last executing test programs:

4m2.906128278s ago: executing program 32 (id=67):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000400000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x5a}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r3, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)

3m52.139502393s ago: executing program 33 (id=139):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000040)='\x00', 0x1, 0x20000045, &(0x7f00000002c0)={0xa, 0x2, 0x395, @empty}, 0x1c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000500)='nv\x00', 0x3)
shutdown(r0, 0x1)

3m28.150938577s ago: executing program 2 (id=316):
syz_open_dev$mouse(&(0x7f00000001c0), 0x1, 0x18000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a30000000000800"], 0x64}}, 0x890)
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="00046a4578002c65696e4c78002c2c5164e5762f76736f0200002c00d28dc435d59bfd5fc494b24fc48364990a15a2fd331847f778498a8de963f7798a71a3e9fefed82655e1939dbc59660a0df5488df11e6434ea31e2418eaa6595279acfdfa4decbeba4fe9b0765df425a2333f7bef07a52ff03b1ef6661033fd0ec78e8ae69a17925d3f8b434ad973355230e4dccd6773e98e5e774568bdb282585e8b56fae8b1c6fd48c2eee02ac19fa12cf0181e6e9be282e37d835863863099145439e3d8bcfea03af8ca08402db3d35cdf77683b9ca2749f88705974aa42462deb98bfa9a8753e7153ab23ee1b0e58e180108df35ebb6f61e36b66c9e756d43be99c75efd874746ff26ae952689b2906895359ca933a60fec248eb50bc6165f07800a46e50936378603d85cfae6a00720e3ac20809315", @ANYRESOCT, @ANYBLOB="d43b9b6124a98a3c21d3f84c406abc36503a5055cc43b164c618a680842d78324c3a557b66e61eb11cc020730abb75cfee6509344452e3f3ec89f73d42dca9cd48a3f258cd3ad384d7ba45df008ee32482a9283192ce0d36c67257b53db2c734b21405831431eab53aa874b57350f64ca1fa6f495fa1b2c14f38e39bbe3e0ad3a953fe1af33fb9ac8ab428cfbfb79acc5fa5696beba74ba88c97b746a9ab33b33995902b93a55e4ebf5a60a82d47ed280f80befcb75f69113a006f3cfe6cb50695dfcef033f451755eeb9810318a90405d84d265599b82921da4e46eb19bc45153e16cf0", @ANYRESDEC, @ANYRESDEC=0x0, @ANYRES8], 0x1, 0x15f, &(0x7f0000000c00)="$eJzs271OMlEQxvHnAC/w4heKWhgLExsbWcAEtcNLIbAS4qJEbCAm6KV4f1rYWYlhA0tYiEYMLB//X8M8TE6YLQ5MgwCsrIKOZGQU7YbDeLKdMkGPBGBGOr3Xzw6A1RP+CHoCAMF4u5Lqkl7fH0sKR0f2g26/0O+HYqP9Z+kg0uubuP7794sXGdM/bxJjzye8/trY/slx//PXtaFNbSmpbe0o1euXvfP7f9iEAABYHUZpfx56I6TrqmNnvPzPzVkvR92c8+UzL8fcnC7dOeVpPQKACYV+uP9h3/2P+O4/gMXVaLZuio5j31MsTNHWXIwxKOKaizEovi+efnUq6G8mANNmPdTqVqPZOq3WihW7Yt/mc/n8ZebiPGu5i781vP4DWCKDH/2gJwEAAAAAAAAAAAAAAJPa1V7QIwAAAACYkVn89yjoZwQAAAAAAAAAAAAAAAAAYNl8BQAA//+JLiAI")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0b0400000000000000000200000054000480500001800a000100696e6e65720000004000028008000240"], 0xa8}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x4, 0xf}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_TARGET={0x8, 0x1, 0xa000}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x404c810}, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af0800010000000000080001000000000060001a803f0003"], 0x270}, 0x1, 0x0, 0x0, 0x8015}, 0x4)

3m27.818659581s ago: executing program 2 (id=321):
io_setup(0x3, &(0x7f0000000180))
r0 = syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x200000, &(0x7f00000000c0)=ANY=[], 0xfe, 0x1bb, &(0x7f0000000340)="$eJzs20tu2kAcx/GfMQZK369NV5W6aDeFlnbTXTlAL9AdAhehmrYq3YAqVT1Kb8JNegGQkl1WcWRjIkMMDCbBPL4fKclfGf9mxhETzywsAEfrQfjdkiUnrHzf//Nc0udPkvIZTw7AjfJ17gM4VvZJ1jMAkI1x3Q73AUNL+n/6uzmKvhzD/cO4npsUJUmxfME0/9cKfz7LS6NYvhh1uXL/8m+Sf6nZ/K01xy/P5csrctZlfnL/r17M5m9LuiPprqR7ku5HZ62Hkh4ljN+aG/+p4fyBTQSfvsqm+Q06CFbPl47nvklqtFfnnSj/Nrk59i9kmHhBIcrXDOe7KP8uZb4Y5SvN714roT2Xsl/ARC7j9W9LZ/78+v9ons8vX/8Aluj1B18bnuf+XKNwwqIY9bDs4uDpGPtNcPmaY1FkUZQSmpyUn5Z0RWE7dxo8vnbhD25YTFftNscCcKiqv7o/qr3+4HWn22i7bfdb7f2H6bE7PJdXF57OAey52c05AAAAAAAAAAAAAADYR48lPUkTNH3BDwAAAMDOuN53hhxJV5uyvkcAAAAAAAAAAAAAAAAAAADgUFwEAAD//312QIE=")
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000580)='.\x00', 0x1aca43c, &(0x7f00000005c0)=ANY=[@ANYRES8=r0, @ANYRES32, @ANYBLOB="5f99b66935805cdb53809913c86930c7f63c9320549392920f68795b3f0d6dc06c4a11e3845a8a8430b1237d2b8df45190b849c6ce0739b3f216add0443517756b074d9e2fdd15d3fdc0e8d927661fa266467fc6c41bfad64c2bbb6364878456c85d1747d94548b3ae46d36623fa8ddcf6af31feec2424669887bde12915cddda87a1669f6f6390000000000000000"], 0x1, 0x0, &(0x7f0000000000))
pwritev2(r1, &(0x7f00000000c0)=[{&(0x7f0000000200)="df", 0xf4240}], 0x1, 0x800001, 0x0, 0x0)
truncate(&(0x7f0000000280)='./file1\x00', 0x1fefff)
syz_usb_connect(0x2, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000011620140480b05101e8c00000001090212000100000000090401"], 0x0)
r2 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r2, 0x707, &(0x7f0000000a40)={&(0x7f0000000140)=[{0x18, 0x4000, 0x22, &(0x7f0000000380)="318e7bfd179078f1bdf075c3e4d2345e903e07c6db72816d69d0db89d1d22f1566dd"}], 0x1})

3m25.632072391s ago: executing program 2 (id=343):
r0 = fanotify_init(0x8, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(r0, 0x455, 0x8000001, r1, 0x0)
r2 = fanotify_init(0x200, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
fanotify_mark(r2, 0x101, 0x48001051, r3, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(r2, 0x41, 0x8000038, r4, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)

3m25.426641914s ago: executing program 2 (id=344):
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000580)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRES64, @ANYRES16=0x0, @ANYRES16], 0xfd, 0x222, &(0x7f00000016c0)="$eJzs2k2LW2UUB/Bz25HWKdNEfKMF8UE3urk0Wblw0UFaEAOKNoIK0lvnRkMyyZAbBiLSzs6tH8G1uHQnSL/AbPwEXbibzSy7EK+0KZ0X4mIQJ9j5/TY5cPKH5+FcLmdx9979YXPQq/JeMY1zWRYr12MnHmbRjHNxPuZ24u277zx47ZPPPv9gvdO58XFKN9dvtdoppcuv//bFdz+/cX966dNfLv96IXabX+7tt//YfWX3yt5ft77pV6lfpdF4mop0ZzyeFneGZdroV4M8pY+GZVGVqT+qysmRfm843tqapWK0sba6NSmrKhWjWRqUszQdp+lkloqvi/4o5Xme1laDf6P708O6jv36udtR1/XzP8al+7H2IBqRvZCyF69nL9/OXt3JruzXdWPZR+U/Yf5nm/mfbeZ/th1a6i5GbH6/3d3uzn/n/fVe9GMYZVyLRvwZjx6TJ+b1zfc7N66lx5qRNu89yd/b7p4/mm9FI5qL8615Ph3NX4jVw/l2NOKlxfn2wvzFeOvNQ/k8GvH7VzGOYWzEo+xB/m4rpfc+7BzLX338PwCAZ02enlq4v+X5P/Xn+RPsh8f2q5W4urLcuxNRzb4dFMNhOVEoFIqnxbLfTJyGg6Ev+yQAAAAAAAAAAACcxGl8TrjsOwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/w9/BwAA///8j/If")
chdir(&(0x7f0000004340)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
creat(&(0x7f0000001340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
write$binfmt_elf64(r0, &(0x7f0000000140)=ANY=[], 0xfd14)
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0xa0)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)

3m24.97480715s ago: executing program 2 (id=348):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
r2 = syz_io_uring_setup(0xa1, &(0x7f0000000640)={0x0, 0xe8ce, 0x0, 0x20, 0x40000333}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000020c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6007, @fd_index=0x4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001800)=""/211, 0xd3}], 0x1})
io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000002800)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000000)="1eb3bf65654102f4af4d221c8bd458d1e7cbdaf3657d0f34e790c85bdba7931791f6d15c3e681411f7a496c0dace6a3c242f5b016f64b4ef8a9cedaf6bec340dee49474360b24cb8", 0x0, 0x48)

3m24.421089747s ago: executing program 2 (id=352):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
r1 = socket$pppoe(0x18, 0x1, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000040)={0x18, 0x0, {0x1, @multicast, 'ip6gre0\x00'}}, 0x1e)
connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
close(r0)
connect$pppoe(r1, &(0x7f0000000000)={0x18, 0x0, {0x3, @broadcast, 'vxcan1\x00'}}, 0x1e)

3m23.232232343s ago: executing program 34 (id=352):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
r1 = socket$pppoe(0x18, 0x1, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000040)={0x18, 0x0, {0x1, @multicast, 'ip6gre0\x00'}}, 0x1e)
connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
close(r0)
connect$pppoe(r1, &(0x7f0000000000)={0x18, 0x0, {0x3, @broadcast, 'vxcan1\x00'}}, 0x1e)

2m48.335432915s ago: executing program 6 (id=640):
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/notes', 0x80c00, 0x8)
r0 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x0, 0x40000133}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)

2m48.164904617s ago: executing program 6 (id=643):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(r1, 0x101)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r2, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1)
connect$inet(r2, &(0x7f0000e5c000)={0x2, 0x4e20, @dev}, 0x10)
sendto$inet(r2, &(0x7f0000000480)="8c", 0xffc3, 0x1, 0x0, 0x0)

2m47.172811991s ago: executing program 6 (id=662):
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = socket$kcm(0xa, 0x5, 0x0)
syz_usb_connect(0x2, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x8e, 0xc6, 0x1e, 0x40, 0x7c9, 0x12, 0xc2f4, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xcb, 0x8e, 0x2f}}]}}]}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1e000000000000000700400009"], 0x50)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000))
r2 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0xa, @local}, 0x1b, &(0x7f0000000180)=[{&(0x7f0000000080)="a2", 0xff0e}], 0x4, 0x0, 0x0, 0xa6820000}, 0x0)

2m45.02876605s ago: executing program 6 (id=696):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000001c0)=ANY=[@ANYBLOB='iocharset=maccyrillic,discard,gid=', @ANYRESHEX=0x0, @ANYBLOB=',errors=remount-ro,iocharset=cp936,errors=continue,iocharset=ascii,errors=remount-ro,time_offset=0x0000000000000008,errors=remount-ro,utf8,uid=', @ANYRESHEX=0x0, @ANYBLOB='8\x00'], 0x1, 0x1524, &(0x7f0000000780)="$eJzs3AuYTlXbOPD7XmvtMSbpaZLDsNa6N09yWCZJckiSQ5IkSZJTQtIkryQkhpyShiQkhyE5DCE5TEwa5/P5kJAkTZKE5JSs/yX8vb31fu/7fm/f67u+uX/XtS/rfva+1773cz+HvbeZ+a7zkBqNalZtQETwb8GL/yQDQCwADACA6wAgAICy8WXjL6zPKTH539sJ+3M9kna1K2BXE/c/e+P+Z2/c/+yN+5+9cf+zN+5/9sb9z964/4xlZ5umFbiel+y78P3/7Iy///8PySo15qs1pW7sAhDzz6Zw/7M37v//WcE/sxH3P3vj/mdXsVe7APa/AL//s4Mcf3cN9z974/4zlp1d7fvPV3uBSPZ+Dq72648xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPZw2l+hAODy+GrXxRhjjDHGGGOMsT+Pz3G1K2CMMcYYY4wxxtj/PAQBEhQEEAM5IBZyQhwIALgWcsN1EIHrIR5ugDxwI+SFfJAfCkACFIRCoMGABYIQCkMRiMJNUBRuhmJQHEpASXBQChLhFigNt0IZuA3Kwu1QDu6A8lABKkIluBMqw11QBe6GqnAPVIPqUANqwr1QC+6D2nA/1IEHoC48CPXgIagPD0MDeAQawqPQCB6DxvA4NIGm0AyaQ4v/Vv5L0B1ehh7QE5KhF/SGV6AP9IV+0B8GwKswEF6DQfA6pMBgGAJvwFB4E4bBWzAcRsBIeBtGwTswGsbAWBgHqTAeJsC7MBHeg0kwGabAVEiDaTAd3ocZMBNmwQcwGz6EOTAX5sF8SIePYAEshAz4GBbBJ5AJi2EJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHXbAp7ATPoNdsBv2wOewF774F/NP/U1+FwQEFChQocIYjMFYjMU4jMNcmAtzY26MYATjMR7zYB7Mi3kxP+bHBEzAQlgIDRokJCyMhTGKUSyKRbEYFsMSWAIdOkzERCyNt2IZLINlsSyWw3JYHitgBayElbAyVsYqWAWrYlWshtWwBtbAe/Fe7IW1sTbWwTpYF+tevj2FDbABNsSG2AgbYWNsjE2wCTbDZtgCW2BLbImtsBW2wTbYFttiO2yHSZiE7bE9dsAO2BE7YifshJ2xM3bBrtg166UcgC/jy9gTq4le2Bt7Yx9MydEP+2N/fBUH4mv4Gr6OKTgYh+Ab+Aa+icPwJA7HETgSR2Jl8Q6OxjFIYhymYipOwAk4ESfiJJyMk3EqpuE0nI7TcQbOxJn4Ac7GD/FDnItzcT6mYzouwIWYgRm4CE9hJi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+iAsDPcDfuxhTci3txH+7D/bgfD+ABzMIsPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hCwjcNPy2+OgXEBUooESNiRKyIFXEiTuQSuURukVtERETEi3iRR+QReUVekV/kFwkiQRQShYQRRpAIYwBAREVUFBVFRTFRTJQQJYQTTiSKRFFalBZlRBlRVtwuyok7RHlRQbR2lUQlUVm0cVXE3aKqqCqqieqihqgpaopaopaoLWqLOqKOqCvqinriIVFf9MJ++Ii40JlGYjA2FkOwiWgq5KVPsJZiGLYSrUUb8ZQYgcOxnWjpksSzor0YjR3EX8QYfF50EuOws3hRdBFdRTfxkuguWrkeoqeYhL1EbzEV+4i+op/oL2ZgdfEBzs5ZQ7wuUsRgMUS8Iebjm2KYeEsMFyPESPG2GCXeEaPFGDFWjBOpYryYIN4VE8V7YpKYLKaIqSJNTBPTxftihpgpZokPxGzxoZgj5op5Yr5IFx+JBWKhyBAfi0XiE5EpFoslYqlYJpaLFWKlWCVWizVirVgn1osNYqPYJDaLLWKr2Ca2ix3iU7FTfCZ2id1ij/hc7BVfiH3iS7FffCUOiK9FlvhGHBTfikPiO3FYfC+OiB/EUXFMHBc/ihPiJ3FSnBKnxRlxVvwszolfxHnhBUiUQkqpZCBjZA4ZK3PKOHmNzCWDS8/u9TJe3iDzyBtlXplP5pcFZIIsKAtJLY20kmQoC8siMipvkkXlzbKYLC5LyJLSyVIyUd4iS8tbZRl5mywrb5fl5B2yvKwgK8pK8k5ZWd4lIXJxH9VkdVlD1pT3ymS4T9aW98s68gFZVz4o68mHZH35sGwgH5EN5aOykXxMNpaPyyayqWwmm8sW8gnZUj4pW8nWso18SraVT8t28hmZJJ+V7aW/9BJ5XnaSL8jO8kXZRXaV3eQv8rz0sofsKaEXyN7yFdlH9pX9ZH85QL4qB8rX5CD5ukyRg+UQ+YYcKt+Uw+RbcrgcIUfKt+Uo+Y4cLcfIsXKcTJXj5QT5rpwo35OT5GQ5RU6VaXKa7HdppllS/sP8d/8gf9Cve98oN8nNcovcKrfJ7XKH/FTulDvlLrlL7pF75F65V+6T++R+uV8ekAdklsySB+VBeUgekoflYXlEHpFH5TF5Rv4oT8if5El5Sp6SZ+RZeVaeu/QcgEIllFRKBSpG5VCxKqeKU9eoXOpalVtdpyLqehWvblB51I0qr8qn8qsCKkEVVIWUVkZZRSpUhVURFVU34aUXjCqhSiqnSqlEdcu/kq+KqptVMVX8N/mX60v+O/W1UC1US9VStVKtVBvVRrVVbVU71U4lqSTVXrVXHVQH1VF1VJ1UJ9VZdVZdVBfVTXVT3VV31UP1UMkqWfVWr6g+qq/qp/qrAepVNVANVIPUIJWiUtQQNUQNVUPVMDVMDVfD1Ug1Uo1So9RoNVqNVWNVqkpVE9QENVFNVJPUJDVFTVFpKk1NV9PVDDVDzVKz1Gw1W81Rc9Q8NU+lq3S1QC1QGSpDLVKLVKZarBarpWqpWq6Wq5VqpVqtVqu1aq1ar9arTLVJbVJb1Ba1TW1TO9QOtVPtVLvULrVH7VF71V61T+1T+9V+dUAdUFkqSx1UB9UhdUgdVofVEXVEHVVH1XF1XJ1QJ9RJdVKdVqfVWXVWnVPn1Hl1/sJpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4MYgb5AvyB8UCBKCgkGhQAcmsIG41PRocFNQNLg5KBYUD0oEJQMXlAoSg1uC0sGtQZngtqBscHtQLrgjKB9UCCoGlYI7g8rBXUGV4O6ganBPUC2oHtQIagb3BrWC+4Lawf1BneCBoG7wYFAveCioHzwcNAgeCRoGjwaNgseCxsHjQZOgadAsaB60+FPn9/5kviddD91TJ+teurd+RffRfXU/3V8P0K/qgfo1PUi/rlP0YD1Ev6GH6jf1MP2WHq5H6JH6bT1Kv6NH6zF6rB6nU/V4PUG/qyfq9/QkPVlP0VN1mp6mp+v39Qw9U8/SH+jZ+kM9R8/V8/R8na4/0gv0Qp2hP9aL9Cc6Uy/WS/RSvUwv1yv0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Kd6p/5M79K79R79ud6rv9D79Jd6v/5KH9Bf6yz9jT6ov9WH9Hf6sP5eH9E/6KP6mD6uf9Qn9E/6pD6lT+sz+qz+WZ/Tv+jz2l84ub/w9W6UUSbGxJhYE2viTJzJZXKZ3Ca3iZiIiTfxJo/JY/KavCa/yW8STIIpZAqZC8iQKWwKm6iJmqKmqClmipkSpoRxxplEk2hKm9KmjCljypqyppwpZ8qb8qaiqWjuNHeau8xd5m5zt7nH3GOqm+qmpqlpaplaprapbeqYOqauqWvqmXqmvqlvGpgGpqFpaBqZRqaxaWyamCammWlmWpgWpqVpaVqZVqaNaWPamramnWlnkkySaW/amw6mg+loOppOppPpbDqbLqaL6Wa6me6mu+lhephkk2x6m96mj+lj+pl+ZoAZYAaagWaQGWRSTIoZYoaYoWaoGWaGmeFmhBl54UTVvGNGmzFmrBlnUk2qmWAmmIlmoplkJpkpZopJM2lmupluZpgZZpaZZWab2WaOmWPmmXkm3aSbBWaByTAZZpFZZDJNpllilphlZplZYVaYVWaVWWPWmHWwzmwwG8wms8lsMVvMNrPN7DA7zE6z0+wyu8wes8fsNXvNPrPP7Df7zQFzwGSZLHPQHDSHzCFz2Bw2R8wRc9QcNcfNcXPCnDAnzUlz2pw2Z02+S9+X3sTanDbOXmNz2Wttbnud/ds4vy1gE2xBW8hqm9fm+01srLXFbHFbwpa0zpayifaW38XlbQVb0Vayd9rK9i5b5XdxLXufrW3vt3XsA7amvfc3cV37oK1nH7P1EQFsU9vQNreN7GO2sX3cNrFNbTPb3La1T9t29hmbZJ+17e1zv4sX2IV2lV1t19i1dpfdbU/bM/aQ/c6etT/bHranHWBftQPta3aQfd2m2MG/i0fat+0o+44dbcfYsXbc7+IpdqpNs9PsdPu+nWFn/i5Otx/Z2TbDzrFz7Tw7/9f4Qk0Z9mO7yH5iM20AS+xSu8wutyvsyv9f61K73m6wG+1O+5ndYrfabXa73XH5RNjutnvs53av/cIetN/a/fYre8Aetln2m1/jC8d32H5vj9gf7FF7zB63P9oT9id1OfvCsf9of7HnrbdASECSFAUUQzkolnJSHF1Duehayk3XUYSup3i6gfLQjZSX8lF+KkAJVJAKkSZDlohCKkxFKEo30eXySlBJclSKEukWKk23Uhm6jcrS7VSO7qDyVIEqUiW6kyrTXVSF7qaqdA9Vo+pUg2rSvVSL7qPadD/VoQeoLj1I9eghqk8PUwN6hBrSo9SIHqPG9Dg1oabUjJpTC3qCWtKT1IpaUxt6itrS09SOnqEkepba03PUgf5CHel56kQvUGd6kbpQV+pGL1F3epl6UE9Kpl7Um16hPtSX+lF/GkCv0kB6jQbR65RCg2kIvUFD6U0aRm/RcBpBI+ltGkXv0GgaQ2NpHKXSeJpA79JEeo8m0WSaQlMpjabRdHqfZtBMmkUf0Gz6kObQXJpH8ymdPqIFtJAy6GNaRJ9QJi2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQZ/STvqMdtFu2kOf0176gvbRl7SfvqID9DVl0Td0kL6lQ/QdHabvfU/6gY7SMTpOP9IJ+olO0ik6TWfoLP1M5+gXOk+eIMRQhDJUYRDGhDnC2DBnGBdeE+YKrw1zh9eFkfD6MD68IcwT3hjmDfOF+cMCYUJYMCwU6tCENqQwDAuHRcJoeFNYNLw5LBYWD0uEJUMXlgoTw1vC0uGtYZnwtrBseHtYLrwjLB9WCB97oFJ4Z1g5vCusEt4dVg3vCauF1cMaYc3w3rBWeF9YO7w/rBM+EJYJHwzrhQ+F9cOHwwbhI2HD8NGwUfhY2Dh8PGwSNg2bhc3DFuETYcvwybBV2DpsEz4Vtg2fDtuFz4RJ4bNh+/C5X9c/uPDvr08Oe4W9w1fCV0Lv75fzovOj6dGPoguiC6MZ0Y+ji6KfRDOji6NLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohuj3tfMAQ6dcNIpF7gYl8PFupwuzl3jcrlrXW53nYu46128u8HlcTe6vC6fy+8KuARX0BVy2hlnHbnQFXZFXNTd5Iq6m10xV9yVcCWdc6VcomvuWrgWrqV70rVyrV0b95R7yj3tnnbPuGfcs669e851cH9xHd3zrpN7wb3gXnRdXFfXzb3kurvxuS++J5Ndb9fb9XF9XD/Xzw1wA9xAN9ANcoNciktxQ9wQN9QNdcPcMDfcDXcj3Ug3yo1yo91oN9aNdaku1U1wE9xEN9FNcpPcFDfFpbk0N91NdzPcDFd55sW9zHFz3Dw3z6W7dLfAXThnzHCL3CKX6TLdErfELXPL3Aq3wq1yq9wat8atc+vcBrfBbXKb3Ba3xW1z29wOt8PtdDvdLn/dxUndXrfP7XP73X53wH3tstw37qD71h1y37nD7nt3xP3gjrpj7rj70Z1wP7mT7pQ77c64s+5nd8794s4771Ij4yMTIu9GJkbei0yKTI5MiUyNpEWmRaZH3o/MiMyMzIp8EJkd+TAyJzI3Mi8yP5Ie+SiyILIwkhH5OLIo8kkkM7I4siSyNLIssjzifcEtoS/si/iov8kX9Tf7Yr64L+FLeudL+UR/iy/tb/Vl/G2+rL/dl/N3+PK+gq/oH/dNfFPfzDf3LfwTvqV/0rfyrX0b/5Rv65/27fwzPsk/69v753wH/xff0T/vO/kXfGf/ou/iu/pu/iXf3b/se/iePtn38r39K76P7+v7+f5+gH/VD/Sv+UH+dZ/iB/sh/g0/1L/ph/m3/HA/wo+MeduPunyJDON8qh/vJ/h3/UT/np/kJ/spfqpP89P8dP++n+Fn+ln+Az/bf+jn+Ll+np/v0/1HfoFf6DP8x36R/8Rn+sWXbyr7FX6lX+VX+zV+rV/n1/sNfqPf5Df7LX6r3+a3+x3+U7/Tf+Z3+d1+j//c7/Vf+H3+S7/ff+UP+K99lv/GH/Tf+kP+O3/Yf++P+B/8UX/MH/c/+hP+J3/Sn/Kn/Rl/1v/sz/lf/Hn+nTXGGGOMsX/K+CtD8ds1F2/n9/qDHPFXG/cGgGu3Fsj66/UXzijX5b047isS2kYA4NmenR+5vFSrlpycfGnbTAlBkbkAl/8n6IIYuBIvhjbwNCRBayj9h/X3FV3P0j+YP3o7QNxf5cTClfjK/F8CYPIfzP/EUyMXlAtPx/8X888FKFbkSk5OuBIvhja/3l9pDWX+Tv35Wv6D+nN+lQrQ6q9ycsGV+Er9ifAkPAdJv9mSMcYYY4wxxhi7qK+o2PHy9efln/j8o+vzBHUlJwdcif/R9TljjDHGGGOMMcauvue7dnvmiaSk1h3/9UGV/1bWPz1oDP9TM/PgDwfeA1x+RAHAvzkhwIWB/E8exeb/yL5SLr11/nbVsjM+gP8drfwzBlf5g4kxxhhjjDH2p7ty0v/bx9XVKogxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/TuxqHyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//9IVQM5")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000004100)={0x2020}, 0x2020)

2m44.543909996s ago: executing program 6 (id=700):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000015000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, 0x0}], 0x1, 0x21, 0x0, 0x0)

2m44.056163063s ago: executing program 6 (id=706):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa300000000000007030000f1feffff720a07fef8ffffff71a400fe0000000071108400000000001d300200000000004704000001ed00000f030000000000001d44000000000000730a06fe0000000072030000000a0000b500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[], 0x80}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x300, 0x0, 0xfd5e, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0xfd6c)

2m43.741088877s ago: executing program 35 (id=706):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa300000000000007030000f1feffff720a07fef8ffffff71a400fe0000000071108400000000001d300200000000004704000001ed00000f030000000000001d44000000000000730a06fe0000000072030000000a0000b500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[], 0x80}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x300, 0x0, 0xfd5e, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0xfd6c)

1m40.074330857s ago: executing program 8 (id=1464):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
chdir(&(0x7f0000000240)='./file0\x00')
r0 = open(&(0x7f0000000040)='./bus\x00', 0x80242, 0x0)
ftruncate(r0, 0x2007ffc)
writev(0xffffffffffffffff, 0x0, 0x0)
sendfile(r0, r0, 0x0, 0x800000009)
lseek(r0, 0x8, 0x4)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)

1m39.290875108s ago: executing program 8 (id=1469):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfe, {{@in6=@private0, @in=@remote, 0x0, 0x400, 0x0, 0x0, 0xa, 0x60, 0x0, 0x3b, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, 0x9}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x25dfdbfe, {{@in6=@private0, @in=@remote, 0x0, 0xe9d8, 0x1, 0xc4, 0xa, 0x60, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, 0x80000001}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000048000000ac1e000100000000000000000000000000000000000000000a0040"], 0xb8}}, 0x4000)

1m39.08229589s ago: executing program 8 (id=1473):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb0958730", 0x4c}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb", 0x4d}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000300)=""/85, 0x55}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x40002141)
r2 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000240)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0)

1m38.960716782s ago: executing program 8 (id=1477):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xfe, 0x54b, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNF1Gk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvebNmaNGmXrZn5fOC259x70nNP7v2enpOTkACG1mT2oxDxakR8m0Qcajk2GvnByY1y6w+uzWVbEvX6Z38lkeT7muWT/Pd4nnklIn77OuJEYXO91dW1xVK5nC7n+ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dvbX3z3D8/fHrno9PfHFv//pd7h28lcSYO5sda2/EUrrdmJmMyf07G4swTBaf7UNkgSXb7BNiRkTzOxyLrAw7FSB71wP/fVxFRB4ZUIv5hSDXHAc25fZ/mwS+M+x9uTIA2tz/ZeG0k9jXmRgfWk8dmRtl8d6IP9Wd1/Prn7VvZFv17HQKgq+s3IuLU6Gjn/m/nTvVQ5sk69H/w/NzJxj9vtRv/FB6Of6LN+Ge8TezuRPf4L9zrQzUdZeO/D9qOfx8uWk2M5LmXGmO+seTCxXKa9W0vR8TxGNub5bdazzm9frfe6Vjr+C/bsvqbY8H8PO6N7n38MfOlWulp2tzq/o2I17qMf5M21z97Ps71WMfR9PbrnY51b/+zVf854o221//Rilay9frkVON+mGreFZv9ffPo753q3+32Z9f/wNbtn0ha12ur26/jp33/pp2OTSb5ouk27/89yeeN9J5839VSrbY8HbEn+WTz/plHj23mm+Wz9h8/tnX/1+7+3x8RX/TY/ptHbnYsOgjXf35b13/7ibsff/ljp/p76//ebqSO53t66f96PcGnee4AAAAAAABg0BQi4mAkheLDdKFQLG68v+NIHCiUK9XaiQuVlUvz0fis7ESMFZor3eMt74eYzt8P28zPPJGfjYjDEfHdyP5GvjhXKc/vduMBAAAAAAAAAAAAAAAAAABgQIx3+Px/5o+R3T474Jnzld8wvLrGfz++6QkYSP7/w/AS/zC8xD8ML/EPw0v8w/AS/zC8xD8ML/EPAAAAAAAAAAAAAAAAAAAAAAAAAAAAfXXu7Nlsq68/uDaX5eevrK4sVq6cnE+ri8WllbniXGX5cnGhUlkop8W5ylK3v1euVC5Pz8TK1alaWq1NVVfXzi9VVi7Vzl9cKi2k59Ox59IqAAAAAAAAAAAAAAAAAAAAeLFUV9cWS+VyuiwhsaPE6GCchkSfE7vdMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI/8FAAD//wZvNao=")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000040), 0x0, &(0x7f0000000440)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
unlink(&(0x7f0000000240)='./file1\x00')
open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x22)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)

1m38.506257778s ago: executing program 8 (id=1486):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
syz_mount_image$exfat(&(0x7f0000006c00), &(0x7f0000001b40)='./file0\x00', 0x208008de, &(0x7f0000001b80)=ANY=[@ANYBLOB='utf8,errors=continue,namecase=1,utf8,gid=', @ANYRESHEX=0x0, @ANYBLOB=',umask=00000000000000000000077,umask=00000000000000000005676,uid=', @ANYRESHEX=0x0, @ANYBLOB=',gid=', @ANYRESHEX=0x0, @ANYBLOB="2c000ca8768ddddc191573cbd33da79641936c9de64e264f331d1b50f4c4f54702f51dcbddb39c14c19175f07a639bb65ea608fbf6fadf5d8da30ace1281bed3e61b084526e10dbe921dad84fbcabc5791f52445cb76b789ed377aa0cd17309c4df04d525e8af05fb246b33836d90656cd2daa991b916be40df3bd607ae5672e1bb90730d0ff03000000000000c5f0cf287ea707c1fc66165f74e7d8a78c37a4b86907cec1df06da3611f616718d88770a2520ceb039bc06ef4d1183"], 0x1, 0x1503, &(0x7f0000000580)="$eJzs3AuYj1XXMPC99t43Y5L+TXIY9trr5p8G2yRJDgk5JEmSJDklJCZJEhJDTklDEnKcJIchJIdpTBrn8yHnpMkjTZKE5BT2d+np/Tzv0/O+fe9X3+e93lm/69qXvdz/tf7rnjXX3Pf9v66Z73uOqtu8Xq2mRCT+FPj7P8lCiBghxDAhxA1CiEAIUTGuYtyV4/kUJP+5N2F/rUfTrnUH7Fri+eduPP/cjeefu/H8czeef+7G88/deP65G8+fsdxs+5yiN/LKvYs//8/N+Pr/P0hOuclfbyx3c6//QgrPP3fj+eduPP/cjeefu/H8czee//98Nf+TYzz/3I3nz1hudq0/f+Z1bde1/v5jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZY7nPNXaSHEv+2vdV+MMcYYY4wxxhj76/i817oDxhhjjDHGGGOM/b8HQgoltAhEHpFXxIh8IlZcJ/KL60UBcYOIiBtFnLhJFBQ3i0KisCgiiop4UUwUF0agsIJEKEqIkiIqbhGlxK0iQZQWZURZ4UQ5kShuE+XF7aKCuENUFHeKSuIuUVlUEVVFNXG3qC7uETVETVFL3Ctqizqirqgn7hP1xf2igXhANBQPikbiIdFYPCyaiEdEU/GoaCYeE83F46KFeEK0FK1Ea9FGtP2/yn9Z9BWviH6iv0gWA8RA8aoYJAaLIWKoGCZeE8PF62KEeEOkiJFilHhTjBZviTHibTFWjBPjxTtigpgoJonJYoqYKlLFu2KaeE9MF++LGWKmmCVmizQxR8wVH4h5Yr5YID4UC8VHYpFYLJaIpSJdfCwyxDKRKT4Ry8WnIkusECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFNrFdfCZ2iJ1il9gt9oi9Yp/4XOwXX4gD4kuRLb76L+af/af8XiBAgAQJGjTkgTwQAzEQC7GQH/JDASgAEYhAHMRBQSgIhaAQFIEiEA/xUByKAwICAUEJKAFRiEIpKAUJkABloAw4cJAIiVAebocKUAEqQkWoBJWgMlSBKlANqkF1qA41oAbUglpQG2pDXagL98F9cD80gAbQEBpCI2gEjaExNIEm0BSaQjNoBs2hObSAFtASWkJraA1toS20g3bQHtpDR+gInaATdIbOkARJ0BW6QjfoBt2hO/SAHtATekIv6A294WV4GV6BV6A/1JYDYCAMhEEwCIbAUBgKr8FweB1ehzcgBUbCKHgT3oS3YAycgbEwDsbDeKguJ8IkmAwkp0IqpMI0mAbTYTrMgJkwE2ZDGsyBuTAX5sF8mA8fwkL4CD6CxbAYlkI6pEMGLINMyITlcBayYAWshFWwGtbAalgH62EdbIRNsBG2wBbYBtvgM/gMdsJO2A27YS/shc/hc/gCvoAUyIZsOAgH4RAcgsNwGHIgB47AETgKR+EYHIPjcBxOwEk4BSfhNJyGM3AWzsE5uAAX4CK8GP9ts72lN6QIeYWWWuaReWSMjJGxMlbml/llAVlARmRExsk4WVAWlIVkIVlEFpHxMl4Wl8UlSpQkQ1lClogRQshSspRMkAmyjCwjnXQyUSbK8rK8rCAryIryTllJ3iUryyqyg6smq8nqsqOrIWvKWrKWrC3ryLqynqwn68v6soFsIBvKhrKRbCQby4dlEzkAhsCj8spkmsuR0EKOgpaylWwt28i34EnZTo6B9rKD7CifluNgLHSW7VySfFZ2lZOgm3xeToYXZA85FXrKl2Qv2Vv2kS/LvrK96yf7yxkwQA6Us2GQHCyHyKFyHtSRVyZWV74hU+RIOUq+KZfCW3KMfFuOlePkePmOnCAnyklyspwip8pU+a6cJt+T0+X7coacKWfJ2TJNzpFz5QdynpwvF8gP5UL5kVwkF8slcqlMlx/LDLlMZspP5HL5qcySK+RKuUqulmvkWrlOrpcb5Ea5SW6WW+RWuU1ul5/JHXKn3CV3yz1yr9wnP5f75RfygPxSZsuv5EH5N3lIfi0Py29kjvxWHpHfyaPye3lM/iCPyx/lCXlSnpI/ydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaDyqLwqRuVTseo6lV9drwqoG1RE3aji1E2qoLpZFVKFVRFVVMWrYqq4MgqVVaRCVUKVVFF1iyqlblUJqrQqo8oqp8qpRHWbKq9uVxXUHaqiulNVUnepyqqKqqqqqbtVdXWPqqFqqlrqXlVb1VF1VT11n6qv7lcN1AOqoXpQNVIPqcbqYdVEPaKaqkdVM/WYaq4eVy3UE6qlaqVaqzaqrXpStVNPqfaqg+qonlad1DOqs+qiktSzqqt6TnVTz6vu6gXVQ72oeqqXVC/VW/VRl9Rl5VU/1V8lqwFqoHpVDVKD1RA1VA1Tr6nh6nU1Qr2hUtRINUq9qUart9QY9bYaq8ap8eodNUFNVJPUZDVFTVWp6l01Tb2npqv31Qw1U81Ss1WamqOG/FZpwT/lD/jtqvuP+e/9i/wRv777NrVdfaZ2qJ1ql9qt9qi9ap/ap/ar/eqAOqCyVbY6qA6qQ+qQOqwOqxyVo46oI+qoOqqOqWPquDquTqiT6rz6SZ1WP6sz6qw6q86rC+qCuvjb10Bo0FIrrXWg8+i8Okbn07H6Op1fX68L6Bt0RN+o4/RNuqC+WRfShXURXVTH62K6uDYatdWkQ11Cl9RRfYsupW/VCbq0LqPLaqfL6UR925/O/6P+2uq2up1up9vr9rqj7qg76U66s+6sk3SS7qq76m66m+6uu+seuofuqXvqXrqX7qP76L66r+6n++lknawH6lf1ID1YD9FD9TD9mh6uh+sReoRO0Sl6lB6lR+vReoweo8fqsXq8Hq8n6Al6kp6kp+gpOlWn6ml6mp6up+sZeoaepWfpNJ2m5+q5ep6epxfoBXqhXqgX6UV6iV6i03W6ztAZOlNn6uV6uc7SK/QKvUqv0mv0Gr1Or9Mb9Aa9SW/SW/QWnaW36+16h96hd+ldeo/eo/fpfXq/3q8P6AM6W2frg/qgPqQP6cP6sM7ROfqIPqKP6qP6mD424Lg+rk/oE/qUPqVP69P6jD6jz+lz+oK+oC/qi/qyvnzlti+QgQx0oIM8QZ4gJogJYoPYIH+QPygQFAgiQSSIC+KCgsHNQaGgcFAkKBrEB8WC4oEJMLABBWFQIigZRINbglLBrUFCUDooE5QNXFAuSAxuC8oHtwcVgjuCisGdQaXgrqByUCWoGlQL7g6qB/cENYKaQa3g3qB2UCeoG9QL7gvqB/cHDYIHgobBg0Gj4KGgcfBw0CR4JGgaPBo0Cx4LmgePBy2CJ4KWQaugddAmaPuX1vf+TOGnXD/T3ySbAWagedUMMoPNEDPUDDOvmeHmdTPCvGFSzEgzyrxpRpu3zBjzthlrxpnx5h0zwUw0k8xkM8VMNanmXTPNvGemm/fNDDPTzDKzTZqZY+aaD8w8M98sMB+aheYjs8gsNkvMUpNuPjYZZpnJNJ+Y5eZTk2VWmJVmlVlt1py/UQiz3mwwG80ms9lsMVvNNrPdfGZ2mJ1ml9lt9pi9Zp/53Ow3X5gD5kuTbb4yB83fzCHztTlsvjE55ltzxHxnjprvzTHzgzlufjQnzElzyvxkTpufzRlz1pwz580F84u5aC6Zy8Zfubm/cnlHjRrzYB6MwRiMxVjMj/mxABbACEYwDuOwIBbEQlgIi2ARjMd4LI7F8QpCwhJYAqMYxVJYChMwActgGXToMBETsTyWxwpYAStiRayElbAyVsaqWBXvxrvxHrwHa2JNvBfvxTpYB+thPayP9bEBNsCG2BAbYSNsjI2xCTbBptgUm2EzbI7NsQW2wJbYEltja2yLbbEdtsP22B47YkfshJ2wM3bGJEzCrtgVu2E37I7dsQf2wJ7YE3thL+yDfbAv9sV+2A+TMRkH4kAchINwCA7BYTgMh+NwHIEjMAVTcBSOwtE4GsfgGByL43A8voMTcCJOwsk4BadiKqbiNJyG03E6zsAZOAtnYRqm4Vyci/NwHi7ABbgQF+IiXIRLcAmmYzpmYAZmYiYux+WYhVm4ElfialyNa3Etrsf1uBE34mbcjFtxK27H7bgDd+Au3IV7cA/uw324H/fjATyA2ZiNB/EgHsJDeBgPYw7m4BE8gkfxKB7DY3gcj+MJPIGn8BSextN4Bs/gOTyHF/AXvIiX8DJ6jLFSxNrrbH57vS1gb7AxNp/9x7iILWrjbTFb3BpbyBb+dzFaaxNsaVvGlrXOlrOJ9rbfxZVtFVvVVrN32+r2Hlvjd3F9e79tYB+wDe2Dtp6977c4769xI/uQbWwft03sE7apbWWb2Ta2uX3ctrBP2Ja2lW1t29hO9hnb2XaxSfZZ29U+97s4wy6z6+0Gu9FusvvtF/acPW+P2u/tBfuL7Wf722H2NTvcvm5H2Ddsih35u3i8fcdOsBPtJDvZTrFTfxfPsrNtmp1j59oP7Dw7/3dxuv3YLrSZdpFdbJfYpb/GV3rKtJ/Y5fZTm2VX2JV2lV1t19i1dt3/7nWV3WK32m12n/3c7rA77S672+6xe3+Nr5zHAfulzbZf2SP2O3vIfm0P22M2x377a3zl/I7ZH+xx+6M9YU/aU/Yne9r+bM/Ys7+e/5Vz/8lespett4KAJCnSFFAeyksxlI9i6TrKT9dTAbqBInQjxdFNVJBupkJUmIpQUYqnYlScDCFZIgqpBJWkKN1CpehWSqDSVIbKkqNylEi3UXm6nSrQHVSR7qRKdBdVpipUlarR3VSd7qEaVJNq0b1Um+pQXapH91F9up8a0APUkB6kRvQQNaaHqQk9Qk3pUWpGj1Fzepxa0BPUklpRa2pDbelJakdPUXvqQB3paepEz1Bn6kJJ9Cx1peeoGz1P3ekF6kEvUk96iXpRb+pDL1NfeoX6UX9KpgE0kF6lQTSYhtBQGkav0XB6nUbQG5RCI2kUvUmj6S0aQ2/TWBpH4+kdmkATaRJNpik0lVLpXTqb3qXIlXu9GTSTZtFsSqM5NJc+oHk0nxbQh7SQPqJFtJiW0FJKp48pg5ZRJn1Cy+lTyqIVtJJW0WpaQ2tpHa2nDbSRNtFm2kJbaRttp89oB+2kXbSb9tBe2kef0376gg7Ql5RNX9FB+hsdoq/pMH1DOfQtHaHv6Ch9T8foBzpOP9IJOkmn6Cc6TT/TGTpL5+g8XaBf6CJdosvkSYQQylCFOgzCPGHeMCbMF8aG14X5w+vDAuENYSS8MYwLbwoLhjeHhcLCYZGwaBgfFguLhybE0IYUhmGJsGQYDW8JS4W3hglh6bBMWDZ0YbkwMbwtLB/eHlYI7wgrhneGlcK7wsphlfDxB6uFd4fVw3vCGmHNsFZ4b1g7rBPWDeuF94X1w/vDBuEDYcPwwbBC+FDYOHw4bBI+EjYNHw2bhY+FzcPHwxbhE2HLsFXYOmwTtg2fDNuFT4Xtww5hx/DpsFP4TNg57BImhc+GXcPn/vB4cjggHBi+Gr4aev+AWhJdGk2PfhzNiC6LZkY/iS6PfhrNiq6Iroyuiq6Oromuja6Lro9uiG6Mbopujm6Jbo1ui3pfL69w4KRTTrvA5XF5XYzL52LddS6/u94VcDe4iLvRxbmbXEF3syvkCrsirqiLd8VccWccOuvIha6EK+mi7hZXyt3qElxpV8aVdc6Vc4mujWvr2rp27inX3nVwHd3T7mn3jHvGdXFd3LOuq3vOdXPPu+7uBdfDvehedC+5Xq636+Nedn3dK66f6++SXbIb6Aa6QW6QG+KGuGFumBvuhrsRboRLcSlulBvlRrvRbowb48a6sW68G+8muAlukpvkprgpLtWlumlumpvuprsZboab5Wa5NJfm5rq5bp6b5xa4BW5hwkK3yC1yS9wSl+7SXYbLcJku0y13y12Wy3Ir3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1w2S7bHXQH3SF3yB1237gc96074r5zR9337pj7wR13P7oT7qQ75X5yp93P7ow768658+6C+8VddJfcZeddauTdyLTIe5HpkfcjMyIzI7MisyNpkTmRuZEPIvMi8yMLIh9GFkY+iiyKLI4siSyNpEc+jmRElkUyI59Elkc+jWRFVkRWRlZFVkfWRLwvtiP0JXxJH/W3+FL+Vp/gS/syvqx3vpxP9Lf58v52X8Hf4Sv6O30lf5ev7Kv4qv4J39K38q19G9/WP+nb+ad8e9/Bd/RP+07+Gd/Zd/FJ/lnf1T/nu/nnfXf/gu/hX/Q9/Uu+l+/t+/iXfV//iu/n+/tkP8AP9K/6QX6wH+KH+mH+NT/cv+5H+Dd8ih/pR/k3/Wj/lh/j3/Zj/Tg/3r/jJ/iJfpKf7Kf4qT7Vv+un+ff8dP++n+Fn+ll+tk/zc/xc/4Gf5+f7Bf5Dv9B/5Bf5xX6JX+rT/cc+wy/zmf4Tv9x/6rP8Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Wd+h9/pd/ndfo/f6/f5z/1+/4U/4L/02f4rf9D/zR/yX/vD/huf47/1R/x3/qj/3h/zP/jj/kd/wp/0p/xP/rT/2Z/xZ/05f95f8L/4i/6Sv8y/s8YYY4wx9n9E/cHxAf/i/+Rv64qBQojrdxbN+eeamwv9fT9YxneKCCGe7d/z0X9btWsnJyf/9tosJYKSi4UQkav5ecTVeIXoKJ4RSaKDKP8v+xsse1+gP6gfvVOI2KuVfxUr/rn+7f9B/SefHp9RKTwX95/UXyxEQsmrOfnE1fhq/Qr/Qf3C7f6g/3xfpwrR/h9y8our8dX6ieIp8ZxI+nevZIwxxhhjjDHG/m6wrNr9j56frzyfx+urOXnF1fiPns8ZY4wxxhhjjDF27b3Qu0+XJ5OSOnTnzZ/Y1Pjv0QZvePOXba71TybGGGOMMcbYX+3qTf+17oQxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu9/n/8ObFrfY6MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYtfa/AgAA///mJjhh")
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
chdir(&(0x7f0000000540)='./file0\x00')
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2)

1m38.069031794s ago: executing program 8 (id=1487):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f00000001c0)='\\', 0x1)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x4000000, 0x1, 0x0, 'queue0\x00'})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x882)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0x40605346, &(0x7f0000000180)={0x0, 0x0, {0x3, 0x1}})
write$sndseq(r2, &(0x7f0000000140)=[{0x1f, 0x0, 0x1, 0xfd, @tick, {0x0, 0xc}, {}, @raw32}], 0x1c)
ioctl$SNDCTL_DSP_RESET(r0, 0x5000, 0x0)

1m38.029598755s ago: executing program 36 (id=1487):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f00000001c0)='\\', 0x1)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x4000000, 0x1, 0x0, 'queue0\x00'})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x882)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0x40605346, &(0x7f0000000180)={0x0, 0x0, {0x3, 0x1}})
write$sndseq(r2, &(0x7f0000000140)=[{0x1f, 0x0, 0x1, 0xfd, @tick, {0x0, 0xc}, {}, @raw32}], 0x1c)
ioctl$SNDCTL_DSP_RESET(r0, 0x5000, 0x0)

1m1.591987107s ago: executing program 9 (id=1857):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x48, &(0x7f0000000440)={@flat=@weak_binder={0x77622a85, 0x1000, 0x2}, @flat=@binder={0x73622a85, 0xa, 0xf0, 0x1f}, @flat=@binder={0x73622a85, 0x1000, 0xf0}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})

1m1.497435628s ago: executing program 9 (id=1859):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="b70000000000000007000000000000009500000000000000a9171809f8dcf159569d5475991f7de1a0d0c119cfcf6b98741c23fb7f8d3002ec85db75af955427e91496087a51a0a78f269a9e216a0d0177c4fe3552396a180330807a5b6e8c79aa92038c78d1f16c1323f0e0c8d45c641a21757847cb22230e4321cc3581e40c62c4defee8cffe359cfeef7f58fffdb48647d28ae810f6d22d20271e9e88e94aa6982bf48356652b08e2fbd404e41e0058aae0478fbe542b648421d1b4486a542a7d478fbe6b5e000000293853f9c68e235184b7ad5b6c4fe70ec8320500db0db7fda3da6171a05509ffecef2cb9802d4f36c9a1ce46d3b355fec188ccfc2f0fc89e164561fb06ee9a0153981a47b5de9edd3536d5534f9a699f73b2c9341d2d05043748ce1f4577ed76cdf5b3c697089daa4abda69a8c0c992404610a6be9e103c972459065dec0488e85a6a0418fc87dd8019ef7bb4ef4fa6ee08d81797570578f2e8198e687012f25a69a90e7515e35f8abbddfa96c3f0485f01f0e9e144a2bd31c1b594c50de7c9efd826f1e19b7bd89ca4052b1985287bd13957a48467e0eeddf564d175bf4340885b63976df609806c3b2a3667539dfd66a7400000000003be6026e60205f761ce85cdf75cdb95ca5d32b5bf87eed4184d49f8f48181ef2419efe82ebb18ee55772d562b3b49551714e805a5211a3f4e8e703c03e23b2074bc573dbb66d59e269b722637c4a2efb5241cae2f14774609ad91d66724c438455dc4fcf0b4c8fc235f6c190b4c82bb2556d1fbcd4468369e98e900c743162ce2c7e60610acf0c8e4ba94a7e7127c7de0e6c35acecee1b8434fdca4579f9ebc6a515f7d910b466eb583fb0a7e65fbecb2b8ee0e9da33afb88aa5da8da3a5e0e58fcb48de6f165826b046a8951a47e040bd419d0efa0f54e8e3694085a7bde6f6494968d8200000000000"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff37, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x1000000000000f, &(0x7f0000000080)=0x7fffffff, 0x4)
r2 = syz_io_uring_setup(0x8d0, &(0x7f00000000c0)={0x0, 0xc48a, 0x800, 0x3}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x47ba, 0x3e80, 0x2, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="b7000000ecffffff0c0000000000000095000000000000005e0c83dfb64a3eb1cdfa541cd3957aa8a96b9fa4591c1eb556e38defc504b011face5a06294c2115a9ad943bac350e8d7961537181f79ead9176dc7c3ed2d45004deb987fa0d"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff37, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r6 = dup2(r0, r5)
setsockopt$sock_attach_bpf(r1, 0x1, 0x34, &(0x7f00000000c0)=r6, 0x4)

1m1.089061664s ago: executing program 9 (id=1867):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0xb02, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@window, @window={0x3, 0x2, 0x1}, @window={0x3, 0x3, 0x4}, @window={0x3, 0x8, 0x6}, @sack_perm, @timestamp, @mss={0x2, 0x1}, @sack_perm], 0x200000000000005d)
sendmsg(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000300)="f57c", 0x2}], 0x1}, 0x8001)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f0000000200)="14fd07088c3dc22168997a066c6b2c41b6722da843427bcecdbe493300b72f0862c06486bd16f61b6edc3e970c0c24c77fc4f732b5e0fac86afafec0ec9b55c2b6fab1169040e064", 0x48, 0x0, 0x0, 0x0)

1m1.015762485s ago: executing program 9 (id=1871):
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f00000007c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x21c046, &(0x7f0000000940)=ANY=[@ANYBLOB="6e6c733d6370313235302c6e6f626172726965722c63726561746f723dbd3c66f52c7569643d", @ANYRESHEX=0x0, @ANYBLOB=',force,umask=000000005,\x00'/38], 0x3, 0x6a4, &(0x7f0000000100)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1000, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x91905a, 0x0)
mount$bind(&(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000dc0)='./file0/file0\x00', 0x0, 0x1145d10, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
read$FUSE(r0, &(0x7f00000029c0)={0x2020}, 0x2020)

1m0.67043592s ago: executing program 9 (id=1879):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0xfe05a, 0x5000, 0x0, 0x0, 0xc}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r2, 0x40806685, &(0x7f0000000440)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000002140)="25453138b9bdd4fd5d7806d83242ec6844c8c097ae7644267b7462ed84f413df24d8ea625d8cbd725213fb509bd4c24dad43e4024978514b8217874083ddd3f102fb5ee2b61bff8cb9da1c6011da59aaf5e4edd04c4a7af4193779b4a4103947a116a0a4c462f90d792e10e93e7b0a373b5ed62815a8a8bd30d1828140bec0e54de0644d5febebc683ee9b3a13faef560dfddd8e792eabd9e9d051425039a79fa428ff32325ae37d144d6d59554f6259130279857f1000a5072a68f2ce18bce688bddd05006c4197c4a48b879d930cd61f4c80d53157333421b958a00c14748c53a5a8cf69f8fc837ad35e52f46afe50f257d3daade878023bb74486e120e4955a6f0ae592665775ac9ca6e29bcc393b5bbbe9e67ec30466f0187a86ffe58e315967c24546cda4b536d3103c224d8bb963cbaa549ed73b7389ca1e3826a118d98be2f49ee1c8030560a0698132eaa0303571bb4eb2f980c25d0d4448fd5b8b69b4f72c8bfc45dac91d30b3379d6a0f3e5172b968e008d28809c82ee4da05ff4788582ee2c92f276b05f2fd9f15270f4a813bcc19ea261a0912064e174983580af8154f6757699bb6b5ac95c438ebf7654c95865bcd1623b796f6a1f1bc9ebbe24ce68c5eb25cc50a562cdd088ceec15a31abb24029d5ff217bd97d7242e37a1960d990f3f84ccfab340f4a25232eb29d334ad6204b5b409f69743be62ee402b5f2ebd9f99fd5a5ad44119a7c744819dd12c7ef72ecfa97795122d0580b5fd4763e82479087748b4c76ce46afdf03a36951a2cd3c590a4f7e5fa7933c7343e6f219d2eb0b4cbcce7a6da29a77a83fecb0108f2b5874f8718b39ea54ccbd0417c67666aa740b86f7de3a64e6768beac4cf31758fda01406b553d801d372cb04934173bd417f59d7b249c0419c9b89c53ac8b6c5a785b1b7baa838d33807de8181245e01e8234e9b2d4e42f6660f1a32e4deee5e69bb1d25db4ed2f6039d47132987ced3a4bbdc7239ce5a6dfdf6cc7d5f640220fa1065b19f5dcd8ad1dc74cd30f3a95f9112b149c82101713906d313a88163d670921a426b97c86519b5fcace56c6327d087a2fd954ecd6ce9036903e16b76c71590aa07aacd7ac036994312ea19aefcdf0df2e925b1ddcaa6eeb1835f4c3be5779e7bba8ad05ce6e52c4538ff60ff9713735568ec952bdf988a77194d84aecac99f4c5be0931b1287b988dd5461f1b74bdbfcc6e1d27e0cdef99f64073815f4c283710ece8f6b5eae65b1a1b1d37f3bbd6a8a5f6a1294ebc4085b76aad00c18f72ef311105efba3c3f6bd176df8f800a3c405f20db4bec0e656a1d194d83002ed17cb5ac10e2287764bb7d0ce3451b70e2e08c9b7be5a067fda4e4b0840a36561a53904f2d65138bb9e56c0f5d4f6f05d9d12ec71fe8d978c344d696554b07aee338461eae895e2f5d14c53c329d66a4bf72bd5adc65114a8a8656301aec4d8d4a1f9ee6704b8ec88a2ff1728afd44ca23b5cfaad1d9b4b58f57568b5f4c4d30f6c5de500e359b4fec52653295cd53b14fc5b767dcbc4ff4928176f1c241e519bd9375f5f73e8da3276caa2786c424e54c6f9973021acc2d9dc4b16ae80e0f8d61b85646bf40f838d84e6e6d7ff5c8efd49cc35c63b73d65c9e9ff846cbf052f14e0f7245548bd8a30836baa8380ebcddc2fbdab7ea78932e57f5781866fbad97f35b2ea5ac69fb9cb6a82e38fb42e743a577393e674c89e034f804d3d58d4f572224ce2d9fb02d893aeee18c7bfde4d4bb8cfb5ec327edd435638199bc9aae760f44dd84aac1b59f5ab5ce9dc356a89e3cdeb1b02ddf0be200043132b1883015591cf71470bc64b1ffcb9eeac0827984b12433acb162b6d345204e8b3ad0de6d17ecec586aa87d27cdc2b65c6f4455f5b0a61616026482cbc1e8cee49d2355cd3f4ec70e3620eea535d4fcdb8f4beee94ec6dcae2ce0c1ed9b7abc0def3357defece9464aaf1d35c2cef25305d7dcff6c8f4bb2639bea6624f18462303d4d41d790457161322590291d78f69365313c646a6ec17712424532a21844f56f2d85c1a2edc6dc30cf05ca73549ea1a2e478984ca3d0123a938f53c2abf664ee0156ac4a445c8a9c5faefa1d6a9e843113ab9e1818ee0b28b7435d4b199b19894f513c7cc9d4a4a66fbd4814cd18a81bd4e728bf15292437ba81c413c4aa6cdc643b069879fcfd2a55557a9e0d2658468865e1e12d4a56e872c4ef03ac3df8e25e41ecdb6271a0dfa2e553a161613822b2e6b70045eeae60224a16537381b0cda32897a2280feabe55a640815abf8baf77f5ce914ec8d6f5ad9871a98d6aba0682090d32d3dd157097964dcb2935be22be5832bf97bb1fff64ad8d185a529f5208d2c54bdf59e7ffebd7b98a24193083ef9c078ef7222eb126b811a00f3a37787feecfda6066ff04b669b2dcc99f08195579f45b15f0e0a85d6dc97cde3cadb12f4531ef9262100a726cdec12f2aeb2dddd6f370a6a813c7012998f9a1d75d8960288b963d6e37c9b3e8c7c9f59c1c05572b80f927487b2dd8553da096548763f5541cdaaa6fefc4f086eb47f6535e9a509e93792c6071c5c958a4faeb4b7e2d3cfb882ec3074659c00673dd1c74fdd730a9fabb904ea31ebde53c8cbafd2be20912db05d88f9acab918f5733c4fb71b5786f583bd2becda7d75a7839585d70eb0cc869e0396d39d40cc942b983a72e19fcd1b506d9ff341decce951b3dde2cb088fd701851d65a7d1e089b97e2046e5b263dd26ac3f7f302ba7f545786dec66e0c391f3ffdb853c9b7a15616ec72ff56613da3ca443350b2390215d9da7923d964566dea160a0fede1f3cbbcfe31489b19cd47ca2f6fefb71975d62236067386eb56638e108da39572b4610f0353c8ec6c592fa57b480790ee58adf0dea0c498a18cd6ec004784b32a3c8913f38f66bdc8ea1bfabbca982534448963d5a4160f1fce8d7d6b6fcd074c4750e98707c91d8da13a01ccf2ffd9d1e518c7935fd4c296c25c39035f413dc05fa09a4621800c932d2f02efcc6554b7e2bba1da92b1b565d1f6f7fba554230f714b4a9edcc607492aeb4e95a7e466230d04169911dd0228ba97dc10d7e9626326d4ab3ebff95b2c08f1def337d87f1e733fd3a2feeea0e4a06063696fed4d76c295004031c635baf54dfbcd6d032d50d24a3cc28ceb1ff7445ae1abab4cca2705c4b935bca5196c905fd99c15f04ac6c38960d6f361c5c76e7b3d589f5e9d22a21817b54e457d576445d5a0fb901f169cb554b27adbc7d96a0f36056b937e2c1c1547f150462c27f73e35ea1add5b8fc1fa7ceede926b00d7d3421bbc71cee320578c028881f36e46d8f80e97dfdf90cbe17e5f6faddb96370500e5399e3e664e74629953a5477a9654d0b0b63cd6919a6915e2cc60e55e60d7c601ec0b7dc37c5220d7c447cbae9d74bcff0801f9ad4f2ffff281b085bfcc072bb2fb43e4dd50dedb566684d7a1d473acc652b3b7b62be2747dfce09a88dc568ad8afd37a0e75b704cf24a457004cdc33123717b4a7eefbed6dc12cc30e24d5775907311ff6a38bcdd3e096d7f1ac4b24d0efb93988bc20f287627d2e16ecb8a1afe6830e53525b6b75455e880399d94f355ba2090c7709aee67bac41a666a4339e04c557c06ca391d7b1d14d058d345379562dcc8031e5ffc11539aa7295d1543fea08bf5f4b7ee8ae3769ac28589202a20b639b34c9429d82861f6d59c1d4e985a22d5293f1dae4c2285c0a34c5dc8058fcca8c97143f43135dec56d451726518357967031abe6c95497a29cf6a5b8390aa014fb24cd037d4fdd3579a3c1ad02cbc0f5e310e28b6f7cbaf3e26f9ddc42eb2d515d9e628622b3b391baa0e0d76fc0780841766b638a60e0983b7a7ef46574e048b6cca17919770ea0a390734c7e8765a1735e3299aba23c865fdf9637b1f3d7d541cfaba24efb0f2cf8299886bfcba422c505d676fb270bd993708bbabd98865a18193260e5a53e63328740d42af129918cb918759d0bcb15736e46261a09132163a0a99661eb2d1c891506ed00eb62044d244eb2bac663ea64ad26f7d7a3034cf72d8bc55ec100d311aa395faa20098963d5ce107dbc7f376d19fa785e515c133ef49568d5fadf02574340be1fbec7af698bc5c30a3598a144e12976c7ff5910928fd97ad3b37a48b01a2ac77400268f46019d8e2c056f1319e632419680c9ba01a128c8816959735753c0ac2fdbcf13b544e58b1c5d072b3b1fedece3d28de121e808c98f516e357e49f7df12262bbc7f7beeaff65df4c88a7adc433dffa60076655e32c2c6aa97831f515266653224ab4ebc6009b6488949406364eceb071f84842d1d55ca30b36758d93845bad0274173897f5230ebaf67004b71f79c6d740f7c77ee52b0d7fbf7c1c6bbb68d1b128b9b5d87d56a58ac374ec853fbfb7ffa900f347628e19944582f3741f63fd4e9821de4421ab3aa810dae3e2cb464419a51d46fbd7838809a9dd75d3358aaa7d81a092eb3e4f30faf5b2a887754819b90b388eac2d45ed040caa2f66d75678a4f044a7e635d4a4e3dcd393a55e72b39dadbdb2a75b78dfc44af3734ca9cb955f2fa1e4f75eb072afcc0b51cc53bfc839885f93917c1fa22757053463f703a68fd13ccced11e27f30a2c240131e9b23b27e14d7f6cffd3926d6b4b27de0ffef48a1059f1ceae7cba8d0720fc943e93b790c20dd5df13bc48022a2918d32564f34996efe7b87e36626c2ee64d3fac250386f3e2eda3f761d08e40db4cc9f95d3ee0d3421623908e3637da8ef878af8d635ce2363eab83e59751d5cfd4881f9f1d45006685309e34bb2cb4e4eaf4d97c99ec02b47dcae85917dd084d82691eddf6ce53694a0dc8434ef409e3fe773c6bcc0a79c4a0909f110f98c561178863b686e8b4013aa488374834edf09ace1078b3827d900fdc255e1d5fe80698e475f0b49dafaaeca83237c4695da9af931cf8cc94e79087256fca0a813f01733b8403abed234bbc444d599c67569ac90d3ec94afb8dec46a1859970a32557eb75310f4282287edcab716ee6ac539e8cbe5ed9b8f52c3821723807f011e1c7cc2c700da76cd5a899f13c1be784221716fba5b34615319eb97709ed6ce1b526c55f66d8e28302e292e300eb295a091c1f8ac99f5db4463175d9ea3a26ba562ce15edee2b10eab9f974762cc6ee0923934c07427bfa2c92d84dbfacee823858e1d2fafaaa4da608c34d0fad4087fdd53be7a068b52064bcb579cbda03f46b5cf9fb405577d57a6d64c75fbf7bd47e78db51384e3b017f8e9786386227ca1632432900de461359f61d32a90cfe02a0e27334d49b68a05721f6865e1b3d16241bbdd073dc3d1e79d16436c197f7a65acc778c8bd1f935e750d0d91a21d9967094d073e74c9194f450b50a4ebd3d63ddd5fadd2a06bea1e5e53f493386db396e388692877b4ccb3147bad0d7a6204b0c7fd8c0828f4a52d650ebf5aec5f9057d7695786360eb15ae1ff70d79ffcf79905b657ae12a100c3d1814e91b6935895a630fb2e88bd2a6d0d37ff2355a4c72dda53c01ff29572741c817eaa03abce980aaa0c592568705591b1e502125d3b1709d2ceca55b33198bd4d2f2b31cb62485a2a1db8d7446b254861efe72af4d719d4ad484f4168b4608ee482cf5a92499316bb16d5b3a228b17d7d191697424f31864e190c0da7d064ea1d2cbb83a7ade8779191512a3f84de6ebc2c30a92fa7da463f3219720acd4aab3ea6e27d29183fc7c450dc7e44074860afb296c9eb528758a31b17b7284b96e054e876030933bf44764422c355089ac84afc26cafdd7103f921b86214448b3439ca11dd884e443b13b39110bd4e1c97822530cb489c6e7f2a176965081093e4728a1f5700fa01df0f12c89be54232941ad2dc0ff9c3fac3432ef5a0740b356a62faa372b45b6a9f4a77f312d9a01471cb573bbc6ea2ff1b020a5b20c6c7da2f44b29eeef7e3ff03dcf3134a23837337a4f3130165b266b657ab4e65735f8b156be3ada2151ae2e45b50c2631f3775fff262be49bc972dbcc4a7c8afc7244f2de025914e58065d4bfa37dc9b6b18231f11eed278f8c268a3c360b97dc7d46d0aac658ead1e8755daae5f33771f0627421f7b4a1da3b70ffcc7dd7d4c02f5cff31d91338b9458db5ac8a3429fb195debf8b37e7945e33341e778c38dd94e5b7ab930afddd99c5f18cc1c9a5949f22ce6c98608ba9d52ea900b2a03f7309f3356d686b3f5294ef0d034f9e0eb6069d04f4a97cd8dc9474d7e7c9dc4cdf4a872817c3541652eb23323349d5b670ed3f4c8d2543c249a30f57da681afa825d2c76756dc105f1a5642075b08a7dbc1bdc65fa16423c8ebe71744a7957d44d5a3fb08b5c9e0e7c36ff1cc9c60a83da482a206e956e1907ee97f898106d5febba46894e07dd02f8f6a627c86d9a4a2f26dc8d6a3c4056b7220976fa78d6dd37de749407f214a1ff3f2d481b55aeee3dc48a28f319aad83dea901490af23435a02650f058a3c70f3324ce86bbe2528a76e8e0da7d4bf0aa7b08761304c59641d0cc7e4808246f0220f3ccabd278c9eecd5e2dc937e661580c8176a557fe360c63173dd824706985e3b691b1545c07813c38e79406881d7de17cd5487450119813acffb0a4330dd096fc0792f4c0c08822fd423acc795c0c6305c372b64f247cac57873764737214a97e73a7b8e092bb7d069c408aa9e8c4e9e13e34a9d19ff75ccbfb0e88435a94d88c040836d31e3b98f9cc3db6e289e084031b25ff8cbbb07d57d84935938d0dd53593733001370299bdec844a54399719bf5c139d2b8bb00e6f0fbc21cdb3f4eab111d53ed9c1100bb41bc48fb052607a195e3afb6a414618d5faf84d6c74cfd48dd746ff1618662918864f16848862d8a6009bd1386d4ffdbbdbbfdcd760d62be1dd36b7818f4cf253fe6f67f64bff8e477d08e2de10a66b132ed7908fd0334182de208b4b36a8fdc58b5fd0d81143c154b55d2e2c30c7b09838196d19c1d6c26e3281d2a8790db17197f76422ac53b3ca3eee0ab74e9ad67d78fc6b7c5636a8c31d8f8f50a96d6fd83e51be6d2e0f67930f7fd1bbd8c35bb05d72c63e9f1213d9b1732e8abcff612d1a46a555d023db250a81a5faa113e30a7b4973f848b793b7274fc35af3ca837220ab9d72b7283dcbb339f5e0a95cd5602543605ab354ee5cc7b71b44074c6dd5cfb12145959fdc01f6b86abc1d97b307bdd08d709815d06ce6fa9ba3a7e5c9bbdbe34f2ffdf3b95416594cd415d40b91ac67cde7b318cc3b22867475da5fbcc5917e83e143d2f7c25084c325550c343c937d91b1163ff163c83363d1c1ecee0da260723d13afdc42cce913c081d6cf4db5e40397e8446790da714081b6a7b09172b6655ec43cde3981364768ea4ada2fb9a01cd325cd467f751167d4a51cf80447afe2cdd563b81f69758ec65d0c85adb063c127f312c5f84563dbd93d14fb424564fbe4bb808ee82126c33f22d0ab60debe79b3256620e3b7fe426683c310264547c2cf05acbd562add9fe7d79f210ba9841e0f8760a7b1726c1a889c276371a1afed491f9c352c907188ba3c641769e357f47bd96d2be1092c8c89f7b5907f4474b317511d19eb91e6875654253da1041176dc3cd2284cc7465a84d6ae91f716f6bb077fcdd8284ec0b20025e9cfcc82b34c37d62d8408978f5d853561c14f00222ee3129058509dc39da417dac1e806efcde60de83cb389cbff2c26aaee559dcc688bf9c0ea682baca9add0b3628b504e8ec535ef1ebc6f39b7d6b5dd9dd89f219768d2b314c48858f0777a112f27dcd73fb30016e59640f4c1c46f5ad1110c803cd26bb4667b56748f0ca0eead345cb37dbdba7eeec06af4ce3d4cd442435842e12607d9305ed2c2b6910059418822b1c41805ae6fdae6ba2d485547775f5c67f24d1feef4b6314428f24bf7d8c0e467ed8c5c3376e79fbffb45ba9d9231b089acc49eb5933663af272d9ddbc00bc8b86dfccfe4d5403b55407a20d7975d4ca2832e057a9edc86bd2704e0ab0eb73a77516f5b6d299fdf6a04ba4d93be9e7da3f8e1d6b22f7ac1024b7a1ce9687e208e93c7f9e2fd3f4a3967448ae1959dcc551ecad9c63c520cd6a01500313b9bbc6bb41ca3c6fc0deea021830d8c79f30ad430d1982cb16e40335e0de3e919315631d2ada7c416dcf8eb29b163681fd2884e155262dc59b18054b5429b3fa887f50f172417d34441ec96f546b3517f1feac11142fa99b770f6b15db8882604fce4751606f34e58a67039965cadf95e8937057e9a7cbdcdd85074818a55daf528c31d8fe660e4e6391a0d1e6507473a1d24df4ba80ceb1b980d63fe1d1665fe70f0293dd22bbf984b35a516aaf1ad0205538b8772a88c3a001ddb3c181a42e240e26bb20a8fac2b1148a046c32b431db06627c0710b9099ba116824401e64fda2f5711ed14f029439a74d8b4330ad69adf3d3a6e4e412ce8e25d18fbb6ac7829aae42325b9d01120499675a77c392295192787233e97cee4acda0a1476cdc58fba6560b06ff1c3449fe9eb9946ea4391a538415e43e0014b4a09590418c255125c25534223a9f8fe27d8080dcec8a9445545e9b11e4023b70ed9544c5fa16dccf6e78864632185526aaae88129626ffa41d7bdde8b90713e1fe60b0106ddd213a6177b87eb061540ecd1138f1e526ec01a8ffeffa9ac7603caeaa19bf53b47c96d0a29d0627fbab868cdba04bf258a957b3d15045ab5c1e6a0deb371604323624b618a48d20176721bb4b24916091a23fa8d4b9d1f883625d56709391bb0304011853b41ca4827739790caedfdeb196ad2ba236bd86e239f8e8ce7a291ff0b9326560cf75c8ba5309e3664cb0930124cf3c317137d53bde98c2c16b3b23d24964c8e3e7cda1131bceb4d25beedb2b7ad69e9f38e2b92e97f54b4a18d67dd72359a8e74c0ec73b3f5fed08da1a2221c21d7be1200de977f19cb81d95800e282551b0087b3fd7e0102a110f195152730ae7a49e4a1f73e487965a08bc6cfbaf5755d5ef2885acd0e40bcc281214798cafa98876c91a5a0913d4628353d4308dade111c02306cddf084cd3a3f0cd10d3d36757e2e4979fde6ca238e9942872f6548dccc9d7439404028ea3a347e41062bc6e2934b2204beef0b8953cd6796c55b9655c37ba19b6dfbd7c6a74d69ad9f52028e063fcc108c01a859c782ac445dc2186d76974627c1e2d6e9dfe796bd621f50cbdedd2780203ba70e5207f66f27642073bef3c00e3014d26390885977e4082af8c8955f25e3ace2c37d9137952d9cd7048bd7088e54d673e43d78d4983e785162d4ecc312195c964317dc445e2a5bb7160ae3cbd0ffb7b8b0313955813377ab8c9233c64bbc62bdecbb257862dab6eb13db0a4493ba82d8534139c2b1035c9abdaead46685c08584a15d699e39cbb271ffbd9904baeaec9154e35f405ec5d30240acd108090850f6e21769eae4eda342e0de2916aff5051651c1fc2a4f729a7209aab1914aa7e501ef54b4b5c1329d1de5e1b363829ffdbec9ce2ebb9f595762644b3155e0161c6c2684332a4e558bf1ca7e6a23bdb446a6613dc41c1dee33d55828ae1fbe9a893b59d5157e9e0d45ac24617af38f6a2475bc09b2dff895b5eadcf5c03583465ea397cd99409a82419a0340a6f975d6744739e5b8f12ae986f9127f7af66a1e45500dbd00ad393c1aea76fdc494eb749fadcb7d2d58460774f8a2d1e512f9ed943d4c6f4eb82b5c9b429cb0f0dd78d795dfb026a032b1a8820c5076935e78d29e79d04de91a02338e729227f99ca1c51f728d7c778bc0fce82d531fca827bab87a4aeea636d688416830bbbeba8e919336105fc69bc5deed447e02afd9cfb378b5f1f0d2df8daa6c8706231305e622fb3b22a02682d4171db2594affc0e6d95745f411da25e494d3b69228752ff35e963ef0f175243fd22bce2d3af150a0229567f90f5663712727c009f2f6b4223c1292ddea1b926e05a7b6fe1d782c5e18022b9b292831f35b2fa1222970e771441c2c9176d677335bbab22fe0001aeb98f5b10c063aafdce4c705e6387e1f715988de34f8628d7ce2e49d7d74975c798a5e485cd4ae420cf890eb0e7dfd2c9144614ce45d106ccf8ad0c28ccf1a34e184604ccb9c49ff30b7f19cacac0fe78acdf11e1505e966d02874abcc05e581a326b2a51ef51c159307b6d49db8fdcda7ef7378bb8444277a5e23cdfa64720a76f14f7fe145c829667cb9f12f78574394428bdc073bc383d2da451a35a3798b61fe7b3550f93a1a1f8f4e3dae22db3b6f85927c942a05d00231c507b15f38f5c0885df460779013630a0649cc1fcc6c5ff0740a8408c20b5a9ade485aa51c1b6ea09c3198192567b587d776151943a0465de3eec88e04e22788c145f5e54ecef8e30ade94d4a97b6c8c1ac76a06824be620036bc4e8580c8eb0222c88612a69f929fd3e6b86504c7e414db6e39523c0531bc1ba18e802adcb58474eaa5a714560f72e9ab9bdf12a14f3948106872eb18248c8e3db271b6cadd92792b4944b76997f1301e9e500bcfa91c72c1b985f3438ed119f5ce1da90860a573101bc1a2d6c7123584fb06fc6ed44025d8909725997e04f4a824b58f333fe9d8ef898ae3ec0ce2a18d0d5cd73b71bb16e3ca53d33a7b3f5941d1861f619ee12236f9adb02f6280fed5b3a60ec6843aa05b37019c78753be7e54270365f2405e845c7be99c1fc8b6760b56d84fb5b711d47b7daaf23e59dbbed1be9c098ec33a30b104ea2a79ada3e7f092a3f9770b3f536e7b15322d9f220bd00a08e95d885a48026b57327e8b97fc6b2b4bd933a6802c1f8f255ca60bcccb288728be5216083bc45bc181d855376ce33119f5f8eb0979681b41f2897d23c01180252485cfb5b46116a21a5a87f9d4fa15d6e84174df1dcb32a3ccd0224d57fa5c728d9fef3f44a0a2e4c8be97356e640b23e78926f565befed8bb61ddce07b5601d2f41be169f2c934e63edf82d1ad6cc4a89ab358b4a2b0870390cc1dc3f2eba4c9d9c3bc77d742226e05a6a690499293e050dc0b2afec6d6872e279a0bb619f61eb3a9c11a47a357a80b8d6c39fc42c4079e2ac418e0cb3bf8ddeab94bda1ceeabb19fac14787e4f90cf0a99f2ca80bc8bb88dd00e8639c3059b01c1a38120672b62b3c02e0b2a760d5ca8b938283702d6bf353d22657dec7b722e2961c053d36966401fedac12b9a83fd323d54d45dfeee46398c2d55080c07dfcc340feae813417eca20ff5ea6ea4ad5945bc8a4bb0b91b090971fbaf362984a5de3cebd421255a863a1578ee59cace6cd50b8ee4aa8e0deed9622e9c46337d470514e5666a8ff3fd065afc0303439a2906877c5a68a2222e64f1d164b44c0acb6dc0841e228e852d2c84fde767f09b82fc3c6243f67473f6357d315c3565fcd7bf9c5f673c9c41f6501b46bf69ad4f415c1e06bc1664f2f4ce99aadec9f1271081145db1d1f8468703b3a16baf2704c08c475936f42a1c6db590decc51890c0e64dac451a01e2999af060833e9f3671bff975728", 0x2000, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000a80)={0x1020, 0x0, 0x0, {0x81, 0x0, 0x7dd73e28, 0x7ff}}, 0x0})

1m0.197625556s ago: executing program 9 (id=1886):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000180)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@newlink={0x3c, 0x10, 0x437, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r4, 0x5120b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r4}]}}}]}, 0x3c}}, 0x4000010)
sendmmsg$inet(r2, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)

59.91132552s ago: executing program 37 (id=1886):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000180)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@newlink={0x3c, 0x10, 0x437, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r4, 0x5120b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r4}]}}}]}, 0x3c}}, 0x4000010)
sendmmsg$inet(r2, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)

18.012770276s ago: executing program 0 (id=2434):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f00000009c0)=@nat={'nat\x00', 0x19, 0x0, 0x90, [0x200000000500, 0x0, 0x0, 0x200000000530, 0x200000000560], 0x0, 0x0, &(0x7f0000000500)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)

17.787741619s ago: executing program 0 (id=2439):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000300)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x88, 0x0, &(0x7f0000000c80)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, @reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

17.590271062s ago: executing program 0 (id=2444):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, {}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x2b}, 0xa, @in6=@private1, 0x0, 0x4}]}]}, 0xfc}}, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x47f8, 0x0, 0x0, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$ITER_CREATE(0xb, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = socket$inet(0x2, 0x2, 0x1)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x4010)
sendmsg$inet(r1, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x4e23, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x4004814)

17.448942004s ago: executing program 0 (id=2445):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x400, &(0x7f0000000000)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x1, 0x4bb, &(0x7f0000000580)="$eJzs3cuLXFUaAPCvqtLP9EweMwxJBiaBDGQepKsfDOmemcUMDMzMIjBMwI1CbLsrbUx1V9NVHdNNFh3dZeFCFAVx4d6/wI1ZGQVxrXtxIRGNLagglNxbVUm/KpaxUyV9fz+o9Dn33NR3Thff4da59/YNILNOJf/kIkYi4oOIONSobt3hVOPHxt3rs8krF/X6hc9z6X5JvbVr6/8djIj1iBiMiP//O+Kp3M641dW1KzPlcmm5WS/WFpaK1dW1s5cXZuZL86XF8alz09NTY5MT03s21psvPHPz/Fv/7X/z6+fv3H7xnbeTbo002zaPYy81ht4XRzZtOxARf38UwXqg0BzPUK87wkNJPr9fRcTpNP8PRSH9NIEsqNfr9e/qA+2a1+vAvpVPj4Fz+dGIaJTz/6qPNo7hfx3D+XKlWvvzpcrK4lzjWPlw9OUvXS6XxprfFQ5HXy6pj6fl+/WJbfXJiPQY+KXCUFofna2U57o71QHbHNyW/18V8vnRpBJ/6nXXgG7wlR+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kN2yX/IpP+dP5+86q373+eurq5cqVw9O5fMCQsrs6OzleWl0flKZT69Z2fhh96vXKksjf8lVq4Va6VqrVhdXbu4UFlZrF1M7+u/WOrryqiAThw5eeujXESs/3UofSX6m21yFfa3ej0Xvb4HGeiNQq8nIKBnLP1BdvmOD+zyJ3q3GGzXsLT3fQG6I9/rDgA9c+a483+QVdb/Ibus/0N2OcYHrP9D9lj/h+wa2fn8r/T5P7/Y9OyusYj4ZUR8WOgbaD3rC9gP8p/mmsf/Zw79fmR7a3/um/QUQX9EPPvahVeuzdRqy+PJ9i/uba+92tw+0Yv+A51q5WkrjwGA7Nq4e3229epm3M/+2bgIYWf8A821ycH0HOXwRm7LtQq5Pbp2Yf1GRBzbLX6u+bzzxpmP4Y3CjvhHmz9zjbdI+3sgfW56d+If3xT/d5vin/jJvxXIhlvJ/DO2W/7l05yOe/m3df4Z2aNrJ9rPf/l781+hzfx3ssMYT7/+3Cdt49+IOLFr/Fa8wTTW9vhJ3850GP/OE4/9pl1b/Y3G++wWvyUpFWsLS8Xq6trZ9O/IzZcWx6fOTU9PjU1OTBfTNepia6V6p78de//2g8Y/3CZ+u/H/o9mnP3Y4/m9/+97jpx4Q/w+nd//8j7aJnxj6EU/o/3Li4yfbtSXx59qMP78z/rvD0WqNmOwwfvXl/wx0uCsA0AXV1bUrM+VyaVlBQeEhCgM/j27seaHXMxPwqN1P+l73BAAAAAAAAAAAAOhUNy4n7vUYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2g+8DAAD//3bC1tg=")
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000540)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000002280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r2, 0x0, 0x40004)
write$FUSE_NOTIFY_RETRIEVE(r0, 0x0, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000440)=@known='trusted.overlay.upper\x00', 0x0, 0x4000)

16.801334972s ago: executing program 0 (id=2454):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
socket$inet6(0xa, 0x6, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x6, &(0x7f0000000000)={0x1})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r2, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8})

16.22807318s ago: executing program 0 (id=2461):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0x14, 0x30, 0xb, 0x5}, 0x14}, 0x1, 0x0, 0x0, 0x8890}, 0x40)
ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000240)={0x0, 0x0})
r2 = mq_open(&(0x7f0000000280)='\xa1sxt\x1a\x00\x00\x00\x00\x00\x00\x00\x01\x88\xbdd\xebr\x96\xce0\xfa\\t\xaf\xe4\x94r^T\x83H\xb9_\xd2F\xea\xea\x98\xe6r\x7fo\xff\xdc\xb88\xd5', 0x6e93ebbbcc0884f2, 0x100, &(0x7f0000000300)={0x7fff, 0x1, 0x3})
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r2, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)

16.007732533s ago: executing program 38 (id=2461):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0x14, 0x30, 0xb, 0x5}, 0x14}, 0x1, 0x0, 0x0, 0x8890}, 0x40)
ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000240)={0x0, 0x0})
r2 = mq_open(&(0x7f0000000280)='\xa1sxt\x1a\x00\x00\x00\x00\x00\x00\x00\x01\x88\xbdd\xebr\x96\xce0\xfa\\t\xaf\xe4\x94r^T\x83H\xb9_\xd2F\xea\xea\x98\xe6r\x7fo\xff\xdc\xb88\xd5', 0x6e93ebbbcc0884f2, 0x100, &(0x7f0000000300)={0x7fff, 0x1, 0x3})
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r2, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)

4.36755577s ago: executing program 3 (id=2616):
syz_usb_connect(0x2, 0x52, &(0x7f00000011c0)={{0x12, 0x1, 0x200, 0x2, 0xe5, 0x98, 0x40, 0x2639, 0x11, 0x4e18, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x40, 0x2, 0x5, 0xb9, 0x10, 0x81, [{{0x9, 0x4, 0x44, 0x2, 0x1, 0xff, 0x4c, 0xe0, 0xf, [@uac_control={{0xa, 0x24, 0x1, 0xde25, 0x10}, [@mixer_unit={0x5, 0x24, 0x4, 0x1, 0x5}]}], [{{0x9, 0x5, 0x1, 0x0, 0x40, 0x6, 0x0, 0x4, [@generic={0xe, 0x4, "34ccb0fd74d82cefe1251f73"}]}}]}}, {{0x9, 0x4, 0xc5, 0xb, 0x0, 0xa7, 0xea, 0xd, 0x3}}]}}]}}, &(0x7f0000001e00)={0x0, 0x0, 0x0, 0x0})
ioctl$HIDIOCGUSAGE(0xffffffffffffffff, 0xc018480b, 0x0)
syz_usb_connect$hid(0x1, 0x0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x1, 0x0, 0x0, 0x0)
read$hiddev(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep2(0xffffffffffffffff, 0x83, 0x0, 0x0)
syz_usb_connect$hid(0x1, 0x0, 0x0, 0x0)

2.422650437s ago: executing program 3 (id=2647):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

1.913326334s ago: executing program 7 (id=2656):
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000000)
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x4000, &(0x7f0000000000)={[{@nodiscard}, {@test_dummy_encryption}, {@nolazytime}, {@orlov}, {@data_err_abort}, {@usrjquota_path={'usrjquota', 0x3d, './file0'}}, {@nobarrier}, {@quota}]}, 0xa, 0xbc2, &(0x7f0000002a40)="$eJzs3M9rXNUeAPDvvZlM0zbvTfp4PF7f5kVEWhCnSSXFFsFWKm5cCLoVGtJJCZn+IInUpAEn+g+IuhbcCGpRXNh1N4pu3Wi7VVwIRWKjIKKROz+S2GTS1M70punnA2fuOffM3PP9zmXmngNzJ4AH1mD2kEbsj4hTSUSpuT+NiGK91hdRazxvaXF+7JfF+bEklpdf+DGJJCJuLs6PtY6VNLd7m42+iPjq6ST+9fr6cadn5yZHq9XKVLN9aObshUPTs3OPTZwdPVM5Uzk3fOSJkcMjR4aOjnQs11+/PX7l54ee/b722we/X/7prfeSOB79zb61eXTKYAyuvCcNr9YfCxEx2unBctLTzGdtnknhNi9KuxwUAABtpWvmcP+JUvTE6uStFJ99nWtwAAAAQEcs90QsAwAAADtcYv0PAAAAO1zrdwA3F+fHWiXfXyTcWzdORMRAI/+lZmn0FKJW3/ZFb0TsuZnE2ttak8bL7tpgRHx3/ejHWYku3Ye8mdpCRPx3o/Of1PMfqN/FvT7/NCKGOjD+4C3t+yn/4x0YP+/8AXgwXT3RuJCtv/6lK/Of2OD6V9jg2vV35H39a83/ltbN/1bz72kz/3t+i2Ncev+di+36svyfvPLMR62SjZ9t7yqpO3BjIeJ/hY3yT1byT9rkf2qLY5T+uFhp15d3/svvRhyIjfNvSTb/f6JD4xPVylDjccMxFr4c+bDd+Hnnn53/PW3yb/3/U7vzf2GLY7x08uQn63ZeX61unn/6QzF5sV4rNve8MjozMzUcUUyeW7//8OaxtJ7TOkaW/8GHN//8b5R/9p1Qa74P2VpgobnN2q/dMuZTly992i6e1vovz/N/us35X5v/F4X15/+NLY7xyOdvHmzXt3b9m5Vs/NZaGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABa0ojojyQtr9TTtFyO2BsR/449afX89Myj4+dfPnc664sYiN50fKJaGYqIUqOdZO3hen21ffiW9uMRsS8i3i7trrfLY+erp/NOHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBV7I6I/krQcEWlELJXStFzOOyoAAACg4wbyDgAAAADoOut/AAAA2Pms/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiyff+/ei2JiNqx3fWSKTb7enONDOi2NO8AgNz05B0AkJtC3gEAubnDNb7pAuxAyW36+9r27Op4LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABsXwf2X72WRETt2O56yRSbfb25RgZ0W5p3AEBuejbrLNy7OIB7z0ccHlzW+EBym/6+1efU/tqzq2sxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALD99NdLkpYjotjcVy5H/CMiBqI3GZ+oVoYi4p8R8U2pd1fWHs45ZgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADpvenZucrRarUxllTSalZU993Olr5lipw6YNA5XyzsvlQ5VirEtwtimlTy/lQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyMv07NzkaLVamZrOOxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgb9Ozc5Oj1WplqouVvHMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/fwYAAP//aKcHlA==")
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@noauto_da_alloc}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@dioread_lock}, {@norecovery}, {@discard}, {@lazytime}, {@noload}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNFlGk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvedNmatFmXrZn5fOC259x703NPzv2enpOTkACG1mT2oxDxakR8m0Qcajs2GvnByfXz1h5cm8u2JBqNz/5KIsn3tc5P8t/jeeaViPjt64gThc3l1lZWF0vlcrqU56fqlctTtZXVkxcrpYV0Ib00Mzt7+p3Zmfffe7dvdX3z3D8/fHrno9PfHFv7/pd7h28lcSYO5sfa6/EUrrdnJmMyf07G4sxjJ073obBBkuz2BbAjI3mcj0XWBxyKkTzqgf+/ryKiAQypRPzDkGqNA1pz+z7Ng18Y9z9cnwBtrv/o+msjsa85NzqwljwyM8rmuxN9KD8r49c/b9/Ktujf6xAA27p+IyJOjY5u7v+SvP/buVM9nPN4Gfo/eH7uZOOftzqNfwob45/oMP4Z7xC7O7F9/Bfu9aGYrrLx3wcdx78bi1YTI3nupeaYbyy5cLGcZn3byxFxPMb2Zvmt1nNOr91tdDvWPv7Ltqz81lgwv457o3sffcx8qV56mjq3u38j4rWO499ko/2TDu2fPR/neizjaHr79W7Htq//s9X4OeKNju3/cEUr2Xp9cqp5P0y17orN/r559Pdu5e92/bP2P7B1/SeS9vXa2pOX8dO+f9Nux3Z6/+9JPm+m9+T7rpbq9aXpiD3JJ5v3zzx8bCvfOj+r//FjW/d/ne7//RHxRY/1v3nkZtdTB6H955+o/Z88cffjL3/sVn5v7f92M3U839NL/9frBT7NcwcAAAAAAACDphARByMpFDfShUKxuP7+jiNxoFCu1uonLlSXL81H87OyEzFWaK10j7e9H2I6fz9sKz/zWH42Ig5HxHcj+5v54ly1PL/blQcAAAAAAAAAAAAAAAAAAIABMd7l8/+ZP0Z2++qAZ85XfsPw2jb++/FNT8BA8v8fhpf4h+El/mF4iX8YXuIfhpf4h+El/mF4iX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoq3Nnz2ZbY+3BtbksP39lZXmxeuXkfFpbLFaW54pz1aXLxYVqdaGcFueqle3+XrlavTw9E8tXp+pprT5VW1k9X6kuX6qfv1gpLaTn07HnUisAAAAAAAAAAAAAAAAAAAB4sdRWVhdL5XK6JCGxo8ToYFyGRJ8Tu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/wUAAP//y284sw==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000004100)={0x2020}, 0x2020)

1.45677559s ago: executing program 7 (id=2664):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x6, 0x4, 0xfff, 0x7, 0x88, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0xa3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
syz_emit_ethernet(0x2e, &(0x7f00000002c0)={@random="5b1a033f2511", @empty, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x20, 0x64, 0x0, 0x0, 0x11, 0x0, @empty, @empty=0xe0000001, {[@ra={0x94, 0x4}]}}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_usb_connect(0x3, 0x3c, &(0x7f0000000380)=ANY=[@ANYBLOB="120101000814c910be0632a2f333010203010902120001000000000904"], 0x0)

1.42965835s ago: executing program 3 (id=2665):
r0 = open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x38)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(0xffffffffffffffff, 0xc1004110, &(0x7f00000000c0)={0xfffffffe, [0x3b, 0xffff0000, 0x40], [{0x0, 0x9, 0x1}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}], 0x35})
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
socket$inet(0x2, 0x2, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev={0xac, 0x14, 0x14, 0x40}}, 0x10)
sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1=0xe000030a}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0x2}], 0x1, &(0x7f0000000080)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @dev}}}], 0x20}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.365909831s ago: executing program 5 (id=2667):
request_key(&(0x7f0000000240)='encrypted\x00', 0x0, &(0x7f0000000280)='\x00\xa8\xd8~3[q\x1f\x80\xc8\xcd\xd0\xa6\xd2G\xbb}\x1b\xd40\xb7\x1c^T\xb9\xeb\xda1\a]2F\x02\x8f\x0f\xb9K\x06S\xae\xac\x8d\xa89\xf9A\xe85\x93\xd8\xa0L8\x87\x16\xc8\xd7:\xeb\x19\xb1\xb7\xf4\x8c\xa0\xf6\xee\xdf\xf0\x11Y\x81p\xa3b\x8dvHf\xea\xe9\xe5\xce\xcb\x05\xef\x82\x8cYXo\x0e\xa2\b\x1c\xeb;J\x81c\x91[\x8a\x81O\x93g\xd9\xaf\x97\x99\t\xe6?#\x85', 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x2a, 0x2, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000780)=@gettaction={0x14, 0x32, 0x1, 0x70bd29, 0x25dfdbfc}, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000540)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=@newtfilter={0x40, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xfffa, 0x4}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8}]}}]}, 0x40}}, 0x24000000)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.291276172s ago: executing program 5 (id=2668):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ef00000000bfa200000000000007060000f8ffffffb703000008000000b70400002728b948850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
listen(r1, 0x3)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

1.216215493s ago: executing program 3 (id=2671):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x304}, "5d4b42fac245ae74", "21cb70af1a8d3978b3ad1a2c6ede97acca25f6a9000bab0d716e9ebdee04ab7e", "b65dab43", "9a2c4361134d8abe"}, 0x38)
ioctl$int_in(r1, 0x5452, &(0x7f0000000280)=0xfffffffffffff6d5)
recvmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000002c0)=""/114, 0x72}], 0x1}, 0x20)

1.099010185s ago: executing program 4 (id=2675):
inotify_init1(0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x3ffe, @dev}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x13, &(0x7f0000000040)=0x80000001, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r3}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x48}}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0), 0x4)

1.098078345s ago: executing program 5 (id=2685):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0500000004000000032000000c"], 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002200000018010000202070250000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)

953.366716ms ago: executing program 4 (id=2676):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000000c0)={0x4c, 0x0, &(0x7f0000000800)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000240)={@flat=@weak_binder={0x77622a85, 0x1100, 0x3}, @flat=@binder={0x73622a85, 0x100}, @fd}, &(0x7f00000001c0)={0x0, 0x18, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})

952.428806ms ago: executing program 1 (id=2687):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0500000004000000032000000c"], 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002200000018010000202070250000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)

948.016237ms ago: executing program 5 (id=2688):
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x18, 0x3, 0x0, &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x4000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ffffffff850000002d000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='kfree\x00', r2}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet(0x2, 0x2, 0x1)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x4010)
sendmsg$inet(r3, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @remote}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f00000004c0)="1ed8b7f9d457", 0x14}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000000)

913.765267ms ago: executing program 4 (id=2677):
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x201, 0xb})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0xffffffff85000014, 0x4, 0x7, 0x0, 0x0, 0x0, 0x0, 0x100}}, 0x50)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x4b)
syz_fuse_handle_req(r0, &(0x7f00000087c0)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005edba97116e223fb000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x8}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000067c0), 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="780000000000000002000000000000040000000000000000000000000000000004"], 0x0, 0x0, 0x0, 0x0})
getdents(r2, &(0x7f0000000700)=""/90, 0x5a)

888.896708ms ago: executing program 5 (id=2678):
r0 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ppoll(0x0, 0x0, 0x0, &(0x7f00000000c0)={[0x8001a0ffffffff]}, 0x8)
ioctl$int_in(r1, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
fcntl$setsig(r1, 0xa, 0x12)
ppoll(&(0x7f0000000100)=[{r2}], 0x1, 0x0, &(0x7f0000000080)={[0x8001a0efffffff]}, 0x8)
dup2(r1, r2)
fcntl$setown(r2, 0x8, r0)
tkill(r0, 0x13)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

880.604978ms ago: executing program 1 (id=2679):
syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f0000000c00)={0xdf, 0x0, 0x1000})
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x759, &(0x7f00000000c0)={[{@noinit_itable}, {@jqfmt_vfsv1}, {@noload}, {@errors_remount}, {@sb={'sb', 0x3d, 0x6f9}, 0x0}, {@noload}, {@orlov}, {@grpquota}, {@commit={'commit', 0x3d, 0x7}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2}}, {@bsdgroups}, {@jqfmt_vfsold}], [], 0x2c}, 0x0, 0x511, &(0x7f0000000400)="$eJzs3EtrXGUfAPD/mSRN87Z9k7fv+6q9aEerGBSbJr0uXLRFoRtBUKRuhJikpTZtpYnQlmBTkRZcKP0EXnaCn8CVbkTFheLW4laEItm0upAjZ+acdJLJ5NZMhiS/H8zkObd5nv8558k8l5kJYMMqZ09JxNaI+CUiuquLM3coV//cm5oY+nNqYiiJNH3lj6Sy392piaFi1+K4LflCbymi9H4Su+qz7Ry7cvXc4OjoyKV8Rd94KU+dHzwzcmbkwsDRowcPdB05PHBoReLMynR357sXd+84+fqtl4ZO3Xrzuy+y8qb59to4qnoqz5sWnUNb3ZpylGeeyxpPLb7oa8K2mnTSnj2XWlcYFi27a7PL1VGp/93RVlmq6o4X32tp4YCmStM07axbO/1eNpnWSpLqAWl6PQXWgSRaXQKgNYo3+rtTWU91Yqi+HxwRXU1tgrTUneNR6QFlcd/LH9Ut7ZUebLmn2jfqaFL+/4uIU5N/fZw9Ys5xCACAlfXV8YibJ6rtjuJR3VKKh2r2+3c+N9QTEf+JiO0R8d+8/fL/iMq+D0fEIzXHbF3ELEB51nJ9++enovVZ21xdMVn77/l8bmtm+2+65D1t+dK2SvwdyemzoyP783PSGx2d2XJ//UtPD6t9/cLPHzXKv1zT/sseWf5FWzAvx+/tswbohgfHBx807sKd65UTe60+/iTakyIVsSMidi7j9bNzdvaZz3c32j4j/izOuvg/bPzi7cso0CzppxFPV6//ZMyKP/L5v6QyP3n+7b6xK1efO1s7P9l/5PDAob7NMTqyv6+4K+p9/+ONl/NktRvxxv1t81z/omo0dSItu/7/mvP+n5657MlS0/O1Y0vP48btmw37NMu9/zclr1bSxfzs5cHx8Uv9EZuSyfr1A/ePvTzYNWP/LP7evXPX/+0Rf3+SH7crIrKb+NGIeCwi9uRlfzwinoiIvfPE/+2JJ99q1IVcOP7myuIfXtL1b5Q49kPE3Jvazn3zZV3GH5Tr4u+IRtf/YCXVm68ZHhzfvFBc85W0NvHAJxAAAADWgD2VcdqktC8faNoapdK+fRFbpkdQxsafPX3xnQvD1fHcnugoFSNd3TXjof352HC2nB01ULOcbT9QGTdO0zTtypaz/vvottaGDhvelgb1P/Nb/VdagPVmSfNojb7RBqxJs+v/7UUfufIfyABW1wp8jgZYo5ZU/yebVw5g9S26/jfrW3BAy8xV/69F3GtBUYBVNlf9f61uzbFVKQuwuoz/wca1/PrvwwCw1nn/hw1pUV+SX0Zi+8l59knam5Np40Qp5v8VgJ6IYk3Rppn/BX8tRVwpfpnmgUrYtqKRds24pqU599kcK5FXlBbcp30JP8SwuolSq4vRVbOmMyIWuHun77FrReJqs0tYubM/m/XvYh3/EigAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALBe/RMAAP//DIzRGA==")
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0xb10, 0x0, 0xc8, 0x8, 0x170, 0x5803, 0xa40, 0x2e8, 0x2e8, 0xa40, 0x2e8, 0x3, 0x0, {[{{@ipv6={@empty, @private2, [], [], 'pim6reg0\x00', 'wlan0\x00'}, 0x0, 0x128, 0x170, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@devgroup={{0x38}, {0x5}}, @common=@dst={{0x48}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}, {{@uncond, 0x0, 0x8b0, 0x8d0, 0x0, {}, [@common=@unspec=@u32={{0x7e0}, {[{[{}, {}, {}, {}, {}, {}, {}, {0x0, 0x47e6500d6fd55229}], [{}, {}, {}, {0x10000000}]}, {[{}, {}, {}, {}, {}, {}, {0x0, 0x1}], [{}, {0x7}]}, {[{0x0, 0x2}]}, {[{}, {}, {}, {}, {}, {}, {}, {}, {0x5333}, {0x0, 0x1}]}, {[], [{}, {}, {0x2}]}, {[], [{}, {}, {}, {}, {}, {}, {0x0, 0x4000000}]}, {}, {[{0x0, 0x2}]}, {}, {[{}, {}, {}, {}, {}, {}, {0x0, 0x2}]}, {[], [], 0x0, 0x2}]}}, @inet=@rpfilter={{0x28}}]}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0xb70)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, 0x0)

867.632148ms ago: executing program 4 (id=2680):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x20}, 0xc)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$sock(r2, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000080)=' ', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)="a6d7", 0x2}], 0x1}}], 0x2, 0x4048805)
shutdown(r2, 0x1)

347.202555ms ago: executing program 3 (id=2681):
gettid()
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x30, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x99}]}, 0x30}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)

346.955435ms ago: executing program 4 (id=2682):
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f00000007c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x21c046, &(0x7f0000000940)=ANY=[@ANYBLOB="6e6c733d6370313235302c6e6f626172726965722c63726561746f723dbd3c66f52c7569643d", @ANYRESHEX=0x0, @ANYBLOB=',force,umask=000000005,\x00'/38], 0x3, 0x6a4, &(0x7f0000000100)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1000, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x91905a, 0x0)
mount$bind(&(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000dc0)='./file0/file0\x00', 0x0, 0x1145d10, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
read$FUSE(r0, &(0x7f00000029c0)={0x2020}, 0x2020)

344.437955ms ago: executing program 1 (id=2694):
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x201, 0xb})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0xffffffff85000014, 0x4, 0x7, 0x0, 0x0, 0x0, 0x0, 0x100}}, 0x50)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x4b)
syz_fuse_handle_req(r0, &(0x7f00000087c0)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005edba97116e223fb000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x8}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000067c0), 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="780000000000000002000000000000040000000000000000000000000000000004"], 0x0, 0x0, 0x0, 0x0})
getdents(r2, &(0x7f0000000700)=""/90, 0x5a)

343.809835ms ago: executing program 7 (id=2683):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001540)=@newtfilter={0x40, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x10, 0xfff1}, {}, {0x7, 0x10}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}, @TCA_CHAIN={0x8, 0xb, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x2008c014)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newtfilter={0x24, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {}, {0x7, 0x10}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x2008c014)

277.834816ms ago: executing program 1 (id=2684):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x500, 0x40)
getdents64(r3, 0x0, 0x0)

147.150518ms ago: executing program 1 (id=2686):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x91, 0x7fff0006}]})
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvmmsg$unix(r1, &(0x7f0000005100)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)=""/94, 0x5e}], 0x1}}], 0x1, 0x0, 0x0)
openat$audio(0xffffffffffffff9c, 0x0, 0x22301, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

147.033838ms ago: executing program 3 (id=2689):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000280)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fc00101}]})
socket(0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000680)={<r2=>0x0})
ppoll(&(0x7f0000000040)=[{r1, 0x1}, {r1, 0x1001}], 0x2, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f0000000300)={r2})

146.474738ms ago: executing program 7 (id=2699):
gettid()
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x30, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x99}]}, 0x30}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)

100.136538ms ago: executing program 7 (id=2690):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000000c0)={0x4c, 0x0, &(0x7f0000000800)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000240)={@flat=@weak_binder={0x77622a85, 0x1100, 0x3}, @flat=@binder={0x73622a85, 0x100}, @fd}, &(0x7f00000001c0)={0x0, 0x18, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})

100.041198ms ago: executing program 4 (id=2691):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
shutdown(r0, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
socket(0x1e, 0x4, 0x0)
socket(0x1e, 0x4, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
unshare(0x28020480)
pselect6(0x73, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3fe}, 0x0, 0x0)

59.957328ms ago: executing program 7 (id=2692):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="2000000010000100760100000475000000000000", @ANYRES32=r1, @ANYBLOB="9a"], 0x20}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x26e1, 0x0)
close(r3)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
ioctl$SIOCSIFHWADDR(r3, 0x8b06, &(0x7f0000000000)={'wlan1\x00', @random="060000000010"})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8b04, &(0x7f0000000200)={'wlan1\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x34}})

4.72654ms ago: executing program 1 (id=2693):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff00000000000109022400010000000009"], 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000380)={0x3000, 0x34000, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000040)={0x0, 0x7000, 0x1})
openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

0s ago: executing program 5 (id=2695):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x4, &(0x7f00000022c0)={[{@uid}, {@nodecompose}, {@umask={'umask', 0x3d, 0x1}}, {@barrier}, {@force}, {@force}, {@gid}, {@nls={'nls', 0x3d, 'koi8-ru'}}, {@nobarrier}, {}]}, 0xfc, 0x6e0, &(0x7f0000000580)="$eJzs3c1vHGcdB/Dv7K7fUtE4bdIWVImoEQURkfhFKQQJJSCEfKhQBAckbiZxGiubtLJdcCME4f3aQ/+A9pAbJyTuQeUMFwRHi1MlRC+cfFs0s7Prje111nESx/D5VLPzzDzvv52Z3dnUmgD/txbOpnU/RRbOvrlebm/cm29v3JufqLPbScp0I2l1VyluJ8XHyeV0l3y23FmXL4b188Hyxe/9/T8bn3S3WvVSlW/srPfzTpIvjD6Lu/WS00ma9XqnsW3bE8nkw9u7OrS9fit9u8+/6OeUATvTCxwcts4Od/dTfej5DhwdRb7xmd32TyfH0v2YrD7n6qtD4+mO7vHb11UOAAAADtnCv0/N7af8VL0+vpnNrB/523gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4qoqk2V1VS6OXPp2i9/z/8Xpf6vSRdv+wBwAAAAAAAAAAO4w9sDWeZKK3cWn3Gp/fzGbW83xvu1NU/+b/WrVxsnp9Lu9mNUtZybmsZzFrWctKZpNMD3a2vri2tjI7Qs25XWvOPTiu5mgTnhytGAAAAAAAAAD8z/tlFrb+/R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4FRdLsrqrlZC89nUYryWSS8bLc3eSvvfQRUey28/7THwcAAAAcyOQj1Dm+mc2s5/nedqeo7vlfqu6XJ/Nubmcty1lLO0u5Vt9Dl3f9jY178+2Ne/O3yuXAQ69aTPe3h917fqUqMZXrWa72nMvVajDX0qhqlv6Z5FZvTDvH9YtPy7Yvdf1kxJFdq9dlZ+/3fkWYOPCEH4PppNXIWD8iM9XYugfBicEo7IzENz8d1ujl7qq1vacM9jSbRv+Xn5PdHsrkQ2N+acSZHavX5Xx+O+yXm8dtcqvTu0ML9SPRSBWJuYGj76W9Y5588Y+/f/9G+/bNG9dXzz6VKT1J24+J+YFIvDxCJH7wzEaitXd2Y/uOmWrnqd7mR88l+X7O5nSuZCXL+XEWs5alFPVMF+vjuXyd3jtSlx/YujJkAH3j9fvSrMv1x5SFfGfXMZ3Ot6vUYl6r6j6f5RR5O9eylDeq/+Yym6/mQi7k4sA7fGrouKu5VWd9Y39n/Zkv1YmpJL+r14ete1Eo43piIK6D19zpKm9rz9hAlF7Y+93deW18+JRbn6sTZR+/2vNoeNq2R2J2IBIv7h2Jjzrl62r79s2VG4vv7PLp2inGqvXfziSdTnff63VeecT95uFff/500Pk9xMB1rDxeXshkfSU5kbHu0Jq9vBf7V5kqXuOD9U728x78xB3PZHk+N7o9dc/U7w49U8fr73A7W5qr8l7eNW++yntlIG/w+1bydtr970MAPMOOffnY+NS/pv4y9eHUr6duTL05+a2Jr028Op6xP499vTXTfL3xavGHfJifbd3/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj271vTs3F9vtpZXdE43m0KwhiXTu3FzsPcln1FpZLeon6eyrr8NK9B/584yM54kkih17yhk/ni56Tz7aX62ZnUfU5cMM1D/2WyuTA1NuDi18rE50jnejtK8uprcfmcmQwhPdYDaHnKf1W/QoDxcFjoTza7feOb/63p2vLN9afGvpraXbYxcuXJy5eOGN+fPXl9tLM93Xwx4l8CRsfW8HAAAAAAAAAAAAjooR/67gyg9/VP0fgo/09xKHPUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgaFs4m9b9FJmdOTdTbm/cm2+XSy+9VbKVpNFIip8mxcfJ5XSXTA80Vwzr54Pli80kn2y11eqVb+xRrzMx0izu1ktOJ2nW6wN4oL2rB26v6M+wDNiZXuDgsP03AAD//9ev6fg=")
r0 = epoll_create1(0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x80002, 0xa)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a})
read$FUSE(r1, &(0x7f0000001600)={0x2020}, 0x2020)
dup2(r0, r1)
epoll_wait(r0, &(0x7f0000000080)=[{}], 0x1, 0x0)
open(&(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800, 0x20)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000340)='./file1\x00', 0x1804810, &(0x7f0000000180)=ANY=[], 0xf6, 0x67b, &(0x7f0000001780)="$eJzs3c1vHGcdB/DvbDZrb1qCmyZtQJVqNRIgIhI7VgrmQkAI+RChqhw4W4nTWNmkxXaRWyHq8HrtoX9AOfiCOCFxj1Q4cIFbb8jHSkhceqk5LdrZWXttr93dvNhO+Xyi8fPMPPM885vfszP7pmgD/N+au5j6gxSZu3h9tbO+sT7T2lifudurJxlLspbUk9SSFJ+12+2PkmtJsTVMsavc44PF2dc//nTjk+5avVrK/WsH9dul2m9t1+a13rbJJCeq8hHsGO/GI49XbEV+LcmFqoQjdzJJe4ef/f3ZrZY+zUG9xw8lRuDJKrrPm3tMJKeqC73zOqD3zFs73OiGNzbkfrtfQQAAAMDTZpj3wF/ezGZWi9OHEA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8Iaxt//5/US21Xn0yRe/3/xvVtlT14+Xl0XZ/8KTiAAAAAAAAAIBD9PJmNrOa0731dlF+5/9KuXK2/PtM3s5yFrKUS1nNfFaykqVMJ5noG6ixOr+ysjQ9RM8rA3te+ZxAx6qy+XjOGwAAAAAAAAC+YH6Vue3v/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4DgokhPdIsX9vs0TqdWTjCdpdDasJf/s1Z9mD446AAAAADgEY8lmVnO6t94ucjbJC+VnAON5O/eyksWspJWF3Cw/F+i+669trM+0NtZn7naWveN+/z8jhVGOmO5nD4OPfL7co5lbWSy3XMqNvJlWbqZW9uw4X8XTG7UvrvEk9zsxFd+rDBnZzarsnPn7VbnHeyOd7H5G/DBloszIya2MTFWxdbLxXG9mBs3QwFMY5UjTqW0Fe3bXkRrJZ+2uPGzOT/UF+ru9AV8fNf7HZ3cmrvQ9+l44KOcdX//Ln346VdVHnoMjdqIqy0lNc28mZvoy8eIwmbjdunfn9q3li09bJvaYKjNxbmt9Lj/KT3Ixk3ktS1nMzzOflSxkMj8sa/PV5Bd9l/w+mbq2Y+21z4ukUT1Cu5M1WkyvlH1PZzE/zpu5mYW8Wv67kul8O1dzNbN9M3zu4Bkur/raPld9+0sDg7/wjarSTPL7qjweOnl9ri+v/ffcibKtf8t2ls4MkaUR7431r1aVzjF+XZXHw+5MTPdl4vndmRjf0fUP5W1luXXvztLt+beGO9yZ96tK5zr6bTJ5tDeSxq76mc5klWs7Hx2dtucHtk2XbWe32mp72s5ttXWv1LV9r9RG9Rpu70hXyrYXB7bNlG3n+9oGvd4C4Ng79c1Tjea/m/9oftj8TfN28/r4D8a+M/ZSIyf/evK79akTX6u9VPw5H+aX2+//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh7f8zrt35luthaVupZGkrLTb7fd2No1aqVdHeMjuj1DJ5L+e6Rx5QFPv58wOMZ6vPJsc3rkf18p/2+12taXYZ58//u3YJKr6IcP2sUjdqJXNxxP80d2TgMNxeeXuW5eX33n3W4t3599YeGPh3uzVq7NTs1dfnbl8a7G1MNX9e9RRAk/C9pP+UUcCAAAAAAAAAAAADOsw/lvCUZ8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8HSbu5j6gxSZnro01VnfWJ9pdZZefXvPepJakuIXSfFR0uw1TPQNV+x3nA8WZ1//+NONT7bHqvf2rx3Ubzhr1ZLJJCe65f3HNd6NqjxQcdApFFtneC3JhaqEI/e/AAAA//+smw/y")
lchown(&(0x7f0000000480)='./file1\x00', 0x0, 0x0)

kernel console output (not intermixed with test programs):

udit: type=1326 audit(1746814364.577:1047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7908 comm="syz.7.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  198.438344][ T4251] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  198.507101][   T26] audit: type=1326 audit(1746814364.617:1048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7908 comm="syz.7.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  198.596424][   T26] audit: type=1326 audit(1746814364.617:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7908 comm="syz.7.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  198.719502][   T26] audit: type=1326 audit(1746814364.617:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7908 comm="syz.7.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  198.728165][ T4251] usb 6-1: Using ep0 maxpacket: 8
[  198.825384][   T26] audit: type=1326 audit(1746814364.627:1051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7908 comm="syz.7.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  198.921171][   T26] audit: type=1326 audit(1746814364.627:1052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7908 comm="syz.7.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  199.025819][   T26] audit: type=1326 audit(1746814364.627:1053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7908 comm="syz.7.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  199.113404][   T26] audit: type=1326 audit(1746814364.627:1054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7908 comm="syz.7.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  199.243792][   T26] audit: type=1326 audit(1746814364.627:1055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7908 comm="syz.7.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  199.272730][ T7864] ERROR: (device loop5): dbAdjCtl: the maximum free buddy is not the old root
[  199.272730][ T7864] 
[  199.302979][ T7935] overlayfs: failed to clone upperpath
[  199.339252][ T7864] ERROR: (device loop5): remounting filesystem as read-only
[  199.964579][ T7955] device macvlan1 entered promiscuous mode
[  199.978869][ T7955] device ipvlan0 entered promiscuous mode
[  200.005262][ T7955] device ipvlan0 left promiscuous mode
[  200.019786][ T7955] device macvlan1 left promiscuous mode
[  200.150384][ T4251] usb 6-1: unable to get BOS descriptor or descriptor too short
[  200.258444][ T4251] usb 6-1: unable to read config index 0 descriptor/start: -71
[  200.274488][ T4251] usb 6-1: can't read configurations, error -71
[  201.272545][ T7996] loop5: detected capacity change from 0 to 64
[  201.758589][ T8017] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1152'.
[  201.786668][ T8017] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready
[  202.071664][ T1107] kernel read not supported for file [userfaultfd] (pid: 1107 comm: kworker/0:2)
[  202.222456][ T8051] netlink: 1276 bytes leftover after parsing attributes in process `syz.5.1164'.
[  202.686461][ T8064] overlayfs: failed to clone upperpath
[  203.104802][ T8084] overlayfs: failed to clone upperpath
[  203.218611][ T4251] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  203.256464][ T8095] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  203.391220][ T8101] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1186'.
[  203.447011][ T8101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  203.473919][ T8101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  203.502171][ T8101] bond0 (unregistering): Released all slaves
[  203.623985][ T4251] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[  203.636906][ T4251] usb 9-1: config 0 has no interface number 0
[  203.648404][ T4251] usb 9-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  203.657515][ T4251] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.673598][ T4251] usb 9-1: config 0 descriptor??
[  203.719948][ T4251] cp210x 9-1:0.1: cp210x converter detected
[  204.123295][ T8130] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1199'.
[  204.136228][ T8130] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1199'.
[  204.148676][ T4251] cp210x 9-1:0.1: failed to get vendor val 0x000e size 3: -32
[  204.423409][ T4251] usb 9-1: cp210x converter now attached to ttyUSB0
[  204.549307][ T8149] loop5: detected capacity change from 0 to 1024
[  204.616231][ T4370] usb 9-1: USB disconnect, device number 5
[  204.640622][ T4370] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  204.693906][ T4370] cp210x 9-1:0.1: device disconnected
[  204.720493][ T8151] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1209'.
[  204.773029][ T8151] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1209'.
[  204.852681][ T8153] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1209'.
[  205.083887][ T8163] loop5: detected capacity change from 0 to 1024
[  205.379032][ T5591] hfsplus: b-tree write err: -5, ino 4
[  205.861525][ T8187] netlink: set zone limit has 8 unknown bytes
[  206.040948][ T8200] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1226'.
[  206.077050][ T8202] netlink: 'syz.1.1229': attribute type 12 has an invalid length.
[  206.274055][ T8209] tipc: Failed to remove unknown binding: 66,3,3/134418688:2240854192/2240854193
[  206.434705][ T8220] loop5: detected capacity change from 0 to 1024
[  206.548337][ T5012] Bluetooth: hci1: command 0x0406 tx timeout
[  206.629203][ T8220] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  206.765741][ T8220] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:3876: comm syz.5.1235: Allocating blocks 497-513 which overlap fs metadata
[  206.879117][ T8220] EXT4-fs (loop5): pa ffff8880242087e0: logic 16, phys. 145, len 23
[  206.888423][ T8220] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:4893: group 0, free 0, pa_free 1
[  207.291630][ T8257] netlink: 'syz.7.1249': attribute type 39 has an invalid length.
[  207.804403][ T8277] loop8: detected capacity change from 0 to 256
[  207.842720][ T8275] overlayfs: failed to resolve './file1': -2
[  207.877206][ T8277] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  208.547532][ T8290] netlink: 'syz.7.1263': attribute type 10 has an invalid length.
[  208.613551][ T8290] 8021q: adding VLAN 0 to HW filter on device batadv0
[  208.627094][ T8290] device batadv0 entered promiscuous mode
[  208.639795][ T8290] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  208.697941][ T8290] syz.7.1263 (8290) used greatest stack depth: 19200 bytes left
[  208.726764][ T8292] netlink: 44 bytes leftover after parsing attributes in process `syz.7.1264'.
[  208.744652][ T8292] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.752471][ T8292] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.141713][ T8292] netlink: 44 bytes leftover after parsing attributes in process `syz.7.1264'.
[  209.174653][ T8298] tipc: Started in network mode
[  209.180203][ T8298] tipc: Node identity eede162d19a7, cluster identity 4711
[  209.198231][ T8298] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  209.217679][ T8297] tipc: Resetting bearer <eth:syzkaller0>
[  209.320271][ T8297] tipc: Disabling bearer <eth:syzkaller0>
[  209.549547][ T8310] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1277'.
[  209.966949][ T8316] loop8: detected capacity change from 0 to 32768
[  209.987375][ T8316] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 scanned by syz.8.1271 (8316)
[  210.024372][ T8316] BTRFS info (device loop8): using crc32c (crc32c-intel) checksum algorithm
[  210.034026][ T8316] BTRFS info (device loop8): enabling ssd optimizations
[  210.044037][ T8316] BTRFS info (device loop8): using spread ssd allocation scheme
[  210.054385][ T8316] BTRFS info (device loop8): using free space tree
[  210.065163][ T8316] BTRFS info (device loop8): has skinny extents
[  210.426098][ T8347] netlink: 2048 bytes leftover after parsing attributes in process `syz.5.1276'.
[  210.452166][ T8347] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1276'.
[  210.542717][ T8354] overlayfs: failed to clone upperpath
[  210.826489][ T8366] Unknown status report in ack skb
[  212.010829][ T8397] loop5: detected capacity change from 0 to 8192
[  212.054905][ T8397] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal
[  212.088582][ T8397] REISERFS (device loop5): using ordered data mode
[  212.106643][ T8397] reiserfs: using flush barriers
[  212.114415][ T8397] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  212.139205][ T8397] REISERFS (device loop5): checking transaction log (loop5)
[  212.324833][ T8397] REISERFS (device loop5): Using tea hash to sort names
[  212.344793][ T8397] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage.
[  212.524829][ T8403] overlayfs: missing 'lowerdir'
[  212.975494][ T8418] netlink: 'syz.4.1308': attribute type 4 has an invalid length.
[  213.038687][ T8407] loop8: detected capacity change from 0 to 32768
[  213.070243][ T8420] netlink: 'syz.4.1308': attribute type 4 has an invalid length.
[  213.847766][ T8440] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1316'.
[  214.044597][ T8450] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1319'.
[  214.174164][ T8453] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1320'.
[  214.226388][ T8453] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1320'.
[  214.263504][ T8457] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1322'.
[  214.280628][ T8457] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  214.377568][ T8457] batman_adv: batadv0: Removing interface: batadv_slave_1
[  214.814968][ T8469] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1329'.
[  214.860446][ T8469] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1329'.
[  215.342412][ T8484] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1334'.
[  215.443079][ T8485] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1334'.
[  215.883150][ T8491] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1338'.
[  216.315839][   T26] kauditd_printk_skb: 10 callbacks suppressed
[  216.315851][   T26] audit: type=1326 audit(1746814382.477:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8502 comm="syz.7.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  216.397060][ T8505] loop8: detected capacity change from 0 to 64
[  216.470297][   T26] audit: type=1326 audit(1746814382.507:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8502 comm="syz.7.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  216.673026][   T26] audit: type=1326 audit(1746814382.517:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8502 comm="syz.7.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  216.865222][   T26] audit: type=1326 audit(1746814382.517:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8502 comm="syz.7.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  217.010000][   T26] audit: type=1326 audit(1746814382.517:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8502 comm="syz.7.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  217.053409][   T26] audit: type=1326 audit(1746814382.517:1071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8502 comm="syz.7.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  217.077330][   T26] audit: type=1326 audit(1746814382.527:1072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8502 comm="syz.7.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  217.106632][ T8522] netlink: 'syz.1.1350': attribute type 19 has an invalid length.
[  217.154351][   T26] audit: type=1326 audit(1746814382.527:1073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8502 comm="syz.7.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  217.577647][ T8529] loop8: detected capacity change from 0 to 512
[  217.677893][ T8529] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  217.741788][ T8529] EXT4-fs (loop8): orphan cleanup on readonly fs
[  217.923323][ T8529] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.1353: bg 0: block 97: padding at end of block bitmap is not set
[  218.027618][ T8529] Quota error (device loop8): write_blk: dquota write failed
[  218.052324][ T8529] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  218.084629][ T8529] EXT4-fs error (device loop8): ext4_acquire_dquot:6204: comm syz.8.1353: Failed to acquire dquot type 0
[  218.159811][ T8529] EXT4-fs warning (device loop8): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  218.248447][ T8544] netlink: 'syz.7.1358': attribute type 5 has an invalid length.
[  218.271280][ T8529] EXT4-fs error (device loop8): ext4_xattr_delete_inode:2941: inode #15: comm syz.8.1353: corrupted xattr block 19
[  218.277776][ T8544] netdevsim netdevsim7 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  218.293030][ T8544] netdevsim netdevsim7 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  218.317985][ T8544] netdevsim netdevsim7 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  218.328838][ T8529] EXT4-fs warning (device loop8): ext4_evict_inode:302: xattr delete (err -117)
[  218.335077][ T8544] netdevsim netdevsim7 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  218.337979][ T8529] EXT4-fs (loop8): 1 orphan inode deleted
[  218.347421][ T8544] device geneve2 entered promiscuous mode
[  218.363548][  T154] EXT4-fs error (device loop8): ext4_release_dquot:6240: comm kworker/u4:2: Failed to release dquot type 0
[  218.393248][ T8529] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  219.061571][ T8563] syz.7.1367[8563] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  219.061675][ T8563] syz.7.1367[8563] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  219.506834][ T8589] loop5: detected capacity change from 0 to 1024
[  219.560331][ T8590] __nla_validate_parse: 4 callbacks suppressed
[  219.560348][ T8590] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1373'.
[  219.650104][ T8597] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1376'.
[  219.739723][ T8589] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1374'.
[  219.844745][ T8601] loop8: detected capacity change from 0 to 2048
[  220.200879][ T8616] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1382'.
[  220.310012][ T8618] netlink: 'syz.7.1386': attribute type 10 has an invalid length.
[  220.646441][ T8608] loop5: detected capacity change from 0 to 32768
[  220.781058][ T8608] XFS (loop5): Mounting V5 Filesystem
[  220.916815][ T8608] XFS (loop5): Ending clean mount
[  220.920611][ T8642] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  220.957205][ T8608] XFS (loop5): Quotacheck needed: Please wait.
[  220.997588][ T8644] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1392'.
[  221.080146][ T8608] XFS (loop5): Quotacheck: Done.
[  221.251375][ T4452] XFS (loop5): Unmounting Filesystem
[  221.713525][ T8664] netlink: 'syz.8.1400': attribute type 10 has an invalid length.
[  221.813407][ T8664] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  222.033741][ T8672] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  222.054938][ T8672] device syzkaller0 entered promiscuous mode
[  222.073587][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  222.183019][ T8676] loop8: detected capacity change from 0 to 1024
[  222.309683][ T8676] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1404'.
[  222.618505][ T8685] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  222.926319][ T8702] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1412'.
[  223.037869][ T8702] device bridge_slave_1 left promiscuous mode
[  223.048222][ T4219] tipc: Node number set to 4151907885
[  223.049382][ T8702] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.327461][ T8721] loop8: detected capacity change from 0 to 128
[  223.516035][ T8731] device veth0 entered promiscuous mode
[  223.544538][ T8731] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1429'.
[  223.838400][ T2303] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  223.974834][ T8750] overlayfs: failed to clone upperpath
[  224.182589][ T8757] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1447'.
[  224.208633][ T2303] usb 6-1: config 0 has an invalid interface number: 239 but max is 0
[  224.226721][ T2303] usb 6-1: config 0 has no interface number 0
[  224.233650][ T2303] usb 6-1: too many endpoints for config 0 interface 239 altsetting 208: 236, using maximum allowed: 30
[  224.249034][   T26] kauditd_printk_skb: 1 callbacks suppressed
[  224.249062][   T26] audit: type=1326 audit(1746814390.417:1074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8761 comm="syz.1.1436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  224.278855][ T2303] usb 6-1: config 0 interface 239 altsetting 208 has 0 endpoint descriptors, different from the interface descriptor's value: 236
[  224.292689][ T2303] usb 6-1: config 0 interface 239 has no altsetting 0
[  224.299913][   T26] audit: type=1326 audit(1746814390.447:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8761 comm="syz.1.1436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  224.340487][   T26] audit: type=1326 audit(1746814390.447:1076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8761 comm="syz.1.1436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  224.364304][ T8762] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  224.369266][   T26] audit: type=1326 audit(1746814390.447:1077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8761 comm="syz.1.1436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  224.399163][   T26] audit: type=1326 audit(1746814390.447:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8761 comm="syz.1.1436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  224.444512][   T26] audit: type=1326 audit(1746814390.447:1079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8761 comm="syz.1.1436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  224.471644][   T26] audit: type=1326 audit(1746814390.447:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8761 comm="syz.1.1436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  224.501053][   T26] audit: type=1326 audit(1746814390.457:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8761 comm="syz.1.1436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  224.525809][   T26] audit: type=1326 audit(1746814390.457:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8761 comm="syz.1.1436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  224.550103][ T2303] usb 6-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  224.558563][   T26] audit: type=1326 audit(1746814390.457:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8761 comm="syz.1.1436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  224.582803][ T2303] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  224.591376][ T2303] usb 6-1: Product: syz
[  224.595785][ T2303] usb 6-1: Manufacturer: syz
[  224.601049][ T2303] usb 6-1: SerialNumber: syz
[  224.623191][ T2303] usb 6-1: config 0 descriptor??
[  224.901125][ T8784] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1448'.
[  224.931371][ T8784] bridge0: port 2(bridge_slave_1) entered disabled state
[  225.030697][ T8784] device bridge_slave_1 left promiscuous mode
[  225.049217][ T8784] bridge0: port 2(bridge_slave_1) entered disabled state
[  225.064471][ T8734] loop5: detected capacity change from 0 to 8192
[  225.273048][ T2303] hso 6-1:0.239: Not our interface
[  225.283922][ T2303] usb-storage 6-1:0.239: USB Mass Storage device detected
[  225.297485][ T8794] syz.1.1451[8794] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  225.297587][ T8794] syz.1.1451[8794] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  225.336648][ T8792] netlink: 132 bytes leftover after parsing attributes in process `syz.8.1453'.
[  225.434454][ T2303] usb 6-1: USB disconnect, device number 10
[  225.491215][ T8799] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1454'.
[  225.505236][ T8799] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1454'.
[  226.240100][ T8823] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1463'.
[  226.267339][ T8823] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.338935][ T8823] device bridge_slave_1 left promiscuous mode
[  226.345516][ T8823] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.696528][ T8835] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1468'.
[  226.775421][ T8838] device bond0 entered promiscuous mode
[  226.818842][ T8838] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  226.846985][ T8838] device bond0 left promiscuous mode
[  227.154381][ T8847] overlayfs: failed to clone upperpath
[  227.414141][ T8864] loop8: detected capacity change from 0 to 1024
[  227.461260][ T3548] udevd[3548]: worker [4161] terminated by signal 33 (Unknown signal 33)
[  227.478584][ T3548] udevd[3548]: worker [4161] failed while handling '/devices/virtual/block/loop8'
[  227.539216][ T8864] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  227.573440][ T8877] netlink: 2028 bytes leftover after parsing attributes in process `syz.7.1480'.
[  227.622757][ T8877] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1480'.
[  227.654301][ T8879] loop5: detected capacity change from 0 to 2048
[  227.667015][ T8879] UDF-fs: bad mount option "	" or missing value
[  227.758968][ T8883] tipc: Failed to remove unknown binding: 66,1,1/0:1104582350/1104582352
[  227.796539][ T8883] tipc: Failed to remove unknown binding: 66,1,1/0:1104582350/1104582352
[  227.797255][ T6687] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  227.826293][ T8883] tipc: Failed to remove unknown binding: 66,1,1/0:1104582350/1104582352
[  227.833416][ T6687] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  227.848906][ T6687] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  227.860997][ T6687] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  227.876950][ T6687] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  227.900579][ T6687] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  227.912772][ T6687] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  227.925381][ T6687] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  227.937781][ T6687] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  227.951856][ T6687] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  228.740205][ T8890] chnl_net:caif_netlink_parms(): no params data found
[  228.817048][ T8890] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.824926][ T8890] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.834047][ T8890] device bridge_slave_0 entered promiscuous mode
[  228.843357][ T8890] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.852054][ T8890] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.860682][ T8890] device bridge_slave_1 entered promiscuous mode
[  228.891703][ T8890] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  228.903181][ T8890] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  228.936128][ T8890] team0: Port device team_slave_0 added
[  228.944451][ T8890] team0: Port device team_slave_1 added
[  228.969620][ T8890] batman_adv: batadv0: Adding interface: batadv_slave_0
[  228.976605][ T8890] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  229.002807][ T8890] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  229.015605][ T8890] batman_adv: batadv0: Adding interface: batadv_slave_1
[  229.023025][ T8890] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  229.051097][ T8890] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  229.122156][ T8922] netlink: 'syz.5.1504': attribute type 1 has an invalid length.
[  229.154927][ T8922] 8021q: adding VLAN 0 to HW filter on device bond1
[  229.175326][ T8890] device hsr_slave_0 entered promiscuous mode
[  229.182871][ T8890] device hsr_slave_1 entered promiscuous mode
[  229.201732][ T8924] bond1: (slave gretap1): making interface the new active one
[  229.211670][ T8924] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  229.267048][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  229.282433][ T8922] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1504'.
[  229.333656][ T8922] bond1 (unregistering): (slave gretap1): Releasing active interface
[  229.352846][ T8922] bond1 (unregistering): Released all slaves
[  229.492747][ T8890] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  229.545229][ T8932] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1508'.
[  229.585963][ T8890] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  229.614260][ T8890] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  229.631829][ T8890] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  229.764892][ T8936] loop5: detected capacity change from 0 to 512
[  229.815183][ T8890] 8021q: adding VLAN 0 to HW filter on device bond0
[  229.864103][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  229.877879][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  229.897318][ T8890] 8021q: adding VLAN 0 to HW filter on device team0
[  229.958354][ T8936] EXT4-fs (loop5): 1 orphan inode deleted
[  229.964154][ T8936] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  229.975706][ T8936] ext4 filesystem being mounted at /198/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  230.016225][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  230.066191][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  230.111359][ T4371] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.118552][ T4371] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.132022][ T8943] EXT4-fs (loop5): shut down requested (2)
[  230.134956][   T26] kauditd_printk_skb: 7 callbacks suppressed
[  230.134973][   T26] audit: type=1800 audit(1746814396.297:1091): pid=8936 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1510" name="file1" dev="loop5" ino=15 res=0 errno=0
[  230.171237][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  230.186377][ T8945] tipc: Started in network mode
[  230.194036][ T8945] tipc: Node identity 080211000001, cluster identity 4711
[  230.205096][ T8945] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  230.216265][ T8942] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1521'.
[  230.250992][ T8942] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  230.254635][ T4371] EXT4-fs (loop5): Quota write (off=8192, len=1024) cancelled because transaction is not started
[  230.260006][ T8942] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  230.278410][ T4371] Quota error (device loop5): write_blk: dquota write failed
[  230.280035][ T8942] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  230.287413][ T4371] Quota error (device loop5): remove_free_dqentry: Can't write block (8) with free entries
[  230.296182][ T8942] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  230.326299][ T8942] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  230.335436][ T8942] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  230.344530][ T8942] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  230.353665][ T8942] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  230.367420][ T4371] EXT4-fs (loop5): Quota write (off=8192, len=1024) cancelled because transaction is not started
[  230.382133][ T4371] Quota error (device loop5): write_blk: dquota write failed
[  230.390846][ T4371] Quota error (device loop5): free_dqentry: Can't move quota data block (8) to free list
[  230.401128][ T4371] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  230.434620][ T4371] Quota error (device loop5): v2_write_file_info: Can't write info structure
[  230.462248][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  230.494289][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  230.503474][ T5591] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.510635][ T5591] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.549669][ T2303] Bluetooth: hci2: command 0x0409 tx timeout
[  230.558381][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  230.579260][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  230.648871][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  230.692825][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  230.719353][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  230.766336][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  230.807336][ T8890] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  230.821218][ T8953] loop5: detected capacity change from 0 to 4096
[  230.829177][ T8890] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  230.870760][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  230.878726][ T8953] ntfs3: loop5: Different NTFS' sector size (2048) and media sector size (512)
[  230.898975][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  230.911185][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  230.923454][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  230.948593][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  231.008513][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  231.181987][ T8965] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  231.365189][ T4529] tipc: Node number set to 134418688
[  231.397815][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  231.427234][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  231.453704][ T8890] 8021q: adding VLAN 0 to HW filter on device batadv0
[  231.545692][ T8979] netlink: 132 bytes leftover after parsing attributes in process `syz.7.1522'.
[  231.757195][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  231.777631][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  231.806487][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  231.816673][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  231.827919][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  231.845532][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  231.886911][ T8989] overlayfs: failed to clone upperpath
[  231.894867][ T8890] device veth0_vlan entered promiscuous mode
[  231.928717][ T8890] device veth1_vlan entered promiscuous mode
[  231.988006][ T8994] overlayfs: failed to clone upperpath
[  231.991177][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  232.012841][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  232.032422][ T8890] device veth0_macvtap entered promiscuous mode
[  232.054664][ T8890] device veth1_macvtap entered promiscuous mode
[  232.097880][ T8890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  232.118006][   T26] audit: type=1326 audit(1746814398.277:1092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8996 comm="syz.7.1529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  232.153998][ T8890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.188287][   T26] audit: type=1326 audit(1746814398.277:1093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8996 comm="syz.7.1529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  232.218334][ T8890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  232.233987][ T8890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.243526][ T8997] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  232.251076][ T8890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  232.256503][   T26] audit: type=1326 audit(1746814398.317:1094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8996 comm="syz.7.1529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  232.268750][   T26] audit: type=1326 audit(1746814398.317:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8996 comm="syz.7.1529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fa06e7969 code=0x7ffc0000
[  232.296477][ T8890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.328560][ T8890] batman_adv: batadv0: Interface activated: batadv_slave_0
[  232.349587][ T8890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  232.362475][ T8890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.373049][ T8890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  232.384161][ T8890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.396049][ T8890] batman_adv: batadv0: Interface activated: batadv_slave_1
[  232.407578][ T8890] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  232.416692][ T8890] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  232.426463][ T8890] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  232.438201][ T8890] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  232.450760][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  232.465241][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  232.474025][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  232.483665][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  232.493852][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  232.504323][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  232.598896][ T5591] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  232.613462][ T5591] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  232.639383][ T2303] Bluetooth: hci2: command 0x041b tx timeout
[  232.647657][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  232.670078][ T4371] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  232.686412][ T4371] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  232.703773][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  232.818950][ T9007] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1543'.
[  232.846441][ T2303] libceph: connect (1)[c::]:6789 error -101
[  232.853862][ T2303] libceph: mon0 (1)[c::]:6789 connect error
[  232.861624][ T9007] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready
[  232.917227][ T9008] ceph: No mds server is up or the cluster is laggy
[  233.134594][ T4655] libceph: connect (1)[c::]:6789 error -101
[  233.141354][ T4655] libceph: mon0 (1)[c::]:6789 connect error
[  233.281292][ T9021] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1531'.
[  233.326007][ T9021] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  233.327728][ T9023] overlayfs: failed to clone upperpath
[  233.335423][ T9021] batman_adv: batadv0: Removing interface: batadv_slave_0
[  233.357877][ T9021] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  233.370826][ T9021] batman_adv: batadv0: Removing interface: batadv_slave_1
[  233.797732][ T9031] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1539'.
[  233.837131][ T9029] loop5: detected capacity change from 0 to 4096
[  233.859136][ T9029] ntfs3: Unknown parameter 'ç$)€0'
[  233.905660][ T9026] overlayfs: failed to clone upperpath
[  234.718280][ T4655] Bluetooth: hci2: command 0x040f tx timeout
[  235.112706][ T9055] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1548'.
[  235.136759][ T9055] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.197685][ T9055] device bridge_slave_1 left promiscuous mode
[  235.207017][ T9055] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.487408][ T4220] libceph: connect (1)[c::]:6789 error -101
[  235.493662][ T4220] libceph: mon0 (1)[c::]:6789 connect error
[  235.547291][ T9061] ceph: No mds server is up or the cluster is laggy
[  235.647597][ T9071] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  235.669744][ T9071] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1)
[  235.714253][ T9071] bridge_slave_0: default FDB implementation only supports local addresses
[  236.393901][ T9082] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1570'.
[  236.487178][   T26] kauditd_printk_skb: 11 callbacks suppressed
[  236.487204][   T26] audit: type=1326 audit(1746814402.647:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.4.1560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  236.521989][   T26] audit: type=1326 audit(1746814402.647:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.4.1560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  236.549170][   T26] audit: type=1326 audit(1746814402.647:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.4.1560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  236.591789][   T26] audit: type=1326 audit(1746814402.677:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.4.1560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  236.647280][   T26] audit: type=1326 audit(1746814402.727:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.4.1560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  236.681767][   T26] audit: type=1326 audit(1746814402.747:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.4.1560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  236.710776][   T26] audit: type=1326 audit(1746814402.757:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.4.1560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  236.749310][   T26] audit: type=1326 audit(1746814402.757:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.4.1560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  236.779747][   T26] audit: type=1326 audit(1746814402.757:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.4.1560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  236.789842][ T4363] Bluetooth: hci2: command 0x0419 tx timeout
[  236.812431][   T26] audit: type=1326 audit(1746814402.757:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.4.1560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  237.194243][ T9100] overlayfs: failed to get index nlink (file2/file1, err=-61)
[  237.515698][ T9110] loop5: detected capacity change from 0 to 2048
[  237.625619][ T9110]  loop5: p2 < > p3 p4
[  237.652337][ T9110] loop5: p3 start 65535 is beyond EOD, truncated
[  237.668363][ T9110] loop5: p4 size 8192 extends beyond EOD, truncated
[  237.895087][ T4572] udevd[4572]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[  237.903853][ T4163] udevd[4163]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[  237.934586][ T9118] overlayfs: failed to clone upperpath
[  238.283581][ T9139] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1583'.
[  238.448950][ T9147] overlayfs: failed to clone upperpath
[  239.063260][ T9132] loop5: detected capacity change from 0 to 40427
[  239.073214][ T9160] loop9: detected capacity change from 0 to 32768
[  239.139102][ T9160] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 scanned by syz.9.1595 (9160)
[  239.159782][ T9132] F2FS-fs (loop5): invalid crc value
[  239.177885][ T9132] F2FS-fs (loop5): Found nat_bits in checkpoint
[  239.199024][ T9160] BTRFS info (device loop9): using crc32c (crc32c-intel) checksum algorithm
[  239.208178][ T9160] BTRFS info (device loop9): max_inline at 0
[  239.214255][ T9160] BTRFS info (device loop9): enabling disk space caching
[  239.221497][ T9160] BTRFS info (device loop9): setting nodatasum
[  239.227898][ T9160] BTRFS info (device loop9): turning on flush-on-commit
[  239.235089][ T9160] BTRFS info (device loop9): enabling ssd optimizations
[  239.242172][ T9160] BTRFS info (device loop9): using spread ssd allocation scheme
[  239.249990][ T9160] BTRFS info (device loop9): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  239.259857][ T9160] BTRFS info (device loop9): use zstd compression, level 3
[  239.267110][ T9160] BTRFS info (device loop9): force clearing of disk cache
[  239.274452][ T9160] BTRFS info (device loop9): turning off barriers
[  239.281126][ T9160] BTRFS info (device loop9): max_inline at 4096
[  239.287431][ T9160] BTRFS info (device loop9): disk space caching is enabled
[  239.295008][ T9160] BTRFS info (device loop9): has skinny extents
[  239.402355][ T9132] F2FS-fs (loop5): Cannot turn on quotas: -2 on 0
[  239.422923][ T9160] BTRFS info (device loop9): clearing free space tree
[  239.430151][ T9160] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  239.440292][ T9160] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  239.487644][ T9132] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  239.875771][ T9132] attempt to access beyond end of device
[  239.875771][ T9132] loop5: rw=2049, want=53256, limit=40427
[  240.084173][ T9199] attempt to access beyond end of device
[  240.084173][ T9199] loop5: rw=2049, want=53376, limit=40427
[  240.116290][ T9203] device vlan2 entered promiscuous mode
[  240.151106][ T9199] attempt to access beyond end of device
[  240.151106][ T9199] loop5: rw=2049, want=53256, limit=40427
[  240.170006][ T9203] device bridge0 entered promiscuous mode
[  240.171743][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  240.228429][ T9199] attempt to access beyond end of device
[  240.228429][ T9199] loop5: rw=2049, want=45104, limit=40427
[  240.245843][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  240.290789][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  240.348738][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  240.729739][ T4452] attempt to access beyond end of device
[  240.729739][ T4452] loop5: rw=2051, want=45064, limit=40427
[  240.753939][ T4452] attempt to access beyond end of device
[  240.753939][ T4452] loop5: rw=2051, want=131072, limit=40427
[  240.779376][ T4452] attempt to access beyond end of device
[  240.779376][ T4452] loop5: rw=2051, want=53248, limit=40427
[  240.821444][ T4452] F2FS-fs (loop5): Issue discard(4614, 4614, 1019) failed, ret: -5
[  240.821503][ T4452] F2FS-fs (loop5): Issue discard(6672, 6672, 9712) failed, ret: -5
[  240.834403][ T4452] F2FS-fs (loop5): Issue discard(5638, 5638, 1018) failed, ret: -5
[  241.105569][ T9208] loop9: detected capacity change from 0 to 32768
[  241.339295][ T9208] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[  241.729979][ T9234] loop5: detected capacity change from 0 to 256
[  241.758252][ T4655] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  242.121581][ T4655] usb 10-1: config 0 has no interfaces?
[  242.127491][ T4655] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  242.160116][ T9245] loop5: detected capacity change from 0 to 512
[  242.168840][ T4655] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.207241][ T9245] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  242.219216][ T4655] usb 10-1: config 0 descriptor??
[  242.279516][ T9245] EXT4-fs (loop5): 1 truncate cleaned up
[  242.296055][ T9245] EXT4-fs (loop5): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000358,resuid=0x0000000000000000,stripe=0x0000000000000009,,errors=continue. Quota mode: none.
[  242.331855][   T26] kauditd_printk_skb: 13 callbacks suppressed
[  242.331872][   T26] audit: type=1804 audit(1746814408.497:1130): pid=9245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.1618" name="/newroot/217/bus/bus" dev="loop5" ino=18 res=1 errno=0
[  242.492260][ T9226] (syz.9.1605,9226,1):ocfs2_read_blocks_sync:112 ERROR: status = -12
[  242.501597][ T9226] (syz.9.1605,9226,0):update_backups:188 ERROR: status = -12
[  242.522077][ T9226] ocfs2: Failed to update super blocks on 7,9 during fs resize. This condition is not fatal, but fsck.ocfs2 should be run to fix it
[  242.556646][ T9259] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  243.861224][ T9265] overlayfs: failed to clone upperpath
[  243.872666][ T4654] usb 10-1: USB disconnect, device number 2
[  244.480972][ T9286] tipc: Failed to remove unknown binding: 66,1,1/0:1093644628/1093644630
[  244.675598][ T8890] ocfs2: Unmounting device (7,9) on (node local)
[  245.086210][ T9299] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1639'.
[  245.102166][ T9299] netlink: 'syz.9.1639': attribute type 5 has an invalid length.
[  245.113529][ T9299] netlink: 28 bytes leftover after parsing attributes in process `syz.9.1639'.
[  245.143304][ T9299] netdevsim netdevsim9 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  245.156709][ T9299] netdevsim netdevsim9 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  245.165829][ T9299] netdevsim netdevsim9 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  245.179349][ T9299] netdevsim netdevsim9 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  245.190701][ T9299] device geneve2 entered promiscuous mode
[  245.262499][ T9285] tipc: Failed to remove unknown binding: 66,1,1/0:1093644628/1093644630
[  245.277956][ T9285] tipc: Failed to remove unknown binding: 66,1,1/0:1093644628/1093644630
[  245.325232][ T9306] syz.5.1641[9306] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  245.325337][ T9306] syz.5.1641[9306] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  245.597411][ T9321] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1653'.
[  245.644987][ T9321] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  245.807364][ T9329] overlayfs: failed to clone upperpath
[  245.874232][ T9335] netlink: 'syz.1.1658': attribute type 12 has an invalid length.
[  246.153953][ T9348] syz.9.1662[9348] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  246.154055][ T9348] syz.9.1662[9348] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  246.285779][ T9353] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1665'.
[  246.783316][ T9372] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  246.992298][ T9379] netlink: 'syz.4.1674': attribute type 10 has an invalid length.
[  247.396839][ T4654] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  247.440917][ T9390] loop9: detected capacity change from 0 to 1024
[  247.454767][ T4654] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  247.513978][ T4527] Bluetooth: hci4: command 0x0406 tx timeout
[  247.527014][ T9390] EXT4-fs (loop9): Quota format mount options ignored when QUOTA feature is enabled
[  247.554014][ T9390] EXT4-fs (loop9): Ignoring removed nomblk_io_submit option
[  247.571843][ T9390] EXT4-fs (loop9): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  247.617117][ T9390] EXT4-fs (loop9): mounted filesystem without journal. Opts: nodioread_nolock,sysvgroups,abort,errors=continue,dioread_nolock,jqfmt=vfsv0,nomblk_io_submit,nobarrier,,errors=continue. Quota mode: writeback.
[  247.922872][ T9395] overlayfs: failed to clone upperpath
[  248.331853][ T9402] loop5: detected capacity change from 0 to 1024
[  248.428738][ T9402] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  248.467896][ T9412] loop9: detected capacity change from 0 to 512
[  248.532509][ T9412] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  248.580724][ T9412] EXT4-fs (loop9): 1 truncate cleaned up
[  248.607045][ T9412] EXT4-fs (loop9): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000358,resuid=0x0000000000000000,stripe=0x0000000000000009,,errors=continue. Quota mode: none.
[  248.634539][   T26] audit: type=1804 audit(1746814414.797:1131): pid=9412 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.9.1682" name="/newroot/20/bus/bus" dev="loop9" ino=18 res=1 errno=0
[  251.096929][ T9448] netlink: 'syz.5.1695': attribute type 10 has an invalid length.
[  251.254470][ T9460] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1702'.
[  251.439377][   T26] audit: type=1326 audit(1746814417.607:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  251.498954][   T26] audit: type=1326 audit(1746814417.627:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  251.569017][   T26] audit: type=1326 audit(1746814417.627:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  251.638218][   T26] audit: type=1326 audit(1746814417.627:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  251.708151][   T26] audit: type=1326 audit(1746814417.627:1136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  251.778303][   T26] audit: type=1326 audit(1746814417.627:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  251.861319][   T26] audit: type=1326 audit(1746814417.637:1138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  251.948178][   T26] audit: type=1326 audit(1746814417.647:1139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  252.011643][ T9474] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  252.102568][   T26] audit: type=1326 audit(1746814417.647:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f56515ce969 code=0x7ffc0000
[  252.131284][ T9463] loop5: detected capacity change from 0 to 32768
[  252.233835][ T9463] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  252.586655][ T9485] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1709'.
[  252.651228][ T9485] batman_adv: batadv0: Removing interface: batadv_slave_0
[  252.718271][ T4528] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  253.001984][ T9493] tipc: Started in network mode
[  253.015934][ T9493] tipc: Node identity fa8c20ffa677, cluster identity 4711
[  253.023799][ T9493] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  253.103329][ T9493] device syzkaller0 entered promiscuous mode
[  253.168318][ T4528] usb 6-1: config 0 has no interfaces?
[  253.173968][ T4528] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  253.200769][ T9492] tipc: Resetting bearer <eth:syzkaller0>
[  253.224138][ T4528] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.258732][ T4528] usb 6-1: config 0 descriptor??
[  253.306408][ T9492] tipc: Disabling bearer <eth:syzkaller0>
[  253.526178][ T9517] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  253.709177][ T9463] (syz.5.1703,9463,1):ocfs2_read_blocks_sync:112 ERROR: status = -12
[  253.722068][ T9463] (syz.5.1703,9463,0):update_backups:188 ERROR: status = -12
[  253.734023][ T9463] ocfs2: Failed to update super blocks on 7,5 during fs resize. This condition is not fatal, but fsck.ocfs2 should be run to fix it
[  253.807680][ T9525] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.821212][ T9525] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  253.916765][ T9525] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.929016][ T9525] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  254.012659][ T9525] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.025299][ T9525] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  254.154228][ T9525] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.179754][ T9525] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  254.247202][ T9534] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1728'.
[  254.268748][ T9534] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  254.276733][ T9534] batman_adv: batadv0: Removing interface: batadv_slave_0
[  254.303164][ T9534] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  254.328551][ T9534] batman_adv: batadv0: Removing interface: batadv_slave_1
[  254.396284][ T9534] bond0: (slave batadv0): Releasing backup interface
[  254.409220][ T9534] device batadv0 left promiscuous mode
[  254.566541][ T9525] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 256 - 0
[  254.575479][ T9525] netdevsim netdevsim9 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  254.597650][ T9525] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 256 - 0
[  254.606051][ T9525] netdevsim netdevsim9 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  254.627091][ T9525] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 256 - 0
[  254.638313][ T9525] netdevsim netdevsim9 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  254.657445][ T9525] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 256 - 0
[  254.665935][ T9525] netdevsim netdevsim9 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  254.686908][ T4655] usb 6-1: USB disconnect, device number 11
[  254.744428][ T9536] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1743'.
[  254.777591][ T9536] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1743'.
[  254.886890][ T9546] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  255.041156][   T26] kauditd_printk_skb: 10 callbacks suppressed
[  255.041172][   T26] audit: type=1326 audit(1746814421.207:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9550 comm="syz.4.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  255.102548][   T26] audit: type=1326 audit(1746814421.237:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9550 comm="syz.4.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  255.177276][   T26] audit: type=1326 audit(1746814421.237:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9550 comm="syz.4.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  255.310919][   T26] audit: type=1326 audit(1746814421.237:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9550 comm="syz.4.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  255.368160][   T26] audit: type=1326 audit(1746814421.237:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9550 comm="syz.4.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  255.405062][ T9563] netlink: 1276 bytes leftover after parsing attributes in process `syz.9.1739'.
[  255.414575][   T26] audit: type=1326 audit(1746814421.237:1156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9550 comm="syz.4.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  255.414645][   T26] audit: type=1326 audit(1746814421.237:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9550 comm="syz.4.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  255.414685][   T26] audit: type=1326 audit(1746814421.237:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9550 comm="syz.4.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  255.552270][   T26] audit: type=1326 audit(1746814421.247:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9550 comm="syz.4.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  255.579693][   T26] audit: type=1326 audit(1746814421.267:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9550 comm="syz.4.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  255.610913][ T4452] ocfs2: Unmounting device (7,5) on (node local)
[  255.671703][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  255.679050][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  255.889342][ T9573] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1741'.
[  255.908469][ T9573] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  255.916017][ T9573] batman_adv: batadv0: Removing interface: batadv_slave_0
[  255.932981][ T9573] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  255.940777][ T9573] batman_adv: batadv0: Removing interface: batadv_slave_1
[  256.039999][ T9569] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  256.054000][ T9569] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.172235][ T9569] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  256.184095][ T9569] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.254440][ T9588] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1752'.
[  256.315149][ T9569] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  256.331911][ T9569] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.415560][ T9590] netlink: 'syz.9.1753': attribute type 12 has an invalid length.
[  256.514655][ T9569] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  256.535394][ T9569] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.681602][ T9569] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  256.728195][ T9569] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  256.744403][ T9569] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  256.767111][ T9569] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  256.804294][ T9569] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  257.014138][ T9569] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  257.075288][ T9569] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  257.103870][ T9569] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  257.167973][ T9624] netlink: 1272 bytes leftover after parsing attributes in process `syz.7.1764'.
[  257.212471][ T9628] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1763'.
[  257.246947][ T9631] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1766'.
[  257.434352][ T9635] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.471840][ T9640] netlink: 'syz.5.1770': attribute type 12 has an invalid length.
[  257.562353][ T9635] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.706317][ T9635] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.820012][ T9651] loop9: detected capacity change from 0 to 256
[  257.842991][ T9635] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.889715][ T9656] loop5: detected capacity change from 0 to 2048
[  257.995518][ T9651] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  258.039541][ T9635] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  258.099213][ T9656] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  258.137845][ T9635] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  258.144035][ T9656] ext4 filesystem being mounted at /242/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.155596][ T9635] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  258.172779][ T9635] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  258.526153][ T9680] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1782'.
[  258.874059][ T9693] binder_alloc: 9690: binder_alloc_buf size 16408 failed, no address space
[  258.887757][ T9693] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 12288 (num: 1 largest: 12288)
[  258.919468][ T9694] netlink: 1276 bytes leftover after parsing attributes in process `syz.4.1788'.
[  259.180240][ T9696] netlink: 'syz.7.1789': attribute type 12 has an invalid length.
[  259.681686][ T9717] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  259.697673][ T9717] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  260.274320][ T9749] Bluetooth: (null): Invalid header checksum
[  260.291289][ T9754] overlayfs: failed to clone upperpath
[  260.357629][  T144] Bluetooth: (null): Invalid header checksum
[  260.377198][  T144] Bluetooth: (null): Invalid header checksum
[  260.424801][ T9756] binder: 9755:9756 ioctl c0306201 2000000003c0 returned -14
[  260.720494][ T9762] netlink: 'syz.7.1818': attribute type 3 has an invalid length.
[  260.729097][ T9762] netlink: 'syz.7.1818': attribute type 1 has an invalid length.
[  260.737219][ T9762] netlink: 199820 bytes leftover after parsing attributes in process `syz.7.1818'.
[  260.752286][ T9762] C: renamed from team_slave_0
[  260.781883][ T9762] netlink: 'syz.7.1818': attribute type 1 has an invalid length.
[  260.795254][ T9762] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  260.846053][ T9766] netlink: 'syz.1.1820': attribute type 39 has an invalid length.
[  260.874014][ T9767] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1819'.
[  261.389011][ T9783] overlayfs: failed to clone upperpath
[  261.496080][ T9788] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1827'.
[  262.089435][ T2303] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  262.198204][ T4220] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  262.338319][ T2303] usb 6-1: Using ep0 maxpacket: 8
[  262.438471][ T4220] usb 10-1: Using ep0 maxpacket: 8
[  262.458376][ T2303] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  262.466748][ T2303] usb 6-1: config 0 has no interface number 0
[  262.473162][ T2303] usb 6-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0x80, skipping
[  262.484201][ T2303] usb 6-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0xAB, skipping
[  262.494964][ T2303] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  262.508572][ T2303] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  262.517767][ T2303] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.531155][ T2303] usb 6-1: config 0 descriptor??
[  262.558340][ T4220] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  262.570418][ T2303] ldusb 6-1:0.55: Interrupt in endpoint not found
[  262.576891][ T4220] usb 10-1: config 0 has no interfaces?
[  262.585654][ T4220] usb 10-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[  262.595121][ T4220] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.612419][ T4220] usb 10-1: config 0 descriptor??
[  262.773898][ T4220] usb 6-1: USB disconnect, device number 12
[  262.861584][ T4527] usb 10-1: USB disconnect, device number 3
[  263.451646][ T9833] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1843'.
[  263.618261][ T4527] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  263.988377][ T4527] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  263.999202][ T4527] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  264.008469][ T4527] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  264.017673][ T4527] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.029141][ T4527] usb 6-1: config 0 descriptor??
[  264.391706][ T4527] usb 6-1: USB disconnect, device number 13
[  264.541054][ T9859] netlink: 48 bytes leftover after parsing attributes in process `syz.7.1853'.
[  264.590043][ T9861] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1854'.
[  265.366303][ T9903] loop9: detected capacity change from 0 to 1024
[  265.623604][ T8890] hfsplus: bad catalog entry type
[  265.697480][ T9920] loop5: detected capacity change from 0 to 8
[  265.880497][ T9920] unable to read id index table
[  265.971182][    T9] hfsplus: b-tree write err: -5, ino 4
[  266.230131][ T9931] loop5: detected capacity change from 0 to 2048
[  266.265442][ T9931] hpfs: bad mount options.
[  266.301644][ T9920] binder: 9919:9920 ioctl c028660f 200000000000 returned -22
[  267.912036][ T9953] chnl_net:caif_netlink_parms(): no params data found
[  268.206505][ T9982] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1900'.
[  268.220054][ T9953] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.227436][ T9953] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.236329][ T9953] device bridge_slave_0 entered promiscuous mode
[  268.245922][ T9953] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.255228][ T9953] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.303839][ T9953] device bridge_slave_1 entered promiscuous mode
[  268.470077][ T9953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.502491][ T9953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.556863][ T9990] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1903'.
[  268.612611][ T9953] team0: Port device team_slave_0 added
[  268.633616][ T9953] team0: Port device team_slave_1 added
[  268.692511][ T9953] batman_adv: batadv0: Adding interface: batadv_slave_0
[  268.705932][   T26] kauditd_printk_skb: 12 callbacks suppressed
[  268.705951][   T26] audit: type=1326 audit(1746814690.859:1173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9991 comm="syz.7.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fa06e7969 code=0x7fc00000
[  268.758131][ T9953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.821383][ T9953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  268.845874][ T9953] batman_adv: batadv0: Adding interface: batadv_slave_1
[  268.864169][ T9953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.899451][ T9953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  269.005382][ T9953] device hsr_slave_0 entered promiscuous mode
[  269.022876][ T9953] device hsr_slave_1 entered promiscuous mode
[  269.036244][ T9953] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  269.044722][ T9953] Cannot create hsr debugfs directory
[  269.188605][ T4222] usb 6-1: new full-speed USB device number 14 using dummy_hcd
[  269.380526][   T26] audit: type=1326 audit(1746814691.519:1174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9991 comm="syz.7.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2fa06e7969 code=0x7fc00000
[  269.568739][ T4222] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  269.589595][ T4655] Bluetooth: hci2: command 0x0409 tx timeout
[  269.600509][ T4222] usb 6-1: config 1 has no interface number 1
[  269.621838][ T4222] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4
[  269.788365][ T4222] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  269.797465][ T4222] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.828336][ T4222] usb 6-1: Product: syz
[  269.832556][ T4222] usb 6-1: Manufacturer: syz
[  269.842143][ T4222] usb 6-1: SerialNumber: syz
[  269.854204][ T9953] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  269.870281][ T9953] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  269.884964][ T9953] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  269.896192][ T9953] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  270.056795][ T9953] 8021q: adding VLAN 0 to HW filter on device bond0
[  270.083352][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  270.101087][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  270.137895][ T9953] 8021q: adding VLAN 0 to HW filter on device team0
[  270.173508][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  270.182221][ T4222] usb 6-1: 2:1 : unsupported format bits 0x8000000000000000
[  270.201399][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  270.222786][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.229990][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  270.277047][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  270.311035][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  270.344585][ T4222] usb 6-1: USB disconnect, device number 14
[  270.355326][  T154] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.362525][  T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[  270.375688][T10049] overlayfs: failed to clone upperpath
[  270.416895][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  270.491389][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  270.507536][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  270.527712][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  270.555815][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  270.571570][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  270.607575][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  270.623670][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  270.646088][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  270.681641][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  270.704118][ T9953] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  270.732934][ T9953] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  270.744824][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  270.757843][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  270.782213][T10059] loop5: detected capacity change from 0 to 256
[  270.871615][T10059] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  270.933829][T10059] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  270.988860][T10059] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  271.109560][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  271.124310][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  271.157203][ T9953] 8021q: adding VLAN 0 to HW filter on device batadv0
[  271.205426][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  271.217544][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  271.379957][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  271.395703][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  271.469907][ T9953] device veth0_vlan entered promiscuous mode
[  271.493921][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  271.522383][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  271.564180][ T9953] device veth1_vlan entered promiscuous mode
[  271.716100][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  271.736466][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  271.765866][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  271.776079][ T4527] Bluetooth: hci2: command 0x041b tx timeout
[  271.784603][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  271.801158][ T9953] device veth0_macvtap entered promiscuous mode
[  271.841747][ T9953] device veth1_macvtap entered promiscuous mode
[  271.891835][ T9953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.912028][ T9953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.940040][ T9953] batman_adv: batadv0: Interface activated: batadv_slave_0
[  271.958923][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  271.972981][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  272.006514][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  272.026814][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  272.046951][ T9953] batman_adv: batadv0: Interface activated: batadv_slave_1
[  272.056691][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  272.080631][T10104] overlayfs: failed to clone upperpath
[  272.088799][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  272.142025][ T9953] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  272.157217][ T9953] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  272.166099][ T9953] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  272.177638][ T9953] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  272.351120][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.367777][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.390197][ T5591] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.415767][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  272.417558][ T5591] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.452216][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  272.658353][ T4363] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  272.780371][T10128] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1955'.
[  272.928486][ T4363] usb 6-1: Using ep0 maxpacket: 16
[  273.221888][ T4363] usb 6-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  273.236540][ T4363] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.251656][ T4363] usb 6-1: Product: syz
[  273.268817][ T4363] usb 6-1: Manufacturer: syz
[  273.273491][ T4363] usb 6-1: SerialNumber: syz
[  273.301319][ T4363] usb 6-1: config 0 descriptor??
[  273.351269][T10150] overlayfs: failed to clone upperpath
[  273.563563][ T4363] dvb_usb_dtv5100: probe of 6-1:0.0 failed with error -71
[  273.602452][ T4363] usb 6-1: USB disconnect, device number 15
[  273.829452][ T4528] Bluetooth: hci2: command 0x040f tx timeout
[  273.837803][T10158] bond1: (slave dummy0): Releasing active interface
[  273.913018][T10158] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  273.962445][T10158] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  273.975035][T10158] device bridge_slave_0 left promiscuous mode
[  273.997388][T10158] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.023422][T10158] bond0: (slave bond_slave_0): Releasing backup interface
[  274.126848][T10158] bond0: (slave bond_slave_1): Releasing backup interface
[  274.211709][T10158] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  274.258202][T10158] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  274.301048][T10158] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready
[  274.511059][ T4528] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  274.758185][ T4528] usb 6-1: Using ep0 maxpacket: 8
[  274.839129][T10185] overlayfs: failed to clone upperpath
[  274.878423][ T4528] usb 6-1: config index 0 descriptor too short (expected 1316, got 36)
[  274.900440][ T4528] usb 6-1: config 179 has an invalid interface number: 65 but max is 0
[  274.912164][ T4528] usb 6-1: config 179 has no interface number 0
[  274.919008][ T4528] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  274.936134][ T4528] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  274.996502][ T4528] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  275.020837][ T4528] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  275.037034][ T4528] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  275.055237][ T4528] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  275.065753][ T4528] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.158697][T10167] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  275.596362][ T4527] usb 6-1: USB disconnect, device number 16
[  275.602544][    C0] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  275.602594][    C0] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  275.625392][T10212] fuse: Invalid rootmode
[  275.889858][T10224] capability: warning: `syz.7.1997' uses 32-bit capabilities (legacy support in use)
[  275.908869][ T4528] Bluetooth: hci2: command 0x0419 tx timeout
[  276.536750][T10259] loop5: detected capacity change from 0 to 512
[  276.602175][T10259] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  276.640500][T10259] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2802e12c, mo2=0002]
[  276.653320][T10259] System zones: 1-12
[  276.679531][T10267] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2015'.
[  276.708445][T10259] 
[  276.712791][T10259] EXT4-fs (loop5): orphan cleanup on readonly fs
[  276.720050][T10259] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.2012: invalid indirect mapped block 12 (level 1)
[  276.745836][T10259] EXT4-fs (loop5): Remounting filesystem read-only
[  276.752823][T10259] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.2012: invalid indirect mapped block 2 (level 2)
[  276.771876][T10259] EXT4-fs (loop5): Remounting filesystem read-only
[  276.781405][T10259] EXT4-fs (loop5): 1 truncate cleaned up
[  276.787229][T10259] EXT4-fs (loop5): mounted filesystem without journal. Opts: noinit_itable,jqfmt=vfsv1,noload,errors=remount-ro,sb=0x00000000000006f9. Quota mode: none.
[  277.027172][T10279] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  277.174188][T10285] netlink: 'syz.5.2025': attribute type 4 has an invalid length.
[  277.296024][T10291] loop5: detected capacity change from 0 to 1024
[  277.383941][   T26] audit: type=1800 audit(1746814699.539:1175): pid=10291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2026" name="file7" dev="loop5" ino=26 res=0 errno=0
[  277.443112][   T26] audit: type=1800 audit(1746814699.539:1176): pid=10291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2026" name="bus" dev="loop5" ino=27 res=0 errno=0
[  277.945852][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  279.333901][T10361] device pim6reg1 entered promiscuous mode
[  281.074655][ T1107] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  281.428321][ T1107] usb 6-1: Using ep0 maxpacket: 32
[  281.589497][ T1107] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  281.611857][ T1107] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  281.681013][ T1107] usb 6-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  281.712052][ T1107] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.736863][ T1107] usb 6-1: config 0 descriptor??
[  281.954172][T10432] overlayfs: failed to clone upperpath
[  282.052081][T10412] udc-core: couldn't find an available UDC or it's busy
[  282.081128][T10412] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  282.348351][ T1107] usbhid 6-1:0.0: can't add hid device: -71
[  282.357045][ T1107] usbhid: probe of 6-1:0.0 failed with error -71
[  282.392045][ T1107] usb 6-1: USB disconnect, device number 17
[  283.553603][T10337] Set syz1 is full, maxelem 65536 reached
[  284.107056][T10484] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2104'.
[  284.112988][T10482] loop0: detected capacity change from 0 to 128
[  284.175504][T10482] EXT4-fs (loop0): Ignoring removed nobh option
[  284.311301][T10482] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobh,max_dir_size_kb=0x0000000000000002,,errors=continue. Quota mode: none.
[  284.330714][T10482] ext4 filesystem being mounted at /32/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  284.391520][T10493] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  284.474885][T10493] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  284.579157][T10493] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  284.594808][T10503] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2110'.
[  284.618296][T10496] loop_set_status: loop0 () has still dirty pages (nrpages=2)
[  284.648559][T10506] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  284.656582][T10506] IPv6: NLM_F_CREATE should be set when creating new route
[  284.903560][T10514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2113'.
[  284.977319][T10518] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2113'.
[  285.177659][T10523] loop5: detected capacity change from 0 to 2048
[  285.185569][T10525] netlink: 'syz.7.2117': attribute type 25 has an invalid length.
[  285.216985][T10525] netlink: 'syz.7.2117': attribute type 7 has an invalid length.
[  285.293809][T10523] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  285.315568][T10523] ext4 filesystem being mounted at /294/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  285.571865][T10536] overlayfs: failed to clone upperpath
[  285.752647][T10545] overlayfs: failed to clone upperpath
[  286.328584][T10568] tipc: Cannot configure node identity twice
[  286.822774][T10594] loop5: detected capacity change from 0 to 512
[  286.867351][T10596] overlayfs: failed to clone upperpath
[  286.902653][T10594] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  286.918410][T10594] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  287.042259][T10594] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended
[  287.128645][T10594] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  287.170930][T10594] System zones: 0-2, 18-18, 34-34
[  287.217124][T10594] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  287.259038][T10594] EXT4-fs (loop5): 1 truncate cleaned up
[  287.273173][T10594] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  287.417932][   T26] audit: type=1326 audit(1746814709.569:1177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10593 comm="syz.5.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb78755d969 code=0x7ffc0000
[  287.492633][   T26] audit: type=1326 audit(1746814709.569:1178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10593 comm="syz.5.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb78755d969 code=0x7ffc0000
[  287.589601][   T26] audit: type=1326 audit(1746814709.749:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10593 comm="syz.5.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb78755d969 code=0x7ffc0000
[  287.615205][   T26] audit: type=1326 audit(1746814709.769:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10593 comm="syz.5.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb78755d969 code=0x7ffc0000
[  287.705021][T10623] overlayfs: failed to clone upperpath
[  287.792355][T10627] loop0: detected capacity change from 0 to 512
[  287.940725][T10639] loop5: detected capacity change from 0 to 128
[  288.068710][T10627] EXT4-fs (loop0): 1 orphan inode deleted
[  288.074638][T10627] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  288.099459][T10627] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  288.100180][T10633] overlayfs: failed to clone upperpath
[  288.155494][T10633] overlayfs: failed to clone upperpath
[  288.277787][T10646] mmap: syz.1.2167 (10646) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  288.633188][T10672] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2178'.
[  288.721511][T10680] netlink: 'syz.1.2183': attribute type 10 has an invalid length.
[  288.733818][T10680] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2183'.
[  288.769047][T10680] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  288.880620][T10689] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2187'.
[  289.583029][T10719] loop0: detected capacity change from 0 to 128
[  289.671598][T10719] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  289.686649][T10719] ext4 filesystem being mounted at /46/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  290.207435][T10734] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  290.525754][T10758] netlink: 'syz.5.2213': attribute type 10 has an invalid length.
[  291.807096][T10807] netlink: 'syz.5.2236': attribute type 11 has an invalid length.
[  292.344485][   T26] audit: type=1326 audit(1746814714.499:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10832 comm="syz.4.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  292.410039][   T26] audit: type=1326 audit(1746814714.519:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10832 comm="syz.4.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  292.471702][   T26] audit: type=1326 audit(1746814714.519:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10832 comm="syz.4.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  292.541070][   T26] audit: type=1326 audit(1746814714.529:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10832 comm="syz.4.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  292.618858][   T26] audit: type=1326 audit(1746814714.529:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10832 comm="syz.4.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f8fd6df59a3 code=0x7ffc0000
[  292.661746][T10844] netlink: 'syz.5.2251': attribute type 10 has an invalid length.
[  292.718653][   T26] audit: type=1326 audit(1746814714.539:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10832 comm="syz.4.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f8fd6df441f code=0x7ffc0000
[  292.805806][   T26] audit: type=1326 audit(1746814714.539:1187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10832 comm="syz.4.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f8fd6df59f7 code=0x7ffc0000
[  292.879876][   T26] audit: type=1326 audit(1746814714.539:1188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10832 comm="syz.4.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8fd6df42d0 code=0x7ffc0000
[  292.959660][T10851] netlink: 'syz.5.2252': attribute type 10 has an invalid length.
[  292.976659][   T26] audit: type=1326 audit(1746814714.539:1189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10832 comm="syz.4.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f8fd6df45ca code=0x7ffc0000
[  292.976835][T10851] netlink: 156 bytes leftover after parsing attributes in process `syz.5.2252'.
[  293.059988][   T26] audit: type=1326 audit(1746814714.539:1190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10832 comm="syz.4.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  293.180686][   T26] audit: type=1326 audit(1746814714.539:1191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10832 comm="syz.4.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f8fd6df41d7 code=0x7ffc0000
[  293.303563][   T26] audit: type=1326 audit(1746814714.539:1192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10832 comm="syz.4.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fd6df5969 code=0x7ffc0000
[  293.338539][T10857] loop0: detected capacity change from 0 to 32768
[  293.552127][T10868] netlink: 56 bytes leftover after parsing attributes in process `syz.7.2259'.
[  293.896694][T10882] netlink: 'syz.1.2265': attribute type 1 has an invalid length.
[  293.943311][T10886] netlink: 'syz.4.2268': attribute type 7 has an invalid length.
[  293.953430][T10886] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2268'.
[  293.980889][T10882] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2265'.
[  294.095797][T10882] 8021q: adding VLAN 0 to HW filter on device batadv0
[  294.173375][T10882] bond3: (slave batadv0): Enslaving as a backup interface with an up link
[  294.228590][T10888] bond3 (unregistering): (slave batadv0): Releasing backup interface
[  294.299022][T10888] bond3 (unregistering): Released all slaves
[  295.921008][T10928] Cannot find add_set index 0 as target
[  296.004863][T10894] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.012421][T10894] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.547569][T10894] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  296.598784][T10894] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  297.182681][T10894] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  297.192215][T10894] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  297.201385][T10894] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  297.210435][T10894] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  297.369661][T10917] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2279'.
[  297.603736][T10960] loop0: detected capacity change from 0 to 512
[  297.611725][T10961] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2299'.
[  297.649718][T10961] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  297.688399][T10960] EXT4-fs (loop0): Ignoring removed nobh option
[  297.694841][T10960] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  297.732902][T10966] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2301'.
[  297.796599][T10960] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.2297: invalid indirect mapped block 256 (level 2)
[  297.862464][T10960] EXT4-fs (loop0): 2 truncates cleaned up
[  297.881836][T10960] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,nojournal_checksum,dioread_nolock,bsdgroups,,errors=continue. Quota mode: writeback.
[  298.017418][T10987] netlink: 199836 bytes leftover after parsing attributes in process `syz.7.2307'.
[  298.051449][T10987] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  298.838285][ T4528] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  299.104425][T11013] overlayfs: failed to clone lowerpath
[  299.128221][ T4528] usb 1-1: Using ep0 maxpacket: 16
[  299.317727][ T4528] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  299.361835][ T4528] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  299.538411][ T4528] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  299.547850][ T4528] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  299.557334][ T4528] usb 1-1: Product: syz
[  299.569608][ T4528] usb 1-1: Manufacturer: syz
[  299.585885][T11031] overlayfs: failed to clone upperpath
[  299.595111][ T4528] usb 1-1: SerialNumber: syz
[  299.704420][T11035] overlayfs: failed to clone upperpath
[  299.919474][ T4528] usb 1-1: 0:2 : does not exist
[  299.989055][ T4528] usb 1-1: USB disconnect, device number 2
[  300.247074][T11060] overlayfs: failed to clone upperpath
[  300.260294][T11047] udevd[11047]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  300.879643][T11067] loop0: detected capacity change from 0 to 1024
[  300.932330][T11067] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[  300.942375][T11067] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  301.073634][T11067] EXT4-fs (loop0): mounted filesystem without journal. Opts: minixdf,bsddf,barrier=0x0000000000000009,commit=0x0000000000000005,debug_want_extra_isize=0x0000000000000080,mblk_io_submit,nodelalloc,noblock_validity,nomblk_io_submit,,errors=continue. Quota mode: none.
[  301.574427][T11090] overlayfs: failed to clone upperpath
[  302.323583][T11108] netlink: 'syz.5.2350': attribute type 39 has an invalid length.
[  302.733205][   T26] kauditd_printk_skb: 3 callbacks suppressed
[  302.733223][   T26] audit: type=1326 audit(1746814724.889:1196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11112 comm="syz.0.2352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72327dc969 code=0x7ffc0000
[  302.792805][   T26] audit: type=1326 audit(1746814724.919:1197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11112 comm="syz.0.2352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72327dc969 code=0x7ffc0000
[  302.889001][   T26] audit: type=1326 audit(1746814724.919:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11112 comm="syz.0.2352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f72327dc969 code=0x7ffc0000
[  302.953206][   T26] audit: type=1326 audit(1746814724.929:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11112 comm="syz.0.2352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72327dc969 code=0x7ffc0000
[  303.038175][   T26] audit: type=1326 audit(1746814724.929:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11112 comm="syz.0.2352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72327dc969 code=0x7ffc0000
[  303.134827][   T26] audit: type=1326 audit(1746814724.939:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11112 comm="syz.0.2352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f72327dc969 code=0x7ffc0000
[  303.205463][   T26] audit: type=1326 audit(1746814724.939:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11112 comm="syz.0.2352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72327dc969 code=0x7ffc0000
[  303.288774][   T26] audit: type=1326 audit(1746814724.949:1203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11112 comm="syz.0.2352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f72327dc969 code=0x7ffc0000
[  303.304781][T11137] binder: 11134:11137 ioctl c0306201 2000000003c0 returned -14
[  303.367339][   T26] audit: type=1326 audit(1746814724.949:1204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11112 comm="syz.0.2352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72327dc969 code=0x7ffc0000
[  303.433342][T11140] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2363'.
[  303.444614][T11142] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2364'.
[  303.454495][   T26] audit: type=1326 audit(1746814724.949:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11112 comm="syz.0.2352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f72327dc969 code=0x7ffc0000
[  303.966295][T11158] overlayfs: failed to clone upperpath
[  304.422596][T11185] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  304.445791][T11188] xt_connbytes: Forcing CT accounting to be enabled
[  304.474291][T11188] Cannot find set identified by id 0 to match
[  305.416930][T11212] overlayfs: failed to clone upperpath
[  305.509885][T11216] netlink: 68 bytes leftover after parsing attributes in process `syz.7.2387'.
[  306.161583][T11246] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.259297][T11246] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.329828][T11246] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.391937][T11246] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.481293][T11246] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  306.512498][T11246] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  306.528505][T11246] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  306.549074][T11246] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  306.803701][T11261] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  306.871615][T11261] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  306.903936][T11261] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready
[  307.116169][T11277] tipc: Started in network mode
[  307.128378][T11277] tipc: Node identity be4ba54d4ac8, cluster identity 4711
[  307.137079][T11285] overlayfs: failed to clone upperpath
[  307.150444][T11277] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  307.199446][T11287] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2419'.
[  307.320812][T11273] tipc: Resetting bearer <eth:syzkaller0>
[  307.401629][T11273] tipc: Disabling bearer <eth:syzkaller0>
[  307.752138][T11287] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2419'.
[  308.062753][T11300] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  308.081800][T11300] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  308.595947][T11332] syz.7.2438[11332] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  308.596108][T11332] syz.7.2438[11332] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  308.816906][T11346] loop0: detected capacity change from 0 to 512
[  309.045983][T11352] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2447'.
[  309.120658][T11346] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000002,,errors=continue. Quota mode: writeback.
[  309.175052][T11346] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  309.417650][ T9953] EXT4-fs error (device loop0): ext4_lookup:1855: inode #2: comm syz-executor: 'ÿ.' linked to parent dir
[  309.443261][ T9953] EXT4-fs error (device loop0): ext4_lookup:1855: inode #2: comm syz-executor: 'ÿ.' linked to parent dir
[  309.556180][T11367] netlink: 'syz.4.2452': attribute type 10 has an invalid length.
[  309.704136][T11375] netlink: 'syz.1.2466': attribute type 3 has an invalid length.
[  309.746567][T11375] netlink: 'syz.1.2466': attribute type 1 has an invalid length.
[  309.764199][T11376] C: renamed from team_slave_0
[  309.795983][T11376] netlink: 'syz.1.2466': attribute type 1 has an invalid length.
[  309.798656][T11375] netlink: 199820 bytes leftover after parsing attributes in process `syz.1.2466'.
[  309.845121][T11376] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  309.956788][T11380] siw: device registration error -23
[  310.414970][T11395] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2464'.
[  310.862736][T11407] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2470'.
[  310.879661][T11411] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2472'.
[  310.906131][T11411] device bond1 entered promiscuous mode
[  310.917048][T11411] 8021q: adding VLAN 0 to HW filter on device bond1
[  311.109317][T11426] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  311.230659][T11397] chnl_net:caif_netlink_parms(): no params data found
[  311.326291][T11438] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2482'.
[  311.336667][T11438] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.394577][T11432] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2479'.
[  311.487787][T11397] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.507434][T11397] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.529713][T11397] device bridge_slave_0 entered promiscuous mode
[  311.556766][T11397] bridge0: port 2(bridge_slave_1) entered blocking state
[  311.578742][T11397] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.594867][T11397] device bridge_slave_1 entered promiscuous mode
[  311.645750][T11397] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  311.662315][T11397] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  311.753807][T11397] team0: Port device team_slave_0 added
[  311.774677][T11397] team0: Port device team_slave_1 added
[  311.817429][T11397] batman_adv: batadv0: Adding interface: batadv_slave_0
[  311.827732][T11397] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  311.874425][T11397] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  311.898275][T11397] batman_adv: batadv0: Adding interface: batadv_slave_1
[  311.907720][T11397] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  311.948753][T11397] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  311.969180][T11438] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2482'.
[  312.078617][T11397] device hsr_slave_0 entered promiscuous mode
[  312.103390][T11397] device hsr_slave_1 entered promiscuous mode
[  312.120684][T11397] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  312.144583][T11397] Cannot create hsr debugfs directory
[  312.222736][T11454] overlayfs: failed to clone upperpath
[  312.228572][ T4655] tipc: Node number set to 2512710568
[  312.590822][T11463] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  312.601804][T11465] netlink: 'syz.4.2492': attribute type 39 has an invalid length.
[  312.638234][ T4527] Bluetooth: hci2: command 0x0409 tx timeout
[  313.533994][T11487] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2496'.
[  313.627655][T11397] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  313.638740][T11397] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  313.647994][T11397] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  313.657758][T11397] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  313.734243][T11397] 8021q: adding VLAN 0 to HW filter on device bond0
[  313.753481][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  313.761575][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  313.775389][T11397] 8021q: adding VLAN 0 to HW filter on device team0
[  313.785938][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  313.795610][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  313.804525][ T4197] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.811679][ T4197] bridge0: port 1(bridge_slave_0) entered forwarding state
[  313.830594][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  313.839038][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  313.847839][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  313.857525][ T4197] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.864647][ T4197] bridge0: port 2(bridge_slave_1) entered forwarding state
[  313.873226][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  313.882988][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  313.894891][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  313.909808][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  313.941539][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  313.962381][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  313.976175][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  313.993239][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  314.016964][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  314.034215][T11498] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2499'.
[  314.048812][T11498] bridge0: port 1(bridge_slave_0) entered disabled state
[  314.083713][T11397] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  314.106205][T11397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  314.123979][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  314.133702][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  314.313757][T11498] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2499'.
[  314.350710][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  314.363497][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  314.382624][T11397] 8021q: adding VLAN 0 to HW filter on device batadv0
[  314.403742][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  314.413740][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  314.437573][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  314.446227][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  314.455433][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  314.463865][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  314.512229][T11397] device veth0_vlan entered promiscuous mode
[  314.556590][T11397] device veth1_vlan entered promiscuous mode
[  314.601346][T11516] netlink: 'syz.7.2507': attribute type 39 has an invalid length.
[  314.661321][T11520] siw: device registration error -23
[  314.706394][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  314.718129][ T4222] Bluetooth: hci2: command 0x041b tx timeout
[  314.759816][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  314.800017][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  314.827879][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  314.863919][T11397] device veth0_macvtap entered promiscuous mode
[  314.927937][T11397] device veth1_macvtap entered promiscuous mode
[  315.032461][T11397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  315.049111][T11397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.061171][T11397] batman_adv: batadv0: Interface activated: batadv_slave_0
[  315.076265][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  315.119376][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  315.149023][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  315.178892][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  315.217324][T11397] batman_adv: batadv0: Interface activated: batadv_slave_1
[  315.242022][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  315.265869][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  315.297102][T11397] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  315.316438][T11397] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  315.335791][T11397] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  315.355846][T11397] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  315.383000][T11535] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2512'.
[  315.603814][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  315.624735][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  315.676784][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  315.707176][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  315.718292][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  315.766058][ T5591] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  316.484636][T11587] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2536'.
[  316.499313][T11587] bridge0: port 2(bridge_slave_1) entered disabled state
[  316.507285][T11587] bridge0: port 1(bridge_slave_0) entered disabled state
[  316.726513][T11587] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2536'.
[  316.789249][ T1107] Bluetooth: hci2: command 0x040f tx timeout
[  317.109895][    C1] Dead loop on virtual device ipvlan0, fix it urgently!
[  317.112661][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  317.126174][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  317.198206][ T1107] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  317.295164][T11602] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2552'.
[  317.320294][T11604] siw: device registration error -23
[  317.458129][ T1107] usb 4-1: Using ep0 maxpacket: 8
[  317.578452][ T1107] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[  317.598429][ T1107] usb 4-1: config 0 has no interface number 0
[  317.604585][ T1107] usb 4-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0x80, skipping
[  317.625333][T11620] netlink: 'syz.5.2559': attribute type 3 has an invalid length.
[  317.634610][ T1107] usb 4-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0xAB, skipping
[  317.643315][T11620] netlink: 'syz.5.2559': attribute type 1 has an invalid length.
[  317.655429][ T1107] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  317.656631][T11620] netlink: 199820 bytes leftover after parsing attributes in process `syz.5.2559'.
[  317.678717][T11624] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2548'.
[  317.703896][ T1107] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  317.718392][ T1107] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.729671][T11602] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2552'.
[  317.737074][ T1107] usb 4-1: config 0 descriptor??
[  317.793179][ T1107] ldusb 4-1:0.55: Interrupt in endpoint not found
[  317.892941][T11631] netlink: 'syz.1.2550': attribute type 10 has an invalid length.
[  318.008144][ T4655] usb 4-1: USB disconnect, device number 2
[  318.648999][T11648] Bluetooth: (null): Invalid header checksum
[  318.861908][T11657] netlink: 'syz.5.2565': attribute type 10 has an invalid length.
[  318.878507][ T1107] Bluetooth: hci2: command 0x0419 tx timeout
[  318.967394][T11666] netlink: 'syz.5.2568': attribute type 39 has an invalid length.
[  319.618452][T11677] overlayfs: failed to clone upperpath
[  320.737902][T11714] overlayfs: failed to clone upperpath
[  320.865380][T11725] bridge: RTM_NEWNEIGH with invalid ether address
[  321.050990][T11731] device wg2 entered promiscuous mode
[  321.356144][   T26] kauditd_printk_skb: 13 callbacks suppressed
[  321.356163][   T26] audit: type=1326 audit(1746814999.515:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11742 comm="syz.1.2604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56515ce969 code=0x7fc00000
[  321.405614][T11752] device syzkaller0 entered promiscuous mode
[  321.961770][T11767] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2615'.
[  322.009171][   T26] audit: type=1326 audit(1746815000.175:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11742 comm="syz.1.2604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f56515ce969 code=0x7fc00000
[  322.081469][T11772] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2619'.
[  322.097680][T11772] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready
[  322.198155][ T4222] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  322.538337][ T4222] usb 4-1: not running at top speed; connect to a high speed hub
[  322.628820][ T4222] usb 4-1: config 5 has an invalid interface number: 68 but max is 1
[  322.636962][ T4222] usb 4-1: config 5 has no interface number 0
[  322.654148][ T4222] usb 4-1: config 5 interface 68 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  322.687095][ T4222] usb 4-1: config 5 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[  322.700605][ T4222] usb 4-1: config 5 interface 68 has no altsetting 0
[  322.707459][ T4222] usb 4-1: config 5 interface 1 has no altsetting 0
[  322.774181][T11810] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  322.789143][T11810] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  322.813585][T11810] device bridge_slave_0 left promiscuous mode
[  322.835635][T11810] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.878578][ T4222] usb 4-1: New USB device found, idVendor=2639, idProduct=0011, bcdDevice=4e.18
[  322.886649][T11810] bond0: (slave bond_slave_0): Releasing backup interface
[  322.895602][ T4222] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.906465][ T4222] usb 4-1: Product: syz
[  322.911116][ T4222] usb 4-1: Manufacturer: syz
[  322.915915][ T4222] usb 4-1: SerialNumber: syz
[  322.945721][T11810] bond0: (slave bond_slave_1): Releasing backup interface
[  323.032341][T11817] overlayfs: failed to clone upperpath
[  323.081997][T11810] team0: Port device team_slave_0 removed
[  323.124523][T11810] team0: Port device team_slave_1 removed
[  323.153829][T11810] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  323.163937][T11810] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  323.180107][ T1107] Dead loop on virtual device ipvlan0, fix it urgently!
[  323.237982][ T1107] Dead loop on virtual device ipvlan0, fix it urgently!
[  323.309903][ T4222] xsens_mt 4-1:5.1: xsens_mt converter detected
[  323.331257][ T4222] usb 4-1: xsens_mt converter now attached to ttyUSB0
[  323.383909][ T4222] usb 4-1: USB disconnect, device number 3
[  323.435657][ T4222] xsens_mt ttyUSB0: xsens_mt converter now disconnected from ttyUSB0
[  323.459833][ T4222] xsens_mt 4-1:5.1: device disconnected
[  323.503997][ T1107] Dead loop on virtual device ipvlan0, fix it urgently!
[  323.707046][T11841] fuse: Invalid rootmode
[  323.968848][T11850] 9pnet: p9_client_clunk (11850): Trying to clunk with invalid fid
[  323.988534][T11850] CPU: 0 PID: 11850 Comm: syz.3.2647 Not tainted 5.15.182-syzkaller #0
[  323.996891][T11850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  324.007010][T11850] Call Trace:
[  324.010426][T11850]  <TASK>
[  324.013392][T11850]  dump_stack_lvl+0x168/0x230
[  324.018143][T11850]  ? show_regs_print_info+0x20/0x20
[  324.023620][T11850]  ? load_image+0x3b0/0x3b0
[  324.028178][T11850]  ? v9fs_fid_find+0x2d1/0x320
[  324.033020][T11850]  p9_client_clunk+0x2b3/0x380
[  324.037846][T11850]  v9fs_statfs+0x192/0x350
[  324.042487][T11850]  ? slab_free_freelist_hook+0xea/0x170
[  324.048111][T11850]  ? v9fs_drop_inode+0x130/0x130
[  324.053125][T11850]  vfs_statfs+0x13d/0x2c0
[  324.057498][T11850]  ovl_get_lowerstack+0x1fd/0x1bf0
[  324.062656][T11850]  ? ovl_get_upper+0x580/0x580
[  324.067456][T11850]  ? ovl_get_workdir+0x11a0/0x11a0
[  324.072776][T11850]  ovl_fill_super+0x174d/0x2ae0
[  324.077658][T11850]  ? ovl_mount+0x30/0x30
[  324.081901][T11850]  ? preempt_count_add+0x8d/0x190
[  324.086948][T11850]  ? sget+0x427/0x440
[  324.090943][T11850]  ? free_anon_bdev+0x20/0x20
[  324.095631][T11850]  ? ovl_mount+0x30/0x30
[  324.099880][T11850]  mount_nodev+0x52/0xe0
[  324.104162][T11850]  legacy_get_tree+0xe6/0x180
[  324.108870][T11850]  ? virtio_fs_zero_page_range+0x120/0x120
[  324.114701][T11850]  vfs_get_tree+0x88/0x270
[  324.119132][T11850]  do_new_mount+0x24a/0xa40
[  324.123650][T11850]  __se_sys_mount+0x2d6/0x3c0
[  324.128343][T11850]  ? __x64_sys_mount+0xc0/0xc0
[  324.133120][T11850]  ? lockdep_hardirqs_on+0x94/0x140
[  324.138343][T11850]  ? __x64_sys_mount+0x1c/0xc0
[  324.143123][T11850]  do_syscall_64+0x4c/0xa0
[  324.147551][T11850]  ? clear_bhb_loop+0x15/0x70
[  324.152244][T11850]  ? clear_bhb_loop+0x15/0x70
[  324.156938][T11850]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  324.162856][T11850] RIP: 0033:0x7f1440c85969
[  324.167284][T11850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.186957][T11850] RSP: 002b:00007f143eaed038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  324.195502][T11850] RAX: ffffffffffffffda RBX: 00007f1440eacfa0 RCX: 00007f1440c85969
[  324.203484][T11850] RDX: 0000200000000340 RSI: 00002000000000c0 RDI: 0000000000000000
[  324.211477][T11850] RBP: 00007f1440d07ab1 R08: 0000200000000080 R09: 0000000000000000
[  324.219692][T11850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  324.227711][T11850] R13: 0000000000000000 R14: 00007f1440eacfa0 R15: 00007fff948d02e8
[  324.235732][T11850]  </TASK>
[  324.243907][ T4222] Dead loop on virtual device ipvlan0, fix it urgently!
[  324.728270][T11850] overlayfs: statfs failed on './file0'
[  325.027881][T11892] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  325.115866][T11899] netlink: 'syz.1.2674': attribute type 4 has an invalid length.
[  326.234086][T11945] ------------[ cut here ]------------
[  326.240648][T11945] wlan1: Failed check-sdata-in-driver check, flags: 0x4
[  326.249277][T11945] WARNING: CPU: 1 PID: 11945 at net/mac80211/driver-ops.h:172 ieee80211_bss_info_change_notify+0x37b/0x550
[  326.266415][T11945] Modules linked in:
[  326.271726][T11945] CPU: 1 PID: 11945 Comm: syz.7.2692 Not tainted 5.15.182-syzkaller #0
[  326.286142][T11945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  326.306886][T11945] RIP: 0010:ieee80211_bss_info_change_notify+0x37b/0x550
[  326.315036][   T26] audit: type=1326 audit(1746815004.475:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11933 comm="syz.3.2689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1440c85969 code=0x7fc00000
[  326.326869][T11945] Code: 84 96 f8 49 8b 84 24 00 06 00 00 49 81 c4 20 06 00 00 48 85 c0 4c 0f 45 e0 48 c7 c7 20 cc 17 8b 4c 89 e6 89 ea e8 05 bb 6f 00 <0f> 0b e9 07 fd ff ff e8 19 11 51 f8 0f 0b e9 b1 fe ff ff e8 0d 11
[  326.365953][T11945] RSP: 0018:ffffc90002eaf9e8 EFLAGS: 00010246
[  326.372793][T11945] RAX: 935d98ff30ebad00 RBX: 0000000000400000 RCX: 0000000000080000
[  326.386504][T11945] RDX: ffffc90005e79000 RSI: 00000000000057d0 RDI: 00000000000057d1
[  326.395276][T11945] RBP: 0000000000000004 R08: dffffc0000000000 R09: ffffed1017224f24
[  326.404614][T11945] R10: ffffed1017224f24 R11: 1ffff11017224f23 R12: ffff888060948000
[  326.413174][T11945] R13: ffff888060949290 R14: ffff88807dbb8da0 R15: ffff88806094a298
[  326.422376][T11945] FS:  00007f2f9e54f6c0(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[  326.431843][T11945] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  326.439288][T11945] CR2: 0000001b3201fffc CR3: 0000000073a7c000 CR4: 00000000003506e0
[  326.447744][T11945] Call Trace:
[  326.452716][T11945]  <TASK>
[  326.455940][T11945]  ? netif_carrier_on+0xb1/0x120
[  326.461430][T11945]  ieee80211_ocb_leave+0x26f/0x320
[  326.466898][T11945]  __cfg80211_leave_ocb+0x219/0x3f0
[  326.475174][T11945]  cfg80211_leave_ocb+0x53/0x70
[  326.482132][T11945]  cfg80211_change_iface+0x4f1/0xeb0
[  326.487713][T11945]  __cfg80211_wext_siwmode+0x1b4/0x270
[  326.493754][T11945]  ? __cfg80211_wext_giwfreq+0x770/0x770
[  326.499909][T11945]  ? apparmor_capable+0x12c/0x190
[  326.505835][T11945]  ? full_name_hash+0x8e/0xe0
[  326.510940][T11945]  ? __cfg80211_wext_giwfreq+0x770/0x770
[  326.517111][T11945]  ioctl_standard_call+0xd4/0x2b0
[  326.522665][T11945]  ? __cfg80211_wext_giwfreq+0x770/0x770
[  326.528935][T11945]  wext_ioctl_dispatch+0x3da/0x470
[  326.534198][T11945]  ? wext_ioctl_dispatch+0x470/0x470
[  326.540265][T11945]  ? iw_handler_get_private+0x1e0/0x1e0
[  326.546072][T11945]  wext_handle_ioctl+0x104/0x1c0
[  326.551845][T11945]  ? call_commit_handler+0xf0/0xf0
[  326.557138][T11945]  sock_ioctl+0x145/0x6e0
[  326.562278][T11945]  ? sock_poll+0x3f0/0x3f0
[  326.566876][T11945]  ? bpf_lsm_file_ioctl+0x5/0x10
[  326.572398][T11945]  ? security_file_ioctl+0x7c/0xa0
[  326.577653][T11945]  ? sock_poll+0x3f0/0x3f0
[  326.585776][T11945]  __se_sys_ioctl+0xfa/0x170
[  326.590938][T11945]  do_syscall_64+0x4c/0xa0
[  326.595719][T11945]  ? clear_bhb_loop+0x15/0x70
[  326.601114][T11945]  ? clear_bhb_loop+0x15/0x70
[  326.606447][T11945]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  326.612770][T11945] RIP: 0033:0x7f2fa06e7969
[  326.617439][T11945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.637638][T11945] RSP: 002b:00007f2f9e54f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  326.646390][T11945] RAX: ffffffffffffffda RBX: 00007f2fa090efa0 RCX: 00007f2fa06e7969
[  326.654989][T11945] RDX: 0000200000000000 RSI: 0000000000008b06 RDI: 0000000000000005
[  326.663294][T11945] RBP: 00007f2fa0769ab1 R08: 0000000000000000 R09: 0000000000000000
[  326.671844][T11945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  326.680125][T11945] R13: 0000000000000000 R14: 00007f2fa090efa0 R15: 00007ffc6b7d5e88
[  326.691066][T11945]  </TASK>
[  326.694214][T11945] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  326.701490][T11945] CPU: 1 PID: 11945 Comm: syz.7.2692 Not tainted 5.15.182-syzkaller #0
[  326.709886][T11945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  326.719982][T11945] Call Trace:
[  326.723273][T11945]  <TASK>
[  326.726200][T11945]  dump_stack_lvl+0x168/0x230
[  326.730901][T11945]  ? show_regs_print_info+0x20/0x20
[  326.736120][T11945]  ? load_image+0x3b0/0x3b0
[  326.740671][T11945]  panic+0x2c9/0x7f0
[  326.744639][T11945]  ? bpf_jit_dump+0xd0/0xd0
[  326.749175][T11945]  ? ieee80211_bss_info_change_notify+0x37b/0x550
[  326.755782][T11945]  __warn+0x248/0x2b0
[  326.759778][T11945]  ? ieee80211_bss_info_change_notify+0x37b/0x550
[  326.766217][T11945]  report_bug+0x1b7/0x2e0
[  326.770571][T11945]  handle_bug+0x3a/0x70
[  326.774802][T11945]  exc_invalid_op+0x16/0x40
[  326.779371][T11945]  asm_exc_invalid_op+0x16/0x20
[  326.784291][T11945] RIP: 0010:ieee80211_bss_info_change_notify+0x37b/0x550
[  326.791407][T11945] Code: 84 96 f8 49 8b 84 24 00 06 00 00 49 81 c4 20 06 00 00 48 85 c0 4c 0f 45 e0 48 c7 c7 20 cc 17 8b 4c 89 e6 89 ea e8 05 bb 6f 00 <0f> 0b e9 07 fd ff ff e8 19 11 51 f8 0f 0b e9 b1 fe ff ff e8 0d 11
[  326.811027][T11945] RSP: 0018:ffffc90002eaf9e8 EFLAGS: 00010246
[  326.817127][T11945] RAX: 935d98ff30ebad00 RBX: 0000000000400000 RCX: 0000000000080000
[  326.825135][T11945] RDX: ffffc90005e79000 RSI: 00000000000057d0 RDI: 00000000000057d1
[  326.833138][T11945] RBP: 0000000000000004 R08: dffffc0000000000 R09: ffffed1017224f24
[  326.841143][T11945] R10: ffffed1017224f24 R11: 1ffff11017224f23 R12: ffff888060948000
[  326.849146][T11945] R13: ffff888060949290 R14: ffff88807dbb8da0 R15: ffff88806094a298
[  326.857159][T11945]  ? ieee80211_bss_info_change_notify+0x37b/0x550
[  326.863591][T11945]  ? netif_carrier_on+0xb1/0x120
[  326.868571][T11945]  ieee80211_ocb_leave+0x26f/0x320
[  326.873856][T11945]  __cfg80211_leave_ocb+0x219/0x3f0
[  326.879401][T11945]  cfg80211_leave_ocb+0x53/0x70
[  326.884491][T11945]  cfg80211_change_iface+0x4f1/0xeb0
[  326.889866][T11945]  __cfg80211_wext_siwmode+0x1b4/0x270
[  326.895412][T11945]  ? __cfg80211_wext_giwfreq+0x770/0x770
[  326.901079][T11945]  ? apparmor_capable+0x12c/0x190
[  326.906150][T11945]  ? full_name_hash+0x8e/0xe0
[  326.910883][T11945]  ? __cfg80211_wext_giwfreq+0x770/0x770
[  326.916559][T11945]  ioctl_standard_call+0xd4/0x2b0
[  326.921649][T11945]  ? __cfg80211_wext_giwfreq+0x770/0x770
[  326.927369][T11945]  wext_ioctl_dispatch+0x3da/0x470
[  326.932621][T11945]  ? wext_ioctl_dispatch+0x470/0x470
[  326.937925][T11945]  ? iw_handler_get_private+0x1e0/0x1e0
[  326.943525][T11945]  wext_handle_ioctl+0x104/0x1c0
[  326.948539][T11945]  ? call_commit_handler+0xf0/0xf0
[  326.953686][T11945]  sock_ioctl+0x145/0x6e0
[  326.958023][T11945]  ? sock_poll+0x3f0/0x3f0
[  326.962494][T11945]  ? bpf_lsm_file_ioctl+0x5/0x10
[  326.967607][T11945]  ? security_file_ioctl+0x7c/0xa0
[  326.972735][T11945]  ? sock_poll+0x3f0/0x3f0
[  326.977154][T11945]  __se_sys_ioctl+0xfa/0x170
[  326.981763][T11945]  do_syscall_64+0x4c/0xa0
[  326.986208][T11945]  ? clear_bhb_loop+0x15/0x70
[  326.990889][T11945]  ? clear_bhb_loop+0x15/0x70
[  326.995579][T11945]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  327.001508][T11945] RIP: 0033:0x7f2fa06e7969
[  327.005958][T11945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  327.025579][T11945] RSP: 002b:00007f2f9e54f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  327.034015][T11945] RAX: ffffffffffffffda RBX: 00007f2fa090efa0 RCX: 00007f2fa06e7969
[  327.041998][T11945] RDX: 0000200000000000 RSI: 0000000000008b06 RDI: 0000000000000005
[  327.049992][T11945] RBP: 00007f2fa0769ab1 R08: 0000000000000000 R09: 0000000000000000
[  327.057977][T11945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  327.065953][T11945] R13: 0000000000000000 R14: 00007f2fa090efa0 R15: 00007ffc6b7d5e88
[  327.074060][T11945]  </TASK>
[  327.077213][T11945] Kernel Offset: disabled
[  327.081966][T11945] Rebooting in 86400 seconds..