
[  511.139128][T14610] xt_hashlimit: size too large, truncated to 1048576
[  511.317630][ T5841] IPVS: starting estimator thread 0...
[  511.371267][ T5964] udevd[5964]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  511.391172][T14628] IPVS: sh: FWM 3 0x00000003 - no destination available
[  511.435680][    C1] IPVS: sh: FWM 3 0x00000003 - no destination available
[  511.549086][T14626] IPVS: using max 23 ests per chain, 55200 per kthread
[  512.146333][T14658] netlink: 15 bytes leftover after parsing attributes in process `syz.1.2626'.
[  512.640190][T14667] netlink: 'syz.4.2629': attribute type 10 has an invalid length.
[  512.730512][T14671] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2629'.
[  512.753736][T14667] bridge0: port 2(bridge_slave_1) entered disabled state
[  512.761600][T14667] bridge0: port 1(bridge_slave_0) entered disabled state
[  512.828921][T14667] bridge0: port 2(bridge_slave_1) entered blocking state
[  512.836199][T14667] bridge0: port 2(bridge_slave_1) entered forwarding state
[  512.843927][T14667] bridge0: port 1(bridge_slave_0) entered blocking state
[  512.851160][T14667] bridge0: port 1(bridge_slave_0) entered forwarding state
[  512.939412][T14667] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  513.036674][T14671] bridge_slave_1: left allmulticast mode
[  513.049144][T14671] bridge_slave_1: left promiscuous mode
[  513.053694][T14678] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2633'.
[  513.077941][T14671] bridge0: port 2(bridge_slave_1) entered disabled state
[  513.117370][T14671] bridge_slave_0: left allmulticast mode
[  513.138247][T14671] bridge_slave_0: left promiscuous mode
[  513.157127][T14671] bridge0: port 1(bridge_slave_0) entered disabled state
[  513.301939][T14671] bond0: (slave bridge0): Releasing backup interface
[  513.684543][   T30] audit: type=1326 audit(1778090136.285:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14690 comm="syz.8.2637" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ac1f9cdd9 code=0x0
[  513.863755][T14697] overlayfs: failed to clone upperpath
[  514.348470][   T10] IPVS: starting estimator thread 0...
[  514.470717][T14713] IPVS: using max 25 ests per chain, 60000 per kthread
[  514.801443][T14729] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2649'.
[  514.887107][T14733] netlink: 'syz.1.2648': attribute type 4 has an invalid length.
[  515.175528][T14740] /dev/loop7: Can't lookup blockdev
[  516.081745][T14748] xt_hashlimit: size too large, truncated to 1048576
[  516.188943][T14758] netlink: 271 bytes leftover after parsing attributes in process `syz.8.2655'.
[  517.302769][T14771] loop1: detected capacity change from 0 to 4096
[  517.391742][T14771] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  517.444237][T14771] ntfs3(loop1): ino=3, mi_enum_attr
[  517.735460][T14771] ntfs3(loop1): Failed to initialize $Extend/$ObjId.
[  518.820679][ T3294] ntfs3(loop1): ino=1f, ni_find_attr
[  519.877746][T14823] syz_tun: entered allmulticast mode
[  519.994792][T14824] dvmrp8: entered allmulticast mode
[  520.116154][T14819] syz_tun: left allmulticast mode
[  520.482194][T14841] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2677'.
[  520.492570][T14844] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2678'.
[  520.558769][T14841] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2677'.
[  522.405242][   T30] audit: type=1326 audit(1778090145.005:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14878 comm="syz.2.2686" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fbaf9cdd9 code=0x7ffc0000
[  522.530466][   T30] audit: type=1326 audit(1778090145.035:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14878 comm="syz.2.2686" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fbaf9cdd9 code=0x7ffc0000
[  522.635917][   T30] audit: type=1326 audit(1778090145.035:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14878 comm="syz.2.2686" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fbaf9cdd9 code=0x7ffc0000
[  522.797721][   T30] audit: type=1326 audit(1778090145.045:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14878 comm="syz.2.2686" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f5fbaf9cdd9 code=0x7ffc0000
[  522.847685][T14888] netlink: 'syz.4.2690': attribute type 2 has an invalid length.
[  522.875621][   T30] audit: type=1326 audit(1778090145.035:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14878 comm="syz.2.2686" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fbaf9cdd9 code=0x7ffc0000
[  522.972691][   T30] audit: type=1326 audit(1778090145.105:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14878 comm="syz.2.2686" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5fbaf5d60e code=0x7ffc0000
[  523.058947][   T30] audit: type=1326 audit(1778090145.105:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14878 comm="syz.2.2686" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5fbaf5d60e code=0x7ffc0000
[  523.151024][   T30] audit: type=1326 audit(1778090145.105:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14878 comm="syz.2.2686" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5fbaf5d60e code=0x7ffc0000
[  523.237277][   T30] audit: type=1326 audit(1778090145.105:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14878 comm="syz.2.2686" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5fbaf5d60e code=0x7ffc0000
[  523.323240][   T30] audit: type=1326 audit(1778090145.115:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14878 comm="syz.2.2686" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5fbaf5d60e code=0x7ffc0000
[  524.065942][T14912] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2695'.
[  524.559348][T14925] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  524.579293][T14925] batman_adv: batadv0: Removing interface: batadv_slave_0
[  524.605157][T14925] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  524.625795][T14928] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2702'.
[  524.636726][T14925] batman_adv: batadv0: Removing interface: batadv_slave_1
[  524.708962][T14932] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2702'.
[  526.182606][T14974] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2714'.
[  526.436011][T14981] fuse: fd is not a fuse device
[  526.895488][T14989] batman_adv: batadv0: Removing interface: batadv_slave_0
[  527.819411][   T30] kauditd_printk_skb: 63 callbacks suppressed
[  527.819440][   T30] audit: type=1804 audit(1778090150.415:336): pid=15016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.2727" name="file1" dev="tmpfs" ino=2260 res=1 errno=0
[  530.114873][T15084] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2739'.
[  530.386171][T15096] netlink: 2036 bytes leftover after parsing attributes in process `syz.7.2753'.
[  530.430125][T15096] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2753'.
[  531.040865][T15112] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2747'.
[  531.395698][T15126] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2751'.
[  531.678389][T15137] fuse: fd is not a fuse device
[  531.700614][T15132] loop1: detected capacity change from 0 to 4096
[  531.955961][T15144] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  532.137869][T15151] fuse: fd is not a fuse device
[  532.346054][T15128] overlayfs: upper fs does not support tmpfile.
[  533.634049][T15179] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  533.695866][T15179] overlayfs: failed to set xattr on upper
[  533.719285][T15179] overlayfs: ...falling back to redirect_dir=nofollow.
[  533.757292][T15179] overlayfs: ...falling back to index=off.
[  533.850180][T15179] overlayfs: ...falling back to uuid=null.
[  533.894077][T15179] overlayfs: ...falling back to xino=off.
[  533.932575][T15179] overlayfs: maximum fs stacking depth exceeded
[  536.035845][T15219] netlink: 'syz.2.2771': attribute type 1 has an invalid length.
[  536.171703][T15221] io-wq is not configured for unbound workers
[  536.614947][T15223] bond4: (slave geneve3): making interface the new active one
[  536.737739][T15223] bond4: (slave geneve3): Enslaving as an active interface with an up link
[  536.780852][   T36] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20004 - 0
[  536.826290][   T36] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20004 - 0
[  536.879593][   T36] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20004 - 0
[  536.914354][T15231] loop1: detected capacity change from 0 to 512
[  536.942980][T15231] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  536.992271][ T6265] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20004 - 0
[  537.040943][T15231] EXT4-fs (loop1): 1 truncate cleaned up
[  537.071704][T15231] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  537.140372][   T30] audit: type=1800 audit(1778090159.745:337): pid=15231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2774" name="file1" dev="loop1" ino=15 res=0 errno=0
[  537.265565][   T30] audit: type=1800 audit(1778090159.785:338): pid=15231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2774" name="file1" dev="loop1" ino=15 res=0 errno=0
[  537.337880][T15240] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2775'.
[  538.002750][T13746] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  538.192084][T15259] netlink: 'syz.6.2780': attribute type 5 has an invalid length.
[  538.223889][T15259] netlink: 1132 bytes leftover after parsing attributes in process `syz.6.2780'.
[  538.259129][T15259] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2780'.
[  538.455591][T15267] netlink: 'syz.8.2781': attribute type 1 has an invalid length.
[  538.720286][T15267] 8021q: adding VLAN 0 to HW filter on device bond4
[  538.905651][T15269] bond4: (slave geneve2): making interface the new active one
[  538.965372][T15269] bond4: (slave geneve2): Enslaving as an active interface with an up link
[  539.067535][T15281] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2786'.
[  539.104160][T15273] bond4: entered promiscuous mode
[  539.143745][T15273] geneve2: entered promiscuous mode
[  539.172933][ T6276] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  539.212357][ T6276] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  539.310948][ T6276] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  539.345622][T15290] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  539.415701][T15290] batman_adv: batadv0: Removing interface: batadv_slave_0
[  539.679666][T15291] erspan0: entered promiscuous mode
[  539.719666][T15291] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2788'.
[  539.782016][ T6276] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  540.529640][    C1] af_packet: tpacket_rcv: packet too big, clamped from 1 to 4294967272. macoff=96
[  541.001322][T15339] fuse: fd is not a fuse device
[  541.163981][T15341] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2805'.
[  541.701799][T15365] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2813'.
[  541.866007][T15371] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2815'.
[  543.776896][T15416] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2827'.
[  543.940974][T15421] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2827'.
[  544.128925][T15416] bond5: peer notification delay (2365) is not a multiple of miimon (80), value rounded to 2320 ms
[  544.168325][T15421] bond5: peer notification delay (2365) is not a multiple of miimon (80), value rounded to 2320 ms
[  544.496909][T15431] loop1: detected capacity change from 0 to 512
[  544.600420][T15431] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  544.712410][T15431] ext4 filesystem being mounted at /59/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  545.763722][T13746] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  546.195090][T15455] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  546.241803][T15455] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  546.412240][T15456] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  546.727909][T15443] kexec: Could not allocate control_code_buffer
[  547.486606][T15494] fuse: fd is not a fuse device
[  547.567060][T15497] netlink: 212348 bytes leftover after parsing attributes in process `syz.7.2850'.
[  547.596587][T15497] netlink: Unknown conntrack attr (type=236, max=9)
[  548.832665][T15525] loop8: detected capacity change from 0 to 512
[  548.857518][T15525] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  548.939644][T15525] EXT4-fs (loop8): 1 truncate cleaned up
[  548.988593][T15525] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  549.103298][T15536] loop4: detected capacity change from 0 to 512
[  549.140335][T15536] EXT4-fs: Ignoring removed mblk_io_submit option
[  549.177139][   T30] audit: type=1800 audit(1778090171.775:339): pid=15525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2857" name="file1" dev="loop8" ino=15 res=0 errno=0
[  549.226885][   T30] audit: type=1800 audit(1778090171.775:340): pid=15525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2857" name="file1" dev="loop8" ino=15 res=0 errno=0
[  549.227158][T15536] EXT4-fs error (device loop4): ext4_iget_extra_inode:5127: inode #15: comm syz.4.2862: corrupted in-inode xattr: e_value size too large
[  549.282722][T15536] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  549.288733][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  549.304455][    C1] EXT4-fs (loop4): initial error at time 1778090171: ext4_iget_extra_inode:5127: inode 15
[  549.314466][    C1] EXT4-fs (loop4): last error at time 1778090171: ext4_iget_extra_inode:5127: inode 15
[  549.318167][T15536] EXT4-fs error (device loop4): ext4_orphan_get:1400: comm syz.4.2862: couldn't read orphan inode 15 (err -117)
[  549.378986][   T24] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  549.405004][T15536] loop4: lost filesystem error report for type 5 error -117
[  549.418577][T15536] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  549.528765][   T24] usb 2-1: Using ep0 maxpacket: 32
[  549.553596][   T24] usb 2-1: unable to get BOS descriptor or descriptor too short
[  549.577595][   T24] usb 2-1: New USB device found, idVendor=1b5c, idProduct=0104, bcdDevice=30.00
[  549.593437][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  549.618575][   T24] usb 2-1: Product: syz
[  549.645155][   T24] usb 2-1: Manufacturer: syz
[  549.662144][   T24] usb 2-1: SerialNumber: syz
[  549.946783][   T24] ftdi_sio 2-1:6.0: FTDI USB Serial Device converter detected
[  549.984565][ T7799] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  549.990151][   T24] usb 2-1: Detected FT2232HP
[  550.019505][   T24] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  550.074238][   T24] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  550.119571][   T24] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  550.185476][   T24] usb 2-1: USB disconnect, device number 9
[  550.241022][   T24] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  550.310740][   T24] ftdi_sio 2-1:6.0: device disconnected
[  550.324747][T13707] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  551.653359][   T30] audit: type=1326 audit(1778090174.225:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15557 comm="syz.2.2869" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5fbaf9cdd9 code=0x0
[  552.151180][T15580] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2876'.
[  552.220711][T15582] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2875'.
[  552.264188][T15582] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2875'.
[  553.017205][T15604] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2885'.
[  553.047867][T15604] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2885'.
[  553.415344][T15615] binder: 15612:15615 unknown command 0
[  553.443178][T15615] binder: 15612:15615 ioctl c0306201 2000000001c0 returned -22
[  553.786689][T15625] loop1: detected capacity change from 0 to 128
[  553.807664][T15624] overlayfs: failed to clone upperpath
[  553.875057][T15625] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  553.995332][T15625] ext4 filesystem being mounted at /68/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  554.088941][T15625] EXT4-fs (loop1): shut down requested (2)
[  554.112158][T15625] fscrypt (loop1, inode 12): Error -5 getting encryption context
[  554.323936][T13746] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  554.795583][T15640] loop4: detected capacity change from 0 to 40427
[  554.804147][T15640] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  554.812107][T15640] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  554.837162][T15640] F2FS-fs (loop4): invalid crc value
[  554.941896][T15640] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  554.971952][T15640] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  554.979169][T15640] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  555.053865][ T5627] Bluetooth: hci1: unexpected event for opcode 0x2012
[  555.423750][T13707] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  555.476222][T13707] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  555.492753][T13707] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  555.503904][T13707] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  555.513971][T13707] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  555.522367][T13707] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  555.531748][T13707] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  555.669911][T15659] syz.4.2898: attempt to access beyond end of device
[  555.669911][T15659] loop4: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  555.687958][T15659] syz.4.2898: attempt to access beyond end of device
[  555.687958][T15659] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  556.680962][T15683] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2910'.
[  556.732208][T15685] fuse: fd is not a fuse device
[  557.024561][T15683] team0: Port device team_slave_0 removed
[  557.356733][T15698] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2914'.
[  557.421552][T15698] ip6gre1: entered promiscuous mode
[  557.442459][T15698] ip6gre1: entered allmulticast mode
[  557.566966][T15698] netlink: 'syz.1.2914': attribute type 6 has an invalid length.
[  557.587481][T15698] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2914'.
[  557.978836][   T10] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  558.160429][   T10] usb 5-1: Using ep0 maxpacket: 16
[  558.184924][   T10] usb 5-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  558.234865][   T10] usb 5-1: config 0 interface 0 has no altsetting 0
[  558.264054][   T10] usb 5-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  558.320331][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  558.352642][T15721] fuse: fd is not a fuse device
[  558.370508][   T10] usb 5-1: config 0 descriptor??
[  558.894822][   T10] nzxt-smart2 0003:1E71:2009.0009: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.4-1/input0
[  559.079438][ T5627] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  559.089137][ T5627] Bluetooth: hci1: Injecting HCI hardware error event
[  559.104211][ T5627] Bluetooth: hci1: hardware error 0x00
[  559.365338][   T10] usb 5-1: USB disconnect, device number 3
[  560.072305][T15746] xt_CT: You must specify a L4 protocol and not use inversions on it
[  561.183583][ T5627] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  561.296104][T15765] tipc: Started in network mode
[  561.333037][T15765] tipc: Node identity 12b094ebb073, cluster identity 4711
[  561.359107][T15765] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  561.788082][   T30] audit: type=1800 audit(1778090184.385:342): pid=15780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.2936" name="file1" dev="tmpfs" ino=2331 res=0 errno=0
[  561.815043][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  561.825324][T15770] syzkaller0: entered promiscuous mode
[  561.838057][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  561.883567][T15770] syzkaller0: entered allmulticast mode
[  561.977851][T15770] tipc: Resetting bearer <eth:syzkaller0>
[  562.068984][T15764] tipc: Resetting bearer <eth:syzkaller0>
[  563.411404][T15819] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2947'.
[  563.426384][T15819] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2947'.
[  566.526296][T15853] fuse: fd is not a fuse device
[  570.361713][T15764] tipc: Disabling bearer <eth:syzkaller0>
[  570.387095][   T24] tipc: Node number set to 2730726635
[  570.408419][T15839] batman_adv: batadv0: Adding interface: dummy0
[  570.430581][T15839] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  570.473144][T15839] batman_adv: batadv0: Interface activated: dummy0
[  570.635446][T15838] batadv0: mtu less than device minimum
[  570.655951][T15838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  570.673868][T15838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  570.685882][T15838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  570.701678][T15838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  570.713638][T15838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  570.725556][T15838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  570.738447][T15838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  570.750958][T15838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  570.763915][T15838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  571.281155][T15886] 9pnet: p9_errstr2errno: server reported unknown error 0x00000000
[  571.413872][T15899] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2970'.
[  573.384028][T15874] kexec: Could not allocate control_code_buffer
[  576.752527][T15996] siw: device registration error -23
[  578.949546][T16037] netlink: 240 bytes leftover after parsing attributes in process `syz.4.3007'.
[  581.737167][T16054] loop4: detected capacity change from 0 to 32768
[  583.895743][T16123] fuse: fd is not a fuse device
[  584.073715][T16126] overlay: filesystem on ./file1 not supported
[  584.877407][T16151] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3040'.
[  584.918828][T16151] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3040'.
[  585.679385][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  586.089073][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  586.199402][T16153] loop1: detected capacity change from 0 to 131072
[  586.265935][T16153] F2FS-fs (loop1): invalid crc value
[  586.285408][T16157] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  586.299490][T16157] Error validating options; rc = [-22]
[  586.387514][T16153] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  586.405565][T16153] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  586.567915][T16163] macvtap1: entered promiscuous mode
[  586.607628][T16163] vlan0: entered promiscuous mode
[  586.751230][T16163] macvtap1: entered allmulticast mode
[  586.799779][T16163] vlan0: entered allmulticast mode
[  586.853070][T16163] veth0_vlan: entered allmulticast mode
[  587.046846][T16174] overlayfs: failed to clone upperpath
[  587.073763][T16164] macvtap2: entered promiscuous mode
[  587.109072][T16164] macvtap2: entered allmulticast mode
[  587.227407][T16153] F2FS-fs (loop1): f2fs_fill_dentries: corrupted namelen=1025, run fsck to fix.
[  587.248818][T16153] F2FS-fs (loop1): Start checkpoint disabled!
[  587.270532][T16153] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[  587.754528][T16168] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3046'.
[  587.938150][T16186] fuse: fd is not a fuse device
[  589.281905][T16200] fuse: fd is not a fuse device
[  589.858424][T16206] overlayfs: failed to clone upperpath
[  591.054788][T16219] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3065'.
[  591.088845][T16219] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3065'.
[  594.476070][T16286] overlayfs: failed to clone upperpath
[  594.598713][T12234] Bluetooth: hci2: command 0x0406 tx timeout
[  595.516566][T16311] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3095'.
[  596.066696][T16317] loop8: detected capacity change from 0 to 1024
[  596.174569][T16317] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  596.886288][T16337] xt_cgroup: path and classid specified
[  597.602742][T16357] loop8: detected capacity change from 0 to 128
[  597.841880][   T30] audit: type=1804 audit(1778090220.445:343): pid=16357 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.8.3110" name="/newroot/406/file0/bus" dev="loop8" ino=1048694 res=1 errno=0
[  597.939802][ T5841] kernel write not supported for file bpf-map (pid: 5841 comm: kworker/0:6)
[  598.481873][T16380] overlayfs: failed to clone lowerpath
[  598.531115][T16380] overlayfs: failed to clone lowerpath
[  598.719164][ T5844] libceph: connect (1)[c::]:6789 error -101
[  598.729280][ T5844] libceph: mon0 (1)[c::]:6789 connect error
[  598.761385][T16387] ceph: No mds server is up or the cluster is laggy
[  598.919327][T16395] netlink: 212892 bytes leftover after parsing attributes in process `syz.7.3124'.
[  599.122016][T16402] team0: Port device team_slave_0 removed
[  599.719062][ T5627] Bluetooth: hci3: command 0x0406 tx timeout
[  600.409909][T16431] lo speed is unknown, defaulting to 1000
[  600.415777][T16431] lo speed is unknown, defaulting to 1000
[  600.422494][T16431] lo speed is unknown, defaulting to 1000
[  600.429697][T16431] smbdirect: ib_dev[syz2]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[  600.444396][T16431] smbdirect: ib_dev[syz2]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[  600.461332][T16431] smbdirect: ib_dev[syz2]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[  600.481498][T16431] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  600.508787][T16431] lo speed is unknown, defaulting to 1000
[  600.518538][T16431] lo speed is unknown, defaulting to 1000
[  600.527701][T16431] lo speed is unknown, defaulting to 1000
[  600.535064][T16431] lo speed is unknown, defaulting to 1000
[  600.542481][T16431] lo speed is unknown, defaulting to 1000
[  600.549996][T16431] lo speed is unknown, defaulting to 1000
[  600.557422][T16431] lo speed is unknown, defaulting to 1000
[  600.564822][T16431] lo speed is unknown, defaulting to 1000
[  601.314320][T16453] fuse: fd is not a fuse device
[  601.533034][T16455] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3146'.
[  601.565938][T16457] siw: device registration error -23
[  602.077700][T16457] lo speed is unknown, defaulting to 1000
[  602.325986][T16468] lo speed is unknown, defaulting to 1000
[  603.263708][T16483] genirq: Flags mismatch irq 4. 00200000 (pcl818) vs. 00200080 (ttyS0)
[  605.399799][T16513] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3161'.
[  606.118377][T16535] siw: device registration error -23
[  606.297948][T16535] lo speed is unknown, defaulting to 1000
[  606.312963][T16541] loop4: detected capacity change from 0 to 512
[  606.358715][T16541] EXT4-fs (loop4): 1 truncate cleaned up
[  606.421015][T16541] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  606.909264][T16548] loop8: detected capacity change from 0 to 512
[  606.974566][T16548] EXT4-fs error (device loop8): ext4_expand_extra_isize_ea:2810: inode #11: comm syz.8.3170: corrupted xattr block 95: invalid header
[  607.021515][T16548] loop8: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  607.028663][    C0] EXT4-fs (loop8): error count since last fsck: 1
[  607.044334][    C0] EXT4-fs (loop8): initial error at time 1778090229: ext4_expand_extra_isize_ea:2810: inode 11
[  607.054764][    C0] EXT4-fs (loop8): last error at time 1778090229: ext4_expand_extra_isize_ea:2810: inode 11
[  607.076050][T16548] EXT4-fs (loop8): Remounting filesystem read-only
[  607.159617][T16548] EXT4-fs warning (device loop8): ext4_evict_inode:269: couldn't mark inode dirty (err -30)
[  607.196648][T16548] EXT4-fs (loop8): 1 orphan inode deleted
[  607.255277][T16548] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  607.456927][T13707] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  607.746041][T16559] netlink: 'syz.1.3173': attribute type 1 has an invalid length.
[  607.764219][T16556] ref_ctr_offset mismatch. inode: 0x9ec offset: 0x0 ref_ctr_offset(old): 0xffffffff00 ref_ctr_offset(new): 0x0
[  607.833641][ T7799] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  608.071800][T16559] 8021q: adding VLAN 0 to HW filter on device bond1
[  608.265512][T16564] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  608.272853][T16564] IPv6: NLM_F_CREATE should be set when creating new route
[  608.300932][T16562] bond1: (slave gretap1): making interface the new active one
[  608.363554][T16562] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  608.396593][T16564] lo: entered allmulticast mode
[  608.416130][T16564] tunl0: entered allmulticast mode
[  608.447054][T16566] loop8: detected capacity change from 0 to 256
[  608.452514][T16564] gre0: entered allmulticast mode
[  608.481365][T16566] vfat: Bad value for 'dmask'
[  608.542182][T16564] gretap0: entered allmulticast mode
[  608.572096][T16564] erspan0: entered allmulticast mode
[  608.600598][T16564] ip_vti0: entered allmulticast mode
[  608.629939][T16564] ip6_vti0: entered allmulticast mode
[  608.674133][T16564] sit0: entered allmulticast mode
[  608.713087][T16564] ip6tnl0: entered allmulticast mode
[  608.740335][T16564] ip6gre0: entered allmulticast mode
[  608.768035][T16564] ip6gretap0: entered allmulticast mode
[  608.807207][T16564] bridge0: port 2(bridge_slave_1) entered disabled state
[  608.814720][T16564] bridge0: port 1(bridge_slave_0) entered disabled state
[  608.875234][T16564] bridge0: entered allmulticast mode
[  608.915502][T16564] vcan0: entered allmulticast mode
[  608.940229][T16564] 
: entered allmulticast mode
[  608.951975][T16564] bond_slave_0: entered allmulticast mode
[  608.965062][T16564] bond_slave_1: entered allmulticast mode
[  608.997876][T16564] team0: entered allmulticast mode
[  609.022857][T16564] team_slave_1: entered allmulticast mode
[  609.048157][T16564] dummy0: entered allmulticast mode
[  609.763712][T16564] nlmon0: entered allmulticast mode
[  609.774337][T16564] batadv0: entered allmulticast mode
[  609.825746][T16564] vxcan0: entered allmulticast mode
[  609.876280][T16564] vxcan1: entered allmulticast mode
[  609.914543][T16564] wg0: entered allmulticast mode
[  609.984279][T16564] wg1: entered allmulticast mode
[  610.047928][T16564] wg2: entered allmulticast mode
[  610.076998][T16564] veth0_to_bridge: entered allmulticast mode
[  610.127478][T16564] veth1_to_bridge: entered allmulticast mode
[  610.172259][T16564] veth0_to_bond: entered allmulticast mode
[  610.477802][T16564] veth1_to_bond: entered allmulticast mode
[  610.501478][T16564] veth1_to_team: entered allmulticast mode
[  610.551510][T16591] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3186'.
[  610.567459][T16564] veth0_to_batadv: entered allmulticast mode
[  610.579043][T16591] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3186'.
[  610.598578][T16564] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  610.631697][T16564] batadv_slave_0: entered allmulticast mode
[  610.670220][T16564] veth1_to_batadv: entered allmulticast mode
[  610.700410][T16564] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  610.728021][T16564] batadv_slave_1: entered allmulticast mode
[  610.757873][T16564] xfrm0: entered allmulticast mode
[  610.791408][T16564] veth0_to_hsr: entered allmulticast mode
[  610.817857][T16564] hsr_slave_0: entered allmulticast mode
[  610.847600][T16564] veth1_to_hsr: entered allmulticast mode
[  610.911400][T16564] hsr_slave_1: entered allmulticast mode
[  610.944474][T16564] hsr0: entered allmulticast mode
[  610.979628][T16564] veth1_virt_wifi: entered allmulticast mode
[  611.012515][T16564] veth0_virt_wifi: entered allmulticast mode
[  611.043914][T16564] virt_wifi0: entered allmulticast mode
[  611.063996][T16564] veth1_vlan: entered allmulticast mode
[  611.094568][T16564] veth0_vlan: entered allmulticast mode
[  611.139717][T16564] vlan0: entered allmulticast mode
[  611.158554][T16564] vlan1: entered allmulticast mode
[  611.172730][T16564] macvlan0: entered allmulticast mode
[  611.216083][T16564] macvlan1: entered allmulticast mode
[  611.250087][T16564] ipvlan0: entered allmulticast mode
[  611.267321][T16564] ipvlan1: entered allmulticast mode
[  611.302131][T16564] veth1_macvtap: entered allmulticast mode
[  611.327978][T16564] veth0_macvtap: entered allmulticast mode
[  611.342672][T16564] macvtap0: entered allmulticast mode
[  611.353439][T16564] macsec0: entered allmulticast mode
[  611.369618][T16564] geneve0: entered allmulticast mode
[  611.391608][T16564] geneve1: entered allmulticast mode
[  611.421103][T16564] netdevsim netdevsim7 netdevsim0: entered allmulticast mode
[  611.456939][T16564] netdevsim netdevsim7 netdevsim1: entered allmulticast mode
[  611.488971][T16613] netlink: 20 bytes leftover after parsing attributes in process `syz.8.3192'.
[  611.510717][T16564] netdevsim netdevsim7 netdevsim2: entered allmulticast mode
[  611.542673][T16564] netdevsim netdevsim7 netdevsim3: entered allmulticast mode
[  611.617296][T16564] mac80211_hwsim hwsim16 wlan0: entered allmulticast mode
[  611.655944][T16564] mac80211_hwsim hwsim17 wlan1: entered allmulticast mode
[  611.679059][T16564] sit1: entered allmulticast mode
[  611.763311][T16564] gtp0: entered allmulticast mode
[  611.782214][T16564] bond0: entered allmulticast mode
[  611.801365][T16564] gre1: entered allmulticast mode
[  611.866726][T16564] veth0: entered allmulticast mode
[  611.872758][T16564] veth1: entered allmulticast mode
[  611.878433][T16564] sit2: entered allmulticast mode
[  611.955380][T16564] bond1: entered allmulticast mode
[  611.973861][T16564] gretap1: entered allmulticast mode
[  611.997627][T16564] macsec1: entered allmulticast mode
[  612.013938][T16564] bond2: entered allmulticast mode
[  612.025144][T16564] : entered allmulticast mode
[  612.036314][T16564] mac80211_hwsim hwsim26 wlan2: entered allmulticast mode
[  612.058043][T16564] bridge1: entered allmulticast mode
[  612.073276][T16564] bond3: entered allmulticast mode
[  612.105760][T16602] netlink: 212892 bytes leftover after parsing attributes in process `syz.6.3187'.
[  612.257088][ T6276] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  612.328064][T16615] netlink: 20 bytes leftover after parsing attributes in process `syz.8.3192'.
[  612.344802][T16615] netlink: 20 bytes leftover after parsing attributes in process `syz.8.3192'.
[  612.425025][ T6276] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  612.458688][ T6276] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  612.476628][ T6276] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  612.717460][T16632] loop4: detected capacity change from 0 to 256
[  612.746703][T16632] exfat: Deprecated parameter 'utf8'
[  612.773457][T16632] exfat: Deprecated parameter 'namecase'
[  612.796406][T16632] exfat: Deprecated parameter 'namecase'
[  612.821560][T16632] exfat: Deprecated parameter 'utf8'
[  612.882837][T16632] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d)
[  612.922980][T16632] exFAT-fs (loop4): failed to test first cluster bit of root dir(5)
[  613.142749][T16632] lo speed is unknown, defaulting to 1000
[  614.771911][T16663] lo speed is unknown, defaulting to 1000
[  615.764209][T16682] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3210'.
[  615.817961][T16683] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3211'.
[  615.894459][T16687] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3210'.
[  617.414326][T16712] fuse: fd is not a fuse device
[  618.485614][T16741] /dev/nullb0: Can't lookup blockdev
[  619.145944][T16751] team0: Port device syz_tun removed
[  619.275625][T16756] net_ratelimit: 10 callbacks suppressed
[  619.275654][T16756] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  619.289925][T16756] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  619.335633][T16751] bond0: (slave bond_slave_0): Releasing backup interface
[  619.450652][T16761] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3238'.
[  619.462805][T16751] bond0: (slave bond_slave_1): Releasing backup interface
[  619.523207][T16763] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3237'.
[  619.670917][T16751] team0: Port device team_slave_0 removed
[  619.784745][T16751] team0: Port device team_slave_1 removed
[  619.940233][T16751] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  619.989845][T16751] batman_adv: batadv0: Removing interface: batadv_slave_1
[  620.072223][T16751] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  620.154864][T16756] hsr0: entered promiscuous mode
[  620.174625][T16759] hsr0: left promiscuous mode
[  620.318401][T16762] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3238'.
[  620.327703][T16763] hsr_slave_0: left promiscuous mode
[  620.341562][T16763] hsr_slave_1: left promiscuous mode
[  620.424412][T16772] lo: entered allmulticast mode
[  620.431454][T16772] tunl0: entered allmulticast mode
[  620.481239][T16772] gre0: entered allmulticast mode
[  620.516232][T16772] gretap0: entered allmulticast mode
[  620.572295][T16772] erspan0: left promiscuous mode
[  620.587633][T16772] erspan0: entered allmulticast mode
[  620.602744][T16772] ip_vti0: entered allmulticast mode
[  620.619687][T16772] ip6_vti0: entered allmulticast mode
[  620.628221][T16774] loop4: detected capacity change from 0 to 512
[  620.636838][T16772] sit0: entered allmulticast mode
[  620.661318][T16774] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  620.686489][T16772] ip6tnl0: entered allmulticast mode
[  620.716701][T16774] EXT4-fs (loop4): 1 truncate cleaned up
[  620.725291][T16772] ip6gre0: entered allmulticast mode
[  620.734465][T16774] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  620.836825][T16772] syz_tun: entered allmulticast mode
[  620.905575][T16772] ip6gretap0: entered allmulticast mode
[  620.936597][T16772] bridge0: port 1(bridge_slave_0) entered disabled state
[  620.962673][T16772] bridge0: entered allmulticast mode
[  620.980196][T16772] vcan0: entered allmulticast mode
[  620.996424][T16772] bond0: entered allmulticast mode
[  621.025610][T16772] bond_slave_1: entered allmulticast mode
[  621.038012][    C0] I/O error, dev loop4, sector 70 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2
[  621.061373][T16774] loop4: detected capacity change from 512 to 0
[  621.068121][T16772] bridge_slave_1: entered allmulticast mode
[  621.081475][T16772] team0: entered allmulticast mode
[  621.086989][T16772] team_slave_0: entered allmulticast mode
[  621.095970][T16772] team_slave_1: entered allmulticast mode
[  621.116737][T16772] dummy0: entered allmulticast mode
[  621.153222][T16772] nlmon0: entered allmulticast mode
[  621.172477][T16772] batadv0: entered allmulticast mode
[  621.221680][T16772] veth0: entered allmulticast mode
[  621.240253][T13707] EXT4-fs warning (device loop4): htree_dirblock_to_tree:1051: inode #2: lblock 0: comm syz-executor: error -5 reading directory block
[  621.275131][T16772] veth1: entered allmulticast mode
[  621.290651][T13707] EXT4-fs error (device loop4): ext4_get_inode_loc:5022: inode #2: block 5: comm syz-executor: unable to read itable block
[  621.321702][T13707] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  621.333457][T16772] wg0: entered allmulticast mode
[  621.343067][T13707] EXT4-fs (loop4): I/O error while writing superblock
[  621.351689][T16772] wg1: entered allmulticast mode
[  621.359840][T13707] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6383: IO failure
[  621.369637][T16772] wg2: entered allmulticast mode
[  621.376908][T16772] veth0_to_bridge: entered allmulticast mode
[  621.389039][T13707] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  621.422370][T16772] veth1_to_bridge: entered allmulticast mode
[  621.445377][T13707] EXT4-fs (loop4): I/O error while writing superblock
[  621.458245][T16772] veth1_to_bond: entered allmulticast mode
[  621.464830][T13707] EXT4-fs error (device loop4): ext4_dirty_inode:6587: inode #2: comm syz-executor: mark_inode_dirty error
[  621.481009][T16772] veth0_to_team: entered allmulticast mode
[  621.487322][T13707] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  621.501660][T16772] veth1_to_team: entered allmulticast mode
[  621.511288][T13707] EXT4-fs (loop4): I/O error while writing superblock
[  621.524145][T16772] veth1_to_batadv: entered allmulticast mode
[  621.542822][T16772] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  621.560038][T16772] batadv_slave_1: entered allmulticast mode
[  621.583174][T16772] xfrm0: entered allmulticast mode
[  621.592233][T16772] veth0_to_hsr: entered allmulticast mode
[  621.601662][T16772] hsr_slave_0: entered allmulticast mode
[  621.609678][T16772] veth1_to_hsr: entered allmulticast mode
[  621.618025][T16772] hsr_slave_1: entered allmulticast mode
[  621.632727][T16772] hsr0: entered allmulticast mode
[  621.642375][T16772] veth1_virt_wifi: entered allmulticast mode
[  621.653670][T16772] veth0_virt_wifi: entered allmulticast mode
[  621.662493][T16772] virt_wifi0: entered allmulticast mode
[  621.668422][T16772] veth1_vlan: entered allmulticast mode
[  621.708084][T16772] veth0_vlan: entered allmulticast mode
[  621.794294][T16772] vlan0: entered allmulticast mode
[  621.832810][T16772] vlan1: entered allmulticast mode
[  621.860456][T16772] macvlan0: entered allmulticast mode
[  621.906375][T16772] macvlan1: entered allmulticast mode
[  621.945859][T16772] ipvlan0: entered allmulticast mode
[  621.969913][T16772] ipvlan1: entered allmulticast mode
[  622.002298][T16772] geneve0: entered allmulticast mode
[  622.093470][T16772] geneve1: entered allmulticast mode
[  622.178299][T16772] netdevsim netdevsim6 netdevsim0: entered allmulticast mode
[  622.265397][T16772] netdevsim netdevsim6 netdevsim1: entered allmulticast mode
[  622.322700][T16772] netdevsim netdevsim6 netdevsim2: entered allmulticast mode
[  622.387058][T16772] netdevsim netdevsim6 netdevsim3: entered allmulticast mode
[  622.557893][ T6278] EXT4-fs error (device loop4): __ext4_get_inode_loc_noinmem:5007: inode #18: block 9: comm kworker/u8:18: unable to read itable block
[  622.619800][ T6278] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  622.624457][T16772] mac80211_hwsim hwsim14 wlan0: entered allmulticast mode
[  622.658015][ T6278] EXT4-fs (loop4): I/O error while writing superblock
[  622.681300][ T6278] EXT4-fs error (device loop4): __ext4_get_inode_loc_noinmem:5007: inode #2: block 5: comm kworker/u8:18: unable to read itable block
[  622.713858][ T6278] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  622.730623][ T6278] EXT4-fs (loop4): I/O error while writing superblock
[  622.746421][T16772] mac80211_hwsim hwsim15 wlan1: entered allmulticast mode
[  622.760175][T16772] sit1: entered allmulticast mode
[  622.785639][T16772] 8: entered allmulticast mode
[  622.806536][T16772] vlan2: entered allmulticast mode
[  622.814446][T14373] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  622.833679][T16772] syztnl0: entered allmulticast mode
[  622.847167][T14373] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  622.857971][T16772] ip6tnl1: left promiscuous mode
[  622.879082][T14373] EXT4-fs (loop4): I/O error while writing superblock
[  622.895955][T16772] veth2: entered allmulticast mode
[  622.913451][T16772] veth3: entered allmulticast mode
[  622.927931][T16772] veth4: entered allmulticast mode
[  622.943407][T16772] veth5: entered allmulticast mode
[  622.956775][T16762] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3238'.
[  622.994617][T16781] team_slave_0 (unregistering): left promiscuous mode
[  623.044487][T16781] team0: Port device team_slave_0 removed
[  623.221219][   T36] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  623.250203][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  623.256880][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  623.273882][   T36] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  624.084362][   T36] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  624.117003][   T36] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  624.913246][ T6278] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  624.930493][ T5627] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  624.960159][ T5627] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  624.978460][ T5627] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  625.000715][ T5627] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  625.009397][ T5627] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  625.624980][T16841] 8021q: adding VLAN 0 to HW filter on device team0
[  626.005527][T16841] 8021q: adding VLAN 0 to HW filter on device bond1
[  626.164111][T16855] loop1: detected capacity change from 0 to 512
[  626.168699][T16841] 8021q: adding VLAN 0 to HW filter on device team1
[  626.291776][T16841] 8021q: adding VLAN 0 to HW filter on device bond4
[  626.324584][T16855] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.3267: inode has both inline data and extents flags
[  626.382314][T16855] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  626.383568][T16841] 8021q: adding VLAN 0 to HW filter on device bond5
[  626.385042][T16855] EXT4-fs error (device loop1): ext4_orphan_get:1400: comm syz.1.3267: couldn't read orphan inode 15 (err -117)
[  626.399626][    C1] EXT4-fs (loop1): error count since last fsck: 1
[  626.399653][    C1] EXT4-fs (loop1): initial error at time 1778090248: ext4_orphan_get:1397: inode 15
[  626.399694][    C1] EXT4-fs (loop1): last error at time 1778090248: ext4_orphan_get:1397: inode 15
[  626.515441][T16855] loop1: lost filesystem error report for type 5 error -117
[  626.520386][T16855] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  626.583234][T16789] lo speed is unknown, defaulting to 1000
[  626.858793][ T6278] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  627.063497][T13746] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  627.079249][ T5627] Bluetooth: hci2: command tx timeout
[  627.197850][T16869] loop8: detected capacity change from 0 to 128
[  627.283614][ T6278] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  627.429977][   T30] audit: type=1800 audit(1778090250.035:344): pid=16879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.3270" name="bus" dev="loop8" ino=1048697 res=0 errno=0
[  627.605237][ T6278] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  627.674519][    C1] I/O error, dev loop8, sector 32 op 0x1:(WRITE) flags 0x0 phys_seg 1 prio class 2
[  627.683958][    C1] Buffer I/O error on dev loop8, logical block 32, lost sync page write
[  627.711324][    C1] I/O error, dev loop8, sector 32 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  627.737826][T16879] loop8: detected capacity change from 128 to 0
[  627.878370][T16869] FAT-fs (loop8): FAT read failed (blocknr 32)
[  627.916741][T16869] Buffer I/O error on dev loop8, logical block 34, lost sync page write
[  627.978406][T16869] FAT-fs (loop8): unable to read inode block for updating (i_pos 548)
[  628.250355][ T7799] FAT-fs (loop8): Directory bread(block 34) failed
[  628.310209][ T7799] FAT-fs (loop8): Directory bread(block 40) failed
[  628.347527][ T7799] Buffer I/O error on dev loop8, logical block 33, lost sync page write
[  628.475598][T16828] lo speed is unknown, defaulting to 1000
[  628.931371][ T5846] page_pool_release_retry() stalled pool shutdown: id 142, 45 inflight 60 sec
[  629.097862][T16899] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3281'.
[  629.158913][ T5627] Bluetooth: hci2: command tx timeout
[  629.222617][ T3349] FAT-fs (loop8): unable to read inode block for updating (i_pos 548)
[  629.252087][ T3349] FAT-fs (loop8): bread failed in fat_clusters_flush
[  629.301803][ T7799] FAT-fs (loop8): unable to read boot sector to mark fs as dirty
[  630.661700][ T6278] bond0 (unregistering): Released all slaves
[  631.238849][ T5627] Bluetooth: hci2: command tx timeout
[  631.663135][ T5281] 8021q: adding VLAN 0 to HW filter on device eth9
[  631.756794][T12234] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  631.789778][T12234] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  631.847910][T12234] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  631.880755][T12234] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  631.901780][T12234] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  632.923384][ T6278] hsr_slave_0: left promiscuous mode
[  632.978483][ T6278] hsr_slave_1: left promiscuous mode
[  633.172455][ T6278] vlan0: left allmulticast mode
[  633.202526][ T6278] veth0_vlan: left allmulticast mode
[  633.225983][ T6278] vlan0: left promiscuous mode
[  633.268249][ T6278] veth1_macvtap: left promiscuous mode
[  633.301727][ T6278] veth0_macvtap: left promiscuous mode
[  633.319085][T12234] Bluetooth: hci2: command tx timeout
[  633.326278][ T6278] veth1_vlan: left promiscuous mode
[  633.349321][ T6278] veth0_vlan: left promiscuous mode
[  633.959411][T12234] Bluetooth: hci0: command tx timeout
[  635.608352][ T5281] 8021q: adding VLAN 0 to HW filter on device eth10
[  635.752920][T16828] bridge0: port 1(bridge_slave_0) entered blocking state
[  635.769469][T16828] bridge0: port 1(bridge_slave_0) entered disabled state
[  635.785475][T16828] bridge_slave_0: entered allmulticast mode
[  635.797446][T16828] bridge_slave_0: entered promiscuous mode
[  635.821407][T16828] bridge0: port 2(bridge_slave_1) entered blocking state
[  635.831558][T16828] bridge0: port 2(bridge_slave_1) entered disabled state
[  635.849240][T16828] bridge_slave_1: entered allmulticast mode
[  635.878540][T16828] bridge_slave_1: entered promiscuous mode
[  635.915726][T17000] lo speed is unknown, defaulting to 1000
[  636.063463][T12234] Bluetooth: hci0: command tx timeout
[  636.143626][T16828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  636.273791][T16828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  636.592678][T16828] team0: Port device team_slave_0 added
[  636.647982][T17023] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3303'.
[  636.733208][T16828] team0: Port device team_slave_1 added
[  636.984758][T17028] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3305'.
[  637.096963][T16828] batman_adv: batadv0: Adding interface: batadv_slave_0
[  637.113650][T16828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  637.173053][T16828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  637.212879][T16828] batman_adv: batadv0: Adding interface: batadv_slave_1
[  637.234730][T16828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  637.327939][T16828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  637.467256][ T6278] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  637.653372][T16935] lo speed is unknown, defaulting to 1000
[  637.861876][T16828] hsr_slave_0: entered promiscuous mode
[  637.895620][T16828] hsr_slave_1: entered promiscuous mode
[  638.016494][ T6278] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  638.118709][T12234] Bluetooth: hci0: command tx timeout
[  638.163951][ T6278] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  638.197178][T17045] input: syz0 as /devices/virtual/input/input11
[  638.541304][ T6278] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  638.809821][ T5281] 8021q: adding VLAN 0 to HW filter on device eth11
[  640.198984][T12234] Bluetooth: hci0: command tx timeout
[  640.503250][ T6278] dvmrp0: left allmulticast mode
[  640.655941][T17082] netlink: 'syz.2.3312': attribute type 1 has an invalid length.
[  640.674807][ T6278] bond3 (unregistering): (slave ip6gre1): Releasing backup interface
[  640.702517][ T6278] ip6gre1 (unregistering): left promiscuous mode
[  641.222656][ T6278] bond4 (unregistering): (slave geneve2): Releasing active interface
[  641.242348][T17094] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3315'.
[  641.253787][ T6278] geneve2 (unregistering): left promiscuous mode
[  641.265990][T17094] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3315'.
[  641.571663][ T6278] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  641.594292][ T6278] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  641.611571][ T6278] bond0 (unregistering): Released all slaves
[  641.660710][ T6278] bond1 (unregistering): Released all slaves
[  641.717021][ T6278] bond2 (unregistering): Released all slaves
[  641.776186][ T6278] bond3 (unregistering): Released all slaves
[  641.826731][ T6278] bond4 (unregistering): Released all slaves
[  642.583820][T16828] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  642.653063][T16828] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  642.928248][T17082] workqueue: Failed to create a rescuer kthread for wq "bond6": -EINTR
[  642.984987][T17083] erspan1: entered allmulticast mode
[  643.143254][ T5281] 8021q: adding VLAN 0 to HW filter on device eth12
[  643.283719][T16828] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  643.307768][T16828] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  643.414520][ T6278] tipc: Left network mode
[  643.771131][T16828] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  643.813641][T16828] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  644.586784][T16828] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  644.615738][T16828] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  644.944495][T16935] bridge0: port 1(bridge_slave_0) entered blocking state
[  644.976529][T16935] bridge0: port 1(bridge_slave_0) entered disabled state
[  644.994318][T16935] bridge_slave_0: entered allmulticast mode
[  645.006892][T16935] bridge_slave_0: entered promiscuous mode
[  645.061815][T16935] bridge0: port 2(bridge_slave_1) entered blocking state
[  645.108340][T16935] bridge0: port 2(bridge_slave_1) entered disabled state
[  645.139121][T16935] bridge_slave_1: entered allmulticast mode
[  645.191645][T16935] bridge_slave_1: entered promiscuous mode
[  645.435822][ T6278] hsr_slave_1: left promiscuous mode
[  646.367708][ T6278] team0 (unregistering): Port device team_slave_1 removed
[  646.437782][ T6278] team0 (unregistering): Port device team_slave_0 removed
[  646.738702][   T49] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  646.803231][T16935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  646.885465][T17164] overlayfs: failed to clone upperpath
[  646.887224][ T5281] 8021q: adding VLAN 0 to HW filter on device eth13
[  646.921541][   T49] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  646.941518][T16935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  646.960600][   T49] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  646.986831][   T49] usb 2-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.01
[  647.028900][   T49] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  647.083680][   T49] usb 2-1: config 0 descriptor??
[  647.296254][T16935] team0: Port device team_slave_0 added
[  647.338954][T16935] team0: Port device team_slave_1 added
[  647.356107][T17160] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  647.379791][T17160] overlayfs: missing 'lowerdir'
[  647.688365][   T49] usbhid 2-1:0.0: can't add hid device: -71
[  647.710779][T16935] batman_adv: batadv0: Adding interface: batadv_slave_0
[  647.722570][   T49] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  647.739059][T16935] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  647.781579][   T49] usb 2-1: USB disconnect, device number 10
[  647.828423][T16935] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  647.873249][T16935] batman_adv: batadv0: Adding interface: batadv_slave_1
[  647.892780][T16935] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  647.955170][T16935] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  648.157326][ T6278] IPVS: stop unused estimator thread 0...
[  648.200204][T16828] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  648.231815][T16828] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  648.326148][T16828] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  648.397748][T16828] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  648.415817][T16828] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  648.453728][T16828] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  648.491782][T16935] hsr_slave_0: entered promiscuous mode
[  648.520182][T16935] hsr_slave_1: entered promiscuous mode
[  648.526697][T16935] debugfs: 'hsr0' already exists in 'hsr'
[  648.544288][T16935] Cannot create hsr debugfs directory
[  648.564477][T16828] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  648.592135][T16828] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  649.060717][T17207] 9pnet_fd: p9_fd_create_tcp (17207): problem connecting socket to 127.0.0.1
[  649.154022][T17207] 9pnet_fd: p9_fd_create_tcp (17207): problem connecting socket to 127.0.0.1
[  649.223095][T17207] 9pnet_fd: p9_fd_create_tcp (17207): problem connecting socket to 127.0.0.1
[  649.308152][T17207] 9pnet_fd: p9_fd_create_tcp (17207): problem connecting socket to 127.0.0.1
[  649.379953][T17207] 9pnet_fd: p9_fd_create_tcp (17207): problem connecting socket to 127.0.0.1
[  649.420063][T17207] 9pnet_fd: p9_fd_create_tcp (17207): problem connecting socket to 127.0.0.1
[  649.460870][T17207] 9pnet_fd: p9_fd_create_tcp (17207): problem connecting socket to 127.0.0.1
[  649.517539][T17207] 9pnet_fd: p9_fd_create_tcp (17207): problem connecting socket to 127.0.0.1
[  649.766305][T17207] 9pnet_fd: p9_fd_create_tcp (17207): problem connecting socket to 127.0.0.1
[  649.848459][T17207] 9pnet_fd: p9_fd_create_tcp (17207): problem connecting socket to 127.0.0.1
[  649.924452][T16828] 8021q: adding VLAN 0 to HW filter on device bond0
[  650.075885][T16828] 8021q: adding VLAN 0 to HW filter on device team0
[  650.325997][T17224] overlayfs: failed to clone upperpath
[  650.662060][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[  650.669400][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[  650.768018][ T6278] bridge0: port 2(bridge_slave_1) entered blocking state
[  650.775282][ T6278] bridge0: port 2(bridge_slave_1) entered forwarding state
[  650.864688][T12234] Bluetooth: hci5: ACL packet for unknown connection handle 201
[  652.077051][ T5281] 8021q: adding VLAN 0 to HW filter on device eth14
[  653.093780][T17254] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3356'.
[  653.164058][T17254] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3356'.
[  653.754143][T17248] lo speed is unknown, defaulting to 1000
[  653.782745][T16935] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  653.835021][T16935] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  653.912396][T16935] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  653.955976][T16935] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  654.091402][T16935] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  654.142589][T16935] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  654.172076][T16935] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  654.198458][T16935] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  654.253788][T17272] syz_tun: entered allmulticast mode
[  654.284505][   T30] audit: type=1326 audit(1778090276.885:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17247 comm="syz.2.3355" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5fbaf9cdd9 code=0x0
[  654.378516][T17271] syz_tun: left allmulticast mode
[  654.533965][T16828] 8021q: adding VLAN 0 to HW filter on device batadv0
[  655.002122][ T5281] 8021q: adding VLAN 0 to HW filter on device eth15
[  655.140998][T16828] veth0_vlan: entered promiscuous mode
[  655.351098][T16828] veth1_vlan: entered promiscuous mode
[  655.634033][T16935] 8021q: adding VLAN 0 to HW filter on device bond0
[  655.793602][T16828] veth0_macvtap: entered promiscuous mode
[  655.840049][T16935] 8021q: adding VLAN 0 to HW filter on device team0
[  655.876528][T16828] veth1_macvtap: entered promiscuous mode
[  655.991975][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[  655.999218][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[  656.383442][ T6276] bridge0: port 2(bridge_slave_1) entered blocking state
[  656.390736][ T6276] bridge0: port 2(bridge_slave_1) entered forwarding state
[  656.488387][T16828] batman_adv: batadv0: Interface activated: batadv_slave_0
[  656.598487][T16828] batman_adv: batadv0: Interface activated: batadv_slave_1
[  656.740880][T17323] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  656.790521][ T6265] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  656.826526][ T6265] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  656.871823][T17323] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  656.890531][ T6265] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  656.917861][ T6265] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  657.451726][ T6271] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  657.493404][ T6271] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  657.790571][ T5799] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  657.837040][ T5799] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  657.926354][ T5281] 8021q: adding VLAN 0 to HW filter on device eth16
[  660.862633][T16935] 8021q: adding VLAN 0 to HW filter on device batadv0
[  661.409263][T17419] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3389'.
[  661.485821][T17422] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.3390'.
[  662.239915][T16935] veth0_vlan: entered promiscuous mode
[  662.302932][T17445] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3397'.
[  662.442285][T17441] : entered promiscuous mode
[  662.556853][T16935] veth1_vlan: entered promiscuous mode
[  662.684137][T16935] veth0_macvtap: entered promiscuous mode
[  662.719945][T16935] veth1_macvtap: entered promiscuous mode
[  662.813805][T16935] batman_adv: batadv0: Interface activated: batadv_slave_0
[  662.869641][T16935] batman_adv: batadv0: Interface activated: batadv_slave_1
[  662.957468][ T6265] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  662.997489][ T6265] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  663.035097][ T6265] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  663.068357][ T6265] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  663.443086][ T6265] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  663.462099][ T6265] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  663.684117][ T6265] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  663.736686][ T6265] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  664.879279][T12940] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  665.091151][T12940] usb 10-1: Using ep0 maxpacket: 32
[  665.123083][T12940] usb 10-1: config 0 has an invalid interface number: 89 but max is 0
[  665.164909][T12940] usb 10-1: config 0 has no interface number 0
[  665.189642][T12940] usb 10-1: config 0 interface 89 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  665.226489][T12940] usb 10-1: config 0 interface 89 has no altsetting 0
[  665.254416][T12940] usb 10-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4a
[  665.285174][T12940] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  665.317618][T12940] usb 10-1: Product: syz
[  665.344929][T12940] usb 10-1: Manufacturer: syz
[  665.369955][T12940] usb 10-1: SerialNumber: syz
[  665.457448][T12940] usb 10-1: config 0 descriptor??
[  665.549752][T12940] em28xx 10-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  665.604224][T12940] em28xx 10-1:0.89: Video interface 89 found:
[  666.204095][T12940] em28xx 10-1:0.89: unknown em28xx chip ID (0)
[  667.308181][T12940] em28xx 10-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[  667.353499][T12940] em28xx 10-1:0.89: board has no eeprom
[  667.439762][T12940] em28xx 10-1:0.89: Identified as Terratec Grabby (card=67)
[  667.470263][T12940] em28xx 10-1:0.89: analog set to bulk mode.
[  667.504648][ T5918] em28xx 10-1:0.89: Registering V4L2 extension
[  667.536774][T12940] usb 10-1: USB disconnect, device number 6
[  667.584827][T12940] em28xx 10-1:0.89: Disconnecting em28xx
[  667.799799][ T5918] em28xx 10-1:0.89: Config register raw data: 0xffffffed
[  667.825950][ T5918] em28xx 10-1:0.89: AC97 chip type couldn't be determined
[  667.863457][ T5918] em28xx 10-1:0.89: No AC97 audio processor
[  667.912677][ T5918] usb 10-1: Decoder not found
[  667.948043][ T5918] em28xx 10-1:0.89: failed to create media graph
[  667.984514][ T5918] em28xx 10-1:0.89: V4L2 device video103 deregistered
[  668.047132][ T5918] em28xx 10-1:0.89: Registering snapshot button...
[  668.281622][ T5918] input: em28xx snapshot button as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.89/input/input12
[  668.662667][T17573] netlink: zone id is out of range
[  668.667983][T17573] netlink: zone id is out of range
[  668.673534][T17573] netlink: zone id is out of range
[  668.679737][T17573] netlink: zone id is out of range
[  668.704782][T17573] netlink: set zone limit has 4 unknown bytes
[  668.725603][ T5918] em28xx 10-1:0.89: Remote control support is not available for this card.
[  668.765957][T12940] em28xx 10-1:0.89: Closing input extension
[  668.818985][T12940] em28xx 10-1:0.89: Deregistering snapshot button
[  669.280328][T17583] overlayfs: failed to clone upperpath
[  669.327068][T17582] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method
[  669.426990][T17585] netlink: 'syz.1.3427': attribute type 7 has an invalid length.
[  670.329387][T12940] em28xx 10-1:0.89: Freeing device
[  671.647665][   T30] audit: type=1326 audit(1778090294.245:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17625 comm="syz.6.3443" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ad99cdd9 code=0x7ffc0000
[  671.704626][   T30] audit: type=1326 audit(1778090294.275:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17625 comm="syz.6.3443" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f37ad99cdd9 code=0x7ffc0000
[  671.710679][T17627] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3442'.
[  671.813072][   T30] audit: type=1326 audit(1778090294.275:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17625 comm="syz.6.3443" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ad99cdd9 code=0x7ffc0000
[  671.907129][   T30] audit: type=1326 audit(1778090294.275:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17625 comm="syz.6.3443" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f37ad99cdd9 code=0x7ffc0000
[  671.988448][   T30] audit: type=1326 audit(1778090294.275:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17625 comm="syz.6.3443" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ad99cdd9 code=0x7ffc0000
[  672.070515][   T30] audit: type=1326 audit(1778090294.285:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17625 comm="syz.6.3443" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ad99cdd9 code=0x7ffc0000
[  672.173356][   T30] audit: type=1326 audit(1778090294.285:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17625 comm="syz.6.3443" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f37ad99cdd9 code=0x7ffc0000
[  672.311771][T17627] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3442'.
[  672.330782][   T30] audit: type=1326 audit(1778090294.285:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17625 comm="syz.6.3443" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ad99cdd9 code=0x7ffc0000
[  672.393484][T17643] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3448'.
[  672.448275][   T30] audit: type=1326 audit(1778090294.285:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17625 comm="syz.6.3443" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ad99cdd9 code=0x7ffc0000
[  672.513249][   T30] audit: type=1326 audit(1778090294.285:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17625 comm="syz.6.3443" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f37ad99cdd9 code=0x7ffc0000
[  672.609579][T17651] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3448'.
[  673.456606][T17668] fuse: fd is not a fuse device
[  675.154868][T17699] netlink: 212368 bytes leftover after parsing attributes in process `syz.7.3461'.
[  675.503201][T17707] syz_tun: entered allmulticast mode
[  675.573329][T17711] overlayfs: failed to clone upperpath
[  675.615868][T17707] pimreg: entered allmulticast mode
[  675.811971][T17705] syz_tun: left allmulticast mode
[  676.153459][T17733] fuse: fd is not a fuse device
[  676.586725][T17743] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3475'.
[  677.458790][T17751] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3477'.
[  677.792921][T17758] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3477'.
[  680.254823][T17790] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3485'.
[  681.220331][T17816] fuse: fd is not a fuse device
[  682.346343][T17851] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3502'.
[  682.429406][T17851] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3502'.
[  682.689869][ T5761] usb 1-1: new low-speed USB device number 8 using dummy_hcd
[  682.873063][ T5761] usb 1-1: config 0 has an invalid interface number: 210 but max is 0
[  682.912153][ T5761] usb 1-1: config 0 has no interface number 0
[  682.950014][ T5761] usb 1-1: config 0 interface 210 altsetting 227 endpoint 0xF is Bulk; changing to Interrupt
[  682.985445][ T5761] usb 1-1: config 0 interface 210 has no altsetting 0
[  683.014502][ T5761] usb 1-1: string descriptor 0 read error: -22
[  683.034049][ T5761] usb 1-1: New USB device found, idVendor=05ac, idProduct=921c, bcdDevice=99.e1
[  683.043872][T17876] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3510'.
[  683.067259][ T5761] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  683.138544][ T5761] usb 1-1: config 0 descriptor??
[  683.158321][T17853] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  683.205822][ T5761] appledisplay 1-1:0.210: Could not find int-in endpoint
[  683.254848][ T5761] usbhid 1-1:0.210: couldn't find an input interrupt endpoint
[  683.586108][ T5846] usb 1-1: USB disconnect, device number 8
[  684.490654][T17897] ref_ctr increment failed for inode: 0xc34 offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff888081c18000
[  684.694053][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  684.700991][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  685.139500][ T6278] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.655973][ T6278] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.777416][T17922] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3518'.
[  685.865223][T17926] fuse: fd is not a fuse device
[  686.035674][T17922] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3518'.
[  686.130050][ T6278] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  686.577851][ T6278] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  687.138638][    T0] NOHZ tick-stop error: local softirq work is pending, handler #204!!!
[  688.600790][ T6278] team0: left allmulticast mode
[  688.637612][ T6278] team_slave_0: left allmulticast mode
[  688.679065][ T6278] team_slave_1: left allmulticast mode
[  688.753573][ T6278] team0: left promiscuous mode
[  688.759082][T17968] 9pnet_fd: p9_fd_create_tcp (17968): problem connecting socket to 127.0.0.1
[  688.786412][ T6278] team_slave_0: left promiscuous mode
[  688.813246][ T6278] team_slave_1: left promiscuous mode
[  688.845094][ T6278] bridge0: port 3(team0) entered disabled state
[  689.638900][T12967] page_pool_release_retry() stalled pool shutdown: id 142, 45 inflight 121 sec
[  689.694930][ T6278] bridge_slave_1: left allmulticast mode
[  689.780823][ T6278] bridge_slave_1: left promiscuous mode
[  689.809721][ T6278] bridge0: port 2(bridge_slave_1) entered disabled state
[  689.868275][ T6278] bridge_slave_0: left allmulticast mode
[  689.900666][ T6278] bridge_slave_0: left promiscuous mode
[  689.925494][ T6278] bridge0: port 1(bridge_slave_0) entered disabled state
[  690.638868][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c0!!!
[  691.078266][ T6278] bond1 (unregistering): (slave gretap1): Releasing active interface
[  691.349437][ T6278] team0: Port device bridge1 removed
[  691.474841][ T6278] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  691.589508][ T6278] bond0 (unregistering): Released all slaves
[  691.731522][ T6278] bond1 (unregistering): Released all slaves
[  694.226973][ T6278] hsr_slave_0: left promiscuous mode
[  694.304809][ T6278] hsr_slave_1: left promiscuous mode
[  694.352569][ T6278] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  694.435661][ T6278] batman_adv: batadv0: Removing interface: batadv_slave_0
[  694.510426][ T6278] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  694.579410][ T6278] batman_adv: batadv0: Removing interface: batadv_slave_1
[  694.876048][ T6278] veth1_macvtap: left promiscuous mode
[  694.918165][ T6278] veth0_macvtap: left promiscuous mode
[  694.967528][ T6278] veth1_vlan: left promiscuous mode
[  695.007968][ T6278] veth0_vlan: left promiscuous mode
[  695.211467][T18041] fuse: fd is not a fuse device
[  697.466797][ T5846] kernel read not supported for file [fscontext] (pid: 5846 comm: kworker/1:7)
[  699.060049][ T6278] team0 (unregistering): Port device team_slave_1 removed
[  699.192203][ T6278] team0 (unregistering): Port device team_slave_0 removed
[  700.452497][T18088] fuse: fd is not a fuse device
[  700.985280][ T6278] IPVS: stop unused estimator thread 0...
[  701.036061][T18103] fuse: Bad value for 'fd'
[  702.243263][T18117] fuse: fd is not a fuse device
[  707.342092][T18171] netlink: 'syz.0.3585': attribute type 12 has an invalid length.
[  707.537452][T18177] xt_hashlimit: max too large, truncated to 1048576
[  711.348617][    T0] NOHZ tick-stop error: local softirq work is pending, handler #204!!!
[  711.468601][    T0] NOHZ tick-stop error: local softirq work is pending, handler #206!!!
[  711.528622][    T0] NOHZ tick-stop error: local softirq work is pending, handler #06!!!
[  711.749574][T18250] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3610'.
[  711.888600][    T0] NOHZ tick-stop error: local softirq work is pending, handler #06!!!
[  712.188599][    T0] NOHZ tick-stop error: local softirq work is pending, handler #06!!!
[  713.239213][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  713.702942][T18274] fuse: fd is not a fuse device
[  715.044211][T18293] hugetlbfs: syz.9.3622 (18293): Using mlock ulimits for SHM_HUGETLB is obsolete
[  715.999956][ T5281] 8021q: adding VLAN 0 to HW filter on device eth1
[  722.585467][T18376] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3647'.
[  724.030738][T18404] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3653'.
[  724.046312][T18404] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3653'.
[  724.385345][T18419] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3656'.
[  724.476342][T18419] 8021q: adding VLAN 0 to HW filter on device bond2
[  724.487217][T18421] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  725.195843][ T5846] Process accounting resumed
[  725.259816][T18445] Process accounting resumed
[  725.408013][T18447] netlink: 'syz.0.3663': attribute type 1 has an invalid length.
[  725.556359][T12955] libceph: connect (1)[c::]:6789 error -101
[  725.602703][T12955] libceph: mon0 (1)[c::]:6789 connect error
[  725.655632][T18455] ceph: No mds server is up or the cluster is laggy
[  725.816255][T18447] 8021q: adding VLAN 0 to HW filter on device bond1
[  726.292177][T18453] bond1: (slave geneve2): making interface the new active one
[  726.327152][T18453] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  726.769602][ T5281] 8021q: adding VLAN 0 to HW filter on device eth2
[  731.192799][ T5281] 8021q: adding VLAN 0 to HW filter on device eth3
[  731.699669][T12234] Bluetooth: hci4: Unknown advertising packet type: 0x19
[  731.699842][T12234] Bluetooth: hci4: Unknown advertising packet type: 0x1f
[  737.051663][ T5281] 8021q: adding VLAN 0 to HW filter on device eth4
[  737.737714][T18646] bond1: (slave ip6gretap1): making interface the new active one
[  737.773751][T18650] netlink: 798 bytes leftover after parsing attributes in process `syz.1.3719'.
[  737.853484][T18646] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  739.072105][T18665] netlink: 44 bytes leftover after parsing attributes in process `syz.6.3724'.
[  744.426519][T12944] libceph: connect (1)[c::]:6789 error -101
[  744.482536][T12944] libceph: mon0 (1)[c::]:6789 connect error
[  744.531376][T18716] ceph: No mds server is up or the cluster is laggy
[  744.819013][T12944] libceph: connect (1)[c::]:6789 error -101
[  744.874991][T12944] libceph: mon0 (1)[c::]:6789 connect error
[  745.922045][T18752] netlink: 124 bytes leftover after parsing attributes in process `syz.2.3747'.
[  746.008512][T18750] tipc: Failed to remove unknown binding: 66,0,0/0:1253500366/1253500367
[  746.055650][T18754] bond0: option arp_interval: mode dependency failed, not supported in mode 802.3ad(4)
[  746.079071][T18750] tipc: Failed to remove unknown binding: 66,0,0/0:1253500366/1253500367
[  746.130854][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  746.138937][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  746.968151][T18769] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3754'.
[  747.862804][T18783] overlayfs: failed to clone upperpath
[  748.248736][T18756] Bluetooth: hci2: command 0x0406 tx timeout
[  749.445412][T18795] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3761'.
[  750.599346][T12967] page_pool_release_retry() stalled pool shutdown: id 142, 45 inflight 182 sec
[  750.691110][T18818] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  753.643485][T18850] bridge0: port 2(bridge_slave_1) entered disabled state
[  753.652565][T18850] bridge0: port 1(bridge_slave_0) entered disabled state
[  754.158315][T18850] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  754.197171][T18850] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  754.822690][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  754.822741][   T30] audit: type=1804 audit(1778090377.425:366): pid=18891 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.3786" name="file0" dev="tmpfs" ino=3307 res=1 errno=0
[  754.909824][T18849] bridge0: port 1(bridge_slave_0) entered disabled state
[  754.946780][T18849] bridge_slave_0 (unregistering): left allmulticast mode
[  754.983499][T18849] bridge_slave_0 (unregistering): left promiscuous mode
[  755.012379][T18849] bridge0: port 1(bridge_slave_0) entered disabled state
[  755.160998][T18872] lo: left allmulticast mode
[  755.187892][T18872] tunl0: left allmulticast mode
[  755.216159][T18872] gre0: left allmulticast mode
[  755.217902][T18900] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3788'.
[  755.251800][T18872] gretap0: left allmulticast mode
[  755.284336][T18872] erspan0: left allmulticast mode
[  755.317211][T18872] ip_vti0: left allmulticast mode
[  755.352310][T18872] ip6_vti0: left allmulticast mode
[  755.385442][T18872] sit0: left allmulticast mode
[  755.416813][T18872] ip6tnl0: left allmulticast mode
[  755.460715][T18872] ip6gre0: left allmulticast mode
[  755.490443][T18872] ip6gretap0: left allmulticast mode
[  755.525444][T18872] bridge0: left allmulticast mode
[  755.556348][T18872] vcan0: left allmulticast mode
[  755.590047][T18872] 
: left allmulticast mode
[  755.616280][T18872] team0: left allmulticast mode
[  755.636431][T18872] dummy0: left allmulticast mode
[  755.660663][T18872] nlmon0: left allmulticast mode
[  755.683379][T18872] batadv0: left allmulticast mode
[  755.703801][T18872] vxcan0: left allmulticast mode
[  755.739493][T18872] vxcan1: left allmulticast mode
[  755.750158][T18872] wg0: left allmulticast mode
[  755.756885][T18872] wg1: left allmulticast mode
[  755.776619][T18872] wg2: left allmulticast mode
[  755.781906][T18872] veth0_to_bridge: left allmulticast mode
[  755.793169][T18872] veth1_to_bridge: left allmulticast mode
[  755.804464][T18872] veth0_to_bond: left allmulticast mode
[  755.832752][T18872] bond_slave_0: left allmulticast mode
[  755.844423][T18872] veth1_to_bond: left allmulticast mode
[  755.874206][T18872] bond_slave_1: left allmulticast mode
[  755.890519][T18872] veth1_to_team: left allmulticast mode
[  755.904550][T18872] team_slave_1: left allmulticast mode
[  755.925900][T18872] veth0_to_batadv: left allmulticast mode
[  755.957703][T18872] batadv_slave_0: left allmulticast mode
[  756.001273][T18872] veth1_to_batadv: left allmulticast mode
[  756.022549][T18872] batadv_slave_1: left allmulticast mode
[  756.043808][T18872] xfrm0: left allmulticast mode
[  756.059611][T18872] veth0_to_hsr: left allmulticast mode
[  756.082164][T18872] veth1_to_hsr: left allmulticast mode
[  756.100606][T18872] hsr0: left allmulticast mode
[  756.110011][T18872] hsr_slave_0: left allmulticast mode
[  756.117928][T18872] hsr_slave_1: left allmulticast mode
[  756.126969][T18872] veth1_virt_wifi: left allmulticast mode
[  756.133956][T18872] veth0_virt_wifi: left allmulticast mode
[  756.140662][T18916] netlink: 'syz.6.3793': attribute type 1 has an invalid length.
[  756.153876][T18872] virt_wifi0: left allmulticast mode
[  756.164309][T18872] veth1_vlan: left allmulticast mode
[  756.170815][T18872] vlan0: left allmulticast mode
[  756.177955][T18872] vlan1: left allmulticast mode
[  756.183758][T18872] macvlan0: left allmulticast mode
[  756.190401][T18872] macvlan1: left allmulticast mode
[  756.197032][T18872] ipvlan0: left allmulticast mode
[  756.207289][T18872] ipvlan1: left allmulticast mode
[  756.215007][T18872] veth0_vlan: left allmulticast mode
[  756.224305][T18872] veth1_macvtap: left allmulticast mode
[  756.233744][T18872] veth0_macvtap: left allmulticast mode
[  756.240490][T18872] macvtap0: left allmulticast mode
[  756.249883][T18872] macsec0: left allmulticast mode
[  756.256367][T18872] geneve0: left allmulticast mode
[  756.267102][T18872] geneve1: left allmulticast mode
[  756.283830][T18872] netdevsim netdevsim7 netdevsim0: left allmulticast mode
[  756.307157][T18872] netdevsim netdevsim7 netdevsim1: left allmulticast mode
[  756.324014][T18872] netdevsim netdevsim7 netdevsim2: left allmulticast mode
[  756.332791][T18872] netdevsim netdevsim7 netdevsim3: left allmulticast mode
[  756.342867][T18872] mac80211_hwsim hwsim16 wlan0: left allmulticast mode
[  756.352018][T18872] mac80211_hwsim hwsim17 wlan1: left allmulticast mode
[  756.361066][T18872] sit1: left allmulticast mode
[  756.366243][T18872] gtp0: left allmulticast mode
[  756.371938][T18872] bond0: left allmulticast mode
[  756.390367][T18872] gre1: left allmulticast mode
[  756.395547][T18872] veth0: left allmulticast mode
[  756.401234][T18872] veth1: left allmulticast mode
[  756.406460][T18872] sit2: left allmulticast mode
[  756.411891][T18872] bond1: left allmulticast mode
[  756.417023][T18872] gretap1: left allmulticast mode
[  756.424497][T18872] macsec1: left allmulticast mode
[  756.430360][T18872] bond2: left allmulticast mode
[  756.435497][T18872] : left allmulticast mode
[  756.440367][T18872] mac80211_hwsim hwsim26 wlan2: left allmulticast mode
[  756.447680][T18872] bridge1: left allmulticast mode
[  756.453789][T18872] bond3: left allmulticast mode
[  756.472772][ T3294] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  756.485409][ T3294] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  756.731840][T18916] 8021q: adding VLAN 0 to HW filter on device bond2
[  757.339235][T18917] bond2: entered allmulticast mode
[  758.339960][T18918] bond2: (slave ip6gretap2): making interface the new active one
[  758.376752][T18918] ip6gretap2: entered allmulticast mode
[  758.403093][T18918] bond2: (slave ip6gretap2): Enslaving as an active interface with an up link
[  758.432708][ T3294] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  758.456640][T12234] Bluetooth: hci0: command 0x0406 tx timeout
[  758.505580][ T3294] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  758.551895][T18930] tipc: Started in network mode
[  758.556830][T18930] tipc: Node identity ac1414aa, cluster identity 4711
[  758.730763][T18930] tipc: Enabled bearer <udp:syz2>, priority 10
[  758.774000][T18933] tipc: Enabled bearer <eth:veth0_macvtap>, priority 0
[  758.886831][T12944] kernel read not supported for file inotify (pid: 12944 comm: kworker/0:12)
[  759.636560][T18956] Cannot find add_set index 2 as target
[  760.026815][T16789] tipc: Node number set to 2886997162
[  764.153805][T19002] fuse: fd is not a fuse device
[  765.903631][T19019] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85
[  766.141345][T19024] netlink: 32 bytes leftover after parsing attributes in process `syz.7.3823'.
[  766.161059][T19022] 8021q: adding VLAN 0 to HW filter on device bond3
[  766.271232][T19024] netlink: 32 bytes leftover after parsing attributes in process `syz.7.3823'.
[  773.511320][T19175] netlink: 'syz.7.3867': attribute type 7 has an invalid length.
[  775.055638][T19191] syz_tun: entered allmulticast mode
[  775.636758][T19204] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3874'.
[  775.784176][T19204] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3874'.
[  775.822129][T19204] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3874'.
[  775.841745][T19208] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  775.952544][T19208] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  776.363601][T19208] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  778.682126][T19236] netlink: 'syz.2.3884': attribute type 1 has an invalid length.
[  778.853663][T19246] netlink: 14 bytes leftover after parsing attributes in process `syz.2.3884'.
[  779.018055][T19236] 8021q: adding VLAN 0 to HW filter on device bond6
[  779.313861][T19243] bond6: (slave dummy0): making interface the new active one
[  779.592857][T19243] bond6: (slave dummy0): Enslaving as an active interface with an up link
[  779.796610][T19246] bond6: (slave dummy0): Releasing active interface
[  780.175703][T19267] 9pnet_fd: p9_fd_create_tcp (19267): problem connecting socket to 127.0.0.1
[  780.530915][T19282] netlink: 'syz.1.3896': attribute type 1 has an invalid length.
[  781.010638][T19282] bond3: (slave bridge3): Enslaving as a backup interface with an up link
[  781.215324][T19286] bond3: (slave bridge4): Enslaving as a backup interface with a down link
[  785.160269][T19321] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3904'.
[  795.128205][T19407] fuse: fd is not a fuse device
[  798.240309][T19440] futex_wake_op: syz.0.3937 tries to shift op by -1; fix this program
[  799.204084][T19445] overlayfs: failed to clone upperpath
[  800.494995][T19465] netlink: 'syz.0.3947': attribute type 1 has an invalid length.
[  906.448844][    C0] ------------[ cut here ]------------
[  906.456811][    C0] 1
[  906.456829][    C0] WARNING: kernel/rcu/tree_stall.h:1049 at rcu_check_gp_start_stall.part.0+0x1c4/0x4b0, CPU#0: kworker/u8:19/6279
[  906.471298][    C0] Modules linked in:
[  906.477337][    C0] CPU: 0 UID: 0 PID: 6279 Comm: kworker/u8:19 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  906.488481][    C0] Tainted: [L]=SOFTLOCKUP
[  906.492804][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  906.502890][    C0] Workqueue: events_unbound toggle_allocation_gate
[  906.509468][    C0] RIP: 0010:rcu_check_gp_start_stall.part.0+0x1c4/0x4b0
[  906.516706][    C0] Code: 88 61 01 00 00 be 04 00 00 00 48 c7 c7 40 43 1a 9b e8 d0 22 88 00 b8 01 00 00 00 87 05 e5 19 2d 19 85 c0 0f 85 3d 01 00 00 90 <0f> 0b 90 48 c7 c3 c4 fe d7 90 48 81 fd c0 08 7f 8e 74 5a 48 b8 00
[  906.536353][    C0] RSP: 0018:ffffc90000007de8 EFLAGS: 00010046
[  906.542446][    C0] RAX: 0000000000000000 RBX: 0000000000002904 RCX: ffffffff81ed2950
[  906.550435][    C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff9b1a4340
[  906.558601][    C0] RBP: ffffffff8e7f08c0 R08: 0000000000000001 R09: fffffbfff3634868
[  906.566601][    C0] R10: 0000000000000003 R11: 0000000000000000 R12: 1ffffffff1c81e50
[  906.574592][    C0] R13: 0000000000000246 R14: 0000000000000020 R15: 0000000000000000
[  906.582590][    C0] FS:  0000000000000000(0000) GS:ffff888124376000(0000) knlGS:0000000000000000
[  906.591543][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  906.598181][    C0] CR2: 00007fca2b08b000 CR3: 000000000e596000 CR4: 0000000000350ef0
[  906.606274][    C0] Call Trace:
[  906.609578][    C0]  <IRQ>
[  906.612445][    C0]  rcu_core+0x2cb/0x10d0
[  906.616816][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  906.622488][    C0]  ? __pfx_rcu_core+0x10/0x10
[  906.627376][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  906.633040][    C0]  ? run_timer_base+0x121/0x190
[  906.637920][    C0]  ? __pfx_run_timer_base+0x10/0x10
[  906.643140][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  906.648811][    C0]  handle_softirqs+0x1ea/0xa00
[  906.653712][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  906.659043][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  906.664710][    C0]  ? _raw_spin_unlock+0x28/0x50
[  906.669676][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  906.675342][    C0]  ? __hrtimer_rearm_deferred+0x9b/0x740
[  906.681036][    C0]  __irq_exit_rcu+0x162/0x210
[  906.685754][    C0]  irq_exit_rcu+0x9/0x30
[  906.690040][    C0]  sysvec_apic_timer_interrupt+0xa3/0xc0
[  906.695712][    C0]  </IRQ>
[  906.698684][    C0]  <TASK>
[  906.701626][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  906.707668][    C0] RIP: 0010:smp_call_function_many_cond+0x589/0x1700
[  906.714380][    C0] Code: b8 00 00 00 00 00 fc ff df 48 8b 54 24 08 49 89 d5 49 89 d4 49 c1 ed 03 41 83 e4 07 49 01 c5 41 83 c4 03 e8 69 83 0c 00 f3 90 <41> 0f b6 45 00 41 38 c4 7c 08 84 c0 0f 85 63 0f 00 00 8b 45 08 31
[  906.734016][    C0] RSP: 0018:ffffc900088b7870 EFLAGS: 00000293
[  906.740263][    C0] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffffff81fbfebd
[  906.748260][    C0] RDX: ffff88802cb83d80 RSI: ffffffff81fbfe97 RDI: ffff88802cb83d80
[  906.756258][    C0] RBP: ffff8880b8541080 R08: 0000000000000005 R09: 0000000000000000
[  906.764251][    C0] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000003
[  906.772243][    C0] R13: ffffed10170a8211 R14: 0000000000000001 R15: ffff8880b843c700
[  906.780243][    C0]  ? smp_call_function_many_cond+0x5ad/0x1700
[  906.786344][    C0]  ? smp_call_function_many_cond+0x587/0x1700
[  906.792484][    C0]  ? __pfx_do_sync_core+0x10/0x10
[  906.797561][    C0]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  906.803925][    C0]  ? __pfx_text_poke_memcpy+0x10/0x10
[  906.809355][    C0]  ? __pfx___text_poke+0x10/0x10
[  906.814330][    C0]  ? __pfx_do_sync_core+0x10/0x10
[  906.819392][    C0]  on_each_cpu_cond_mask+0x40/0x90
[  906.824532][    C0]  ? kmem_cache_alloc_from_sheaf_noprof+0x39/0x190
[  906.831082][    C0]  smp_text_poke_batch_finish+0x337/0xc60
[  906.836861][    C0]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[  906.843151][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  906.848815][    C0]  ? arch_jump_label_transform_queue+0xc0/0x120
[  906.855106][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  906.860770][    C0]  ? find_held_lock+0x2b/0x80
[  906.865510][    C0]  arch_jump_label_transform_apply+0x1c/0x30
[  906.871630][    C0]  jump_label_update+0x37a/0x550
[  906.876620][    C0]  static_key_enable_cpuslocked+0x1bc/0x270
[  906.883050][    C0]  static_key_enable+0x1a/0x20
[  906.887946][    C0]  toggle_allocation_gate+0xfe/0x2d0
[  906.893273][    C0]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  906.899215][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  906.904882][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  906.910545][    C0]  ? rcu_is_watching+0x12/0xc0
[  906.915351][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  906.921047][    C0]  process_one_work+0xa0e/0x1980
[  906.926048][    C0]  ? __pfx_process_one_work+0x10/0x10
[  906.931454][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  906.937137][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  906.942816][    C0]  worker_thread+0x5ef/0xe50
[  906.947466][    C0]  ? kthread+0x13a/0x450
[  906.951735][    C0]  ? __pfx_worker_thread+0x10/0x10
[  906.956881][    C0]  kthread+0x370/0x450
[  906.960981][    C0]  ? __pfx_kthread+0x10/0x10
[  906.965605][    C0]  ret_from_fork+0x72b/0xd50
[  906.970231][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  906.975458][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  906.981133][    C0]  ? rcu_is_watching+0x12/0xc0
[  906.985950][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  906.991630][    C0]  ? __switch_to+0x800/0x1100
[  906.996352][    C0]  ? __switch_to_asm+0x39/0x70
[  907.001155][    C0]  ? __pfx_kthread+0x10/0x10
[  907.005776][    C0]  ret_from_fork_asm+0x1a/0x30
[  907.010608][    C0]  </TASK>
[  907.013633][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  907.020931][    C0] CPU: 0 UID: 0 PID: 6279 Comm: kworker/u8:19 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  907.032078][    C0] Tainted: [L]=SOFTLOCKUP
[  907.036407][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  907.046476][    C0] Workqueue: events_unbound toggle_allocation_gate
[  907.053034][    C0] Call Trace:
[  907.056319][    C0]  <IRQ>
[  907.059168][    C0]  dump_stack_lvl+0x100/0x190
[  907.063878][    C0]  vpanic+0x552/0x970
[  907.067887][    C0]  ? __pfx_vpanic+0x10/0x10
[  907.072523][    C0]  panic+0xd1/0xe0
[  907.076270][    C0]  ? __pfx_panic+0x10/0x10
[  907.080776][    C0]  ? check_panic_on_warn+0x1f/0x90
[  907.085979][    C0]  check_panic_on_warn.cold+0x19/0x34
[  907.091402][    C0]  ? rcu_check_gp_start_stall.part.0+0x1c4/0x4b0
[  907.097854][    C0]  __warn.cold+0x191/0x328
[  907.102303][    C0]  __report_bug+0x296/0x3d0
[  907.106844][    C0]  ? rcu_check_gp_start_stall.part.0+0x1c4/0x4b0
[  907.113205][    C0]  ? __pfx___report_bug+0x10/0x10
[  907.118266][    C0]  ? do_raw_spin_lock+0x128/0x260
[  907.123333][    C0]  ? find_held_lock+0x2b/0x80
[  907.128065][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  907.133758][    C0]  ? mark_held_locks+0x40/0x70
[  907.138576][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  907.144242][    C0]  ? __lock_acquire+0x4a5/0x2630
[  907.149211][    C0]  ? rcu_check_gp_start_stall.part.0+0x1c4/0x4b0
[  907.155569][    C0]  report_bug+0xb2/0x220
[  907.159865][    C0]  ? rcu_check_gp_start_stall.part.0+0x1c4/0x4b0
[  907.166228][    C0]  handle_bug+0x16a/0x2a0
[  907.170613][    C0]  exc_invalid_op+0x17/0x50
[  907.175162][    C0]  asm_exc_invalid_op+0x1a/0x20
[  907.180039][    C0] RIP: 0010:rcu_check_gp_start_stall.part.0+0x1c4/0x4b0
[  907.187001][    C0] Code: 88 61 01 00 00 be 04 00 00 00 48 c7 c7 40 43 1a 9b e8 d0 22 88 00 b8 01 00 00 00 87 05 e5 19 2d 19 85 c0 0f 85 3d 01 00 00 90 <0f> 0b 90 48 c7 c3 c4 fe d7 90 48 81 fd c0 08 7f 8e 74 5a 48 b8 00
[  907.206646][    C0] RSP: 0018:ffffc90000007de8 EFLAGS: 00010046
[  907.212745][    C0] RAX: 0000000000000000 RBX: 0000000000002904 RCX: ffffffff81ed2950
[  907.220823][    C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff9b1a4340
[  907.228832][    C0] RBP: ffffffff8e7f08c0 R08: 0000000000000001 R09: fffffbfff3634868
[  907.236823][    C0] R10: 0000000000000003 R11: 0000000000000000 R12: 1ffffffff1c81e50
[  907.244844][    C0] R13: 0000000000000246 R14: 0000000000000020 R15: 0000000000000000
[  907.252846][    C0]  ? rcu_check_gp_start_stall.part.0+0x1b0/0x4b0
[  907.259216][    C0]  ? rcu_check_gp_start_stall.part.0+0x1b0/0x4b0
[  907.265598][    C0]  rcu_core+0x2cb/0x10d0
[  907.269899][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  907.275594][    C0]  ? __pfx_rcu_core+0x10/0x10
[  907.280308][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  907.285973][    C0]  ? run_timer_base+0x121/0x190
[  907.290857][    C0]  ? __pfx_run_timer_base+0x10/0x10
[  907.296086][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  907.301889][    C0]  handle_softirqs+0x1ea/0xa00
[  907.306700][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  907.312025][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  907.317698][    C0]  ? _raw_spin_unlock+0x28/0x50
[  907.322574][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  907.328237][    C0]  ? __hrtimer_rearm_deferred+0x9b/0x740
[  907.333922][    C0]  __irq_exit_rcu+0x162/0x210
[  907.338643][    C0]  irq_exit_rcu+0x9/0x30
[  907.342922][    C0]  sysvec_apic_timer_interrupt+0xa3/0xc0
[  907.348593][    C0]  </IRQ>
[  907.351527][    C0]  <TASK>
[  907.354463][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  907.360471][    C0] RIP: 0010:smp_call_function_many_cond+0x589/0x1700
[  907.367176][    C0] Code: b8 00 00 00 00 00 fc ff df 48 8b 54 24 08 49 89 d5 49 89 d4 49 c1 ed 03 41 83 e4 07 49 01 c5 41 83 c4 03 e8 69 83 0c 00 f3 90 <41> 0f b6 45 00 41 38 c4 7c 08 84 c0 0f 85 63 0f 00 00 8b 45 08 31
[  907.386810][    C0] RSP: 0018:ffffc900088b7870 EFLAGS: 00000293
[  907.392908][    C0] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffffff81fbfebd
[  907.400896][    C0] RDX: ffff88802cb83d80 RSI: ffffffff81fbfe97 RDI: ffff88802cb83d80
[  907.408883][    C0] RBP: ffff8880b8541080 R08: 0000000000000005 R09: 0000000000000000
[  907.416868][    C0] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000003
[  907.424860][    C0] R13: ffffed10170a8211 R14: 0000000000000001 R15: ffff8880b843c700
[  907.432878][    C0]  ? smp_call_function_many_cond+0x5ad/0x1700
[  907.439077][    C0]  ? smp_call_function_many_cond+0x587/0x1700
[  907.445191][    C0]  ? __pfx_do_sync_core+0x10/0x10
[  907.450261][    C0]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  907.456613][    C0]  ? __pfx_text_poke_memcpy+0x10/0x10
[  907.462034][    C0]  ? __pfx___text_poke+0x10/0x10
[  907.467034][    C0]  ? __pfx_do_sync_core+0x10/0x10
[  907.472095][    C0]  on_each_cpu_cond_mask+0x40/0x90
[  907.477241][    C0]  ? kmem_cache_alloc_from_sheaf_noprof+0x39/0x190
[  907.483799][    C0]  smp_text_poke_batch_finish+0x337/0xc60
[  907.489574][    C0]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[  907.495891][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  907.501551][    C0]  ? arch_jump_label_transform_queue+0xc0/0x120
[  907.507837][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  907.513503][    C0]  ? find_held_lock+0x2b/0x80
[  907.518245][    C0]  arch_jump_label_transform_apply+0x1c/0x30
[  907.524274][    C0]  jump_label_update+0x37a/0x550
[  907.529262][    C0]  static_key_enable_cpuslocked+0x1bc/0x270
[  907.535216][    C0]  static_key_enable+0x1a/0x20
[  907.540041][    C0]  toggle_allocation_gate+0xfe/0x2d0
[  907.545394][    C0]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  907.551334][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  907.557008][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  907.562676][    C0]  ? rcu_is_watching+0x12/0xc0
[  907.567482][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  907.573157][    C0]  process_one_work+0xa0e/0x1980
[  907.578159][    C0]  ? __pfx_process_one_work+0x10/0x10
[  907.583562][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  907.589240][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  907.594917][    C0]  worker_thread+0x5ef/0xe50
[  907.599558][    C0]  ? kthread+0x13a/0x450
[  907.603822][    C0]  ? __pfx_worker_thread+0x10/0x10
[  907.608961][    C0]  kthread+0x370/0x450
[  907.613066][    C0]  ? __pfx_kthread+0x10/0x10
[  907.617697][    C0]  ret_from_fork+0x72b/0xd50
[  907.622318][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  907.627456][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  907.633119][    C0]  ? rcu_is_watching+0x12/0xc0
[  907.637923][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  907.643596][    C0]  ? __switch_to+0x800/0x1100
[  907.648315][    C0]  ? __switch_to_asm+0x39/0x70
[  907.653119][    C0]  ? __pfx_kthread+0x10/0x10
[  907.657744][    C0]  ret_from_fork_asm+0x1a/0x30
[  907.662570][    C0]  </TASK>
[  908.837491][    C0] Shutting down cpus with NMI
[  908.842684][    C0] Kernel Offset: disabled
[  908.847057][    C0] Rebooting in 86400 seconds..