last executing test programs:

24m1.249266147s ago: executing program 32 (id=30):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x5})
shutdown(0xffffffffffffffff, 0x1)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040), 0x0)
timerfd_gettime(0xffffffffffffffff, &(0x7f0000000100))

24m0.803256923s ago: executing program 33 (id=32):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_io_uring_setup(0x4175, &(0x7f0000000180)={0x0, 0xbf56, 0x10000, 0x2, 0x2d0}, &(0x7f0000000440), &(0x7f0000000400))
io_uring_enter(r1, 0x7b20, 0xe93c, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r1, 0x18, &(0x7f0000000000)={0x8, r0, 0x2, {0x100000001, 0x80000001}, 0x1}, 0x1)
io_uring_register$IORING_REGISTER_IOWQ_AFF(r1, 0x11, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x5, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7}, @in6={0xa, 0x4e20, 0x80, @empty, 0x5}], 0x38)

23m53.253791334s ago: executing program 0 (id=84):
syz_mount_image$erofs(&(0x7f0000000080), &(0x7f0000000200)='./file0\x00', 0x810410, &(0x7f0000001a00)=ANY=[], 0xfd, 0x1fe, &(0x7f00000002c0)="$eJzsmb2LE0EYxp+Z3cvenSLYWNhYGPFEb7O7UbnmihPshfOzc/E2IbpJJFkhCQgGGxtLC8HWf8DCIpWFnZ2tFlEQLExpJ4zMZLKZJK4xfhHx/cHNPfvO7Mz77s48gQQEQfy3vH/3uf/w3NbFUwD2Iw9Hxz9asu0rzY3xbx/fOflo+/yTZ2+evqwduNubns/54ZVXU/Vix0KCNSltQAhzVF61zJZZ5HXsEjhOaH0FDMe0vg6Oy1pHYLim9U1D19dGy0fujXq8V6rEkScbv1SJHUhVNNe3AQy6DHs6YyGEYEZ/s925FcZx1DCE7I9XdBmTXT8lvvcUVX47HNv6WuYn39fVB/e78trVcc94fj44fK2LYNjVegsOXNcdPxKj/sP2eH5rTv2/V1hNuaeMyGiLzb/94OafTOxfEvuwFGksh2DTEXlg08ihQe/V7F0fFlyL3RtuUqOL/bUjMyVGVhvG8jgbXa/Xf23mnK7om2PG/iTd+7jhTzbs1D8KSfV2odnubFaqYTkqR7UgKJ71TnvemaCgjGjYzvjel9T/VpU/rafzM7GS4ZU5lkMrTJKG3wKShp9eBy0+WQl2n9c/qQBX/sexcXQ4QL5EVXbGBx3Tf1z9l2rDykiHIAiCIAiCIAiCIAiCIAhiQY6AqW9Z9Q9VIoPgghr9NQAA//+P5lF6")
lsetxattr$trusted_overlay_origin(0x0, &(0x7f0000000000), 0x0, 0x0, 0x2)

23m52.991196886s ago: executing program 0 (id=86):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a800000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
fcntl$lock(r2, 0x7, &(0x7f0000000040)={0x0, 0x0, 0xa, 0x6})
fcntl$lock(r2, 0x6, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000002080)={0x2020}, 0x54)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r1, r0}, 0xc)

23m52.758371375s ago: executing program 0 (id=88):
r0 = fsopen(&(0x7f00000003c0)='tracefs\x00', 0x1)
socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@remote, 0x0, 0x0, 0x0, 0x0, 0x1e}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, &(0x7f00000001c0)={@remote, 0x3, 0x0, 0x2, 0x0, 0x0, 0x9}, 0x20)
close_range(r0, 0xffffffffffffffff, 0x0)

23m52.653430913s ago: executing program 0 (id=89):
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@resuid}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)

23m51.639493545s ago: executing program 0 (id=91):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xfff1, 0xfff1}, {0xa6ff, 0xfff1}, {0x4, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x5}, 0x0)

23m51.164743254s ago: executing program 0 (id=95):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x88, &(0x7f00000009c0)={[{@nogrpid}, {@auto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@errors_continue}, {@lazytime}, {@quota}]}, 0x3, 0x438, &(0x7f0000000580)="$eJzs289rHFUcAPDv7GZT01+Jpf5oWjVaxeCPpElr7cGLouBBQdBDPcYkLbHbRpoItgSNIvUoBe/iUfAv8KQXUU8Fr3oXoUgurZ5WZncm2d1sfnaTrd3PByb5vpm3vPfNzNt9My8bQNcaSn8kEfsj4veI6K8VGysM1X7dXlqY/GdpYTKJSuXtv5NqvVtLC5N51fx1+/JCT0Th8ySOtmh37srVCxPl8vTlrDw6f/GD0bkrV5+fuThxfvr89KXxM2dOnRx78fT4C23JM83r1uDHs8eOvP7u9Tcnz15/75fvkjz/pjzaZGi9g09VKm1urrMO1MVJTwc7wpYUa8M0StXx3x/FWDl5/fHaZx3tHLCjKpVK5cG1Dy9WgHtYEp3uAdAZ+Qd9ev+bb7s09bgr3Hy5dgOU5n0722pHeqKQ1Sk13d+201BEnF389+t0i515DgEA0OCHdP7zXKv5XyHqnwsdzNZQBiLi/og4FBGnI+JwRDwQUa37UEQ8vMX2mxdJVs9/Dm4rr81K538vZWtbjfO/fPYXA8WsdKCafyk5N1OePpH1bDhKe9Ly2Dpt/Pjqb1+2PJA1kc//0i1tP58LZpX+6tnT+LKpifmJO8m53s1PIwZ7WuWfLK8EJBFxJCIGt9nGzDPfHlvr2NCG+a+jDetMlW8inq6d/8Voyj+XrL8+OXpflKdPjOZXxWq/3rj21lrt31H+bZCe/70tr//l/AeS+vXaua23ce2PL9a8p9k4/9bXf2/yTsO+jybm5y+PRfQmb9Q6Xb9/vKne+Er9NP/h463H/6FY+UscjYj0In4kIh6NiMeyvj8eEU9ExPHVqd3ozYKfX3ny/WpQ2k7+OyvNf2pL538l6I3mPa2D4oWfvm9odGAr+afn/1Q1Gs72bOb9bzP92t7VDAAAAP8/hYjYH0lhZDkuFEZGav/Dfzj2Fsqzc/PPnpv98NJU7TsCA1Eq5E+6+uueh45lt/V5ebypfDJ7bvxVsa9aHpmcLU91OnnocvvWGP+pP4ud7h2w43xfC7qX8Q/dy/iH7mX8Q/dqMf77OtEPYPe1+vz/pAP9AHZf0/i37AddxP0/dC/jH7qX8Q9daa4vNv6SvECwKojCXdENwQ4FnX5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI//AgAA//9Lr+a0")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)

23m50.676584613s ago: executing program 34 (id=95):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x88, &(0x7f00000009c0)={[{@nogrpid}, {@auto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@errors_continue}, {@lazytime}, {@quota}]}, 0x3, 0x438, &(0x7f0000000580)="$eJzs289rHFUcAPDv7GZT01+Jpf5oWjVaxeCPpElr7cGLouBBQdBDPcYkLbHbRpoItgSNIvUoBe/iUfAv8KQXUU8Fr3oXoUgurZ5WZncm2d1sfnaTrd3PByb5vpm3vPfNzNt9My8bQNcaSn8kEfsj4veI6K8VGysM1X7dXlqY/GdpYTKJSuXtv5NqvVtLC5N51fx1+/JCT0Th8ySOtmh37srVCxPl8vTlrDw6f/GD0bkrV5+fuThxfvr89KXxM2dOnRx78fT4C23JM83r1uDHs8eOvP7u9Tcnz15/75fvkjz/pjzaZGi9g09VKm1urrMO1MVJTwc7wpYUa8M0StXx3x/FWDl5/fHaZx3tHLCjKpVK5cG1Dy9WgHtYEp3uAdAZ+Qd9ev+bb7s09bgr3Hy5dgOU5n0722pHeqKQ1Sk13d+201BEnF389+t0i515DgEA0OCHdP7zXKv5XyHqnwsdzNZQBiLi/og4FBGnI+JwRDwQUa37UEQ8vMX2mxdJVs9/Dm4rr81K538vZWtbjfO/fPYXA8WsdKCafyk5N1OePpH1bDhKe9Ly2Dpt/Pjqb1+2PJA1kc//0i1tP58LZpX+6tnT+LKpifmJO8m53s1PIwZ7WuWfLK8EJBFxJCIGt9nGzDPfHlvr2NCG+a+jDetMlW8inq6d/8Voyj+XrL8+OXpflKdPjOZXxWq/3rj21lrt31H+bZCe/70tr//l/AeS+vXaua23ce2PL9a8p9k4/9bXf2/yTsO+jybm5y+PRfQmb9Q6Xb9/vKne+Er9NP/h463H/6FY+UscjYj0In4kIh6NiMeyvj8eEU9ExPHVqd3ozYKfX3ny/WpQ2k7+OyvNf2pL538l6I3mPa2D4oWfvm9odGAr+afn/1Q1Gs72bOb9bzP92t7VDAAAAP8/hYjYH0lhZDkuFEZGav/Dfzj2Fsqzc/PPnpv98NJU7TsCA1Eq5E+6+uueh45lt/V5ebypfDJ7bvxVsa9aHpmcLU91OnnocvvWGP+pP4ud7h2w43xfC7qX8Q/dy/iH7mX8Q/dqMf77OtEPYPe1+vz/pAP9AHZf0/i37AddxP0/dC/jH7qX8Q9daa4vNv6SvECwKojCXdENwQ4FnX5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI//AgAA//9Lr+a0")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)

23m37.064475816s ago: executing program 4 (id=177):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000240)='./file0\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x101040, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='mountinfo\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x400, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}})
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)

23m36.822779396s ago: executing program 4 (id=179):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f0000000580)={0x2, 0x0, @ioapic={0x4000, 0xb, 0xfffffffe, 0xfffffffc, 0x0, [{0xc, 0x5, 0x8, '\x00', 0xb4}, {0x83, 0xd, 0x4, '\x00', 0x4b}, {0xf9, 0xe, 0x7, '\x00', 0x40}, {0x0, 0x9, 0x40, '\x00', 0x7}, {0x8, 0x10, 0x8, '\x00', 0xa8}, {0x2, 0x5, 0x6, '\x00', 0xff}, {0x6, 0xe, 0x47, '\x00', 0x6}, {0x5, 0x8c, 0x4, '\x00', 0xe9}, {0xe, 0x4, 0xa7, '\x00', 0x1}, {0x9, 0xdc, 0x6, '\x00', 0x4}, {0x1, 0xd, 0x15, '\x00', 0x8}, {0x8, 0x7, 0x6, '\x00', 0x7}, {0x4, 0x8a, 0x80, '\x00', 0xdd}, {0x3, 0xf1, 0x6, '\x00', 0x9}, {0x7, 0x65, 0x0, '\x00', 0xfd}, {0x6, 0x9b, 0x42, '\x00', 0x23}, {0x7, 0x2, 0x4, '\x00', 0x3}, {0xef, 0x6, 0x9, '\x00', 0x4}, {0xf, 0x6, 0x6, '\x00', 0x1}, {0x9, 0x3, 0x3, '\x00', 0x4}, {0x1, 0x3, 0x7, '\x00', 0x4}, {0xd, 0x40, 0x7, '\x00', 0x6}, {0x15, 0xfd, 0x7, '\x00', 0x2}, {0x92, 0x6, 0xfa, '\x00', 0x42}]}})
ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f00000007c0)={"0afe9fb2f8bc077a3bf28322c33bed5c48d2ffeae9b7adb7744b7f67f537cf69158a955f73d3440338155c916fcbad64745ceeffc52c925a3eb3f97a0342147c9dcec443b701056187e0d4a933dfd9d40a7d88d98bdd4fb34553010aed89aecba58e505f1c64e92d8599814439b6dd5759485f22bdf17dc39402fd40beb6dbd87a340f9e4a5326b708fd94411195cf7a7633afc256019ec9a897205a5a187337bb7f8b10b0a4e6ee50ae2797a76e16087451536c1e12ffec67cbd4e255538b9948851e663f514139d9499e054625d715435059700e8da2c56aa6ab7a6231ab19d656041d0564368b3024b1388346d2756947a2d7c602a2a7aa8c3859f244c89d213a10932a19d6c3ece3046d2345834cc3a85a80de519aa325cf8d522c642ade4132366a195a96c39dfedf35e7275c3f639167d8be4ea02dcfa4ca3a360e2299e25854a6ebe7c4556a269ec01df9806150f0ef36a24a0baa701f5de75a094f56c45567a34e8c75b3788a4c5c14d3cb4d73cce20e7bee60372c59881d7f10a6f58403afdae89eda8915796c00e2bde662b40bb621188ba75e8cbe594b284e64b04fae3c4299e39948ce090637ac7ec134ba251b1d27cae014d6bb95148de744047e61db8d57e6499628e4f2982b0969182c48c1d3172d93a80f76ef546b2b5a383aa41e83a97c36b02e0986751e86302bb4f2f3409a56a875278cab028853f8dc6c1b46b347037a8e760b9cafe115e3581a2f8ad71d0a4be0af20f2ee687c46cdb60b6de6852b32fe815a6f5621c701711f64f4932e9a8967a13146a50e44b3d22718212372fbe7d1fce85c5528896ea69af41de529ec85a4e5ba6238550e368b5ff0a3e8f3a9c4469df442212348669728c340505bfb44e9fef8f14194e43ce0d7082c56e2c0f2994d89eaf7e82d751b52720274077bf9183d0ff47043f7398330784f6e221eed2e3e61688d2b01226e2ed888c720e996df9ccf14f4c05a4a66c30b85388110f765ad5700cfcb6a3e9d4dde83997ed5a9de992524b04e06e1e34c3ce70c263ee49ba5a3b801ea3aa5d06ce96674854845de484e64e08d92bdebaa3f03a4e48045f9234f2353709f5b6c2ebf8865c647f0e2594bedf1026daf2cdd3896ca285f4424294d2538133f928a1d107b7b7327f09da52cd4d187cce1d8c72481f9f76425b98b5269caebe1b91d1acaefe72615a2915d35414e9af0268fe0ab8848ffffaf7287ea28857dd95bfa33ba7081398d4cea152a466e864d27a8c95f2d5aaaf2bfe2e7de2dd969f0239f723fe1eaa583edc13e17c421060bc65773a719ee5ccbd0643fdcd01269c3598a7420aff1b82ec85d4e9c49c2967b58e7c4957cd654969c0e69e82c29c78ca8bd33a61a0026e24724be35747fdf7260c2a1fcb96c38585fbf580626076e346895ef035dff97ce9c715afeefe04f4eebf5"})
ioctl$KVM_RUN(r1, 0xae80, 0x0)

23m36.536452439s ago: executing program 4 (id=182):
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="150d5d9387a704c0e3"], 0x15)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000280)=[@code={0xa, 0x84, {"c74424002a8f7974c74424026d250000c7442406000000000f01142466baf80cb80e397787ef66bafc0cec66b81a010f00d066b819010f00d065400fc7abbc590000c7442400cd202371c74424028c3ca546c7442406000000000f011c2466410f59220f086636450f1f400066ba4000b000ee"}}, @rdmsr={0x32, 0x18, {0x92b}}], 0x9c})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

23m36.28073499s ago: executing program 4 (id=184):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x0)

23m35.766732032s ago: executing program 4 (id=185):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x80, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r1 = creat(&(0x7f0000000240)='./file1\x00', 0x0)
io_setup(0x200, &(0x7f0000000140)=<r2=>0x0)
io_submit(r2, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r1, &(0x7f0000000000), 0x4000}])
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
capset(0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x8, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

23m34.648560782s ago: executing program 4 (id=188):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xd)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x8080000, 0x1d000, 0x1})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0xdddd0000, 0x10000})

23m34.124473325s ago: executing program 35 (id=188):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xd)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x8080000, 0x1d000, 0x1})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0xdddd0000, 0x10000})

23m4.783708792s ago: executing program 3 (id=459):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xd)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0xdddd0000, 0x10000})

23m4.483611956s ago: executing program 3 (id=462):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000240)='./file0\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(0x0, &(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x101040, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='mountinfo\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x400, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}})
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)

23m4.224978427s ago: executing program 3 (id=465):
socket$inet(0x2, 0x3, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40000)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7c, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x3, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000060000000000000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000003000000850000000e000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)

23m4.06426256s ago: executing program 3 (id=467):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
link(&(0x7f0000000200)='./file1\x00', 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x0)

23m3.522056564s ago: executing program 3 (id=473):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000240)='./file0\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x0, 0x101040, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='mountinfo\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x400, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}})
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)

23m2.451521591s ago: executing program 3 (id=483):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180500000000000000000000000000001800000020696c2500000000002020207b0af8ff00000000bd510000000000000701000000feffffb702000008000000b7030000000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xde, &(0x7f0000003e40)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, r0}, 0x94)

23m2.028419846s ago: executing program 36 (id=483):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180500000000000000000000000000001800000020696c2500000000002020207b0af8ff00000000bd510000000000000701000000feffffb702000008000000b7030000000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xde, &(0x7f0000003e40)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, r0}, 0x94)

18m22.10841535s ago: executing program 5 (id=1697):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000001680))
r3 = eventfd2(0x1, 0x0)
ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000001c0)={0x0, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/176, 0x0, 0xffff1000})
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000000)={0x0, r3})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f00000000c0)=0x2)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r2, 0x4008af60, &(0x7f0000000140)={@my=0x1})
ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f0000000080)=0x1000000)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_mount_image$erofs(&(0x7f0000000080), &(0x7f0000000200)='./file0\x00', 0xa10411, &(0x7f0000001a00)=ANY=[], 0xfd, 0x21c, &(0x7f0000000480)="$eJzsmb9rU1EUx7/3vpdfKoKLg4ugESval5cXlS4dKrgr9edmsK8lettIEiEpiBYXF0cHwdV/wMHBycHNP0GHKggidhQchCvn5r6XmyZNNTx06PlAb7/3nHvu73sCCRiG2bN8/vRj8+mFuStnABxAGQVr/+pRuWm0dNp/fH7/9LP5iy9efXj5bu3gg5/fLi8O9Vf445GLqXq74HlW+oDWbquyKYVPsyhb21VInLL6OgROWH0LEtesjiFw0+o7jm6WkuHj4HZTLS03VBxSUV1uqAJI1dzxfQBbGwJLdsZaay0cf7u3freuVNxyBPlVzi5j2DWVmLSLZn4LEvO2TvOj87rx5PEG1QNrD539q0KianUNAskJzqGAIAgGW+Ks/4g/6N/bZf3ZCq9Nd0qVUktyxXYPPzQ73aCyf4oii8PLVNDOTxW+H/9/8lkKeoNTh4vtFnqwqeXw1pv3o1Ff/nIs8ah/SR2X+GdPZptIUm1d0XPuPUTiSh7xxPDczq68jR8bPshPlL1POvnJh5/mj0pn9V6l3VufbazWV+KVeC2KaufDs2F4LqqYRNQvR/LerzT/FU1+2pf2L3QOQH5MrsyLPLo+Oq1qF1Saer3TaUVdObwSLL5ufjcGafKfxMzxfgOR9L3DB52wf9L8JzXjjTQqjo9lGIZhGIZhGIZhGIZhGIaZzFEI8y2r/aFKDzjmVqJLKAH4HQAA//9t20cO")
r5 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
read$FUSE(r5, &(0x7f0000000980)={0x2020}, 0x2020)
ioctl$KVM_GET_DEBUGREGS(r4, 0x8080aea1, &(0x7f0000000000))

18m20.697442184s ago: executing program 5 (id=1700):
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), r2)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f00000002c0)={'wg2\x00', <r4=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB="e0100000", @ANYRES16=r3, @ANYBLOB="0500000000000000000001000000060006004e240000901008809005008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b24000100000000000000000000000000000000000000000000000000000000000000000024000200fcbefe9641719404cc5c9ab2766dd4793e367b0ea55e65e2e3416ac9d4e68841240002001171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec24000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691cb40409807c000080060001000a00000014000200000000000000000000000000000000010500030002000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200ff0100000000000000000000000000010500030001000000060001000200000008000200e00000010500030000000000f4000080060001000a00000014000200fc0000000000000000000000000000000500030001000000060001000a00000014000200fc0200000000000000000000000000010500030000000000060001000200000008000200e00000020500030003000000060001000200000008000200000000000500030000000000060001000200000008000200ac1414bb0500030001000000060001000200000008000200ac1414bb0500030000000000060001000a00000014000200000000000000000000000000000000010500030002000000060001000a00000014000200fc0200000000000000000000000000000500030003000000340000800600010002000000080002000a0101010500030004000000060001000200000008000200ac1414aa050003000300000064000080060001000a00000014000200200100000000000000000000000000000500030002000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200ff010000000000000000000000000001050003000200000094000080060001000200000008000200ac1e00010500030002000000060001000200000008000200e00000010500030002000000060001000a00000014000200fc0000000000000000000000000000000500030002000000060001000200000008000200000000000500030003000000060001000a00000014000200fe80000000000000000000000000000e050003000000000040000080060001000a00000014000200fc0200000000000000000000000000000500030002000000060001000200000008000200ac1414aa050003000000000064000080060001000a00000014000200200100000000000000000000000000020500030001000000060001000a00000014000200fc02000000000000000000000000000105000300020000000600010002000000080002000a010100050003000200000070000080060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000a00000014000200000000000000000000000000000000000500030002000000060001000a0000001400020000000000000000000000000000000001050003000000000000010080060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000200000008000200000000000500030003000000060001000200000008000200640101000500030002000000060001000200000008000200640101010500030001000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fe8000000000000000000000000000bb05000300020000000600010002000000080002007f0000010500030002000000060001000a00000014000200fc0200000000000000000000000000010500030003000000060001000200000008000200640101010500030001000000240002005da952055e5857d673cddd36909746c80efa3ff95c317de1063db32bc80a0b3e1803008024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39220600050005000000e802098058000080060001000200000008000200ac1e00010500030001000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200ffffffff05000300010000007c000080060001000a00000014000200000000000000000000000000000000010500030002000000060001000200000008000200ac1414bb0500030002000000060001000a000000140002000000000000000000000000000000000105000300020000000600010002000000080002000a0101010500030003000000f4000080060001000a0000001400020000000000000000000000ffffac1414aa0500030003000000060001000200000008000200ac1414aa05000300000000000600010002000000080002000a01010205000300020000000600010002000000080002007f00000105000300000000000600010002000000080002000a0101010500030003000000060001000200000008000200e00000010500030003000000060001000a00000014000200fc01000000000000000000000000000005000300010000000600010002000000080002000a0101000500030000000000060001000200000008000200ac1e0101050003000200000094000080060001000a00000014000200fc0200000000000000000000000000010500030002000000060001000a00000014000200ff0100000000000000000000000000010500030001000000060001000200000008000200e00000010500030002000000060001000200000008000200ac1414bb0500030001000000060001000200000008000200ffffffff050003000200000088000080060001000a00000014000200fe8000000000000000000000000000aa0500030001000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fe8800000000000000000000000001010500030002000000060001000a00000014000200ff02000000000000000000000000000105000300020000007c000080200004000a004e2100000006fc0100000000000000000000000000010400000008000a000100000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922080003000300000024000200379aa288b2244a5b504ba04bea45625d328fb93b62e607a1b2e4da2f7f76a549780000800800030001000000080003000400000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922080003000000000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b1400040002004e22000000000000000000000000e4060080dc020980f4000080060001000a00000014000200000000000000000000000000000000000500030002000000060001000a00000014000200fc0000000000000000000000000000000500030001000000060001000200000008000200ffffffff0500030001000000060001000200000008000200ac1e00010500030001000000060001000200000008000200e000000105000300020000000600010002000000080002007f0000010500030002000000060001000a00000014000200000000000000000000000000000000010500030001000000060001000a00000014000200fc010000000000000000000000000001050003000300000034000080060001000200000008000200640101000500030001000000060001000200000008000200ac1414bb050003000200000000010080060001000a00000014000200200100000000000000000000000000010500030000000000060001000200000008000200e000000205000300020000000600010002000000080002006401010005000300020000000600010002000000080002007f00000105000300010000000600010002000000080002007f0000010500030001000000060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ffffffff0500030000000000060001000200000008000200e00000010500030003000000060001000a00000014000200fc0100000000000000000000000000010500030000000000940000800600010002000000080002006401010005000300010000000600010002000000080002006401010205000300000000000600010002000000080002007f0000010500030003000000060001000200000008000200e00000020500030003000000060001000200000008000200ac1414120500030002000000060001000200000008000200ac14142d05000300020000001c000080060001000200000008000200ffffffff05000300030000000800030002000000200004000a004e2000000005fc010000000000000000000000000001000000009403098094000080060001000a0000001400020000000000000000000000ffffac1414bb0500030003000000060001000a00000014000200fe8800000000000000000000000000010500030002000000060001000a00000014000200ff0100000000000000000000000000010500030003000000060001000a00000014000200fe880000000000000000000000000101050003000100000064000080060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ac1414bb0500030001000000060001000a0000001400020000000000000000000000ffffe00000020500030003000000f4000080060001000200000008000200000000000500030001000000060001000a00000014000200000000000000000000000000000000010500030003000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fe80000000000000000000000000003e05000300010000000600010002000000080002007f0000010500030001000000060001000a00000014000200ff0200000000000000000000000000010500030001000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200e0000001050003000000000058000080060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ac1414410500030010000000060001000200000008000200ac1e00010500030001000000f4000080060001000200000008000200640101000500030002000000060001000a00000014000200200100000000000000000000000000000500030000000000060001000a00000014000200fc0200000000000000000000000000010500030003000000060001000a00000014000200fe8000000000000000000000000000aa0500030003000000060001000200000008000200ac1414aa0500030000000000060001000200000008000200000000000500030000000000060001000200000008000200ac1414270500030000000000060001000a0000001400020020010000000000000000000000000002050003000100000058000080060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fe8000000000000000000000000000140500030000000000060001000200000008000200e0000001050003000000000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b240002000f1b8b82264208ab1a2dce776c03b9f348f500ef8e7606466943f5ba2ae2881e0c0000800800030006000000060006004e24000008000100", @ANYRES32=r4, @ANYBLOB="240003"], 0x10e0}}, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000600)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000500)={&(0x7f00000044c0)={0x304, 0x34, 0x400, 0x70bd2d, 0x25dfdbff, {0x5}, [@nested={0x3c, 0xa2, 0x0, 0x1, [@typed={0x32, 0xbb, 0x0, 0x0, @binary="8fe6461d09dd66be7c7218e33e3eb0d9b60405a5e0374d785b3d3e2e8038f0d0ddd1f62434cbc14b4e2e1bf94990"}, @nested={0x4, 0x118}]}, @typed={0xc, 0xd6, 0x0, 0x0, @u64}, @generic="d6451dfc8d2669a94281b42eb5a1af15b6f65332298c0a2a8fdcf7cb2e02bfd3e6261f090e1cf22f811e7c182821ebc12a85a4647ac2e6da14d808fb1e47d01c0f39b1ff4ffb1299835962e539295fac77f60d139cec5c0ce6de2428480be99f589422e04af8f53010d8f75ebf7ff97f1793338fb4dbc0935daeedb6c057814066560e2e077af8f5c30c0bab9d0447079fb7cfb1cde7b3a2131c43f190bfa0072c", @generic="2d76e53430901e9cf378911e65db179c559bed02630967e871f402d95a91228234e36dfaa5d2fdad0ba3a6d74566d1d60eee49abc4ab2ba191ec91eadf4b50e9d97277606574935a10c1079f0127ebc3583141a1559b437e3824d09166f59ea125167339d5314ebc0149b4b351c0acdd4458777fc99404303ab0b364b341da5c101759e428fc60960688d6d24b9c131553552ea7cf26b56769e024535860547fb69485eda115d4d05b051498fd37c257de6222c1ca9d7d2be58272953792f52f41e7322cca5bd66d70d1a79b523c7edec6bee146a6c224cc0581bb33b18a97b8507d5d136d797762ea28e1", @typed={0xc, 0x8, 0x0, 0x0, @u64=0x7000000}, @nested={0x30, 0x12f, 0x0, 0x1, [@typed={0x8, 0x53, 0x0, 0x0, @u32=0x5}, @nested={0x4, 0x33}, @typed={0x8, 0x11a, 0x0, 0x0, @ipv4=@rand_addr=0x64010101}, @typed={0x8, 0xbc, 0x0, 0x0, @uid}, @typed={0x8, 0x3b, 0x0, 0x0, @pid=r0}, @typed={0x8, 0xad, 0x0, 0x0, @uid}]}, @generic="d986bcef7f", @nested={0x96, 0xc, 0x0, 0x1, [@generic="c4d3b6bed5c7b933009bdb159022a6d2f2273a31a04a28297123dde3cfff891ecd4ee5031acca3bc458e4907fbb4612c8ed1ea343f47c81ae02a3c8acfa6851bf4b70afb8962c8605220069d3f6dc758e27b3ad27290dae8c408391583403b8dfa0680054440dc18fd819e97bd27c2aad12602c7e948852b90b2e738045129856b15e5d75d73f8d2215f", @typed={0x8, 0x9, 0x0, 0x0, @str='GPL\x00'}]}, @generic="d83478412b196e816d4d79d6118f3e09bdc217c5d6e080374fc33e4c9f6f24235f18d947433dd6c88e25130cb0b45cc74ff121ac7b1b22a984f7891ced143408d7"]}, 0x304}, 0x1, 0x0, 0x0, 0x240000c1}, 0x8004)

18m19.045612407s ago: executing program 5 (id=1703):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bc00551a000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

18m18.799009598s ago: executing program 5 (id=1704):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000380)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r1, 0x2)
r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r2, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r3}, 0x18)
sched_setscheduler(0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

18m17.216674706s ago: executing program 5 (id=1707):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x13, 0x0, 0x0, 0x0, 0x0, 0x43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r3, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

18m17.024110331s ago: executing program 5 (id=1710):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000004000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r3)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x939e02dc105d5baa, 0xfff5}, {0xe}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)

18m0.982319129s ago: executing program 37 (id=1710):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000004000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r3)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x939e02dc105d5baa, 0xfff5}, {0xe}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)

15m27.225165505s ago: executing program 8 (id=2086):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000002c0)='./file1\x00', 0x3000046, &(0x7f0000000840)={[{@delalloc}, {@grpid}, {@barrier_val={'barrier', 0x3d, 0x1}}, {@bsdgroups}, {@discard}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@abort}, {@nodelalloc}, {@nobh}, {@user_xattr}, {@dioread_lock}, {@dioread_nolock}]}, 0x1, 0x567, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTX/sp66DMVRECntwMpeurT8m+DAfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EN/13cfhP+BfMdDBkFH0wZfKTW+6dE3atMuaznw+cMM590fOPbn3nHxPTkIC6Fuj2UMh4uWI+CaJOBIRSb5tMPKNo6v7LT+6MZUtSaysfPpXUt8vyzeeq3HcoTzzUkT89lXEqcLGcquLS7Olcjmdz/NjtbmrY9XFpdOX50oz6Ux6ZWJy8uzbkxPvvftO1+r6xoV/vv/k3odnvz6x/N0vD47eSeJcHM63NddjZ4azh5vNa0ZjNH9NhuLcE3uPP11he07S6xNgRwbydj4UWR9wJAbyVg/8/30ZEStAn0rat/9IdvVMgN3ViAMaY/vNx8EvrqWaj32ePfxgdQC0sf6Dq5+NxP762OjgcrJuZJSNd0e6UH5Wxq9/3r2TLdGVzyEAOnPzVkScGRzc2P8lef+3c2dar97fnHmyDP0f7J57WfzzZqv4p7AW/0SL+OdQi7a7E1u3/8KDLhTTVhb/vd8y/l2btBoZyHMv1GO+oeTS5XJ6Jo+GT8bQviy/2XzO2eX7bWPl5vgvW7LyG7Fgfh4PBvetP2a6VCvVP7jrgoe3Il5pGf8ma9c/aXH9s9fjQodlHE/vvtZu29b1f7ZWfop4veX1fzyjlWw+PzlWvx/GGnfFRn/fPv57u/J7Xf/s+h/cvP4jSfN8bXX7Zfy4/9+03bZ19Y/O7//h5LN6ejhfd71Uq82PRwwnH29cP/H42Ea+sX9W/5MnNu//Wt3/ByLi8w7rf/vYz692VP8eXf/pbV3/7Sfuf/TFD+3K76z/e6ueOpmvqfd/W+j0BJ/mtQMAAAAAAIC9phARhyMpFNfShUKxuPr9jmNxsFCuVGunLlUWrkxH/beyIzFUaMx0H2n6PsR4/n3YRn7iifxkRByNiG8HDtTzxalKebrXlQcAAAAAAAAAAAAAAAAAAIA94lCb3/9n/hjo9dkBz5y//Ib+tWX778Y/PQF7kvd/6F/aP/Qv7R/6l/YP/Uv7h/61rv2b9Ie+4v0f+pf2DwAAAAAAAAAAAAAAAAAAAAAAAAAAAF114fz5bFlZfnRjKstPX1tcmK1cOz2dVmeLcwtTxanK/NXiTKUyU06LU5W5rZ6vXKlcHZ+IhetjtbRaG6suLl2cqyxcqV28PFeaSS+mQ7tSKwAAAAAAAAAAAAAAAAAAAHi+VBeXZkvlcjovIbGjxODeOA2JLid63TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGP/BQAA///oaTpO")
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
syncfs(r0)

15m25.403651862s ago: executing program 8 (id=2090):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4000000000b00007910000000000000c3100009a1000000950074000000000031fb0d3a4231020004399d17d34e075fdcda533ab1aa71ab1d764152e6cb25dadc7ded5dbe11b62ac5ea9fca11027d19e93adb604a7d3deb92de3141e8ed7ac5b8902070213cdfdc5d6c4890cdeb50347c32060581172b94c6ba22a2b58eb6cbad46ed6e7965a2ba103b0b36f790bb41931f9a3d4dd127c1b4e49f7468f5e603950c4f67581c92ef8a7e8ece17d5f5b169391ef409c39c263895739e3d702c128b35d5fc23469240c61e150e2bae385f9ac9b03c22b0f7050c166b835298c5911f1053a723aee89051c24e1900ab97fa52d2e06dce0248a829ed46a520db4c1432080bbf707ad2f8af8118ee7d434a960ed6be4455ba57cb06459b64689e77ce95823a5533f5b11118906fd2fc29b3697c637d3693d4b4aade6f9202e6cfa6d7507f88af38b6109ad8f82b1d600a5447831df835d7000000218b0222004f98a7a0caddc397d8414be912b4e7536fefd951fe23a56fbf9fc643c6604268b5ccc13b996aaed0a6f6470566c8f534e5d486b2141646b35fd4472be8195fd917446a8abb1c2cd5dc09e2d75ec00ede2841e497d5178cf9445c7bb11f3c5cfdcae8c476d3fb75cac727143f92798a44864b49366b6cf228d9bc1d99ab2104e3c2e17ec46fbce102c158ff3748f1eb90b83d8be0dfcefbeed222009b41ad34d8656daf41e23322e58d91811fef"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)

15m24.848439947s ago: executing program 8 (id=2093):
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2182, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000480)=0x1df9, 0x4)
sendto$inet(0xffffffffffffffff, &(0x7f0000000580)="17", 0x1d4c, 0x10048095, 0x0, 0x0)

15m23.888384834s ago: executing program 8 (id=2096):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000300)='./file2\x00', 0x80cc88, &(0x7f0000000ec0)={[{@fmask={'fmask', 0x3d, 0x9}}, {@umask={'umask', 0x3d, 0x80000002}}, {@utf8}, {@keep_last_dots}, {@allow_utime={'allow_utime', 0x3d, 0x801}}, {@errors_continue}, {@discard}, {@time_offset={'time_offset', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@iocharset={'iocharset', 0x3d, 'iso8859-1'}}]}, 0x3, 0x1510, &(0x7f0000003640)="$eJzs3Am4TlX7MPD7Xmvt45D0dJLhsNa6N08yLCdJMiTJkCRJkmRKSDrJKwmJQ6akQxKS4ZAMh5AMJ0465nkekyTpJEmmTMn6rlN83t7qe//v/+17/a//uX/Xta9n3c/a99prP/czrL0N33UZWrNxrWoNiQj+LfjrQxIAxALAQAC4DgACACgXVy4uqz+nxKR/7yDsr/VI6tWeAbuauP7ZG9c/e+P6Z29c/+yN65+9cf2zN65/9sb1Zyw72zy94PW8Zd+N7/9nZ/z7/79IZumxX60tfWPXfyGF65+9cf3/1wr+Kztx/bM3rn/2xvXP3rj+2UGOP+3h+mdvXH/GsrOrff+Zt6u7Xe33H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx7OGsv0IBwOX21Z4XY4wxxhhjjDHG/jo+x9WeAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBANdCHrgOInA9xMENkBduhHyQHwpAQYiHQlAYNBiwQBBCESgKUbgJisHNUBxKQEkoBQ5KQwLcAmXgVigLt0E5uB3Kwx1QASpCJagMd0IVuAuqwt1QDe6B6lADakItuBdqw31QB+6HuvAA1IMHoT48BA3gYWgIj0AjeBQaw2PQBB6HptAMmkMLaPnfyn8JesDL0BN6QRL0hj7wCvSFftAfBsBAeBUGwWswGF6HZBgCQ+ENGAZvwnB4C0bASBgFb8NoeAfGwFgYB+MhBSbARHgXJsF7MBmmwFSYBqkwHWbA+zATZsFs+ADmwIcwF+bBfFgAafARLIRFkA4fw2L4BDJgCSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBbvhU9gDn8Fe+Bz2wRf/Yv6Zf8jvioCAAgUqVBiDMRiLsZgLc2FuzI15MA9GMIJxGId5MS/mw3xYAAtgPMZjYSyMBg0SEhbBIhjFKBbDYlgci2NJLIkOHSZgApbBW7EslsVyWA7LY3msgBWxIlbGylgFq2BVrIrVsBpWx+pYE2vivXgv9sY6WAfrYl2sh/Uu357ChtgQG2EjbIyNsQk2wabYFJtjc2yJLbEVtsLW2BrbYltsh+2wPbbHREzEDtgBO2JH7ISdsDN2xi7YBbtiN+yGL+UAfBlfxl5YXfTGPtgH+2Jyjv44AAfgqzgIX8PX8HVMxiE4FN/AN/BNHI6ncQSOxFE4CquId3AMjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsIPcA5+iB/iPJyHCzAN03AhLsJ0TMfFeAYzcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/Fz/AzTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyFp/A0nsGzeBbP43m8gC/Ef9NoV4k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFMVFMFBfFRUlRUjjhRIJIEGVEGVFWlBXlxO2ivLhDVBAVRRtXWVQWVURbV1XcLaqJaqK6qCFqilqilqgtaos6oo6oK+qKeqKeqC8eEg1Eb+yPj4isyjQWQ7CJGIpNRTMhL32DtRLDsbVoI9qKp8RIHIHtRSuXKJ4VHcQY7Cj+Jsbi86KzGI9dxIuiq+gmuouXRA/R2vUUvcRk7C36iGnYV/QT/cUAMRNriA9wTs6a4nWRLIaIoeINsQDfFMPFW2KEGClGibfFaPGOGCPGinFivEgRE8RE8a6YJN4Tk8UUMVVME6liupgh3hczxSwxW3wg5ogPxVwxT8wXC0Sa+EgsFItEuvhYLBafiAyxRCwVy8RysUKsFKvEarFGrBXrxHqxQWwUm8RmsUVsFdvEdrFD7BS7xG7xqdgjPhN7xedin/hC7BdfigPiK3FQfC0yxTfikPhWHBbfiSPie3FU/CCOiePihDgpTokfxWlxRpwV58R58ZO4IH4WF4UXIFEKKaWSgYyROWSszClzyWtkbhlcenWvl3HyBplX3ijzyfyygCwo42UhWVhqaaSVJENZRBaVUXmTLCZvlsVlCVlSlpJOlpYJ8hZZRt4qy8rbZDl5uywv75AVZEVZSVaWd8oq8i4JkV+PUV3WkDVlLXmvrC3vk3Xk/bKufEDWkw/K+vIh2UA+LBvKR2Qj+ahsLB+TTeTjsqlsJpvLFrKlfEK2kk/K1rKNbCufku3k07K9fEYmymdlB+kvvUWel53lC7KLfFF2ld1kd/mzvCi97Cl7SYDeso98RfaV/WR/OUAOlK/KQfI1OVi+LpPlEDlUviGHyTflcPmWHCFHylHybTlaviPHyLFynBwvU+QEOVG+KyfJ9+RkOUVOldNkqpwu+18aabaU/zT/3T/IH/zL0TfJzXKL3Cq3ye1yh9wpd8ndcrfcI/fIvXKv3Cf3yf1yvzwgD8iD8qDMlJnykDwkD8vD8og8Io/Ko/KYPC7PyZPylPxRnpZn5Bl5Tp6X5+WFS68BKFRCSaVUoGJUDhWrcqpc6hqVW12r8qjrVERdr+LUDSqvulHlU/lVAVVQxatCqrDSyiirSIWqiCqqouomvPSGUSVVKeVUaZWgbvlX8lUxdbMqrkr8Jv/y/JL+ZH4tVUvVSrVSrVVr1Va1Ve1UO9VetVeJKlF1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VZJKUn3UK6qv6qf6qwFqoHpVDVKD1GA1WCWrZDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVolLURDVRTVKT1GQ1WU1VU1WqSlUz1Aw1U81Us9VsNUfNUXPVXDVfzVdpKk0tVAtVukpXi9VilaGWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qQ21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVabKVIfUIXVYHVZH1BF1VB1Vx9QxdUKdUKfUKXVanVZn1Vl1Xp1XF9QFdVFdzFr2BSIQgQpUEBPEBLFBbJAryBXkDnIHeYI8QSSIBHFBXJA3uDHIF+QPCgQFg/igUFA40IEJbCAuFT0a3BQUC24OigclgpJBqcAFpYOE4JagTHBrUDa4LSgX3B6UD+4IKgQVg0pB5eDOoEpwV1A1uDuoFtwTVA9qBDWDWsG9Qe3gvqBOcH9QN3ggqBc8GNQPHgoaBA8HDYNHgkbBo0Hj4LGgSfB40DRoFjQPWgQt/9LxvT+d/0nXU/fSSbq37qNf0X11P91fD9AD9at6kH5ND9av62Q9RA/Vb+hh+k09XL+lR+iRepR+W4/W7+gxeqwep8frFD1BT9Tv6kn6PT1ZT9FT9TSdqqfrGfp9PVPP0rP1B3qO/lDP1fP0fL1Ap+mP9EK9SKfrj/Vi/YnO0Ev0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/ROvUvv1p/qPfozvVd/rvfpL/R+/aU+oL/SB/XXOlN/ow/pb/Vh/Z0+or/XR/UP+pg+rk/ok/qU/lGf1mf0WX1On9c/6Qv6Z31R+6zFfdbPu1FGmRgTY2JNrMllcpncJrfJY/KYiImYOBNn8pq8Jp/JZwqYAibexJvCprDJQoZMEVPERE3UFDPFTHFT3JQ0JY0zziSYBFPGlDFlTVlTzpQz5U15U8FUMJVMJXOnudPcZe4yd5u7zT3mHlPD1DC1TC1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTXPT0rQ0rUwr09q0Nm1NW9POtDPtTXuTaBJNB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySZJNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNsks1QM9QMM8PMcDPcjDAjzaishap5x4wxY804M96kmBQz0Uw0k8wkM9lMNlPNVJNqUs0MM8PMNDPNbDPbzDFzzFwz18w3802aSTMLzUKTbtLNYrPYZJgMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTSZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5pQ5ZU6b0+asOWvOm/yXfi+9ibU5bS57jc1tr7V57HX2H+MCtqCNt4VsYattPpv/N7Gx1ha3JWxJW8o6W9om2Ft+F1ewFW0lW9neaavYu2zV38W17X22jr3f1rUP2Fr23t/E9eyDtr59zDZABLDNbCPbwja2j9km9nHb1DazzW0L284+bdvbZ2yifdZ2sM/9Ll5oF9nVdo1da9fZPfYze9aes4ftd/a8/cn2tL3sQPuqHWRfs4Pt6zbZDvldPMq+bUfbd+wYO9aOs+N/F0+102yqnW5n2PftTDvrd3Ga/cjOsel2rp1n59sFv8RZc0q3H9vF9hObYZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+6ndarfZ7XaH3Wl3/RJnncde+7ndZ7+wh+y39oD9yh60R2ym/eaXOOv8jtjv7VH7gz1mj9sT9qQ9ZX+0p+2ZX84/69xP2p/tRestEBKQJEUBxVAOiqWclIuuodx0LeWh6yhC11Mc3UB56UbKR/mpABWkeCpEhUmTIUtEIRWhohSlm+jyOr0klSJHpSmBbqEydCuVpduoHN1O5ekOqkAVqRJVpjupCt1FVeluqkb3UHWqQTWpFt1Ltek+qkP3U116gOrRg1SfHqIG9DA1pEeoET1KjekxakKPU1NqRs2pBbWkJ6gVPUmtqQ21paeoHT1N7ekZSqRnqQM9Rx3pb9SJnqfO9AJ1oRepK3Wj7vQS9aCXqSf1oiTqTX3oFepL/ag/DaCB9CoNotdoML1OyTSEhtIbNIzepOH0Fo2gkTSK3qbR9A6NobE0jsZTCk2gifQuTaL3aDJNoak0jVJpOs2g92kmzaLZ9AHNoQ9pLs2j+bSA0ugjWkiLKJ0+psX0CWXQElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoJ20i3bTp7SHPqO99Dntoy9oP31JB+grOkhfUyZ9Q4foWzpM39ER+t73oh/oGB2nE3SSTtGPdJrO0Fk6R+fpJ7pAP9NF8gQhhiKUoQqDMCbMEcaGOcNc4TVh7vDaME94XRgJrw/jwhvCvOGNYb4wf1ggLBjGh4XCwqEOTWhDCsOwSFg0jIY3hcXCm8PiYYmwZFgqdGHpMCG8JSwT3hqWDW8Ly4W3h+XDO8IKYcXwsQcqh3eGVcK7wqrh3WG18J6welgjrBnWCu8Na4f3hXXC+8O64QNh2fDBsH74UNggfDhsGD4SNgofDRuHj4VNwsfDpmGzsHnYImwZPhG2Cp8MW4dtwrbhU2G78OmwffhMmBg+G3YIn/ul/8FFf96fFPYO+4SvhK+E3t8v50cXRNOiH0UXRhdF06MfRxdHP4lmRJdEl0aXRZdHV0RXRldFV0fXRNdG10XXRzdEN0Y3Rb2vlQMcOuGkUy5wMS6Hi3U5XS53jcvtrnV53HUu4q53ce4Gl9fd6PK5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd5Mr5m52xV0JV9KVcs6VdgmuhWvpWrpW7knX2rVxbd1T7in3tHvaPeOecc+6Du4519H9zXVyz7vO7gX3gnvRdXXdXHf3kuvhJuT59TOZ5Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7JJdshvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLcSluopvoJrlJbrKb7Ka6qS7VpboZboab6Wa6KrN+PcpcN9fNd/NdmktzC13WmjHdLXaLXYbLcEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8db8O6va5/W6/O+AOuIPua5fpvnGH3LfusPvOHXHfu6PuB3fMHXcn3El3yv3oTrsz7qw75867n9wF97O76LxLiUyITIy8G5kUeS8yOTIlMjUyLZIamR6ZEXk/MjMyKzI78kFkTuTDyNzIvMj8yIJIWuSjyMLIokh65OPI4sgnkYzIksjSyLLI8siKiPeFtoa+iC/qo/4mX8zf7Iv7Er6kL+WdL+0T/C2+jL/Vl/W3+XL+dl/e3+Er+Iq+kn/cN/XNfHPfwrf0T/hW/knf2rfxbf1Tvp1/2rf3z/hE/6zv4J/zHf3ffCf/vO/sX/Bd/Iu+q+/mu/uXfA//su/pe/kk39v38a/4vr6f7+8H+IH+VT/Iv+YH+9d9sh/ih/o3/DD/ph/u3/Ij/Eg/KuZtP/ryJTKM9yl+gp/o3/WT/Ht+sp/ip/ppPtVP9zP8+36mn+Vn+w/8HP+hn+vn+fl+gU/zH/mFfpFP9x/7xf4Tn+GXXL6p7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//U7/Gf+b3+c7/Pf+H3+y/9Af+VP+i/9pn+G3/If+sP++/8Ef+9P+p/8Mf8cX/Cn/Sn/I/+tD/jz/pz/rz/yV/wP/uL/G/WGGOMMcb+SyZcaYo/6u/9B8+Jv9u5DwBcu61g5t/3Z60o1+f7td1PxLeLAMCzvbo8cnmrXj0pKenSvhkSgqLzAC7/SVCWGLgSL4G28DQkQhso84fz7ye6nad/Mn70doBcf5cTC1fiK+N/+SfjP/HUqIXlw7Nx/4/x5wEUL3olJydciZdAW5X12AbK/sn4+Vv9k/nn/CoFoPXf5eSGK/GV+SfAk/AcJP5mT8YYY4wxxhhj7Ff9RKVOl68/L/+Nzz+6Po9XV3JywJX4n12fM8YYY4wxxhhj7Op7vlv3Z55ITGzT6V9vVP1vZXHjf2rDe4DLzygA+DcHBPiPn8WW/8ixki99dP6xa/k5H8D/jFL+FY2r/MXEGGOMMcYY+8tdWfT/9nl1tSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ/+J/07sap8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdrX9nwAAAP//geYOMQ==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x1480, 0x0)
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1edc01, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000004100)={0x2020}, 0x2020)

15m23.524445254s ago: executing program 8 (id=2099):
syz_mount_image$fuse(&(0x7f00000024c0), &(0x7f00000000c0)='./file0\x00', 0x12402, &(0x7f0000000200)={{}, 0x2c, {'rootmode', 0x3d, 0x6000}}, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
recvmmsg(0xffffffffffffffff, &(0x7f0000000400)=[{{0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x4000000}}], 0xf00, 0x4c42bb4f92, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
ioctl$MON_IOCX_GET(r1, 0x40189206, &(0x7f0000000100)={&(0x7f0000000300), 0x0})
r2 = dup3(r1, 0xffffffffffffffff, 0x0)
ioctl$MON_IOCX_GETX(r2, 0x4018920a, &(0x7f00000001c0)={&(0x7f00000012c0), &(0x7f0000002940)=""/4083, 0xff3})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f00000001c0)=0x2, 0x4)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000180)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x8}, 0x1c)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r3, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x7fff, @loopback}, 0x1c)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x4, 0x0, 0x0, 0xfffffffe})
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r4, @ANYBLOB="0000000002000000b70500000800000085000000a900000095"], &(0x7f0000000300)='GPL\x00', 0x4, 0xff9, &(0x7f00000014c0)=""/4089}, 0x94)

15m21.309591053s ago: executing program 8 (id=2105):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@broadcast, @in6=@loopback, 0x0, 0x6, 0x0, 0x0, 0xa, 0x0, 0x0, 0x6, 0x0, 0xee01}, {0x0, 0x4, 0x0, 0x4}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @local}, 0x4d2, 0x32}, 0xa, @in6=@dev={0xfe, 0x80, '\x00', 0x1d}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x200}}, 0xe8)
sendmmsg$inet6(r0, &(0x7f0000000a80)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @loopback}, 0x1c, 0x0, 0x0, 0x0, 0x0, 0xe00}}], 0x1, 0x0)

15m20.619332179s ago: executing program 38 (id=2105):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@broadcast, @in6=@loopback, 0x0, 0x6, 0x0, 0x0, 0xa, 0x0, 0x0, 0x6, 0x0, 0xee01}, {0x0, 0x4, 0x0, 0x4}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @local}, 0x4d2, 0x32}, 0xa, @in6=@dev={0xfe, 0x80, '\x00', 0x1d}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x200}}, 0xe8)
sendmmsg$inet6(r0, &(0x7f0000000a80)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @loopback}, 0x1c, 0x0, 0x0, 0x0, 0x0, 0xe00}}], 0x1, 0x0)

14m23.663359259s ago: executing program 2 (id=2257):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000001000000280001801400040000000000000000000000ffffac1414aa060001000a00800008000600"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)

14m23.416452709s ago: executing program 2 (id=2259):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x800, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0x7ff, 0xf, 0x7, 0x80, 0x2, 0x3, 0x5f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0x1, 0x0, 0x5, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008073, 0x7, 0x17, 0x1, 0xa, 0x5, 0x3e, 0x8f, 0xfffffffc, 0x6, 0x0, 0x5, 0x4, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0xe7, 0x40], [0x8, 0x9, 0x8000012f, 0x8004, 0x81, 0xfffffff3, 0x129432e6, 0x2, 0x8a78, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x5, 0x78, 0xea4, 0xe, 0x4, 0x7, 0x7fff, 0x6, 0x4, 0x401, 0x6, 0xfffffffe, 0xff, 0x5, 0x45, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x43, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x418, 0x4, 0x5, 0xfffffffe, 0x25, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x0, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xeb79, 0x5, 0x2, 0x2, 0x1, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x46a1123d, 0x400404, 0x2950bfaf, 0x1000, 0x8000a2, 0x7, 0xa9, 0x6, 0x3, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x0, 0x400001, 0xa, 0x0, 0xff, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0x7, 0x9, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x4, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xfffe, 0xa620, 0x1, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0xb, 0xffffffff, 0x80000000, 0xf, 0x10, 0xc8, 0x1, 0x5, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d691, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0x1000]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

14m23.271207771s ago: executing program 2 (id=2261):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1700000000000000040000000300000000", @ANYRES32=0x1, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00S', @ANYRES32=0x0, @ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$packet(0x11, 0x3, 0x300)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4000000000b00007910000000000000c3100009a1000000950074000000000031fb0d3a4231020004399d17d34e075fdcda533ab1aa71ab1d764152e6cb25dadc7ded5dbe11b62ac5ea9fca11027d19e93adb604a7d3deb92de3141e8ed7ac5b8902070213cdfdc5d6c4890cdeb50347c32060581172b94c6ba22a2b58eb6cbad46ed6e7965a2ba103b0b36f790bb41931f9a3d4dd127c1b4e49f7468f5e603950c4f67581c92ef8a7e8ece17d5f5b169391ef409c39c263895739e3d702c128b35d5fc23469240c61e150e2bae385f9ac9b03c22b0f7050c166b835298c5911f1053a723aee89051c24e1900ab97fa52d2e06dce0248a829ed46a520db4c1432080bbf707ad2f8af8118ee7d434a960ed6be4455ba57cb06459b64689e77ce95823a5533f5b11118906fd2fc29b3697c637d3693d4b4aade6f9202e6cfa6d7507f88af38b6109ad8f82b1d600a5447831df835d7000000218b0222004f98a7a0caddc397d8414be912b4e7536fefd951fe23a56fbf9fc643c6604268b5ccc13b996aaed0a6f6470566c8f534e5d486b2141646b35fd4472be8195fd917446a8abb1c2cd5dc09e2d75ec00ede2841e497d5178cf9445c7bb11f3c5cfdcae8c476d3fb75cac727143f92798a44864b49366b6cf228d9bc1d99ab2104e3c2e17ec46fbce102c158ff3748f1eb90b83d8be0dfcefbeed222009b41ad34d8656daf41e23322e58d91811feffc39ec11b11cc611f6fbfd999c3bef10caa2e8692259d40d69ed3d85ec2813b007b8ce6384a28798f445ad7fc451865fe45a06977f7a785f8e97544aad1f844f2a4799944e0daf6d4c3a7d30b7d89781ca607048c50945c45d5a6f2c5145416176fd64c559e6a272b92c92052a9005aaa25d09613aba2e7d429ae40c249e7996e4bc213c24699889ea320c40f32dcdaa19893e17c57d7e8c51d5f320d99e8c2521c339c33bf6c41fde029061c088"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0)
write$binfmt_aout(r5, &(0x7f0000000240)=ANY=[], 0xff2e)

14m22.158393951s ago: executing program 2 (id=2262):
r0 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, 0x0)
eventfd2(0x1, 0x0)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, 0x0)
syz_mount_image$erofs(&(0x7f0000000080), &(0x7f0000000200)='./file0\x00', 0xa10411, &(0x7f0000001a00)=ANY=[], 0xfd, 0x21c, &(0x7f0000000480)="$eJzsmb9rU1EUx7/3vpdfKoKLg4ugESval5cXlS4dKrgr9edmsK8lettIEiEpiBYXF0cHwdV/wMHBycHNP0GHKggidhQchCvn5r6XmyZNNTx06PlAb7/3nHvu73sCCRiG2bN8/vRj8+mFuStnABxAGQVr/+pRuWm0dNp/fH7/9LP5iy9efXj5bu3gg5/fLi8O9Vf445GLqXq74HlW+oDWbquyKYVPsyhb21VInLL6OgROWH0LEtesjiFw0+o7jm6WkuHj4HZTLS03VBxSUV1uqAJI1dzxfQBbGwJLdsZaay0cf7u3freuVNxyBPlVzi5j2DWVmLSLZn4LEvO2TvOj87rx5PEG1QNrD539q0KianUNAskJzqGAIAgGW+Ks/4g/6N/bZf3ZCq9Nd0qVUktyxXYPPzQ73aCyf4oii8PLVNDOTxW+H/9/8lkKeoNTh4vtFnqwqeXw1pv3o1Ff/nIs8ah/SR2X+GdPZptIUm1d0XPuPUTiSh7xxPDczq68jR8bPshPlL1POvnJh5/mj0pn9V6l3VufbazWV+KVeC2KaufDs2F4LqqYRNQvR/LerzT/FU1+2pf2L3QOQH5MrsyLPLo+Oq1qF1Saer3TaUVdObwSLL5ufjcGafKfxMzxfgOR9L3DB52wf9L8JzXjjTQqjo9lGIZhGIZhGIZhGIZhGIaZzFEI8y2r/aFKDzjmVqJLKAH4HQAA//9t20cO")
r1 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
read$FUSE(r1, 0x0, 0x0)

14m21.824091658s ago: executing program 2 (id=2263):
epoll_create1(0x80000)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000040)='./file0\x00')
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), 0x80000, 0x0)

14m21.227832066s ago: executing program 2 (id=2265):
move_pages(0x0, 0x20000000000000fe, &(0x7f0000000080)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0)
syz_clone3(&(0x7f0000000100)={0x801400, 0x0, 0x0, 0x0, {0x29}, 0x0, 0x0, 0x0, 0x0}, 0x58)

14m6.060451924s ago: executing program 39 (id=2265):
move_pages(0x0, 0x20000000000000fe, &(0x7f0000000080)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0)
syz_clone3(&(0x7f0000000100)={0x801400, 0x0, 0x0, 0x0, {0x29}, 0x0, 0x0, 0x0, 0x0}, 0x58)

27.131897532s ago: executing program 9 (id=4294):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x701203, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r3)
r4 = socket$unix(0x1, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80003, {0x0, 0x0, 0x0, r6, {}, {0x7, 0xb}, {0x9, 0xb}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

26.141639042s ago: executing program 9 (id=4295):
socket$inet_smc(0x2b, 0x1, 0x0)
socket(0x10, 0x803, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syzkaller0\x00'})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)

21.073373483s ago: executing program 9 (id=4311):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
copy_file_range(r0, 0x0, 0xffffffffffffffff, &(0x7f00000004c0)=0x8, 0x1, 0x0)
r1 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
readlinkat(0xffffffffffffffff, &(0x7f0000000380)='./mnt\x00', &(0x7f0000000180)=""/1, 0x1)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r5, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x20000045, 0x0, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x2301)
ioctl$USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {}, 0x0, 0x40, &(0x7f0000000000)={0x4b5a9da54893e123, 0x14, 0x8, 0x2}, 0x8, 0x7, 0x200, 0x0, 0x0, 0x20000, 0x0})
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
utimensat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)={{}, {0x77359400}}, 0x100)

19.573180275s ago: executing program 9 (id=4314):
syz_io_uring_setup(0x70ca, &(0x7f0000001380)={0x0, 0x0, 0x10100, 0x3, 0x179}, &(0x7f0000000100), &(0x7f00000007c0))
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0xb9eb0eb005d40dc0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket(0x15, 0x5, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x4a, &(0x7f0000000040), 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1400000015000103000000001c0000000a"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r5=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r3, &(0x7f0000000100)={0x2c, 0x0, r5}, 0x10)
readv(r2, &(0x7f0000000040)=[{&(0x7f0000002900)=""/4103, 0x1007}], 0x1)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x67, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x3, &(0x7f0000000640)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x5}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003cc0), 0x0, 0x4001c00)

18.51263975s ago: executing program 9 (id=4319):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
times(0x0)
socket$kcm(0x2, 0x200000000000001, 0x106)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000340), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f00000000c0)='./file0\x00')
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r3 = fspick(0xffffffffffffff9c, &(0x7f00000004c0)='.\x00', 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x69, &(0x7f0000000300)=ANY=[], 0x0)
r4 = msgget$private(0x0, 0x790)
msgsnd(r4, &(0x7f00000005c0)=ANY=[@ANYBLOB="01"], 0x12f, 0x0)
msgrcv(r4, 0x0, 0x0, 0x0, 0x1800)
msgrcv(r4, 0x0, 0x0, 0x0, 0x3800)

16.960317596s ago: executing program 9 (id=4325):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x7, 0x8400000, 0x1, 0x3}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',cache=fscache'])
utime(&(0x7f0000000200)='./file0\x00', 0x0)
r3 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r3, 0x0, 0x0)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

11.919385454s ago: executing program 1 (id=4333):
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4008040)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x140, 0x82)
r4 = fanotify_init(0x81, 0x0)
fanotify_mark(r4, 0x105, 0x40001032, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)

10.919205186s ago: executing program 1 (id=4336):
sendmsg$alg(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x28, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f0000000340)={0x13, 0x10, 0xfa00, {&(0x7f00000004c0), 0xffffffffffffffff, 0x1}}, 0x18)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$vsock_stream(r0, 0x0, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x50)
connect$bt_l2cap(r4, &(0x7f0000000140)={0x1f, 0x3, @any, 0x3, 0x1}, 0xe)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r5, 0x0, 0xd2, &(0x7f0000000200)={@remote, @empty, 0x0, "e798888beab3af341dbec4427a73b0fbda814c5f5cd6f92215f46e0b091038f9"}, 0x3c)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000000)={0x1, 0x27fd}, 0x8)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}})
r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
write$P9_RLERRORu(0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r6, 0xc100565c, &(0x7f00000006c0)={0x0, 0x2, 0x2, {0x5, @vbi={0x0, 0x0, 0x4, 0x0, [], [0x8200], 0x1}}})
ioctl$VIDIOC_QBUF(r6, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "8000"}, 0x0, 0x2, {}, 0x20800})
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x10, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb1}, [@ldst={0x1, 0x3, 0x3, 0x0, 0x1}]}, &(0x7f0000000100)='GPL\x00', 0x2}, 0x94)

7.702470686s ago: executing program 1 (id=4343):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="6507060082762422f9a30250a90def79e5ddb933b83b8f8f1a0daad170478560f60eb8dc258ded60aee45b04b15db386", 0x30)
r1 = accept$alg(r0, 0x0, 0x0)
recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000280)=""/9, 0x9}], 0x1}, 0x100)
sendmmsg$alg(r1, &(0x7f0000005d40)=[{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000140)='U', 0x1}], 0x1, &(0x7f00000006c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x4}], 0x1, 0x0)

7.432312938s ago: executing program 1 (id=4347):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e2c}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbb91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19}, 0x42)

5.544619841s ago: executing program 1 (id=4348):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
gettid()
timer_create(0x0, 0x0, &(0x7f0000000380))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$getownex(r2, 0x10, &(0x7f0000000180)={0x0, <r4=>0x0})
sendto$inet6(r3, 0x0, 0x0, 0x20000841, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @empty}, 0x1c)
r5 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f0000000480)={{0x4, 0x3, 0xfffffff9, 0x8385, 'syz0\x00', 0x8}, 0x3, 0x20000000, 0x7bab, r4, 0x2, 0x91, 'syz1\x00', &(0x7f0000000000)=['@\x9f%\x00', 'e8dab99234bb312e'], 0x14})
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, 0x0, 0x0, 0xffffffffffffffff)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800014000000002080002400000000b05000300000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x80}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYBLOB="2c000000070a0101000000000000000002000000090002007300000000"], 0x2c}}, 0x40054)
add_key$fscrypt_v1(0x0, &(0x7f0000000440)={'fscrypt:', @desc3}, 0x0, 0x0, 0xfffffffffffffffe)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x14, 0x1, 0x4, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)

5.539100842s ago: executing program 7 (id=4349):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
copy_file_range(r0, 0x0, 0xffffffffffffffff, &(0x7f00000004c0)=0x8, 0x1, 0x0)
r1 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
readlinkat(0xffffffffffffffff, &(0x7f0000000380)='./mnt\x00', &(0x7f0000000180)=""/1, 0x1)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r5, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x20000045, 0x0, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x2301)
ioctl$USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {}, 0x0, 0x40, &(0x7f0000000000)={0x4b5a9da54893e123, 0x14, 0x8, 0x2}, 0x8, 0x7, 0x200, 0x0, 0x0, 0x20000, 0x0})
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
utimensat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)={{}, {0x77359400}}, 0x100)

5.288340642s ago: executing program 6 (id=4350):
sendmsg$alg(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x28, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f0000000340)={0x13, 0x10, 0xfa00, {&(0x7f00000004c0), 0xffffffffffffffff, 0x1}}, 0x18)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$vsock_stream(r0, 0x0, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x50)
connect$bt_l2cap(r4, &(0x7f0000000140)={0x1f, 0x3, @any, 0x3, 0x1}, 0xe)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r5, 0x0, 0xd2, &(0x7f0000000200)={@remote, @empty, 0x0, "e798888beab3af341dbec4427a73b0fbda814c5f5cd6f92215f46e0b091038f9"}, 0x3c)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000000)={0x1, 0x27fd}, 0x8)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}})
r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
write$P9_RLERRORu(0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r6, 0xc100565c, &(0x7f00000006c0)={0x0, 0x2, 0x2, {0x5, @vbi={0x0, 0x0, 0x4, 0x0, [], [0x8200], 0x1}}})
ioctl$VIDIOC_QBUF(r6, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "8000"}, 0x0, 0x2, {}, 0x20800})
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x10, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb1}, [@ldst={0x1, 0x3, 0x3, 0x0, 0x1}]}, &(0x7f0000000100)='GPL\x00', 0x2}, 0x94)

4.508440995s ago: executing program 7 (id=4351):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003", @ANYRES32=0x1, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00S', @ANYRES32=0x0, @ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$packet(0x11, 0x3, 0x300)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4000000000b00007910000000000000c3100009a1000000950074000000000031fb0d3a4231020004399d17d34e075fdcda533ab1aa71ab1d764152e6cb25dadc7ded5dbe11b62ac5ea9fca11027d19e93adb604a7d3deb92de3141e8ed7ac5b8902070213cdfdc5d6c4890cdeb50347c32060581172b94c6ba22a2b58eb6cbad46ed6e7965a2ba103b0b36f790bb41931f9a3d4dd127c1b4e49f7468f5e603950c4f67581c92ef8a7e8ece17d5f5b169391ef409c39c263895739e3d702c128b35d5fc23469240c61e150e2bae385f9ac9b03c22b0f7050c166b835298c5911f1053a723aee89051c24e1900ab97fa52d2e06dce0248a829ed46a520db4c1432080bbf707ad2f8af8118ee7d434a960ed6be4455ba57cb06459b64689e77ce95823a5533f5b11118906fd2fc29b3697c637d3693d4b4aade6f9202e6cfa6d7507f88af38b6109ad8f82b1d600a5447831df835d7000000218b0222004f98a7a0caddc397d8414be912b4e7536fefd951fe23a56fbf9fc643c6604268b5ccc13b996aaed0a6f6470566c8f534e5d486b2141646b35fd4472be8195fd917446a8abb1c2cd5dc09e2d75ec00ede2841e497d5178cf9445c7bb11f3c5cfdcae8c476d3fb75cac727143f92798a44864b49366b6cf228d9bc1d99ab2104e3c2e17ec46fbce102c158ff3748f1eb90b83d8be0dfcefbeed222009b41ad34d8656daf41e23322e58d91811feffc39ec11b11cc611f6fbfd999c3bef10caa2e8692259d40d69ed3d85ec2813b007b8ce6384a28798f445ad7fc451865fe45a06977f7a785f8e97544aad1f844f2a4799944e0daf6d4c3a7d30b7d89781ca607048c50945c45d5a6f2c5145416176fd64c559e6a272b92c92052a9005aaa25d09613aba2e7d429ae40c249e7996e4bc213c24699889ea320c40f32dcdaa19893e17c57d7e8c51d5f320d99e8c2521c339c33bf6c41fde029061c088"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0)
write$binfmt_aout(r5, &(0x7f0000000240)=ANY=[], 0xff2e)

3.062170322s ago: executing program 7 (id=4352):
syz_io_uring_setup(0x70ca, &(0x7f0000001380)={0x0, 0x0, 0x10100, 0x3, 0x179}, &(0x7f0000000100), &(0x7f00000007c0))
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0xb9eb0eb005d40dc0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket(0x15, 0x5, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x4a, &(0x7f0000000040), 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1400000015000103000000001c0000000a"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r4=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r3, &(0x7f0000000100)={0x2c, 0x0, r4}, 0x10)
readv(r2, &(0x7f0000000040)=[{&(0x7f0000002900)=""/4103, 0x1007}], 0x1)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x67, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x3, &(0x7f0000000640)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x5}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003cc0), 0x0, 0x4001c00)

3.004503667s ago: executing program 6 (id=4353):
ustat(0x11, 0x0)

2.981968109s ago: executing program 6 (id=4354):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x7, 0x8400000, 0x1, 0x3}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',cache=fscache'])
utime(&(0x7f0000000200)='./file0\x00', 0x0)
r3 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r3, &(0x7f0000000440)={'#! ', './file0'}, 0xb)
execveat(r3, 0x0, 0x0, 0x0, 0x1000)

2.746595568s ago: executing program 7 (id=4355):
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f0000000000)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4, 0x0, 0x0, 0xfe, "0062ba7d82000000160000000000f738096304"})
r1 = syz_open_pts(r0, 0x80)
r2 = dup3(r1, r0, 0x80000)
ioctl$TCSETSW2(r2, 0x402c542c, &(0x7f00000001c0)={0x3, 0x20800006, 0xa, 0xfbffffcf, 0x7, "65bd218c5fe001cafd41f5c2a95eec23bd62f8", 0x5, 0xe})
ioctl$sock_inet6_udp_SIOCINQ(r2, 0x541b, &(0x7f00000000c0))

2.662318465s ago: executing program 6 (id=4356):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e2c}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbb91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19}, 0x42)

2.544428024s ago: executing program 7 (id=4357):
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1}, 0x94)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'geneve1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="5800000010000300"/20, @ANYRES32=r1, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028005000400010000001c001a8018000a80140007"], 0x58}, 0x1, 0x2}, 0x80)

1.598335901s ago: executing program 7 (id=4358):
openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/../file0\x00', &(0x7f0000000200)={0x642, 0x10, 0x4}, 0x18)
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r4)
mkdir(&(0x7f0000000100)='./control\x00', 0x0)
rmdir(&(0x7f0000000040)='./control\x00')
vmsplice(r0, &(0x7f00000001c0)=[{0x0}, {&(0x7f0000001800)="c5", 0x1}], 0x2, 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0xd, &(0x7f0000000080)=ANY=[@ANYBLOB="1802000000000000000000000000000085100000010000009500000000000000180000000001000000000000002020207b1af8ff000000001f1200000000000007010000f8ffffffb7"], &(0x7f0000000000)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0xa, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80}, 0x94)

1.573377583s ago: executing program 6 (id=4359):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003", @ANYRES32=0x1, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00S', @ANYRES32=0x0, @ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$packet(0x11, 0x3, 0x300)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4000000000b00007910000000000000c3100009a1000000950074000000000031fb0d3a4231020004399d17d34e075fdcda533ab1aa71ab1d764152e6cb25dadc7ded5dbe11b62ac5ea9fca11027d19e93adb604a7d3deb92de3141e8ed7ac5b8902070213cdfdc5d6c4890cdeb50347c32060581172b94c6ba22a2b58eb6cbad46ed6e7965a2ba103b0b36f790bb41931f9a3d4dd127c1b4e49f7468f5e603950c4f67581c92ef8a7e8ece17d5f5b169391ef409c39c263895739e3d702c128b35d5fc23469240c61e150e2bae385f9ac9b03c22b0f7050c166b835298c5911f1053a723aee89051c24e1900ab97fa52d2e06dce0248a829ed46a520db4c1432080bbf707ad2f8af8118ee7d434a960ed6be4455ba57cb06459b64689e77ce95823a5533f5b11118906fd2fc29b3697c637d3693d4b4aade6f9202e6cfa6d7507f88af38b6109ad8f82b1d600a5447831df835d7000000218b0222004f98a7a0caddc397d8414be912b4e7536fefd951fe23a56fbf9fc643c6604268b5ccc13b996aaed0a6f6470566c8f534e5d486b2141646b35fd4472be8195fd917446a8abb1c2cd5dc09e2d75ec00ede2841e497d5178cf9445c7bb11f3c5cfdcae8c476d3fb75cac727143f92798a44864b49366b6cf228d9bc1d99ab2104e3c2e17ec46fbce102c158ff3748f1eb90b83d8be0dfcefbeed222009b41ad34d8656daf41e23322e58d91811feffc39ec11b11cc611f6fbfd999c3bef10caa2e8692259d40d69ed3d85ec2813b007b8ce6384a28798f445ad7fc451865fe45a06977f7a785f8e97544aad1f844f2a4799944e0daf6d4c3a7d30b7d89781ca607048c50945c45d5a6f2c5145416176fd64c559e6a272b92c92052a9005aaa25d09613aba2e7d429ae40c249e7996e4bc213c24699889ea320c40f32dcdaa19893e17c57d7e8c51d5f320d99e8c2521c339c33bf6c41fde029061c088"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0)
write$binfmt_aout(r5, &(0x7f0000000240)=ANY=[], 0xff2e)

511.819119ms ago: executing program 6 (id=4360):
sendmsg$alg(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x28, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f0000000340)={0x13, 0x10, 0xfa00, {&(0x7f00000004c0), 0xffffffffffffffff, 0x1}}, 0x18)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$vsock_stream(r0, 0x0, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x50)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r6, 0x0, 0xd2, &(0x7f0000000200)={@remote, @empty, 0x0, "e798888beab3af341dbec4427a73b0fbda814c5f5cd6f92215f46e0b091038f9"}, 0x3c)
sendmsg$kcm(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000000)={0x1, 0x27fd}, 0x8)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}})
r7 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
write$P9_RLERRORu(0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r7, 0xc100565c, &(0x7f00000006c0)={0x0, 0x2, 0x2, {0x5, @vbi={0x0, 0x0, 0x4, 0x0, [], [0x8200], 0x1}}})
ioctl$VIDIOC_QBUF(r7, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "8000"}, 0x0, 0x2, {}, 0x20800})
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x10, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb1}, [@ldst={0x1, 0x3, 0x3, 0x0, 0x1}]}, &(0x7f0000000100)='GPL\x00', 0x2}, 0x94)

0s ago: executing program 1 (id=4361):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000008, 0x4000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000240), 0x802, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000004380)=@newtaction={0x84, 0x30, 0xffff, 0x0, 0x0, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x84}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x38, 0x10, 0x801, 0x4000000, 0xfffffffc, {0x0, 0x0, 0x4c, 0x0, 0x200c9, 0x500}, [@IFLA_GROUP={0x8}, @IFLA_OPERSTATE={0x5, 0x10, 0x5}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x4529}]}, 0x38}, 0x1, 0xffffa888}, 0x20000880)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x78, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x4}}}, {0x38, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_DATA={0x4}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xcc}}, 0x0)

kernel console output (not intermixed with test programs):

6484] FAT-fs (loop9): Directory bread(block 72) failed
[  757.169596][T16484] FAT-fs (loop9): Directory bread(block 73) failed
[  757.429846][T16505] loop7: detected capacity change from 0 to 1024
[  757.846917][T16512] netlink: 'syz.1.2478': attribute type 10 has an invalid length.
[  758.374991][T16512] team0: Port device wlan1 added
[  759.324913][T16525] overlayfs: missing 'lowerdir'
[  759.360619][T16525] trusted_key: encrypted_key: keylen parameter is missing
[  759.388439][T16525] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  759.965217][T16528] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2481'.
[  760.369690][T16537] netlink: 'syz.9.2482': attribute type 13 has an invalid length.
[  760.377554][T16537] netlink: 'syz.9.2482': attribute type 17 has an invalid length.
[  760.648665][T16537] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  760.859327][  T965] IPVS: starting estimator thread 0...
[  760.949436][T16549] IPVS: using max 17 ests per chain, 40800 per kthread
[  762.429867][T16558] loop1: detected capacity change from 0 to 1024
[  762.583158][T15723] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  763.941255][T16571] loop7: detected capacity change from 0 to 512
[  764.041772][T16571] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  764.112943][T16571] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  764.163700][T16576] loop9: detected capacity change from 0 to 1024
[  765.966948][T16585] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2491'.
[  766.120591][T16229] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  767.550995][T16603] netlink: 'syz.6.2497': attribute type 13 has an invalid length.
[  767.581423][T16603] netlink: 'syz.6.2497': attribute type 17 has an invalid length.
[  768.479367][T16610] loop9: detected capacity change from 0 to 512
[  768.745646][T16610] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  768.867470][T16610] EXT4-fs error (device loop9): ext4_find_inline_data_nolock:164: inode #17: comm syz.9.2498: inline data xattr refers to an external xattr inode
[  768.906811][T16610] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.2498: couldn't read orphan inode 17 (err -117)
[  768.926300][T16610] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  769.084815][T16623] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2498'.
[  769.317368][T16603] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  769.407823][T16623] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  769.437226][T16623] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  769.452088][T16623] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  769.629420][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  769.992652][T16645] loop7: detected capacity change from 0 to 1024
[  770.000859][T16650] loop1: detected capacity change from 0 to 1024
[  771.305501][T16653] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2501'.
[  773.130735][T16668] loop9: detected capacity change from 0 to 2048
[  773.217732][T16668] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  773.236503][T16668] hub 8-0:1.0: USB hub found
[  773.241467][T16668] hub 8-0:1.0: 1 port detected
[  773.997309][T16676] netlink: 'syz.7.2509': attribute type 13 has an invalid length.
[  774.061261][T16676] netlink: 'syz.7.2509': attribute type 17 has an invalid length.
[  774.084231][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  774.208469][T16681] loop6: detected capacity change from 0 to 512
[  774.240348][T16681] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  774.354406][T16681] EXT4-fs error (device loop6): ext4_find_inline_data_nolock:164: inode #17: comm syz.6.2510: inline data xattr refers to an external xattr inode
[  774.490502][T16681] EXT4-fs error (device loop6): ext4_orphan_get:1404: comm syz.6.2510: couldn't read orphan inode 17 (err -117)
[  775.084159][T16681] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  775.313805][T16676] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  775.889379][T16700] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  776.768506][   T55] usb 8-1: new full-speed USB device number 6 using dummy_hcd
[  777.191513][   T55] usb 8-1: config 1 interface 0 altsetting 93 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  777.512859][   T55] usb 8-1: config 1 interface 0 has no altsetting 0
[  777.647406][   T55] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  777.909390][   T55] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  777.955916][T16617] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  778.113259][   T55] usb 8-1: SerialNumber: syz
[  778.885202][T16712] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2513'.
[  779.731429][   T55] cdc_ether: probe of 8-1:1.0 failed with error -71
[  779.764752][   T55] usb 8-1: USB disconnect, device number 6
[  779.792866][T16718] loop1: detected capacity change from 0 to 1024
[  780.015802][T16722] loop7: detected capacity change from 0 to 1024
[  781.481466][T16734] loop1: detected capacity change from 0 to 1024
[  781.523941][T16741] netlink: 'syz.7.2520': attribute type 13 has an invalid length.
[  781.557936][T16741] netlink: 'syz.7.2520': attribute type 17 has an invalid length.
[  781.599670][T15873] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  781.626404][T16741] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  781.653545][T15723] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  783.897531][T16780] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2524'.
[  784.900501][T16790] loop6: detected capacity change from 0 to 1024
[  787.835515][T16834] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2535'.
[  788.817287][T16843] loop7: detected capacity change from 0 to 1024
[  788.837213][T16843] EXT4-fs: Ignoring removed orlov option
[  788.931844][T16843] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[  791.112681][T16858] loop9: detected capacity change from 0 to 1024
[  792.668052][T16874] loop9: detected capacity change from 0 to 1024
[  794.681857][T16895] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2546'.
[  795.544770][ T5785] Bluetooth: hci3: command 0x0406 tx timeout
[  796.055984][T16905] loop6: detected capacity change from 0 to 1024
[  796.091640][T16905] EXT4-fs: Ignoring removed orlov option
[  796.113409][T16905] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[  796.172479][T16908] loop7: detected capacity change from 0 to 1024
[  798.186466][T16925] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  799.894831][T16953] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2556'.
[  802.271253][T16976] loop7: detected capacity change from 0 to 1024
[  802.309283][T16976] EXT4-fs: Ignoring removed orlov option
[  802.356773][T16976] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[  802.373834][T16979] loop9: detected capacity change from 0 to 1024
[  803.855620][T16986] loop7: detected capacity change from 0 to 1024
[  805.846673][T17001] loop7: detected capacity change from 0 to 1024
[  806.007945][T15723] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  808.449401][T17019] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2567'.
[  808.831309][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  808.837745][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  809.460524][T17035] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  809.592915][T17038] loop7: detected capacity change from 0 to 1024
[  810.902028][T17048] loop6: detected capacity change from 0 to 512
[  810.987837][T17048] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  811.211226][T17048] EXT4-fs error (device loop6): ext4_find_inline_data_nolock:164: inode #17: comm syz.6.2576: inline data xattr refers to an external xattr inode
[  811.967213][T17048] EXT4-fs error (device loop6): ext4_orphan_get:1404: comm syz.6.2576: couldn't read orphan inode 17 (err -117)
[  812.050451][T17048] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  812.404204][T17070] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2578'.
[  813.356917][T17077] loop9: detected capacity change from 0 to 1024
[  813.538477][T15723] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  813.727258][T17089] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2576'.
[  814.078470][T17084] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2574'.
[  815.470537][T17056] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  815.695838][T17102] kernel read not supported for file /z¿ (pid: 17102 comm: syz.7.2584)
[  815.778805][   T27] audit: type=1800 audit(1755888827.620:118): pid=17102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.2584" name=7ABF17 dev="mqueue" ino=75515 res=0 errno=0
[  816.032020][ T5785] Bluetooth: hci1: command 0x0406 tx timeout
[  816.158482][T15873] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  816.526533][T17114] loop6: detected capacity change from 0 to 1024
[  819.813579][T17140] loop7: detected capacity change from 0 to 1024
[  820.761923][T17140] EXT4-fs (loop7): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  820.838348][T17140] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  821.120907][T16229] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  821.526554][T17177] loop6: detected capacity change from 0 to 1024
[  821.966053][T17186] overlayfs: missing 'lowerdir'
[  822.063038][T17188] trusted_key: encrypted_key: keylen parameter is missing
[  822.088708][T17188] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  822.767033][T17194] loop6: detected capacity change from 0 to 1024
[  824.915443][T17201] loop9: detected capacity change from 0 to 40427
[  825.738618][   T23] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  825.945376][   T23] usb 2-1: config 1 interface 0 altsetting 93 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  827.623512][   T23] usb 2-1: config 1 interface 0 has no altsetting 0
[  827.792150][T17201] F2FS-fs (loop9): build fault injection attr: rate: 14, type: 0x7ffff
[  827.916342][T17201] F2FS-fs (loop9): build fault injection attr: rate: 0, type: 0xeffa
[  827.985532][T17206] kthread_run failed with err -4
[  828.068515][   T23] usb 2-1: string descriptor 0 read error: -71
[  828.074757][   T23] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  828.200259][   T23] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  828.222269][T17201] F2FS-fs (loop9): invalid crc value
[  828.255805][T17201] F2FS-fs (loop9): Failed to start F2FS issue_checkpoint_thread (-4)
[  828.268364][   T23] usb 2-1: can't set config #1, error -71
[  828.292754][   T23] usb 2-1: USB disconnect, device number 4
[  828.469446][T17215] loop1: detected capacity change from 0 to 1024
[  828.499100][T17215] EXT4-fs: Ignoring removed orlov option
[  828.550041][T17215] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
[  829.708770][T17225] usb usb8: usbfs: process 17225 (syz.7.2602) did not claim interface 63 before use
[  830.554270][T17237] loop1: detected capacity change from 0 to 1024
[  832.097271][T17253] overlayfs: missing 'lowerdir'
[  832.161914][T17256] trusted_key: encrypted_key: keylen parameter is missing
[  832.171920][T17256] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  832.317431][T17260] loop6: detected capacity change from 0 to 256
[  832.377561][T17260] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  833.273333][T17266] xt_socket: unknown flags 0x8
[  833.772807][T17268] loop7: detected capacity change from 0 to 1024
[  833.832504][T17268] EXT4-fs: Ignoring removed orlov option
[  833.875774][T17268] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[  836.190806][T17283] loop7: detected capacity change from 0 to 2048
[  836.224454][T17286] loop1: detected capacity change from 0 to 1024
[  836.236526][T17283] UDF-fs: error (device loop7): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  836.293686][T17283] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  836.398910][T17290] loop9: detected capacity change from 0 to 1024
[  836.650950][   T27] audit: type=1800 audit(1755888848.500:119): pid=17283 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2615" name="file1" dev="loop7" ino=1346 res=0 errno=0
[  837.610886][T17304] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2619'.
[  839.074965][T17319] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  839.696459][T17322] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2623'.
[  839.752664][T17323] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2623'.
[  841.029647][T17338] loop1: detected capacity change from 0 to 1024
[  841.063751][T17339] loop7: detected capacity change from 0 to 1024
[  841.746547][T17348] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2626'.
[  844.765671][T17392] loop7: detected capacity change from 0 to 1024
[  844.810821][T17393] loop6: detected capacity change from 0 to 1024
[  847.506223][T17422] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2642'.
[  849.238577][T17441] loop9: detected capacity change from 0 to 1024
[  853.043231][T17468] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2656'.
[  853.059375][ T5785] Bluetooth: hci2: command 0x0406 tx timeout
[  853.680166][T17477] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2657'.
[  854.230401][T17474] loop9: detected capacity change from 0 to 164
[  854.267631][T17482] loop6: detected capacity change from 0 to 512
[  854.283937][T17482] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  854.458092][T17482] EXT4-fs error (device loop6): ext4_find_inline_data_nolock:164: inode #17: comm syz.6.2660: inline data xattr refers to an external xattr inode
[  854.593182][T17482] EXT4-fs error (device loop6): ext4_orphan_get:1404: comm syz.6.2660: couldn't read orphan inode 17 (err -117)
[  854.660857][T17493] loop1: detected capacity change from 0 to 1024
[  854.701760][T17482] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  856.343607][T17490] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  856.771233][T17507] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2660'.
[  858.932853][T15873] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  861.807470][T17550] loop6: detected capacity change from 0 to 1024
[  861.974209][T15723] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  861.995146][T17553] loop1: detected capacity change from 0 to 1024
[  863.731300][T17561] usb usb5: usbfs: process 17561 (syz.9.2676) did not claim interface 0 before use
[  865.140611][T17579] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2678'.
[  866.199545][T17586] loop1: detected capacity change from 0 to 40427
[  866.209087][T17586] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  866.216860][T17586] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  866.288917][T17586] F2FS-fs (loop1): invalid crc value
[  866.406051][T17586] F2FS-fs (loop1): Found nat_bits in checkpoint
[  867.232055][T17586] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  867.240082][T17586] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  867.388277][   T27] audit: type=1804 audit(1755888879.230:120): pid=17586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2680" name="/newroot/83/file0/bus" dev="loop1" ino=10 res=1 errno=0
[  867.720612][T17612] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2683'.
[  870.233417][T17636] loop7: detected capacity change from 0 to 1024
[  870.271916][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  870.278369][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  873.134173][T17652] loop1: detected capacity change from 0 to 1024
[  875.795138][T17700] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2697'.
[  875.821187][T17700] warning: `syz.6.2697' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  876.681902][T17704] loop6: detected capacity change from 0 to 1024
[  877.754878][T17719] loop6: detected capacity change from 0 to 1024
[  877.833896][T15723] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  881.506601][T17758] loop7: detected capacity change from 0 to 1024
[  881.859861][T17763] loop9: detected capacity change from 0 to 1024
[  882.205177][T17774] loop1: detected capacity change from 0 to 1024
[  882.829527][T17774] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  882.926633][T17774] ext4 filesystem being mounted at /91/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  883.387548][T17774] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #15: block 3: comm syz.1.2714: lblock 3 mapped to illegal pblock 3 (length 3)
[  883.458305][T17774] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  883.470760][T17774] EXT4-fs (loop1): This should not happen!! Data will be lost
[  883.470760][T17774] 
[  884.722059][T17804] binder: 17803:17804 ioctl c0306201 0 returned -14
[  884.985170][T17808] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2718'.
[  885.619130][T17781] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  885.816167][ T2974] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #15: block 8: comm kworker/u4:8: lblock 8 mapped to illegal pblock 8 (length 8)
[  885.868307][ T2974] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  885.912542][ T2974] EXT4-fs (loop1): This should not happen!! Data will be lost
[  885.912542][ T2974] 
[  885.953324][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  886.344490][T17834] loop9: detected capacity change from 0 to 1024
[  890.777634][T17872] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2731'.
[  892.946021][T17886] loop1: detected capacity change from 0 to 1024
[  893.019115][T15880] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  893.070482][T17891] loop7: detected capacity change from 0 to 1024
[  894.023443][   T27] audit: type=1326 audit(1755888905.870:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17900 comm="syz.6.2740" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3c5e98ebe9 code=0x0
[  896.180323][T17939] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2749'.
[  897.400828][T17937] loop1: detected capacity change from 0 to 1024
[  897.608001][T17945] loop9: detected capacity change from 0 to 1024
[  897.858442][T15741] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  898.138574][T17955] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2753'.
[  899.794474][T17969] loop7: detected capacity change from 0 to 1024
[  899.831827][T17969] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  899.957738][T17969] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  900.960032][T17978] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  901.156276][T17989] loop9: detected capacity change from 0 to 256
[  901.283915][T17989] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  902.978403][T13321] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[  903.287894][T13321] usb 2-1: config 1 interface 0 altsetting 93 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  903.328290][T13321] usb 2-1: config 1 interface 0 has no altsetting 0
[  903.356674][T13321] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  903.421896][T13321] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  903.442479][T13321] usb 2-1: SerialNumber: syz
[  903.831159][T16229] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  904.883722][T13321] cdc_ether: probe of 2-1:1.0 failed with error -71
[  905.556979][T13321] usb 2-1: USB disconnect, device number 5
[  905.696489][T18039] loop6: detected capacity change from 0 to 1024
[  905.773006][T18043] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2764'.
[  905.783977][T17209] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  908.934070][T18079] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2771'.
[  910.178764][T15894] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  910.392825][T15894] usb 2-1: config 1 interface 0 altsetting 93 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  910.463516][T15894] usb 2-1: config 1 interface 0 has no altsetting 0
[  910.560025][T15894] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  910.632770][T15894] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  910.707447][T15894] usb 2-1: SerialNumber: syz
[  910.878962][T18096] loop9: detected capacity change from 0 to 512
[  910.965690][T18096] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  911.115895][T18096] EXT4-fs error (device loop9): ext4_find_inline_data_nolock:164: inode #17: comm syz.9.2774: inline data xattr refers to an external xattr inode
[  911.164855][T18089] loop6: detected capacity change from 0 to 40427
[  911.182205][T18096] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.2774: couldn't read orphan inode 17 (err -117)
[  911.197001][T18089] F2FS-fs (loop6): heap/no_heap options were deprecated
[  911.229586][T18089] F2FS-fs (loop6): invalid crc value
[  911.246021][T18096] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  911.267756][T18089] F2FS-fs (loop6): Found nat_bits in checkpoint
[  911.296946][T18102] loop7: detected capacity change from 0 to 1024
[  911.359644][T15741] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  911.527382][T18089] F2FS-fs (loop6): Start checkpoint disabled!
[  911.598103][T18089] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  912.239590][   T27] audit: type=1800 audit(1755888924.050:122): pid=18089 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2773" name="file1" dev="loop6" ino=14 res=0 errno=0
[  912.367039][T15894] cdc_ether: probe of 2-1:1.0 failed with error -71
[  912.377434][T15894] usb 2-1: USB disconnect, device number 6
[  912.391313][   T27] audit: type=1800 audit(1755888924.060:123): pid=18089 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2773" name="file1" dev="loop6" ino=14 res=0 errno=0
[  912.529103][T18089] syz.6.2773: attempt to access beyond end of device
[  912.529103][T18089] loop6: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  913.580774][T18121] loop7: detected capacity change from 0 to 1024
[  913.786804][T10157] kworker/u4:11: attempt to access beyond end of device
[  913.786804][T10157] loop6: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  913.864585][T10157] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  913.901698][T10157] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  913.914345][T10157] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  913.930607][T10157] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  914.340049][T18099] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  914.655431][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  915.644267][T18146] netlink: 'syz.1.2784': attribute type 13 has an invalid length.
[  918.167754][T18173] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2787'.
[  918.837807][ T5872] usb 10-1: new full-speed USB device number 6 using dummy_hcd
[  919.250168][T18183] loop6: detected capacity change from 0 to 512
[  919.264120][T18186] loop1: detected capacity change from 0 to 64
[  919.292014][T18183] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  919.305394][T18186] hfs: unable to change codepage
[  919.345318][T18186] hfs: unable to parse mount options
[  919.377261][T18183] EXT4-fs error (device loop6): ext4_find_inline_data_nolock:164: inode #17: comm syz.6.2790: inline data xattr refers to an external xattr inode
[  919.430548][T18183] EXT4-fs error (device loop6): ext4_orphan_get:1404: comm syz.6.2790: couldn't read orphan inode 17 (err -117)
[  919.461956][T18183] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  920.257520][T18201] netlink: 'syz.7.2794': attribute type 13 has an invalid length.
[  920.324396][T18200] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2790'.
[  920.384055][T18197] loop9: detected capacity change from 0 to 8192
[  920.524328][T18197]  loop9: p1 p2 p4[EZD]
[  920.538591][T18197] loop9: p1 start 589823 is beyond EOD, truncated
[  920.548385][T18197] loop9: p2 size 4294924146 extends beyond EOD, truncated
[  921.062712][T18197] loop9: p4 size 262912 extends beyond EOD, truncated
[  921.280366][T18189] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  923.824961][T18226] capability: warning: `syz.9.2799' uses 32-bit capabilities (legacy support in use)
[  923.853090][T18225] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2798'.
[  924.502600][T15880] udevd[15880]: inotify_add_watch(7, /dev/loop9p4, 10) failed: No such file or directory
[  924.547508][T15723] udevd[15723]: inotify_add_watch(7, /dev/loop9p2, 10) failed: No such file or directory
[  925.320815][T18236] overlayfs: missing 'lowerdir'
[  925.366483][T18236] trusted_key: encrypted_key: keylen parameter is missing
[  925.390668][T18236] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  927.211484][T18232] loop1: detected capacity change from 0 to 40427
[  927.301200][T18232] F2FS-fs (loop1): build fault injection attr: rate: 14, type: 0x7ffff
[  927.310232][T18232] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0xeffa
[  927.391995][T18232] F2FS-fs (loop1): invalid crc value
[  927.612218][T18239] loop9: detected capacity change from 0 to 2048
[  928.113087][    C0] F2FS-fs (loop1): inject read IO error in f2fs_read_end_io of blk_update_request+0x597/0xe40
[  928.152689][T18232] F2FS-fs (loop1): inject kvmalloc in f2fs_kvmalloc of f2fs_fill_super+0x458d/0x6c20
[  928.162366][T18232] F2FS-fs (loop1): Failed to initialize F2FS node manager (-12)
[  928.472345][T18239] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  928.753566][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  928.830748][T18255] netlink: 'syz.1.2804': attribute type 13 has an invalid length.
[  928.859737][T15873] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  931.706744][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  931.713969][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  932.874227][T18303] netlink: 'syz.7.2815': attribute type 13 has an invalid length.
[  932.908367][T18303] netlink: 'syz.7.2815': attribute type 17 has an invalid length.
[  932.929566][T18303] netlink: 'syz.7.2815': attribute type 27 has an invalid length.
[  933.497233][ T5872] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[  933.564056][T18296] loop9: detected capacity change from 0 to 32768
[  933.574129][T18296] XFS: ikeep mount option is deprecated.
[  933.659550][T18296] XFS (loop9): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  933.691946][ T5872] usb 2-1: config 1 interface 0 altsetting 93 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  933.725230][ T5872] usb 2-1: config 1 interface 0 has no altsetting 0
[  933.759715][ T5872] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  933.808426][ T5872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  933.836084][ T5872] usb 2-1: SerialNumber: syz
[  933.920843][T18296] XFS (loop9): Ending clean mount
[  933.941061][T18296] XFS (loop9): Quotacheck needed: Please wait.
[  934.037614][T18296] XFS (loop9): Quotacheck: Done.
[  934.312239][ T5872] cdc_ether: probe of 2-1:1.0 failed with error -71
[  935.460823][ T5872] usb 2-1: USB disconnect, device number 7
[  935.526818][T18341] overlayfs: missing 'lowerdir'
[  935.622110][T18342] trusted_key: encrypted_key: keylen parameter is missing
[  935.637269][T18342] overlayfs: failed to clone upperpath
[  936.162908][T12850] XFS (loop9): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  936.602071][T18352] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2821'.
[  936.698169][T18360] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2822'.
[  937.628391][T18369] netlink: 'syz.7.2824': attribute type 13 has an invalid length.
[  937.644970][T18369] netlink: 'syz.7.2824': attribute type 17 has an invalid length.
[  937.712271][T18369] netlink: 'syz.7.2824': attribute type 27 has an invalid length.
[  938.672794][T18388] loop9: detected capacity change from 0 to 4096
[  939.512715][T18390] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  941.545208][T18417] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2833'.
[  942.879902][T18423] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2835'.
[  943.649273][T18424] netlink: 'syz.9.2836': attribute type 13 has an invalid length.
[  943.657341][T18424] netlink: 'syz.9.2836': attribute type 17 has an invalid length.
[  943.666819][T18424] netlink: 'syz.9.2836': attribute type 27 has an invalid length.
[  944.113301][T18440] netlink: 'syz.9.2840': attribute type 4 has an invalid length.
[  944.121284][T18440] netlink: 'syz.9.2840': attribute type 5 has an invalid length.
[  944.129124][T18440] netlink: 3657 bytes leftover after parsing attributes in process `syz.9.2840'.
[  947.097847][T18479] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2846'.
[  948.029159][T18482] netlink: 'syz.9.2849': attribute type 13 has an invalid length.
[  948.138911][T18482] netlink: 28 bytes leftover after parsing attributes in process `syz.9.2849'.
[  951.192676][T18521] loop9: detected capacity change from 0 to 1024
[  952.622705][T18538] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2859'.
[  953.818081][T18551] netlink: 'syz.9.2860': attribute type 13 has an invalid length.
[  953.851334][T18551] netlink: 28 bytes leftover after parsing attributes in process `syz.9.2860'.
[  956.184092][T18577] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2867'.
[  958.354185][T18596] netlink: 'syz.1.2873': attribute type 13 has an invalid length.
[  958.828451][T18596] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2873'.
[  959.882291][T18620] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  964.184468][T18643] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2883'.
[  964.719369][T18666] loop1: detected capacity change from 0 to 512
[  964.727517][T18666] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  964.835368][T18666] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #17: comm syz.1.2891: inline data xattr refers to an external xattr inode
[  964.868428][T18666] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.2891: couldn't read orphan inode 17 (err -117)
[  964.893030][T18666] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  966.334090][T18671] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2891'.
[  966.419988][T18668] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  967.751337][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  968.066821][T18692] loop9: detected capacity change from 0 to 1024
[  968.109329][T18692] EXT4-fs: Ignoring removed orlov option
[  968.142149][T18692] EXT4-fs (loop9): VFS: Can't find ext4 filesystem
[  968.724517][T18718] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2898'.
[  971.424919][T18744] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2903'.
[  976.613809][T18777] fuse: Bad value for 'fd'
[  976.842079][T18778] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2910'.
[  980.585352][T18803] loop9: detected capacity change from 0 to 1024
[  980.619328][T18803] EXT4-fs: Ignoring removed orlov option
[  980.936086][T18803] EXT4-fs (loop9): VFS: Can't find ext4 filesystem
[  982.062654][T18821] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2923'.
[  982.769468][T18823] overlayfs: missing 'lowerdir'
[  982.824941][T18822] trusted_key: encrypted_key: keylen parameter is missing
[  982.951119][T18823] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  987.918324][T18863] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2934'.
[  991.914925][T18893] overlayfs: missing 'lowerdir'
[  992.045779][T18893] trusted_key: encrypted_key: keylen parameter is missing
[  992.330430][T18894] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  993.147823][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  993.154994][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  993.596515][T18908] tipc: Started in network mode
[  993.601900][T18908] tipc: Node identity ac1414aa, cluster identity 4711
[  993.613998][T18908] tipc: Enabled bearer <udp:s>, priority 10
[  994.024002][T18915] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2948'.
[  994.624328][T15894] tipc: Node number set to 2886997162
[  994.963829][T18921] loop9: detected capacity change from 0 to 512
[  995.836491][ T5871] IPVS: starting estimator thread 0...
[  995.907377][T18933] loop1: detected capacity change from 0 to 128
[  995.910698][T18921] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  995.954957][T18933] EXT4-fs: Ignoring removed nobh option
[  995.960714][T18928] IPVS: using max 20 ests per chain, 48000 per kthread
[  996.018760][T18921] ext4 filesystem being mounted at /280/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  996.049894][T18933] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  996.127405][T18933] ext4 filesystem being mounted at /154/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  996.379288][T15540] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  996.676489][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  997.565445][T18948] loop9: detected capacity change from 0 to 8192
[  997.598027][T18948] REISERFS warning (device loop9): super-6505 reiserfs_getopt: head of option "noattrs" is only correct
[  997.598027][T18948] 
[  998.397337][T18961] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2959'.
[  999.034046][T18967] loop1: detected capacity change from 0 to 256
[ 1001.159908][T18983] loop1: detected capacity change from 0 to 512
[ 1001.242661][T18983] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1001.342010][T18983] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #17: comm syz.1.2965: inline data xattr refers to an external xattr inode
[ 1001.433027][T18983] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.2965: couldn't read orphan inode 17 (err -117)
[ 1001.506086][T18983] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1002.973165][T18983] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2965'.
[ 1003.208175][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1004.687037][T19013] loop1: detected capacity change from 0 to 512
[ 1004.720795][T19014] loop9: detected capacity change from 0 to 512
[ 1004.786803][T19013] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1004.805330][T19013] ext4 filesystem being mounted at /160/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1004.809349][T19014] ext4: Unknown parameter 'smackfsdef'
[ 1006.095358][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1007.703922][T19054] loop9: detected capacity change from 0 to 1024
[ 1007.714340][T19054] EXT4-fs: Ignoring removed orlov option
[ 1007.739479][T19054] EXT4-fs (loop9): VFS: Can't find ext4 filesystem
[ 1010.618619][T19067] loop1: detected capacity change from 0 to 32768
[ 1010.651477][T19067] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1010.886066][T19067] XFS (loop1): Ending clean mount
[ 1010.960842][T19067] XFS (loop1): Quotacheck needed: Please wait.
[ 1011.121112][T19067] XFS (loop1): Quotacheck: Done.
[ 1011.952921][T15540] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1012.245037][   T27] audit: type=1326 audit(1755889025.091:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19101 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1012.274204][   T27] audit: type=1326 audit(1755889025.091:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19101 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1012.296574][   T27] audit: type=1326 audit(1755889025.091:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19101 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1012.318973][   T27] audit: type=1326 audit(1755889025.091:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19101 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1012.358078][   T27] audit: type=1326 audit(1755889025.091:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19101 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1012.401408][   T27] audit: type=1326 audit(1755889025.091:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19101 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1012.423861][   T27] audit: type=1326 audit(1755889025.091:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19101 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1012.453695][   T27] audit: type=1326 audit(1755889025.091:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19101 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1012.505820][   T27] audit: type=1326 audit(1755889025.351:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19101 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1012.531333][   T27] audit: type=1326 audit(1755889025.351:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19101 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1016.086501][T19136] loop1: detected capacity change from 0 to 8192
[ 1016.108374][T19136] REISERFS warning (device loop1): super-6505 reiserfs_getopt: head of option "noattrs" is only correct
[ 1016.108374][T19136] 
[ 1017.943269][T19161] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3015'.
[ 1019.952639][T19172] loop9: detected capacity change from 0 to 1024
[ 1021.670610][T19187] netlink: 'syz.1.3024': attribute type 10 has an invalid length.
[ 1022.466200][T19110] Set syz1 is full, maxelem 65536 reached
[ 1025.915093][T19219] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3034'.
[ 1026.055820][T19237] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3040'.
[ 1026.072580][T19237] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3040'.
[ 1026.086732][T19237] netlink: 'syz.6.3040': attribute type 18 has an invalid length.
[ 1026.103552][T19237] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1026.113053][T19237] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1026.122154][T19237] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1026.131379][T19237] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1026.156880][T19237] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3040'.
[ 1026.176727][T19237] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3040'.
[ 1026.193935][T19237] netlink: 'syz.6.3040': attribute type 18 has an invalid length.
[ 1027.036482][T19241] loop9: detected capacity change from 0 to 1024
[ 1027.152215][T19245] loop1: detected capacity change from 0 to 256
[ 1027.213480][T19245] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[ 1027.240781][T18840] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1028.951021][T19261] loop9: detected capacity change from 0 to 1024
[ 1029.039457][T19261] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[ 1029.350445][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[ 1029.990448][T19276] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3049'.
[ 1030.483645][T19288] loop1: detected capacity change from 0 to 1024
[ 1031.601365][T19303] 9p: Unknown Cache mode or invalid value fscach
[ 1035.159544][T19346] loop1: detected capacity change from 0 to 512
[ 1035.184520][T19346] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1035.207835][T19346] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a01ec018, mo2=0002]
[ 1035.216056][T19346] System zones: 1-12
[ 1035.230709][T19346] EXT4-fs (loop1): 1 truncate cleaned up
[ 1035.237602][T19346] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1035.259718][T19347] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3062'.
[ 1036.568179][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1036.685190][T19358] 9pnet_fd: Insufficient options for proto=fd
[ 1038.805090][T19378] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3074'.
[ 1040.010317][T19396] netlink: 'syz.9.3078': attribute type 10 has an invalid length.
[ 1041.476537][T19396] team0: Port device wlan1 added
[ 1041.581452][T19403] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3079'.
[ 1042.901943][T19419] loop9: detected capacity change from 0 to 4096
[ 1043.823180][T19420] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3086'.
[ 1044.292610][T19419] ntfs: volume version 3.1.
[ 1045.449945][T19431] binder: 19430:19431 ioctl c0306201 200000000080 returned -14
[ 1045.840037][T19444] netlink: 'syz.7.3091': attribute type 10 has an invalid length.
[ 1045.908612][T19444] team0: Port device wlan1 added
[ 1046.605171][T19449] team0: No ports can be present during mode change
[ 1046.755203][T19451] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3096'.
[ 1047.346525][T19427] loop1: detected capacity change from 0 to 32768
[ 1047.431769][T19427] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1047.479330][T19427] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop1": -EINTR
[ 1047.487468][T19427] XFS (loop1): log mount failed
[ 1047.497266][T19463] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[ 1048.825766][T19467] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3102'.
[ 1049.270766][T19482] netlink: 'syz.9.3105': attribute type 10 has an invalid length.
[ 1051.669068][T19499] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3109'.
[ 1053.458727][T19503] syz.6.3113 (19503): attempted to duplicate a private mapping with mremap.  This is not supported.
[ 1053.478494][   T27] audit: type=1326 audit(1755889066.291:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19502 comm="syz.6.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1053.505891][   T27] audit: type=1326 audit(1755889066.291:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19502 comm="syz.6.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1053.540765][   T27] audit: type=1326 audit(1755889066.291:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19502 comm="syz.6.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1053.686922][   T27] audit: type=1326 audit(1755889066.291:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19502 comm="syz.6.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1053.750266][   T27] audit: type=1326 audit(1755889066.311:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19502 comm="syz.6.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1053.773471][   T27] audit: type=1326 audit(1755889066.351:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19502 comm="syz.6.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1053.799896][T19505] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3114'.
[ 1053.817442][   T27] audit: type=1326 audit(1755889066.351:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19502 comm="syz.6.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1053.869515][T19516] 9pnet_fd: Insufficient options for proto=fd
[ 1053.896073][   T27] audit: type=1326 audit(1755889066.381:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19502 comm="syz.6.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1053.943519][   T27] audit: type=1326 audit(1755889066.381:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19502 comm="syz.6.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1054.023012][   T27] audit: type=1326 audit(1755889066.381:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19502 comm="syz.6.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c5e98ebe9 code=0x7ffc0000
[ 1054.149727][T19520] tipc: Started in network mode
[ 1054.172224][T19520] tipc: Node identity 5256c4f9c4b5, cluster identity 4711
[ 1054.181437][T19520] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1054.194423][T19520] syzkaller0: entered promiscuous mode
[ 1054.201952][T19520] syzkaller0: entered allmulticast mode
[ 1054.371112][T19524] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3117'.
[ 1054.520649][T19523] overlayfs: failed to clone upperpath
[ 1054.599000][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.605407][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.654718][T19525] tipc: Resetting bearer <eth:syzkaller0>
[ 1054.674814][T19524] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 1054.684684][T19524] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 1054.694895][T19524] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1054.738369][T19518] tipc: Resetting bearer <eth:syzkaller0>
[ 1054.859364][T19518] tipc: Disabling bearer <eth:syzkaller0>
[ 1055.971610][T19542] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1056.599115][T19545] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3127'.
[ 1056.853090][T19550] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3129'.
[ 1057.022732][T19552] netlink: 'syz.7.3128': attribute type 10 has an invalid length.
[ 1058.109661][T19555] loop9: detected capacity change from 0 to 2048
[ 1058.305514][T19565] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3131'.
[ 1058.641247][T19555] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1058.772250][T19555] ext4 filesystem being mounted at /328/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1059.282636][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1059.665876][T19577] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3138'.
[ 1060.340856][T19589] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3140'.
[ 1062.647876][T19599] loop9: detected capacity change from 0 to 512
[ 1062.997984][T19599] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1063.341058][T19599] EXT4-fs error (device loop9): ext4_find_inline_data_nolock:164: inode #17: comm syz.9.3142: inline data xattr refers to an external xattr inode
[ 1063.451784][T19609] loop1: detected capacity change from 0 to 1024
[ 1063.478540][T19599] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.3142: couldn't read orphan inode 17 (err -117)
[ 1063.535310][T19599] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1063.588519][T19609] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1064.147953][T19617] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3142'.
[ 1064.831400][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1065.007750][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1065.202769][T19624] loop9: detected capacity change from 0 to 1024
[ 1065.239274][T19423] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1066.767618][T19626] loop1: detected capacity change from 0 to 32768
[ 1066.788863][T19639] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3153'.
[ 1066.890397][T19626] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1066.960758][T19626] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1067.903794][T19626] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[ 1067.963334][   T23] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1067.978470][   T23] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1068.254491][   T23] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 276ms
[ 1068.279288][   T23] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1068.286268][T19626] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1068.468827][T19626] gfs2: fsid=syz:syz.0: can't create logd thread: -4
[ 1068.507896][T19658] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3158'.
[ 1071.819891][T15894] IPVS: starting estimator thread 0...
[ 1072.038753][T19679] IPVS: using max 17 ests per chain, 40800 per kthread
[ 1072.776864][T19684] loop1: detected capacity change from 0 to 1024
[ 1074.004699][T19699] loop1: detected capacity change from 0 to 512
[ 1074.021333][T19699] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1074.118710][T19699] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #17: comm syz.1.3170: inline data xattr refers to an external xattr inode
[ 1074.360270][T19699] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.3170: couldn't read orphan inode 17 (err -117)
[ 1074.417246][T19699] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1076.970995][T19718] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3170'.
[ 1077.152680][   T55] IPVS: starting estimator thread 0...
[ 1077.358414][T19717] IPVS: using max 17 ests per chain, 40800 per kthread
[ 1077.508149][T19702] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1077.590032][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1077.615864][T19722] 9pnet_fd: Insufficient options for proto=fd
[ 1078.970895][T19735] loop9: detected capacity change from 0 to 512
[ 1079.155819][T19735] ext4: Unknown parameter 'fsuuid'
[ 1080.188501][T19423] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1081.258791][T19750] loop9: detected capacity change from 0 to 256
[ 1081.323291][T19750] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[ 1081.411635][T19753] loop1: detected capacity change from 0 to 1024
[ 1082.365690][T19760] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3185'.
[ 1085.267580][T19781] 9pnet_fd: Insufficient options for proto=fd
[ 1088.489520][T19817] 9pnet_fd: Insufficient options for proto=fd
[ 1089.874022][T19836] loop9: detected capacity change from 0 to 512
[ 1089.934868][T19836] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1089.957974][T19834] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3208'.
[ 1090.091153][T19827] loop1: detected capacity change from 0 to 32768
[ 1090.119993][T19836] EXT4-fs error (device loop9): ext4_find_inline_data_nolock:164: inode #17: comm syz.9.3209: inline data xattr refers to an external xattr inode
[ 1090.186887][T19836] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.3209: couldn't read orphan inode 17 (err -117)
[ 1090.242902][T19827] JBD2: Ignoring recovery information on journal
[ 1090.259851][T19836] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1090.495751][T19827] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[ 1091.020801][T15540] ocfs2: Unmounting device (7,1) on (node local)
[ 1091.245155][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1093.977212][T19878] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3221'.
[ 1096.792694][T19912] loop1: detected capacity change from 0 to 1024
[ 1102.004643][T19959] loop9: detected capacity change from 0 to 4096
[ 1102.185206][T19959] ntfs: volume version 3.1.
[ 1103.467568][T19969] loop1: detected capacity change from 0 to 2048
[ 1103.475179][T19969] journal_path: Lookup failure for './file0'
[ 1103.481324][T19969] EXT4-fs: error: could not find journal device path
[ 1103.669231][T19475] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1106.143540][T19993] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3246'.
[ 1106.314924][T19997] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3247'.
[ 1107.564422][T20001] loop1: detected capacity change from 0 to 8192
[ 1107.680362][T20001] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[ 1107.700137][T20001] FAT-fs (loop1): Filesystem has been set read-only
[ 1111.029159][T20036] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3256'.
[ 1111.796977][T20045] loop9: detected capacity change from 0 to 4096
[ 1111.881091][T20045] ntfs: volume version 3.1.
[ 1113.166680][T20056] loop1: detected capacity change from 0 to 1024
[ 1116.062869][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.069537][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.143554][T20084] loop9: detected capacity change from 0 to 512
[ 1116.151535][T20084] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1116.172105][T20084] EXT4-fs error (device loop9): ext4_find_inline_data_nolock:164: inode #17: comm syz.9.3273: inline data xattr refers to an external xattr inode
[ 1116.189612][T20084] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.3273: couldn't read orphan inode 17 (err -117)
[ 1116.206866][T20084] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1118.799030][T20086] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1119.018877][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1119.206230][T20108] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3277'.
[ 1119.343708][T20111] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1120.518875][T20120] loop9: detected capacity change from 0 to 1024
[ 1121.870834][T20132] loop9: detected capacity change from 0 to 4096
[ 1122.012154][T20134] loop1: detected capacity change from 0 to 512
[ 1122.031017][T20132] ntfs: volume version 3.1.
[ 1122.048698][T20134] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1122.129758][T20134] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #17: comm syz.1.3288: inline data xattr refers to an external xattr inode
[ 1122.145952][T20134] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.3288: couldn't read orphan inode 17 (err -117)
[ 1122.163101][T20134] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1125.314529][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1125.789384][T20157] loop9: detected capacity change from 0 to 1024
[ 1127.984404][T20165] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3295'.
[ 1129.941679][T20201] netlink: 'syz.7.3302': attribute type 10 has an invalid length.
[ 1130.149139][T20201] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1130.157091][T20201] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1130.203383][T20201] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1130.210886][T20201] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1130.220005][T20201] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1130.227198][T20201] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1130.467866][T20201] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1131.236682][T20209] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3304'.
[ 1132.456792][T20225] loop9: detected capacity change from 0 to 512
[ 1132.474595][T20225] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1132.840301][T20225] EXT4-fs error (device loop9): ext4_find_inline_data_nolock:164: inode #17: comm syz.9.3309: inline data xattr refers to an external xattr inode
[ 1132.914859][T20225] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.3309: couldn't read orphan inode 17 (err -117)
[ 1133.152763][T20237] loop1: detected capacity change from 0 to 1024
[ 1133.651744][T20225] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1133.801928][T19475] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1135.750790][T20228] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1135.946861][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1137.382040][T20276] loop1: detected capacity change from 0 to 1024
[ 1137.404990][T20277] loop9: detected capacity change from 0 to 512
[ 1137.459819][T19423] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1137.477415][T20278] ptrace attach of "./syz-executor exec"[15873] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               Œ      Ðÿ      ð¥      Àÿ      Àÿ      Ðÿ      À•              ðÿ      °ÿ      Àÿ                 ÿÿÿÿ"[20278]
[ 1138.105738][T20277] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1138.459794][T20277] EXT4-fs error (device loop9): ext4_find_inline_data_nolock:164: inode #17: comm syz.9.3325: inline data xattr refers to an external xattr inode
[ 1138.464789][T20277] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.3325: couldn't read orphan inode 17 (err -117)
[ 1138.467696][T20277] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1139.380264][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1140.065565][T20300] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3330'.
[ 1142.428314][ T5872] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[ 1142.758692][ T5872] usb 2-1: device descriptor read/64, error -71
[ 1145.695451][T20337] loop9: detected capacity change from 0 to 1024
[ 1147.240592][T20358] loop1: detected capacity change from 0 to 512
[ 1147.256738][T20358] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1147.613560][T20358] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #17: comm syz.1.3349: inline data xattr refers to an external xattr inode
[ 1147.892175][T20358] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.3349: couldn't read orphan inode 17 (err -117)
[ 1147.916553][T20361] loop9: detected capacity change from 0 to 1024
[ 1147.936553][T20358] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1148.069990][T19475] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1148.988393][T20365] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1149.054387][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1149.326123][T20377] "syz.6.3354" (20377) uses obsolete ecb(arc4) skcipher
[ 1152.181316][T20399] loop9: detected capacity change from 0 to 512
[ 1152.207468][T20399] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1152.303014][T20404] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3359'.
[ 1152.336596][T20399] EXT4-fs error (device loop9): ext4_find_inline_data_nolock:164: inode #17: comm syz.9.3360: inline data xattr refers to an external xattr inode
[ 1152.347065][T20406] loop1: detected capacity change from 0 to 1024
[ 1152.359410][T20399] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.3360: couldn't read orphan inode 17 (err -117)
[ 1152.374716][T20399] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1153.568333][T19423] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1153.702526][T20404] bridge1: port 1(veth3) entered blocking state
[ 1153.734128][T20404] bridge1: port 1(veth3) entered disabled state
[ 1153.772016][T20404] veth3: entered allmulticast mode
[ 1153.793842][T20402] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1153.812368][T20404] veth3: entered promiscuous mode
[ 1154.624212][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1154.737374][T20411] bridge1: port 2(veth0_to_bond) entered blocking state
[ 1154.779937][T20411] bridge1: port 2(veth0_to_bond) entered disabled state
[ 1154.787141][T20411] veth0_to_bond: entered allmulticast mode
[ 1154.856880][T20411] veth0_to_bond: entered promiscuous mode
[ 1156.157499][T20412] vlan3: entered allmulticast mode
[ 1156.186822][T20412] veth1: entered allmulticast mode
[ 1156.215340][T20412] bridge1: port 3(vlan3) entered blocking state
[ 1156.243981][T20412] bridge1: port 3(vlan3) entered disabled state
[ 1156.281910][T20412] vlan3: entered promiscuous mode
[ 1156.307332][T20412] veth1: entered promiscuous mode
[ 1156.561155][T20435] bridge0: port 3(syz_tun) entered blocking state
[ 1156.569056][T20435] bridge0: port 3(syz_tun) entered disabled state
[ 1156.575980][T20435] syz_tun: entered allmulticast mode
[ 1156.638316][T20435] syz_tun: entered promiscuous mode
[ 1157.230741][T20435] bridge0: port 3(syz_tun) entered blocking state
[ 1157.239207][T20435] bridge0: port 3(syz_tun) entered forwarding state
[ 1157.853216][T20450] loop1: detected capacity change from 0 to 512
[ 1157.934666][T20450] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1158.033011][T20450] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #17: comm syz.1.3372: inline data xattr refers to an external xattr inode
[ 1158.068089][T20450] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.3372: couldn't read orphan inode 17 (err -117)
[ 1158.069271][T20455] overlayfs: failed to resolve './file1': -2
[ 1158.100471][T20450] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1159.793132][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1159.800011][T20479] loop9: detected capacity change from 0 to 256
[ 1159.823034][T20479] exfat: Deprecated parameter 'utf8'
[ 1159.829304][T20479] exfat: Deprecated parameter 'namecase'
[ 1159.857977][T20479] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[ 1160.054513][T20482] loop1: detected capacity change from 0 to 1024
[ 1162.072025][T20504] overlayfs: failed to clone upperpath
[ 1162.205621][T20509] loop1: detected capacity change from 0 to 1024
[ 1165.350352][T20529] loop1: detected capacity change from 0 to 4096
[ 1166.125323][T20529] ntfs: volume version 3.1.
[ 1169.824595][T20561] loop1: detected capacity change from 0 to 512
[ 1169.838380][T20561] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1169.883687][T20561] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #17: comm syz.1.3400: inline data xattr refers to an external xattr inode
[ 1170.028499][T20561] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.3400: couldn't read orphan inode 17 (err -117)
[ 1170.759675][T20561] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1172.078052][T20578] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1172.090404][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1174.621742][T20598] loop9: detected capacity change from 0 to 256
[ 1174.657751][T20598] exfat: Bad value for 'errors'
[ 1175.108331][T19423] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1175.253998][T20602] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3408'.
[ 1177.730633][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.736970][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[ 1179.507076][T20635] loop1: detected capacity change from 0 to 1024
[ 1179.679263][T20642] loop9: detected capacity change from 0 to 1024
[ 1179.958407][T19423] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1184.092694][T20666] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3425'.
[ 1185.795468][T20673] loop9: detected capacity change from 0 to 512
[ 1185.878361][T20673] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1185.969684][T20673] EXT4-fs error (device loop9): ext4_find_inline_data_nolock:164: inode #17: comm syz.9.3429: inline data xattr refers to an external xattr inode
[ 1186.066096][T20673] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.3429: couldn't read orphan inode 17 (err -117)
[ 1186.139666][T20673] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1186.348471][T20675] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1187.104049][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1187.338627][T20690] loop9: detected capacity change from 0 to 1024
[ 1192.058359][T20718] loop1: detected capacity change from 0 to 1024
[ 1194.514086][T20742] loop1: detected capacity change from 0 to 1024
[ 1196.291930][T20756] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3446'.
[ 1198.250027][T20766] loop1: detected capacity change from 0 to 1024
[ 1200.399931][T20787] loop9: detected capacity change from 0 to 1024
[ 1205.759833][T20818] loop1: detected capacity change from 0 to 1024
[ 1205.963857][T20809] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3463'.
[ 1207.117642][T20832] loop9: detected capacity change from 0 to 512
[ 1207.141891][T20832] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1207.249275][T20832] EXT4-fs error (device loop9): ext4_find_inline_data_nolock:164: inode #17: comm syz.9.3469: inline data xattr refers to an external xattr inode
[ 1207.446681][T20838] loop1: detected capacity change from 0 to 1024
[ 1207.505692][T20832] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.3469: couldn't read orphan inode 17 (err -117)
[ 1207.561783][T19475] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1207.563388][T20832] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1212.739713][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1212.937961][T20876] loop1: detected capacity change from 0 to 1024
[ 1213.255887][T20882] loop9: detected capacity change from 0 to 1024
[ 1215.689992][T20901] loop9: detected capacity change from 0 to 512
[ 1215.708479][T20901] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1215.755392][T20901] EXT4-fs error (device loop9): ext4_find_inline_data_nolock:164: inode #17: comm syz.9.3486: inline data xattr refers to an external xattr inode
[ 1215.776433][T20901] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.3486: couldn't read orphan inode 17 (err -117)
[ 1215.796195][T20901] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1216.716386][T20910] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3484'.
[ 1216.898391][T20903] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1218.202152][T20924] loop1: detected capacity change from 0 to 1024
[ 1219.132541][T20931] loop1: detected capacity change from 0 to 1024
[ 1219.369472][T19423] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1221.052104][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1223.602531][T20970] loop1: detected capacity change from 0 to 1024
[ 1223.878043][T20976] loop9: detected capacity change from 0 to 1024
[ 1224.094078][T20979] loop1: detected capacity change from 0 to 512
[ 1224.113632][T20979] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1224.534880][T20979] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #17: comm syz.1.3504: inline data xattr refers to an external xattr inode
[ 1224.770717][T20979] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.3504: couldn't read orphan inode 17 (err -117)
[ 1224.879168][T20979] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1226.551540][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1226.577490][T20999] loop9: detected capacity change from 0 to 1024
[ 1226.665529][T19423] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1227.787566][T21017] loop1: detected capacity change from 0 to 1024
[ 1230.015758][T21030] loop1: detected capacity change from 0 to 1024
[ 1232.384536][T21059] loop1: detected capacity change from 0 to 4096
[ 1233.363428][T21059] ntfs: volume version 3.1.
[ 1236.778075][T21092] loop1: detected capacity change from 0 to 1024
[ 1238.120275][T21113] loop1: detected capacity change from 0 to 512
[ 1238.127403][T21108] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3530'.
[ 1238.157444][T21113] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1239.073610][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[ 1239.080189][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.345908][T21113] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #17: comm syz.1.3539: inline data xattr refers to an external xattr inode
[ 1239.484573][T21113] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.3539: couldn't read orphan inode 17 (err -117)
[ 1239.559375][T21113] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1240.698836][T21118] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1241.187186][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1241.846208][T21147] loop9: detected capacity change from 0 to 1024
[ 1242.731244][T21153] loop1: detected capacity change from 0 to 128
[ 1242.782045][   T27] kauditd_printk_skb: 7 callbacks suppressed
[ 1242.782058][   T27] audit: type=1800 audit(1755889255.631:151): pid=21153 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3551" name="bus" dev="loop1" ino=1048676 res=0 errno=0
[ 1243.967974][T21164] loop1: detected capacity change from 0 to 512
[ 1244.009532][T21164] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1244.396471][T21164] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #17: comm syz.1.3554: inline data xattr refers to an external xattr inode
[ 1244.616751][T21164] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.3554: couldn't read orphan inode 17 (err -117)
[ 1244.722833][T21164] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1246.126378][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1247.759789][T21191] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3555'.
[ 1249.034661][T21202] loop9: detected capacity change from 0 to 512
[ 1249.063437][T21202] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[ 1249.193977][T21202] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002]
[ 1249.203139][T21202] System zones: 1-12
[ 1249.290854][T21202] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2244: inode #15: comm syz.9.3562: corrupted in-inode xattr: e_value size too large
[ 1249.309809][T21202] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.3562: couldn't read orphan inode 15 (err -117)
[ 1249.331811][T21202] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1251.527860][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1251.624427][T21213] loop9: detected capacity change from 0 to 512
[ 1251.642365][T21213] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1251.685205][T21213] EXT4-fs error (device loop9): ext4_find_inline_data_nolock:164: inode #17: comm syz.9.3566: inline data xattr refers to an external xattr inode
[ 1251.938021][T21213] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.3566: couldn't read orphan inode 17 (err -117)
[ 1251.972823][T21213] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1254.400455][T21204] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1255.184438][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1255.418242][T21242] loop1: detected capacity change from 0 to 512
[ 1255.494756][T21242] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1255.618034][T21242] EXT4-fs (loop1): 1 orphan inode deleted
[ 1255.623956][T21242] EXT4-fs (loop1): 1 truncate cleaned up
[ 1255.635178][T21242] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1256.057509][T21243] loop9: detected capacity change from 0 to 1024
[ 1256.860125][T21243] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1257.068989][T21245] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1257.124593][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1257.182346][T21245] EXT4-fs (loop1): Remounting filesystem read-only
[ 1257.633655][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1258.609214][T21273] loop1: detected capacity change from 0 to 512
[ 1258.628944][T21273] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1259.127186][T21273] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #17: comm syz.1.3583: inline data xattr refers to an external xattr inode
[ 1259.595063][T21273] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.3583: couldn't read orphan inode 17 (err -117)
[ 1259.673181][T21273] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1259.730251][T21283] loop9: detected capacity change from 0 to 128
[ 1259.787481][T21283] EXT4-fs: Ignoring removed nobh option
[ 1259.941637][T21283] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1259.970288][T21283] ext4 filesystem being mounted at /425/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1260.727064][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1261.152741][T12850] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1261.259751][T21297] loop9: detected capacity change from 0 to 1024
[ 1261.326783][T21297] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1261.533695][T21300] loop1: detected capacity change from 0 to 4096
[ 1261.581980][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1261.947747][T21300] ntfs: volume version 3.1.
[ 1263.699711][T21317] loop9: detected capacity change from 0 to 512
[ 1263.735012][T21317] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1263.876308][T21317] EXT4-fs error (device loop9): ext4_find_inline_data_nolock:164: inode #17: comm syz.9.3596: inline data xattr refers to an external xattr inode
[ 1263.988592][T21317] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.3596: couldn't read orphan inode 17 (err -117)
[ 1264.035967][T21317] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1266.869297][T21321] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1266.935173][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1267.651486][T21354] loop9: detected capacity change from 0 to 128
[ 1267.689534][T21354] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1267.730821][T21354] ext4 filesystem being mounted at /432/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1267.793256][T12850] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1268.034489][T21361] loop9: detected capacity change from 0 to 1024
[ 1269.002267][T21369] loop9: detected capacity change from 0 to 512
[ 1269.018653][T21369] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1269.313847][T21369] EXT4-fs error (device loop9): ext4_find_inline_data_nolock:164: inode #17: comm syz.9.3610: inline data xattr refers to an external xattr inode
[ 1269.661646][T21369] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.3610: couldn't read orphan inode 17 (err -117)
[ 1269.680258][T21369] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1271.699728][T21385] loop1: detected capacity change from 0 to 1024
[ 1271.760497][T21385] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1271.841684][T21391] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1271.985481][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1272.163106][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1272.991281][T21404] loop9: detected capacity change from 0 to 1024
[ 1273.199259][T21408] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3620'.
[ 1276.628116][T21436] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1277.510905][T21443] loop9: detected capacity change from 0 to 1024
[ 1279.511843][T21464] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1281.776999][T21486] loop1: detected capacity change from 0 to 256
[ 1281.819417][T21486] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1281.874860][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1281.913598][T21486] FAT-fs (loop1): Filesystem has been set read-only
[ 1281.939709][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.009378][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.026579][T21491] loop9: detected capacity change from 0 to 1024
[ 1282.063985][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.119250][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.128881][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.138059][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.146828][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.155713][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.164320][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.172956][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.182399][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.191167][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.200626][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.209256][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.217877][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.226909][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.235989][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.244675][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.737438][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.746208][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.759597][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.798854][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.818272][T21486] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1282.858361][   T27] audit: type=1800 audit(1755889295.691:152): pid=21486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3644" name="file1" dev="loop1" ino=1048677 res=0 errno=0
[ 1283.151189][T21499] loop9: detected capacity change from 0 to 512
[ 1283.188592][T21499] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1283.202151][T21502] loop1: detected capacity change from 0 to 1024
[ 1283.528610][T21499] EXT4-fs error (device loop9): ext4_find_inline_data_nolock:164: inode #17: comm syz.9.3648: inline data xattr refers to an external xattr inode
[ 1283.958482][T21499] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.3648: couldn't read orphan inode 17 (err -117)
[ 1283.994214][T21499] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1285.080311][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1285.251605][T21518] loop9: detected capacity change from 0 to 256
[ 1285.297511][T21518] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1285.354546][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.382604][T21518] FAT-fs (loop9): Filesystem has been set read-only
[ 1285.402474][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.432845][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.454585][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.483053][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.515898][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.525692][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.541786][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.555125][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.566248][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.589360][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.621111][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.646029][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.664979][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.684074][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.708376][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.731549][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.758312][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.768400][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.793629][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.812735][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.838667][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.857495][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.888602][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.897795][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.926745][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.942709][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.954209][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.970786][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.981884][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1285.991055][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.006668][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.015989][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.025599][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.035592][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.044620][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.054796][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.158854][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.185452][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.217557][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.234361][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.263438][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.282540][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.292285][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.301351][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.310617][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.319391][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.328088][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.336877][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.359400][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.488566][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.639856][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.874405][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1286.998535][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.019563][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.039721][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.064208][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.094779][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.125807][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.144438][T21538] loop1: detected capacity change from 0 to 1024
[ 1287.175249][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.187606][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.206852][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.216055][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.225192][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.283631][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.327752][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.372792][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.388732][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.399044][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.414325][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.423485][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.432242][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.447224][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.469318][T21518] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1287.600324][   T27] audit: type=1800 audit(1755889300.451:153): pid=21518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.3652" name="file1" dev="loop9" ino=1048678 res=0 errno=0
[ 1288.566909][T21559] loop9: detected capacity change from 0 to 1024
[ 1288.890843][T21559] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1289.724206][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1290.021100][T21579] loop9: detected capacity change from 0 to 64
[ 1291.465430][T21598] loop9: detected capacity change from 0 to 1024
[ 1295.187833][T21637] loop1: detected capacity change from 0 to 1024
[ 1297.556018][T21662] loop9: detected capacity change from 0 to 4096
[ 1297.848586][T21662] ntfs: volume version 3.1.
[ 1298.911980][T21677] loop9: detected capacity change from 0 to 1024
[ 1300.037651][T21688] loop9: detected capacity change from 0 to 1024
[ 1300.125627][T21688] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1300.344684][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.356513][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.652901][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1301.731808][T21710] loop9: detected capacity change from 0 to 1024
[ 1301.840352][T19423] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1305.561445][T21747] loop9: detected capacity change from 0 to 1024
[ 1305.810173][T19423] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1306.021949][T21751] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3716'.
[ 1308.568090][T21762] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3719'.
[ 1310.169408][T21778] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1310.197113][T21778] syzkaller0: entered promiscuous mode
[ 1310.213407][T21778] syzkaller0: entered allmulticast mode
[ 1310.271607][T21778] tipc: Resetting bearer <eth:syzkaller0>
[ 1310.282829][T21776] tipc: Resetting bearer <eth:syzkaller0>
[ 1310.320472][T21776] tipc: Disabling bearer <eth:syzkaller0>
[ 1310.889816][T21784] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3729'.
[ 1310.894087][T21790] loop1: detected capacity change from 0 to 1024
[ 1310.919183][T21784] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3729'.
[ 1310.950730][T19423] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1312.430455][T21801] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3732'.
[ 1313.599886][T21812] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3738'.
[ 1313.695441][T21816] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3738'.
[ 1314.933940][T21831] QAT: Invalid ioctl 21531
[ 1318.699837][T21862] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1321.522514][T21896] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3759'.
[ 1322.795825][T21906] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1326.718921][T21942] loop9: detected capacity change from 0 to 8192
[ 1327.297760][T21942] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000e1b1)
[ 1327.306277][T21942] FAT-fs (loop9): Filesystem has been set read-only
[ 1327.352781][T21956] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3772'.
[ 1327.525231][T21960] tipc: Started in network mode
[ 1327.531132][T21960] tipc: Node identity 080211000001, cluster identity 4711
[ 1327.549909][T21960] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1328.931478][   T55] tipc: Node number set to 134418688
[ 1330.233356][T21988] loop9: detected capacity change from 0 to 128
[ 1330.387730][T21990] tipc: Started in network mode
[ 1330.394248][T21990] tipc: Node identity 5a1643ba29ce, cluster identity 4711
[ 1330.408993][T21990] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1330.428801][T21990] syzkaller0: entered promiscuous mode
[ 1330.434324][T21990] syzkaller0: entered allmulticast mode
[ 1330.502906][T21993] syz.9.3787: attempt to access beyond end of device
[ 1330.502906][T21993] loop9: rw=2049, sector=145, nr_sectors = 752 limit=128
[ 1330.527962][T21989] tipc: Resetting bearer <eth:syzkaller0>
[ 1330.626958][T21989] tipc: Disabling bearer <eth:syzkaller0>
[ 1330.644263][T21987] syz.9.3787: attempt to access beyond end of device
[ 1330.644263][T21987] loop9: rw=524288, sector=145, nr_sectors = 224 limit=128
[ 1332.325030][T22008] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3794'.
[ 1332.664440][T22019] netlink: 'syz.7.3797': attribute type 4 has an invalid length.
[ 1332.735769][T22021] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1332.813531][T22024] loop9: detected capacity change from 0 to 1024
[ 1332.889491][T22024] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1333.990604][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1334.532173][T22046] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3807'.
[ 1336.565405][T22058] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3811'.
[ 1336.610110][T22060] loop9: detected capacity change from 0 to 1024
[ 1340.879836][T22107] loop1: detected capacity change from 0 to 1024
[ 1341.027260][T22110] loop9: detected capacity change from 0 to 1024
[ 1343.075967][T22127] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1343.456274][T22151] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3837'.
[ 1343.466333][T22150] loop1: detected capacity change from 0 to 1024
[ 1343.493406][T22151] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3837'.
[ 1343.550129][T22146] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3837'.
[ 1343.705880][T22151] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3837'.
[ 1348.172835][T22183] loop1: detected capacity change from 0 to 1024
[ 1348.250735][T19423] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1348.461031][T22185] loop9: detected capacity change from 0 to 1024
[ 1348.479262][T22185] EXT4-fs: Ignoring removed bh option
[ 1348.484737][T22185] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1349.268554][T22185] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1350.298103][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1351.647592][T22211] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1351.674897][T22211] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1351.835758][T22222] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3858'.
[ 1351.844881][T22222] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3858'.
[ 1351.860017][T22222] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1351.868845][T22222] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1351.877559][T22222] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1351.886375][T22222] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1354.187644][T20650] Bluetooth: hci4: Malformed MSFT vendor event: 0x02
[ 1354.728491][T20650] Bluetooth: hci3: unexpected event 0x09 length: 6 > 3
[ 1354.918169][T22281] loop9: detected capacity change from 0 to 1024
[ 1357.068338][T22291] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3876'.
[ 1360.918184][T22340] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3891'.
[ 1361.562021][T20650] Bluetooth: hci2: unexpected event 0x09 length: 6 > 3
[ 1361.776652][T22348] loop1: detected capacity change from 0 to 1024
[ 1361.790394][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.791248][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[ 1362.073584][T22348] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1362.318609][T15540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1363.720022][   T55] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[ 1364.027035][   T55] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1364.056701][   T55] usb 2-1: not running at top speed; connect to a high speed hub
[ 1364.075177][   T55] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1364.088177][   T55] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1364.116734][   T55] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1364.153686][   T55] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1364.189761][   T55] usb 2-1: Product: syz
[ 1364.193930][   T55] usb 2-1: Manufacturer: syz
[ 1364.205535][   T55] usb 2-1: SerialNumber: syz
[ 1364.220324][   T55] usb 2-1: selecting invalid altsetting 1
[ 1365.250187][T22387] loop9: detected capacity change from 0 to 1024
[ 1365.466002][   T55] cdc_ncm 2-1:1.0: SET_CRC_MODE failed
[ 1366.209784][   T55] usb 2-1: selecting invalid altsetting 1
[ 1366.216116][   T55] cdc_ncm 2-1:1.0: bind() failure
[ 1366.230531][   T55] cdc_ncm 2-1:1.1: invalid descriptor buffer length
[ 1366.237145][   T55] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[ 1366.244448][   T55] cdc_ncm 2-1:1.1: bind() failure
[ 1366.267200][   T55] usb 2-1: USB disconnect, device number 10
[ 1370.214903][T22431] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3916'.
[ 1371.120330][T22431] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1371.530640][T22431] bridge_slave_0 (unregistering): left allmulticast mode
[ 1371.565981][T22431] bridge_slave_0 (unregistering): left promiscuous mode
[ 1371.724182][T22431] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1372.492469][T22443] loop9: detected capacity change from 0 to 512
[ 1372.509755][T22443] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1372.569470][T22443] EXT4-fs (loop9): 1 truncate cleaned up
[ 1372.576309][T22443] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1372.853393][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1373.829603][T22463] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3927'.
[ 1373.849504][T22463] netlink: 'syz.6.3927': attribute type 14 has an invalid length.
[ 1373.858092][T22463] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3927'.
[ 1373.867682][T22463] netlink: 'syz.6.3927': attribute type 14 has an invalid length.
[ 1373.905492][T22465] syzkaller0: entered promiscuous mode
[ 1373.911116][T22465] syzkaller0: entered allmulticast mode
[ 1375.859605][T22493] loop9: detected capacity change from 0 to 1024
[ 1375.949905][T19423] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1377.037100][T22502] syzkaller0: entered promiscuous mode
[ 1377.042917][T22502] syzkaller0: entered allmulticast mode
[ 1377.767165][T22513] loop9: detected capacity change from 0 to 1024
[ 1379.254243][T22530] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3951'.
[ 1379.269625][T22530] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3951'.
[ 1379.278914][T22530] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3951'.
[ 1380.006425][T22530] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3951'.
[ 1383.544705][T22464] Set syz1 is full, maxelem 65536 reached
[ 1386.514519][T22592] loop9: detected capacity change from 0 to 1024
[ 1386.702079][T19423] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1391.912906][T22641] loop9: detected capacity change from 0 to 1024
[ 1392.901125][T22646] loop1: detected capacity change from 0 to 512
[ 1392.931412][T22641] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1392.991411][T22646] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[ 1393.006316][T22646] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000001)
[ 1393.016507][T22646] FAT-fs (loop1): Filesystem has been set read-only
[ 1393.736521][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1393.908919][T22659] loop1: detected capacity change from 0 to 1024
[ 1395.159129][T22668] loop9: detected capacity change from 0 to 1024
[ 1395.248452][T19475] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1395.359365][T22674] netlink: 32 bytes leftover after parsing attributes in process `syz.7.3993'.
[ 1397.999971][T22708] fuse: Bad value for 'fd'
[ 1398.007005][T22710] loop9: detected capacity change from 0 to 1024
[ 1398.105528][T19423] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1399.594843][T22712] loop1: detected capacity change from 0 to 32768
[ 1400.315006][T22712] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1400.436396][T22712] XFS (loop1): Ending clean mount
[ 1400.514273][   T27] audit: type=1800 audit(1755889413.361:154): pid=22712 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4009" name="file1" dev="loop1" ino=6150 res=0 errno=0
[ 1401.325128][T15540] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1401.804802][T22756] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1402.001910][T22758] netlink: 'syz.7.4021': attribute type 10 has an invalid length.
[ 1405.833295][T22789] bridge0: port 3(syz_tun) entered disabled state
[ 1406.001921][T22789] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1406.082356][T22789] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1406.245003][T22795] loop9: detected capacity change from 0 to 512
[ 1406.429201][T22795] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1406.456022][T22795] ext4 filesystem being mounted at /535/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1408.074408][T22795] EXT4-fs error (device loop9): ext4_add_entry:2486: inode #12: comm syz.9.4031: Directory hole found for htree leaf block 0
[ 1408.149943][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1412.545492][T22835] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1417.371096][T22873] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4049'.
[ 1417.755654][T22888] 9pnet_fd: Insufficient options for proto=fd
[ 1418.752950][T22899] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1421.644145][T22917] netlink: 'syz.1.4056': attribute type 10 has an invalid length.
[ 1423.256215][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.268338][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[ 1426.416066][T20650] Bluetooth: hci4: unexpected cc 0x0c5a length: 1 < 2
[ 1426.424985][T20650] Bluetooth: hci4: unexpected event for opcode 0x0c5a
[ 1428.124993][T22967] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1430.502030][T20650] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[ 1430.512890][T20650] Bluetooth: hci4: Injecting HCI hardware error event
[ 1430.531966][ T5790] Bluetooth: hci4: hardware error 0x00
[ 1431.076744][T22999] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1431.704333][ T5872] libceph: connect (1)[c::]:6789 error -101
[ 1431.711136][ T5872] libceph: mon0 (1)[c::]:6789 connect error
[ 1431.726443][ T5872] libceph: connect (1)[c::]:6789 error -101
[ 1433.018431][ T5872] libceph: mon0 (1)[c::]:6789 connect error
[ 1433.107357][T23002] ceph: No mds server is up or the cluster is laggy
[ 1433.218325][ T5790] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[ 1433.687256][T23028] netlink: 'syz.7.4089': attribute type 10 has an invalid length.
[ 1435.787865][ T5790] Bluetooth: hci1: unexpected event 0x09 length: 6 > 3
[ 1439.898412][T13373] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[ 1440.710366][T13373] usb 10-1: unable to get BOS descriptor or descriptor too short
[ 1440.728971][T13373] usb 10-1: config 14 has an invalid interface number: 21 but max is 0
[ 1440.742061][T13373] usb 10-1: config 14 has no interface number 0
[ 1440.749165][T13373] usb 10-1: config 14 interface 21 altsetting 251 bulk endpoint 0xA has invalid maxpacket 32
[ 1440.767601][T13373] usb 10-1: config 14 interface 21 has no altsetting 0
[ 1440.778906][T13373] usb 10-1: New USB device found, idVendor=c880, idProduct=760e, bcdDevice=35.fc
[ 1440.808702][T13373] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1440.828314][T13373] usb 10-1: Product: syz
[ 1440.838803][T13373] usb 10-1: Manufacturer: syz
[ 1440.848898][T13373] usb 10-1: SerialNumber: syz
[ 1440.874804][T23063] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1441.008403][T23079] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[ 1441.015315][T23079] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1441.025296][T23079] vhci_hcd vhci_hcd.0: Device attached
[ 1441.130654][T13373] usb 10-1: Quirk or no altest; falling back to MIDI 1.0
[ 1441.141930][T13373] usb 10-1: MIDIStreaming interface descriptor not found
[ 1441.193035][T13373] usb 10-1: USB disconnect, device number 7
[ 1441.240132][   T23] vhci_hcd: vhci_device speed not set
[ 1441.308349][ T5872] usb 2-1: new low-speed USB device number 11 using dummy_hcd
[ 1441.316014][   T23] usb 35-1: new full-speed USB device number 2 using vhci_hcd
[ 1441.333265][T23086] udevd[23086]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:14.21/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1441.527858][ T5872] usb 2-1: config 0 has no interfaces?
[ 1441.534506][ T5872] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1441.549170][ T5872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1441.717052][ T5872] usb 2-1: config 0 descriptor??
[ 1442.564252][   T23] vhci_hcd: vhci_device speed not set
[ 1442.649140][   T23] usb 35-1: device descriptor read/64, error -71
[ 1442.955575][T23097] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1443.460754][   T23] vhci_hcd: vhci_device speed not set
[ 1444.791648][T23115] overlayfs: missing 'lowerdir'
[ 1444.799556][   T23] usb 35-1: new full-speed USB device number 3 using vhci_hcd
[ 1444.889463][T23116] trusted_key: encrypted_key: keylen parameter is missing
[ 1444.905754][T23116] overlayfs: failed to clone upperpath
[ 1445.266851][T23081] vhci_hcd: connection closed
[ 1445.292895][T10157] vhci_hcd: stop threads
[ 1445.324107][T13373] usb 2-1: USB disconnect, device number 11
[ 1445.335012][T10157] vhci_hcd: release socket
[ 1445.376559][T10157] vhci_hcd: disconnect device
[ 1448.150484][T23161] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4130'.
[ 1448.211879][T23159] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1450.008673][   T23] vhci_hcd: vhci_device speed not set
[ 1452.877047][T23196] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1452.956942][T23195] 9pnet: Could not find request transport: fd0x0000000000000003
[ 1454.202637][T23229] loop9: detected capacity change from 0 to 512
[ 1454.275696][T23229] EXT4-fs (loop9): revision level too high, forcing read-only mode
[ 1455.458824][T23234] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4152'.
[ 1455.556004][T23229] EXT4-fs (loop9): orphan cleanup on readonly fs
[ 1455.689344][T23229] Quota error (device loop9): find_block_dqentry: Quota for id 0 referenced but not present
[ 1455.752714][T23229] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 1455.821961][T23229] EXT4-fs error (device loop9): ext4_acquire_dquot:6938: comm syz.9.4148: Failed to acquire dquot type 1
[ 1455.947021][T23229] EXT4-fs error (device loop9): ext4_validate_block_bitmap:439: comm syz.9.4148: bg 0: block 40: padding at end of block bitmap is not set
[ 1456.006601][T23229] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6642: Corrupt filesystem
[ 1456.170022][T23229] EXT4-fs (loop9): 1 truncate cleaned up
[ 1456.218915][T23239] loop1: detected capacity change from 0 to 512
[ 1456.248654][T23239] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[ 1456.259979][T23239] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000001)
[ 1456.270487][T23239] FAT-fs (loop1): Filesystem has been set read-only
[ 1456.292999][T23229] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1456.798414][T23241] 9pnet: Could not find request transport: fd0x0000000000000003
[ 1456.820420][T23246] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1457.259897][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1458.944797][T23275] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1459.351010][T23288] 9pnet_fd: Insufficient options for proto=fd
[ 1460.698954][T23301] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1460.971998][T23317] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1461.307104][T23321] 9pnet_fd: Insufficient options for proto=fd
[ 1462.769459][T23343] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1464.761327][T23362] loop9: detected capacity change from 0 to 1024
[ 1468.220889][T20650] Bluetooth: hci2: unexpected event 0x09 length: 6 > 3
[ 1468.757845][T23411] netlink: 'syz.1.4208': attribute type 10 has an invalid length.
[ 1469.940245][T23417] loop9: detected capacity change from 0 to 512
[ 1469.973771][   T27] audit: type=1800 audit(1755889482.821:155): pid=23417 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.4213" name="file1" dev="loop9" ino=1048681 res=0 errno=0
[ 1470.443194][T23423] loop9: detected capacity change from 0 to 1024
[ 1470.515930][T23118] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1470.525969][T23425] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4216'.
[ 1471.689555][T23437] syzkaller0: entered promiscuous mode
[ 1471.701271][T23437] syzkaller0: entered allmulticast mode
[ 1472.948461][T23450] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4224'.
[ 1473.238422][  T965] usb 10-1: new full-speed USB device number 8 using dummy_hcd
[ 1473.500667][  T965] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1473.517609][  T965] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1473.545966][  T965] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1473.562014][  T965] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1474.595685][  T965] usb 10-1: GET_CAPABILITIES returned 0
[ 1474.601974][  T965] usbtmc 10-1:16.0: can't read capabilities
[ 1474.765821][ T5872] usb 10-1: USB disconnect, device number 8
[ 1475.418714][T23473] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1475.946324][T23477] 9pnet_fd: Insufficient options for proto=fd
[ 1476.529607][T23487] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4236'.
[ 1478.327713][T20650] Bluetooth: hci3: unexpected event for opcode 0x100c
[ 1478.411097][T23501] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4244'.
[ 1479.360839][T23517] overlayfs: failed to resolve './file0': -2
[ 1479.416921][T23519] loop9: detected capacity change from 0 to 1024
[ 1479.476700][T20650] Bluetooth: hci2: unexpected event for opcode 0x0000
[ 1479.495456][T23118] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1482.116609][T23559] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4258'.
[ 1483.571666][T23579] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4263'.
[ 1483.680804][T20650] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 1483.758494][T20650] Bluetooth: hci2: Injecting HCI hardware error event
[ 1483.771292][ T5790] Bluetooth: hci2: hardware error 0x00
[ 1484.966987][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.977855][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[ 1485.519743][T23599] syzkaller0: entered promiscuous mode
[ 1485.535899][T23599] syzkaller0: entered allmulticast mode
[ 1485.690572][T23604] lo speed is unknown, defaulting to 1000
[ 1485.697002][T23604] lo speed is unknown, defaulting to 1000
[ 1485.706318][T23604] lo speed is unknown, defaulting to 1000
[ 1485.770066][T23604] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[ 1485.823339][T23610] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4274'.
[ 1485.858447][ T5790] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1485.870754][T23604] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 1486.146821][T23604] lo speed is unknown, defaulting to 1000
[ 1486.168177][T23604] lo speed is unknown, defaulting to 1000
[ 1486.188371][T23604] lo speed is unknown, defaulting to 1000
[ 1486.206675][T23604] lo speed is unknown, defaulting to 1000
[ 1486.224830][T23604] lo speed is unknown, defaulting to 1000
[ 1487.126728][T23626] loop9: detected capacity change from 0 to 512
[ 1487.154593][T23626] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1487.899758][T23626] EXT4-fs (loop9): 1 truncate cleaned up
[ 1487.920195][T23626] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1488.101776][T12850] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1490.592958][T23660] syz.9.4290 uses obsolete (PF_INET,SOCK_PACKET)
[ 1491.022106][T23664] loop1: detected capacity change from 0 to 128
[ 1491.129258][T23664] EXT4-fs: Ignoring removed nobh option
[ 1491.207868][T23668] syzkaller0: entered promiscuous mode
[ 1491.237473][T23668] syzkaller0: entered allmulticast mode
[ 1491.255342][T23664] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1491.293839][T23664] ext4 filesystem being mounted at /447/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1491.487970][T23672] netlink: 'syz.6.4291': attribute type 10 has an invalid length.
[ 1491.943747][T23672] team0: Port device wlan1 added
[ 1492.307732][T15540] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1492.528756][ T5790] Bluetooth: hci1: unexpected cc 0x0c5a length: 1 < 2
[ 1492.537245][ T5790] Bluetooth: hci1: unexpected event for opcode 0x0c5a
[ 1493.114883][T23692] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1495.995175][T23717] netlink: 'syz.1.4305': attribute type 10 has an invalid length.
[ 1496.672219][ T5790] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[ 1496.681617][ T5790] Bluetooth: hci1: Injecting HCI hardware error event
[ 1496.692994][T20650] Bluetooth: hci1: hardware error 0x00
[ 1498.276614][T23729] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1498.828419][T20650] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[ 1499.914013][T23753] binder: 23752:23753 ioctl 4018620d 0 returned -22
[ 1499.978544][T23756] binder: 23752:23756 ioctl 40046205 0 returned -22
[ 1502.989278][T23774] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4323'.
[ 1506.895024][   T78] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1507.295144][ T5790] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1507.308562][ T5790] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1507.316643][ T5790] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1507.332850][ T5790] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1507.342587][ T5790] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1507.354502][ T5790] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1507.375998][   T78] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1508.305281][   T78] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1508.336613][T23805] lo speed is unknown, defaulting to 1000
[ 1508.526218][   T78] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1509.529244][T23827] overlayfs: failed to clone upperpath
[ 1509.538905][ T5790] Bluetooth: hci0: command tx timeout
[ 1509.556638][T23805] chnl_net:caif_netlink_parms(): no params data found
[ 1510.524665][   T78] tipc: Left network mode
[ 1512.584576][ T5790] Bluetooth: hci0: command tx timeout
[ 1512.825681][T23805] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1512.853540][T23805] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1512.896015][T23805] bridge_slave_0: entered allmulticast mode
[ 1512.908997][T23805] bridge_slave_0: entered promiscuous mode
[ 1513.492477][T23805] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1513.582450][T23805] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1513.592706][T23805] bridge_slave_1: entered allmulticast mode
[ 1513.609697][T23805] bridge_slave_1: entered promiscuous mode
[ 1514.755869][ T5790] Bluetooth: hci0: command tx timeout
[ 1515.102822][T23805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1515.176838][T23805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1515.195152][T23876] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4348'.
[ 1515.555367][T23805] team0: Port device team_slave_0 added
[ 1515.727229][T23805] team0: Port device team_slave_1 added
[ 1515.781984][T23805] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1515.809052][T23805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1515.984203][T23805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1516.619360][T23805] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1516.626344][T23805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1516.694107][T23805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1516.828954][ T5790] Bluetooth: hci0: command tx timeout
[ 1517.766661][T23805] hsr_slave_0: entered promiscuous mode
[ 1517.788602][T23805] hsr_slave_1: entered promiscuous mode
[ 1517.814207][T23805] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1517.838756][T23805] Cannot create hsr debugfs directory
[ 1518.684776][   T78] 
[ 1518.687128][   T78] ======================================================
[ 1518.694120][   T78] WARNING: possible circular locking dependency detected
[ 1518.701127][   T78] 6.6.102-syzkaller #0 Not tainted
[ 1518.706208][   T78] ------------------------------------------------------
[ 1518.713217][   T78] kworker/u4:4/78 is trying to acquire lock:
[ 1518.719176][   T78] ffff8880600b8d00 (team->team_lock_key#10){+.+.}-{3:3}, at: team_del_slave+0x32/0x1c0
[ 1518.728844][   T78] 
[ 1518.728844][   T78] but task is already holding lock:
[ 1518.736181][   T78] ffff88807b128768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x292/0x680
[ 1518.746566][   T78] 
[ 1518.746566][   T78] which lock already depends on the new lock.
[ 1518.746566][   T78] 
[ 1518.756946][   T78] 
[ 1518.756946][   T78] the existing dependency chain (in reverse order) is:
[ 1518.765937][   T78] 
[ 1518.765937][   T78] -> #1 (&rdev->wiphy.mtx){+.+.}-{3:3}:
[ 1518.773646][   T78]        __mutex_lock+0x129/0xcc0
[ 1518.778729][   T78]        ieee80211_open+0x144/0x200
[ 1518.783921][   T78]        __dev_open+0x2bc/0x430
[ 1518.788805][   T78]        dev_open+0xab/0x170
[ 1518.793391][   T78]        team_add_slave+0xae7/0x2660
[ 1518.798662][   T78]        do_setlink+0xe14/0x3fb0
[ 1518.803666][   T78]        rtnl_newlink+0x175b/0x2020
[ 1518.808854][   T78]        rtnetlink_rcv_msg+0x7c7/0xf10
[ 1518.814303][   T78]        netlink_rcv_skb+0x216/0x480
[ 1518.819621][   T78]        netlink_unicast+0x751/0x8d0
[ 1518.824896][   T78]        netlink_sendmsg+0x8c1/0xbe0
[ 1518.830186][   T78]        ____sys_sendmsg+0x5bf/0x950
[ 1518.835507][   T78]        ___sys_sendmsg+0x220/0x290
[ 1518.840697][   T78]        __se_sys_sendmsg+0x1a5/0x270
[ 1518.846059][   T78]        do_syscall_64+0x55/0xb0
[ 1518.851015][   T78]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1518.857502][   T78] 
[ 1518.857502][   T78] -> #0 (team->team_lock_key#10){+.+.}-{3:3}:
[ 1518.865750][   T78]        __lock_acquire+0x2ddb/0x7c80
[ 1518.871145][   T78]        lock_acquire+0x197/0x410
[ 1518.876154][   T78]        __mutex_lock+0x129/0xcc0
[ 1518.881167][   T78]        team_del_slave+0x32/0x1c0
[ 1518.886263][   T78]        team_device_event+0x28d/0xa20
[ 1518.891712][   T78]        notifier_call_chain+0x197/0x390
[ 1518.897357][   T78]        unregister_netdevice_many_notify+0xf36/0x1810
[ 1518.904196][   T78]        unregister_netdevice_queue+0x324/0x360
[ 1518.910423][   T78]        _cfg80211_unregister_wdev+0x16b/0x580
[ 1518.916624][   T78]        ieee80211_remove_interfaces+0x496/0x680
[ 1518.922940][   T78]        ieee80211_unregister_hw+0x5d/0x2a0
[ 1518.928864][   T78]        mac80211_hwsim_del_radio+0x274/0x450
[ 1518.934935][   T78]        hwsim_exit_net+0x585/0x640
[ 1518.940125][   T78]        cleanup_net+0x6f4/0xb90
[ 1518.945052][   T78]        process_scheduled_works+0xa45/0x15b0
[ 1518.951106][   T78]        worker_thread+0xa55/0xfc0
[ 1518.956206][   T78]        kthread+0x2fa/0x390
[ 1518.960784][   T78]        ret_from_fork+0x48/0x80
[ 1518.965729][   T78]        ret_from_fork_asm+0x11/0x20
[ 1518.971020][   T78] 
[ 1518.971020][   T78] other info that might help us debug this:
[ 1518.971020][   T78] 
[ 1518.981232][   T78]  Possible unsafe locking scenario:
[ 1518.981232][   T78] 
[ 1518.988667][   T78]        CPU0                    CPU1
[ 1518.994015][   T78]        ----                    ----
[ 1518.999368][   T78]   lock(&rdev->wiphy.mtx);
[ 1519.003861][   T78]                                lock(team->team_lock_key#10);
[ 1519.011401][   T78]                                lock(&rdev->wiphy.mtx);
[ 1519.018412][   T78]   lock(team->team_lock_key#10);
[ 1519.023429][   T78] 
[ 1519.023429][   T78]  *** DEADLOCK ***
[ 1519.023429][   T78] 
[ 1519.031556][   T78] 5 locks held by kworker/u4:4/78:
[ 1519.036648][   T78]  #0: ffff888017873938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[ 1519.047523][   T78]  #1: ffffc900024afd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[ 1519.058040][   T78]  #2: ffffffff8dfaec50 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x136/0xb90
[ 1519.067426][   T78]  #3: ffffffff8dfbba48 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2a0
[ 1519.077249][   T78]  #4: ffff88807b128768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x292/0x680
[ 1519.088025][   T78] 
[ 1519.088025][   T78] stack backtrace:
[ 1519.093916][   T78] CPU: 0 PID: 78 Comm: kworker/u4:4 Not tainted 6.6.102-syzkaller #0
[ 1519.101972][   T78] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1519.112014][   T78] Workqueue: netns cleanup_net
[ 1519.116780][   T78] Call Trace:
[ 1519.120050][   T78]  <TASK>
[ 1519.122977][   T78]  dump_stack_lvl+0x16c/0x230
[ 1519.127649][   T78]  ? load_image+0x3b0/0x3b0
[ 1519.132174][   T78]  ? show_regs_print_info+0x20/0x20
[ 1519.137366][   T78]  ? print_circular_bug+0x12b/0x1a0
[ 1519.142556][   T78]  check_noncircular+0x2bd/0x3c0
[ 1519.147487][   T78]  ? print_deadlock_bug+0x5d0/0x5d0
[ 1519.152672][   T78]  ? lockdep_lock+0xe0/0x220
[ 1519.157251][   T78]  ? __lock_acquire+0x1334/0x7c80
[ 1519.162266][   T78]  ? _find_first_zero_bit+0xd3/0x100
[ 1519.167580][   T78]  __lock_acquire+0x2ddb/0x7c80
[ 1519.172429][   T78]  ? verify_lock_unused+0x140/0x140
[ 1519.177617][   T78]  ? verify_lock_unused+0x140/0x140
[ 1519.182807][   T78]  lock_acquire+0x197/0x410
[ 1519.187296][   T78]  ? team_del_slave+0x32/0x1c0
[ 1519.192052][   T78]  ? __might_sleep+0xe0/0xe0
[ 1519.196656][   T78]  ? read_lock_is_recursive+0x20/0x20
[ 1519.202020][   T78]  __mutex_lock+0x129/0xcc0
[ 1519.206517][   T78]  ? team_del_slave+0x32/0x1c0
[ 1519.211269][   T78]  ? __lock_acquire+0x7c80/0x7c80
[ 1519.216280][   T78]  ? rcu_is_watching+0x15/0xb0
[ 1519.221036][   T78]  ? trace_contention_end+0x39/0xe0
[ 1519.226251][   T78]  ? __mutex_lock+0x304/0xcc0
[ 1519.230924][   T78]  ? team_del_slave+0x32/0x1c0
[ 1519.235682][   T78]  ? mutex_lock_nested+0x20/0x20
[ 1519.240610][   T78]  ? bond_netdev_event+0xe1/0xef0
[ 1519.245628][   T78]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[ 1519.251255][   T78]  ? bond_ipsec_offload_ok+0x410/0x410
[ 1519.256708][   T78]  team_del_slave+0x32/0x1c0
[ 1519.261287][   T78]  team_device_event+0x28d/0xa20
[ 1519.266217][   T78]  notifier_call_chain+0x197/0x390
[ 1519.271322][   T78]  unregister_netdevice_many_notify+0xf36/0x1810
[ 1519.277644][   T78]  ? lock_chain_count+0x20/0x20
[ 1519.282487][   T78]  ? unregister_netdevice_many+0x20/0x20
[ 1519.288113][   T78]  ? kernfs_remove_by_name_ns+0x117/0x150
[ 1519.293865][   T78]  ? __lock_acquire+0x7c80/0x7c80
[ 1519.298883][   T78]  unregister_netdevice_queue+0x324/0x360
[ 1519.304596][   T78]  ? list_netdevice+0x730/0x730
[ 1519.309437][   T78]  ? kernfs_remove_by_name_ns+0x117/0x150
[ 1519.315150][   T78]  _cfg80211_unregister_wdev+0x16b/0x580
[ 1519.320777][   T78]  ieee80211_remove_interfaces+0x496/0x680
[ 1519.326580][   T78]  ? ieee80211_do_stop+0x1db0/0x1db0
[ 1519.331857][   T78]  ? rcu_is_watching+0x15/0xb0
[ 1519.336615][   T78]  ieee80211_unregister_hw+0x5d/0x2a0
[ 1519.341984][   T78]  mac80211_hwsim_del_radio+0x274/0x450
[ 1519.347524][   T78]  ? rhashtable_remove_fast+0xbf0/0xbf0
[ 1519.353062][   T78]  hwsim_exit_net+0x585/0x640
[ 1519.357730][   T78]  ? hwsim_init_net+0x90/0x90
[ 1519.362401][   T78]  ? __ip_vs_dev_cleanup_batch+0x238/0x250
[ 1519.368288][   T78]  cleanup_net+0x6f4/0xb90
[ 1519.372697][   T78]  ? ops_free_list+0x3b0/0x3b0
[ 1519.377453][   T78]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1519.382644][   T78]  ? process_scheduled_works+0x957/0x15b0
[ 1519.388356][   T78]  ? process_scheduled_works+0x957/0x15b0
[ 1519.394068][   T78]  process_scheduled_works+0xa45/0x15b0
[ 1519.399614][   T78]  ? assign_work+0x400/0x400
[ 1519.404196][   T78]  ? assign_work+0x39e/0x400
[ 1519.408777][   T78]  worker_thread+0xa55/0xfc0
[ 1519.413364][   T78]  kthread+0x2fa/0x390
[ 1519.417420][   T78]  ? pr_cont_work+0x560/0x560
[ 1519.422085][   T78]  ? kthread_blkcg+0xd0/0xd0
[ 1519.426661][   T78]  ret_from_fork+0x48/0x80
[ 1519.431069][   T78]  ? kthread_blkcg+0xd0/0xd0
[ 1519.435654][   T78]  ret_from_fork_asm+0x11/0x20
[ 1519.440418][   T78]  </TASK>
[ 1519.446604][   T78] team0: Port device wlan1 removed
[ 1519.466961][T23918] netlink: 'syz.6.4360': attribute type 10 has an invalid length.
[ 1519.724000][   T78] hsr_slave_0: left promiscuous mode
[ 1519.740568][   T78] hsr_slave_1: left promiscuous mode
[ 1519.751388][   T78] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1519.782361][   T78] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1519.799841][   T78] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1519.813010][   T78] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1519.827158][   T78] bridge_slave_1: left allmulticast mode
[ 1519.839788][   T78] bridge_slave_1: left promiscuous mode
[ 1519.849496][   T78] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1519.868046][   T78] bridge_slave_0: left allmulticast mode
[ 1519.884786][   T78] bridge_slave_0: left promiscuous mode
[ 1519.901993][   T78] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1519.922954][   T78] veth1_macvtap: left promiscuous mode
[ 1519.938370][   T78] veth0_macvtap: left promiscuous mode
[ 1519.948520][   T78] veth1_vlan: left promiscuous mode
[ 1519.953827][   T78] veth0_vlan: left promiscuous mode
[ 1520.239910][   T78] team0 (unregistering): Port device team_slave_1 removed
[ 1520.276312][   T78] team0 (unregistering): Port device team_slave_0 removed
[ 1520.287387][   T78] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1520.320043][   T78] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1520.697502][   T78] bond0 (unregistering): Released all slaves
[ 1521.123278][T23805] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1521.151552][T23805] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1521.165794][T23805] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1521.181327][   T78] IPVS: stop unused estimator thread 0...
[ 1521.187523][T23805] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1521.285252][T23805] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1521.304262][T23805] 8021q: adding VLAN 0 to HW filter on device team0
[ 1521.321621][T10377] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1521.328746][T10377] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1521.337348][T10377] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1521.344436][T10377] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1521.530876][T23805] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1521.751608][T23805] veth0_vlan: entered promiscuous mode
[ 1521.763564][T23805] veth1_vlan: entered promiscuous mode
[ 1521.801787][T23805] veth0_macvtap: entered promiscuous mode
[ 1521.816186][T23805] veth1_macvtap: entered promiscuous mode
[ 1521.835626][T23805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1521.846193][T23805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1521.858506][T23805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1521.870723][T23805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1521.881631][T23805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1521.894162][T23805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1521.904211][T23805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1521.915999][T23805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1521.928011][T23805] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1521.942217][T23805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1521.952753][T23805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1521.964450][T23805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1521.975137][T23805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1521.985424][T23805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1521.996806][T23805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1522.010175][T23805] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1522.024245][T23805] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1522.035422][T23805] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1522.046181][T23805] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1522.055229][T23805] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1522.093810][T23805] ieee80211 phy31: Selected rate control algorithm 'minstrel_ht'
[ 1522.122198][T10377] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1522.133831][T23805] ieee80211 phy32: Selected rate control algorithm 'minstrel_ht'
[ 1522.147202][T10377] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1522.178536][   T78] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1522.186450][   T78] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50