last executing test programs:

7.855273101s ago: executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x10103e, 0x0)
ftruncate(r0, 0x20cf01)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x10, r1, 0x0)
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x147842, 0x0)
preadv2(r2, &(0x7f00000000c0)=[{&(0x7f0000003200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0)

5.08970147s ago: executing program 1:
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000000)=0x4547, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c9000c0008000500067f040000000000b4990e25741033e6c93271c8ba7fd221bf1f0bddec5a5dddc9d63e253a838bb1acb4761da82f64f24e367d79a3338cc12a12030e1f977769b618e1c8fd517ed840f721b4cce190e8a273090150314a01e5020f89937428118c63b80d2d95"], 0x11)
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)

4.935134258s ago: executing program 2:
r0 = syz_io_uring_setup(0x50e4, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd_index})
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='+'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer)
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

4.786635426s ago: executing program 3:
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x1d, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x24, 0x0, 0x3, 0x0, [{@multicast1}, {@remote, 0x659}, {@broadcast}, {@empty}]}, @timestamp_prespec={0x44, 0x14, 0x0, 0x3, 0x0, [{@multicast1}, {}]}, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@private, @rand_addr]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000c40)="c10e020022003505d25a806f8c6394f90435fc60", 0x14}], 0x1}, 0x0)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xffffff06, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030030000b12d25a80648c2594f90124fc60100c044002000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0xa}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
sendfile(r0, r0, &(0x7f00000001c0)=0x8f, 0x8)
r4 = dup(r1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r6, 0x114, 0x1, &(0x7f00000000c0)={0x2, 0x4e23, @rand_addr=0x64010102}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x9, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b4020000000000106111480100000000040a0c00000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xd, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x29}, 0x21)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), 0xffffffffffffffff)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)

4.529808181s ago: executing program 0:
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
fchdir(r0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000100)='./bus\x00')
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./file1\x00', 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', r1, &(0x7f00000004c0)='./file2\x00', 0x2)

4.474859231s ago: executing program 1:
io_setup(0x3ff, &(0x7f0000000500)=<r0=>0x0)
clock_gettime(0x0, &(0x7f0000000040)={<r1=>0x0, <r2=>0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b00)={0x0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x8, 0x3, 0x0, &(0x7f0000001200)='syzkaller\x00', 0xfffffffc}, 0x90)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x12, 0x6, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000085100000010000009500000000000010bfa000000000000095"], &(0x7f0000000000)='GPL\x00', 0x5, 0xf6, &(0x7f0000000080)=""/246, 0x0, 0x0, '\x00', 0x0, 0x13}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00'})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r4, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast1}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000010010000"], 0x18}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
epoll_create1(0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rxrpc_call\x00', r5}, 0x10)
sendmsg$kcm(r4, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=[{0x18, 0x110, 0x1, 'p'}], 0x18}, 0x0)
io_pgetevents(r0, 0x80000001, 0x2, &(0x7f0000000200)=[{}, {}], &(0x7f0000000180)={r1, r2+10000000}, &(0x7f0000000240)={&(0x7f0000000140)={[0x4000000000000005]}, 0x8})
syz_mount_image$nilfs2(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x4800, &(0x7f0000000040)=ANY=[], 0x1, 0xda6, &(0x7f0000003c80)="$eJzs3ctvXFf9APBzx544r/7iNO4vJoTEJJSGR+wmtSg7XCksKqQKKX9BFdKS4pZHwqJVKiVZsCVS1T+AqmtY8MyiUtRVUDcg/oGqKzahqlQgQmqNbJ8zHn8zw51xbI/H8/lId87c+z33nnPmcefOfZ0EjKzGyuP8/HSV0tt33rrw4OT4v5ennGzlmFl5HM9jCymlZmu+lCbD8hYmVtPPPrl+qT39PKdVOp+qVLWmpxfut+Y9kFK6kWbS3TSZLn589PYrHzy/+N6Rm0cuvHnm3ta0HgAARsuD77370z8/9d3rh//zmxMLaaI1vWyfL+Txg3m7f6FaHc9J639A1ZZWbePFnpBvPA+NkG+sQ772cpoh33iX8veE5Ta75JuoKX+sbVqndsMwW/sfXzVm1403GrOzq//Jl304tqeafe3K4ktXB1RRYNN9ejLv4jMYDCM3LB0a9BoIYFU8bviQG3HPwqNpLW28t/LvP9foPD9sgu3+/Ct/uMp/96Y1Dptnt36aSrvK9+hgHo/HEcbDfP1+/8vy4vGIZo/17HYcYViOL3Sr59g212OjutU/fi52qy/ltLwOJ0K8/fsT39NheY+Bzh7Y/28wjOywNOgVELBjxfPmlrISj+f1xfhETXxvTXxfTXx/TfxATRxG2W+v/TLdrtb+58f/9P3uDyv72R7L6f/1WZ+4P7Lf8uN5v/161PLj+cSwo5351/FPf373L/H8/8/D+f+n82/pZF5BlP2Fcb9669z/cGFwo0u+x0N1HuuQf+X51Pp81dTaclLbeuahekyvn+9Qt3zH1+ebDPn2522RvaG+cftkf5ivbH+U9Wp5vcZDe5uhHXtCPco7czine0N7DndrV9iRvSfka+bhSGjXVGjXE2G+/w/tqqbXtyvuPy/1ORqmx+MkJV942x76XYrvRbwu41ROb+X0nZy+n9OPOpQ7isrnsdv5/+XzOZ2a1UtXFi8/ncfL5/TeWHNiefq5ba438Oh6vf5nOq2//udga3qz0b5eOLQ2vWpfL0yG6ee7TH8mj5ffsx+O7VuZPnvpx4s/2OzGw4i7+vobP3pxcfHyzzzxxBNPWk/+x0rj1zMXr23jOgrYGnPXXv3J3NXX3zh75dUXX7788uXXzj397W898+yz83MrW/Vz7dv2wO6y9qM/6JoAAAAAAAAAAAAAPav2dZ6c07r725brycv16fH6eIZDed/Kp6Hcx6Bc/9ntvi7l+s3D21BHNt92XE406DYCnf3D/X8NhpEdlpbcxR/YGQbd/1+572FJD5792+HloWS7/9z69WW8fyE8ip3e/5zyd1f/f63+r3pe/4UesyY3Vu7vHuz7a1ux6Viv5cf2l/vATvVX/u9z+aU1T6beyl/6VSg/3qi0R38I5e/vsfyH2n98Y+X/MZdfXrYzp3stf7XGVWN9PeJ+43IfwLjfuPhTaH+5t18/7T91a+Mdtd3J5cMoG5Z+Jvs1LP1/dlOWW9aDefXcOk5X7r8d+zvot/7lvt/ld+CJsPyq5vdN/5/Dra7/z/L5m9P/J+w6Hzr+ZzCM7LC0tDTQrk9Gtd+VnWLQr/+gtyEHXf6gX/86sf/P+H8p9v8Z47H/zxiP/X/GeOxfK8Zj/5/x9Yz9f8b40bDc2D/odE38CzXxYzXxL9bEj9fE4/+3GJ+piZ+oiZ+siT9eEz9VEz9dE/9KTfzJmvhTNfEzNfHd7ss5HdX2wyiL/Ub6/sPoKMd/un3/p2riwPCK/TrH7/dXa+LA8Crnefh+wwiqOt+xI+5vL/txb+X0nZy+n9OPtqyCbIev5fTrOf1GTr+Z07M5nc3pXE71DTncfvH3YyduV2vn+R0K8V7PJ43XA8T7xJzrsT7x+Fy/57Me7bGcrSp/g5eDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyNxsrj/Px0ldLbd9668M+p73x/ecrJVo6ZlcfxPLaQUmqmlKo8Ph6Wd2NiNf3sk+uXOqVVOr/yWMbTC/db8x5Ynj/NpLtpMl38+OjtVz54fvG9IzePXHjzzL2taT0AAACMhv8GAAD//5Cp5/o=")
r6 = creat(&(0x7f00000001c0)='.\x00', 0x0)
lseek(r6, 0x7fff, 0x0)
write$FUSE_INTERRUPT(r6, &(0x7f0000000380)={0x10}, 0x10)
r7 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
write$FUSE_NOTIFY_DELETE(r7, &(0x7f0000000080)=ANY=[@ANYBLOB="300000000600000000000000000000000000000000000000000000000000000007000000000000006e00000000320000"], 0x30)
pwritev2(r7, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x1}], 0x1, 0xfffffffe, 0x0, 0x0)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
dup(r8)

4.110605699s ago: executing program 2:
socket(0x0, 0x0, 0x0)
r0 = socket$inet(0x2, 0x6, 0x0)
bind$inet(r0, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback=0xac141436}, 0x10)

3.798325537s ago: executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000010000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327edb1fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18c65ae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a891588d818a0afc0b3116a130974cac0615232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c9068000000bc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f3ca1664fe2f3ced8416dc180604b60c2499d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d7676074a0bde4471414c99d4894ee7f8139dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8070000001fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491d04aaee0d409731091f4fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f84e4272d2cc72d4e771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e1590bab105b0cb578af7dc7d5e87d48d376444e2de02f47c61e8e84ff828de457f34c2b08660b080efc707e676e1fb4d5865c0ca177a4c7fbb4e829ab0894a1062b445c00f576b2b5cc7f819abd0f885cc4806f47ffb966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329bb8cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5bfc182cb5e8380100632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481edbf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026def743f1213bf817becd9e5a225d67521d1128eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979030000007081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661351df747aa6a65872dfdcfa68f65bd06b4082d43e121861b5cc09b986bf56c747d9a1cc5b506892c3a16ff10feea20bdac89bfb758cf3500000000000000000000000000000098e6db5a96055e764a3bfd4ccb20d2e800994f4b602d25b2c076f21c7102687e054bb93b2d013be6227fd99902b074c0de00733128c81c48c5e140b17d71ac48f137d10798c4272826d2ba55bbda0059636528c132ed06759d880d1bc291a76456cd7ee8bcb392fdf886dbc74879ec4b831904d7c101ebbaef3c0ae6d0cf0000000000000000000000000000000011cb735f66a559ef0cdb5163a15c0bb986474bf5d9542e3e48805ce53127e4c076d69d868df543717aaaa07d7aca056f7f036c2bcba0795d1a64868a29ac5321b3cd6ef5b1a741afc7124ee3df3a35e8014d6cb5fd6c054a10bb2146174c1d68b45fcfd7e531090ceae2f05536a4d5d6a4081e743827fb9c031d1fc9f195c2da189c49eaed6c30c71da0452e502ef393efeb02ebe82b1851cae5fa7c958ba23110b5e0e5b890803f28a356b2920e74564e0f8377b0ba5187fed2882b4780a1bcb583f1cb1470003ef9b592b9461328cfc01ebfce0ecdcea714a517dc40000000000000000000000000006bd0561e1cc72880cc3ec1bdf35eb670a9040e3b53cd826b94ad8aeb014e74787fe89fb3247a87d8bfb6d400142369f88964708d1d4db5a5df9d62ea6d805dfce568b885a50ed8e2eaf8a932287a1d3bfac17774e58875a63b77e07298e4b4f515189c6fcac3cd35dac9240e633219bb6a5a25865e6ed8e16caa5406b56702afe0befcabbc9a2a772a1a087f0d633d457bceb695b2cba3a1a2daa2dda796373cc0fe0a53236d028fc1076bb746b2717c8b6052f58c91bb8cc19474ab9d4d2160773829f078727f6c684ca749136a7f46ca28b00bb4237695b4"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x2e0, 0xfe, 0x0, &(0x7f0000000100)="b9ff03076044238cb89e14f089020de0ffff00184000632977fbac14140ce005006a62079f4b4d2f87e505ca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x20, 0x51, &(0x7f0000000040)="ded6e0966ec1cf6ba4b897a54e4e062b311453dcbb62932a01105d0a8066ca8e", &(0x7f0000000380)="af5fa441b438b5156d8a9fcc090f586e979858f64170cde36889dcc8539ffcca62621a4c3ea3f7acee366e6fb0b94314f91731dec60fed6c9fee64af416c29f65e47110b81f6b4da06db5e1aad1f627acb", 0x0, 0x3}, 0x50)

3.212373863s ago: executing program 3:
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
fchdir(0xffffffffffffffff)
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./file1\x00', 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', r0, &(0x7f00000004c0)='./file2\x00', 0x2)

3.008243738s ago: executing program 0:
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt$inet_int(r0, 0x10d, 0x1, 0x0, 0x0)

2.791415448s ago: executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='system.posix_acl_default\x00', &(0x7f0000000080), 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f0000000140)={'fscrypt:', @desc1}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da4149683f065714f8a61d1f32c99064bbd27b2aa77459cff33a3a98350f1af9d51ed5bef3d63520d260804d0"}, 0x48, 0xfffffffffffffffd)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

2.526502762s ago: executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x10103e, 0x0)
ftruncate(r0, 0x20cf01)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x10, r1, 0x0)
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x147842, 0x0)
preadv2(r2, &(0x7f00000000c0)=[{&(0x7f0000003200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0)

2.23948802s ago: executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x2, @empty}, 0x1c)

2.22140924s ago: executing program 3:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
sendto$inet(r0, &(0x7f0000000040)="10", 0x1, 0x0, &(0x7f0000000200)={0x2, 0x0, @private=0xa010102}, 0x10)
sendto$inet(r0, &(0x7f0000000140)='8', 0x1, 0x0, &(0x7f00000001c0)={0x2, 0x0, @rand_addr=0x64010102}, 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)=0x1, 0x4)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x54)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, 0x0, 0x0)

1.504432786s ago: executing program 4:
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000004c0)={0x0, 0x3, 0x6, @broadcast}, 0x10)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000000c0)={r1, 0x3, 0x6, @link_local}, 0x10)
close(r0)

1.197991274s ago: executing program 0:
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000000)=0x4547, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c9000c0008000500067f040000000000b4990e25741033e6c93271c8ba7fd221bf1f0bddec5a5dddc9d63e253a838bb1acb4761da82f64f24e367d79a3338cc12a12030e1f977769b618e1c8fd517ed840f721b4cce190e8a273090150314a01e5020f89937428118c63b80d2d95"], 0x11)
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)

428.895442ms ago: executing program 0:
r0 = syz_io_uring_setup(0x50e4, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd_index})
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='+'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer)
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

151.605095ms ago: executing program 4:
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x1d, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x24, 0x0, 0x3, 0x0, [{@multicast1}, {@remote, 0x659}, {@broadcast}, {@empty}]}, @timestamp_prespec={0x44, 0x14, 0x0, 0x3, 0x0, [{@multicast1}, {}]}, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@private, @rand_addr]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000c40)="c10e020022003505d25a806f8c6394f90435fc60", 0x14}], 0x1}, 0x0)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xffffff06, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030030000b12d25a80648c2594f90124fc60100c044002000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0xa}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
sendfile(r0, r0, &(0x7f00000001c0)=0x8f, 0x8)
r4 = dup(r1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r6, 0x114, 0x1, &(0x7f00000000c0)={0x2, 0x4e23, @rand_addr=0x64010102}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x9, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b4020000000000106111480100000000040a0c00000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xd, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x29}, 0x21)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), 0xffffffffffffffff)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)

0s ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000010000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327edb1fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18c65ae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a891588d818a0afc0b3116a130974cac0615232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c9068000000bc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f3ca1664fe2f3ced8416dc180604b60c2499d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d7676074a0bde4471414c99d4894ee7f8139dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8070000001fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491d04aaee0d409731091f4fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f84e4272d2cc72d4e771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e1590bab105b0cb578af7dc7d5e87d48d376444e2de02f47c61e8e84ff828de457f34c2b08660b080efc707e676e1fb4d5865c0ca177a4c7fbb4e829ab0894a1062b445c00f576b2b5cc7f819abd0f885cc4806f47ffb966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329bb8cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5bfc182cb5e8380100632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481edbf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026def743f1213bf817becd9e5a225d67521d1128eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979030000007081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661351df747aa6a65872dfdcfa68f65bd06b4082d43e121861b5cc09b986bf56c747d9a1cc5b506892c3a16ff10feea20bdac89bfb758cf3500000000000000000000000000000098e6db5a96055e764a3bfd4ccb20d2e800994f4b602d25b2c076f21c7102687e054bb93b2d013be6227fd99902b074c0de00733128c81c48c5e140b17d71ac48f137d10798c4272826d2ba55bbda0059636528c132ed06759d880d1bc291a76456cd7ee8bcb392fdf886dbc74879ec4b831904d7c101ebbaef3c0ae6d0cf0000000000000000000000000000000011cb735f66a559ef0cdb5163a15c0bb986474bf5d9542e3e48805ce53127e4c076d69d868df543717aaaa07d7aca056f7f036c2bcba0795d1a64868a29ac5321b3cd6ef5b1a741afc7124ee3df3a35e8014d6cb5fd6c054a10bb2146174c1d68b45fcfd7e531090ceae2f05536a4d5d6a4081e743827fb9c031d1fc9f195c2da189c49eaed6c30c71da0452e502ef393efeb02ebe82b1851cae5fa7c958ba23110b5e0e5b890803f28a356b2920e74564e0f8377b0ba5187fed2882b4780a1bcb583f1cb1470003ef9b592b9461328cfc01ebfce0ecdcea714a517dc40000000000000000000000000006bd0561e1cc72880cc3ec1bdf35eb670a9040e3b53cd826b94ad8aeb014e74787fe89fb3247a87d8bfb6d400142369f88964708d1d4db5a5df9d62ea6d805dfce568b885a50ed8e2eaf8a932287a1d3bfac17774e58875a63b77e07298e4b4f515189c6fcac3cd35dac9240e633219bb6a5a25865e6ed8e16caa5406b56702afe0befcabbc9a2a772a1a087f0d633d457bceb695b2cba3a1a2daa2dda796373cc0fe0a53236d028fc1076bb746b2717c8b6052f58c91bb8cc19474ab9d4d2160773829f078727f6c684ca749136a7f46ca28b00bb4237695b4"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x2e0, 0xfe, 0x0, &(0x7f0000000100)="b9ff03076044238cb89e14f089020de0ffff00184000632977fbac14140ce005006a62079f4b4d2f87e505ca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x20, 0x51, &(0x7f0000000040)="ded6e0966ec1cf6ba4b897a54e4e062b311453dcbb62932a01105d0a8066ca8e", &(0x7f0000000380)="af5fa441b438b5156d8a9fcc090f586e979858f64170cde36889dcc8539ffcca62621a4c3ea3f7acee366e6fb0b94314f91731dec60fed6c9fee64af416c29f65e47110b81f6b4da06db5e1aad1f627acb", 0x0, 0x3}, 0x50)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.126' (ED25519) to the list of known hosts.
2024/05/29 20:09:47 fuzzer started
2024/05/29 20:09:48 dialing manager at 10.128.0.169:30024
[  184.762694][ T5043] cgroup: Unknown subsys name 'net'
[  184.999139][ T5043] cgroup: Unknown subsys name 'rlimit'
[  224.222409][ T1220] ieee802154 phy0 wpan0: encryption failed: -22
[  224.229559][ T1220] ieee802154 phy1 wpan1: encryption failed: -22
2024/05/29 20:10:44 starting 5 executor processes
[  239.947801][ T5048] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  239.974254][ T5048] syz-executor (5048) used greatest stack depth: 4768 bytes left
[  242.892745][ T5071] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  242.904203][ T5071] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  242.913478][ T5071] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  242.923178][ T5075] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  242.932765][ T5071] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  242.942686][ T5071] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  242.958119][ T5075] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  242.970432][ T5071] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  242.972488][ T5075] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  242.990808][ T5075] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  243.023936][ T5075] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  243.034985][ T5075] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  243.285680][   T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  243.368496][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  243.385637][   T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  243.479859][ T4431] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  243.484359][ T5071] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  243.489588][ T4431] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  243.499462][ T5071] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  243.505473][ T4431] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  243.512456][ T5071] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  243.525568][ T5071] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  243.668012][ T5071] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  243.684916][ T4431] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  243.701580][ T4431] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  243.718762][ T4431] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  243.734078][ T4431] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  243.753021][ T4431] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  243.789515][ T5071] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  243.799270][ T5071] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  244.524063][ T5069] chnl_net:caif_netlink_parms(): no params data found
[  244.775632][ T5068] chnl_net:caif_netlink_parms(): no params data found
[  245.101904][ T5071] Bluetooth: hci0: command tx timeout
[  245.101979][ T5075] Bluetooth: hci1: command tx timeout
[  245.600353][ T5071] Bluetooth: hci2: command tx timeout
[  245.643242][ T5084] chnl_net:caif_netlink_parms(): no params data found
[  245.784422][ T5068] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.793825][ T5068] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.801990][ T5068] bridge_slave_0: entered allmulticast mode
[  245.809226][ T5071] Bluetooth: hci3: command tx timeout
[  245.812004][ T5068] bridge_slave_0: entered promiscuous mode
[  245.849971][ T5077] chnl_net:caif_netlink_parms(): no params data found
[  245.892699][ T5068] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.901688][ T5068] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.909684][ T5068] bridge_slave_1: entered allmulticast mode
[  245.919138][ T5068] bridge_slave_1: entered promiscuous mode
[  245.967301][ T5071] Bluetooth: hci4: command tx timeout
[  246.136603][ T5068] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  246.177327][ T5068] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  246.395214][ T5069] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.403274][ T5069] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.412097][ T5069] bridge_slave_0: entered allmulticast mode
[  246.421716][ T5069] bridge_slave_0: entered promiscuous mode
[  246.444314][ T5068] team0: Port device team_slave_0 added
[  246.454630][ T5082] chnl_net:caif_netlink_parms(): no params data found
[  246.490739][ T5069] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.498996][ T5069] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.507187][ T5069] bridge_slave_1: entered allmulticast mode
[  246.516551][ T5069] bridge_slave_1: entered promiscuous mode
[  246.559923][ T5068] team0: Port device team_slave_1 added
[  246.801486][ T5068] batman_adv: batadv0: Adding interface: batadv_slave_0
[  246.809871][ T5068] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  246.836618][ T5068] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  246.867950][ T5069] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  246.926113][ T5069] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  247.097599][ T5068] batman_adv: batadv0: Adding interface: batadv_slave_1
[  247.106107][ T5068] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  247.138901][ T5068] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  247.168094][ T5071] Bluetooth: hci0: command tx timeout
[  247.174344][ T5075] Bluetooth: hci1: command tx timeout
[  247.280285][ T5069] team0: Port device team_slave_0 added
[  247.320939][ T5069] team0: Port device team_slave_1 added
[  247.375875][ T5084] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.385457][ T5084] bridge0: port 1(bridge_slave_0) entered disabled state
[  247.393694][ T5084] bridge_slave_0: entered allmulticast mode
[  247.404618][ T5084] bridge_slave_0: entered promiscuous mode
[  247.588102][ T5084] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.595917][ T5084] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.604174][ T5084] bridge_slave_1: entered allmulticast mode
[  247.616361][ T5084] bridge_slave_1: entered promiscuous mode
[  247.649996][ T5071] Bluetooth: hci2: command tx timeout
[  247.782469][ T5069] batman_adv: batadv0: Adding interface: batadv_slave_0
[  247.789928][ T5069] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  247.818016][ T5069] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  247.881786][ T5068] hsr_slave_0: entered promiscuous mode
[  247.892980][ T5068] hsr_slave_1: entered promiscuous mode
[  247.896759][ T5071] Bluetooth: hci3: command tx timeout
[  247.957462][ T5069] batman_adv: batadv0: Adding interface: batadv_slave_1
[  247.965692][ T5069] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  247.996095][ T5069] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  248.050367][ T5071] Bluetooth: hci4: command tx timeout
[  248.062763][ T5084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  248.115785][ T5077] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.123734][ T5077] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.132211][ T5077] bridge_slave_0: entered allmulticast mode
[  248.141814][ T5077] bridge_slave_0: entered promiscuous mode
[  248.164430][ T5084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  248.233867][ T5082] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.241596][ T5082] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.249656][ T5082] bridge_slave_0: entered allmulticast mode
[  248.259453][ T5082] bridge_slave_0: entered promiscuous mode
[  248.338046][ T5077] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.347953][ T5077] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.355747][ T5077] bridge_slave_1: entered allmulticast mode
[  248.365159][ T5077] bridge_slave_1: entered promiscuous mode
[  248.415425][ T5082] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.423654][ T5082] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.431824][ T5082] bridge_slave_1: entered allmulticast mode
[  248.441513][ T5082] bridge_slave_1: entered promiscuous mode
[  248.569669][ T5084] team0: Port device team_slave_0 added
[  248.708407][ T5084] team0: Port device team_slave_1 added
[  248.775904][ T5082] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  248.804909][ T5069] hsr_slave_0: entered promiscuous mode
[  248.815608][ T5069] hsr_slave_1: entered promiscuous mode
[  248.824848][ T5069] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  248.832846][ T5069] Cannot create hsr debugfs directory
[  248.850498][ T5077] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  248.872958][ T5077] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  248.957101][ T5082] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  249.092003][ T5084] batman_adv: batadv0: Adding interface: batadv_slave_0
[  249.100680][ T5084] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.128258][ T5084] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  249.238490][ T5077] team0: Port device team_slave_0 added
[  249.246977][ T5071] Bluetooth: hci0: command tx timeout
[  249.248694][ T5084] batman_adv: batadv0: Adding interface: batadv_slave_1
[  249.252587][ T5071] Bluetooth: hci1: command tx timeout
[  249.261170][ T5084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.292238][ T5084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  249.312740][ T5082] team0: Port device team_slave_0 added
[  249.368374][ T5077] team0: Port device team_slave_1 added
[  249.437451][ T5082] team0: Port device team_slave_1 added
[  249.725509][ T5077] batman_adv: batadv0: Adding interface: batadv_slave_0
[  249.733158][ T5077] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.734795][ T5071] Bluetooth: hci2: command tx timeout
[  249.759661][ T5077] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  249.788111][ T5077] batman_adv: batadv0: Adding interface: batadv_slave_1
[  249.795333][ T5077] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.822712][ T5077] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  249.854806][ T5082] batman_adv: batadv0: Adding interface: batadv_slave_0
[  249.862602][ T5082] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.889176][ T5082] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  249.918456][ T5082] batman_adv: batadv0: Adding interface: batadv_slave_1
[  249.925937][ T5082] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.953287][ T5082] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  249.966807][ T5071] Bluetooth: hci3: command tx timeout
[  250.127883][ T5071] Bluetooth: hci4: command tx timeout
[  250.309828][ T5084] hsr_slave_0: entered promiscuous mode
[  250.322185][ T5084] hsr_slave_1: entered promiscuous mode
[  250.330721][ T5084] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  250.341476][ T5084] Cannot create hsr debugfs directory
[  250.417175][ T5082] hsr_slave_0: entered promiscuous mode
[  250.427039][ T5082] hsr_slave_1: entered promiscuous mode
[  250.435972][ T5082] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  250.444049][ T5082] Cannot create hsr debugfs directory
[  250.464604][ T5077] hsr_slave_0: entered promiscuous mode
[  250.474678][ T5077] hsr_slave_1: entered promiscuous mode
[  250.484827][ T5077] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  250.492884][ T5077] Cannot create hsr debugfs directory
[  250.832738][ T5068] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  250.956051][ T5068] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  250.995664][ T5068] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  251.034641][ T5068] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  251.324297][ T5069] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  251.328041][ T5071] Bluetooth: hci1: command tx timeout
[  251.337796][ T5075] Bluetooth: hci0: command tx timeout
[  251.372739][ T5069] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  251.465575][ T5069] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  251.504690][ T5069] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  251.811476][ T5071] Bluetooth: hci2: command tx timeout
[  252.049096][ T5071] Bluetooth: hci3: command tx timeout
[  252.211473][ T5071] Bluetooth: hci4: command tx timeout
[  252.256724][ T5084] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  252.300522][ T5084] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  252.353516][ T5084] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  252.378931][ T5084] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  252.643850][ T5077] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  252.694643][ T5077] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  252.808231][ T5077] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  252.835677][ T5077] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  253.041274][ T5068] 8021q: adding VLAN 0 to HW filter on device bond0
[  253.092625][ T5069] 8021q: adding VLAN 0 to HW filter on device bond0
[  253.112857][ T5082] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  253.181683][ T5082] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  253.267451][ T5082] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  253.315662][ T5082] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  253.431973][ T5068] 8021q: adding VLAN 0 to HW filter on device team0
[  253.493233][ T5069] 8021q: adding VLAN 0 to HW filter on device team0
[  253.568257][ T4530] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.576102][ T4530] bridge0: port 1(bridge_slave_0) entered forwarding state
[  253.684626][ T4530] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.692672][ T4530] bridge0: port 1(bridge_slave_0) entered forwarding state
[  253.709791][ T4530] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.717750][ T4530] bridge0: port 2(bridge_slave_1) entered forwarding state
[  254.019300][ T4530] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.027283][ T4530] bridge0: port 2(bridge_slave_1) entered forwarding state
[  254.464236][ T5084] 8021q: adding VLAN 0 to HW filter on device bond0
[  254.673252][ T5084] 8021q: adding VLAN 0 to HW filter on device team0
[  254.723651][ T5077] 8021q: adding VLAN 0 to HW filter on device bond0
[  254.791848][ T5119] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.801524][ T5119] bridge0: port 1(bridge_slave_0) entered forwarding state
[  254.965265][ T5119] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.973242][ T5119] bridge0: port 2(bridge_slave_1) entered forwarding state
[  255.127398][ T5077] 8021q: adding VLAN 0 to HW filter on device team0
[  255.242593][ T5119] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.250595][ T5119] bridge0: port 1(bridge_slave_0) entered forwarding state
[  255.424097][ T5082] 8021q: adding VLAN 0 to HW filter on device bond0
[  255.477946][ T5084] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  255.488958][ T5084] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  255.562185][ T5119] bridge0: port 2(bridge_slave_1) entered blocking state
[  255.570219][ T5119] bridge0: port 2(bridge_slave_1) entered forwarding state
[  255.702901][ T5082] 8021q: adding VLAN 0 to HW filter on device team0
[  255.953982][ T5119] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.961930][ T5119] bridge0: port 1(bridge_slave_0) entered forwarding state
[  255.987355][ T5119] bridge0: port 2(bridge_slave_1) entered blocking state
[  255.995343][ T5119] bridge0: port 2(bridge_slave_1) entered forwarding state
[  256.924495][ T5069] 8021q: adding VLAN 0 to HW filter on device batadv0
[  257.009877][ T5068] 8021q: adding VLAN 0 to HW filter on device batadv0
[  257.612989][ T5069] veth0_vlan: entered promiscuous mode
[  257.773295][ T5068] veth0_vlan: entered promiscuous mode
[  257.823101][ T5069] veth1_vlan: entered promiscuous mode
[  257.920969][ T5068] veth1_vlan: entered promiscuous mode
[  258.103522][ T5084] 8021q: adding VLAN 0 to HW filter on device batadv0
[  258.275631][ T5069] veth0_macvtap: entered promiscuous mode
[  258.394670][ T5069] veth1_macvtap: entered promiscuous mode
[  258.558257][ T5068] veth0_macvtap: entered promiscuous mode
[  258.642196][ T5068] veth1_macvtap: entered promiscuous mode
[  258.667239][ T5077] 8021q: adding VLAN 0 to HW filter on device batadv0
[  258.730063][ T5069] batman_adv: batadv0: Interface activated: batadv_slave_0
[  258.842495][ T5069] batman_adv: batadv0: Interface activated: batadv_slave_1
[  258.925232][ T5068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  258.938682][ T5068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.954401][ T5068] batman_adv: batadv0: Interface activated: batadv_slave_0
[  259.042746][ T5069] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  259.057470][ T5069] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  259.066842][ T5069] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  259.075948][ T5069] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  259.123548][ T5068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  259.134725][ T5068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.150592][ T5068] batman_adv: batadv0: Interface activated: batadv_slave_1
[  259.300069][ T5068] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  259.310721][ T5068] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  259.320118][ T5068] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  259.329718][ T5068] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  259.383111][ T5082] 8021q: adding VLAN 0 to HW filter on device batadv0
[  259.642018][ T5077] veth0_vlan: entered promiscuous mode
[  259.817893][ T5077] veth1_vlan: entered promiscuous mode
[  260.132436][ T5082] veth0_vlan: entered promiscuous mode
[  260.308576][ T5082] veth1_vlan: entered promiscuous mode
[  260.395826][ T5077] veth0_macvtap: entered promiscuous mode
[  260.521022][ T5077] veth1_macvtap: entered promiscuous mode
[  260.784926][ T5077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  260.797483][ T5077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.808771][ T5077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  260.819729][ T5077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.835690][ T5077] batman_adv: batadv0: Interface activated: batadv_slave_0
[  260.899380][ T5082] veth0_macvtap: entered promiscuous mode
[  260.989349][ T5082] veth1_macvtap: entered promiscuous mode
[  261.022274][ T5077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  261.033370][ T5077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.044487][ T5077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  261.055512][ T5077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.071337][ T5077] batman_adv: batadv0: Interface activated: batadv_slave_1
[  261.267042][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  261.279431][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.291228][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  261.302192][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.312436][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  261.323312][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.347344][ T5082] batman_adv: batadv0: Interface activated: batadv_slave_0
[  261.383384][ T5077] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  261.395086][ T5077] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  261.404451][ T5077] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  261.414919][ T5077] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  261.549433][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  261.560681][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.572339][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  261.583430][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.594051][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  261.605171][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.623552][ T5082] batman_adv: batadv0: Interface activated: batadv_slave_1
[  261.747833][ T5082] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  261.757159][ T5082] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  261.766663][ T5082] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  261.776101][ T5082] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  261.983216][ T5084] veth0_vlan: entered promiscuous mode
[  262.161438][ T5084] veth1_vlan: entered promiscuous mode
[  262.575895][ T5084] veth0_macvtap: entered promiscuous mode
[  262.683193][ T5084] veth1_macvtap: entered promiscuous mode
[  262.987676][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  262.998667][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.010133][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  263.023888][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.034156][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  263.046021][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.056612][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  263.070100][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.090052][ T5084] batman_adv: batadv0: Interface activated: batadv_slave_0
[  263.422888][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  263.433891][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.444912][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  263.455888][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.468636][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  263.480444][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.491666][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  263.503528][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.520654][ T5084] batman_adv: batadv0: Interface activated: batadv_slave_1
[  263.826404][ T5084] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  263.837822][ T5084] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  263.847558][ T5084] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  263.857547][ T5084] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  267.336515][ T5119] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  267.344758][ T5119] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  267.556655][ T4283] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  267.564970][ T4283] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  267.757801][ T5122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  267.767008][ T5122] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  267.978143][ T4424] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  267.987686][ T4424] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  270.089517][ T5122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  270.098046][ T5122] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  270.315893][ T5252] net_ratelimit: 2 callbacks suppressed
[  270.315983][ T5252] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  270.515036][ T3125] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  270.523696][ T3125] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  270.533732][ T3210] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  270.533837][ T3210] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  270.893274][ T3210] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  270.901497][ T3210] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  271.199127][ T5256] bond_slave_0: entered promiscuous mode
[  271.205283][ T5256] bond_slave_1: entered promiscuous mode
[  271.257686][ T5256] bond_slave_0: left promiscuous mode
[  271.263521][ T5256] bond_slave_1: left promiscuous mode
[  271.674443][ T5264] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  271.872373][ T5264] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  271.882790][ T5264] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.3'.
[  272.523822][ T5127] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.533181][ T5127] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.882432][ T5127] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.892295][ T5127] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  273.645168][ T5286] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  273.658530][ T5272] loop1: detected capacity change from 0 to 4096
[  273.715551][ T5272] NILFS (loop1): invalid segment: Checksum error in segment payload
[  273.724373][ T5272] NILFS (loop1): trying rollback from an earlier position
[  273.892771][ T5288] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  273.979183][ T5272] NILFS (loop1): recovery complete
[  274.027290][ T5290] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  274.203760][   T29] audit: type=1800 audit(1717013478.959:2): pid=5272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=12 res=0 errno=0
[  275.555958][ T5301] bond_slave_0: entered promiscuous mode
[  275.562290][ T5301] bond_slave_1: entered promiscuous mode
[  275.631282][ T5302] bond_slave_0: left promiscuous mode
[  275.637403][ T5302] bond_slave_1: left promiscuous mode
[  276.252612][ T5290] =====================================================
[  276.260861][ T5290] BUG: KMSAN: uninit-value in crc32_le_base+0x43c/0xd80
[  276.268253][ T5290]  crc32_le_base+0x43c/0xd80
[  276.273091][ T5290]  nilfs_add_checksums_on_logs+0xb80/0xe40
[  276.279284][ T5290]  nilfs_segctor_do_construct+0x9876/0xdeb0
[  276.285411][ T5290]  nilfs_segctor_construct+0x1eb/0xe30
[  276.291507][ T5290]  nilfs_segctor_thread+0xc50/0x11e0
[  276.306464][ T5290]  kthread+0x3e2/0x540
[  276.313885][ T5290]  ret_from_fork+0x6d/0x90
[  276.318915][ T5290]  ret_from_fork_asm+0x1a/0x30
[  276.323937][ T5290] 
[  276.326544][ T5290] Uninit was stored to memory at:
[  276.332856][ T5290]  copy_page_from_iter_atomic+0x12b7/0x2ae0
[  276.339798][ T5290]  generic_perform_write+0x4c1/0xc60
[  276.345545][ T5290]  __generic_file_write_iter+0x20a/0x460
[  276.351681][ T5290]  generic_file_write_iter+0x103/0x5b0
[  276.357579][ T5290]  __kernel_write_iter+0x64d/0xc80
[  276.362959][ T5290]  dump_user_range+0x8dc/0xee0
[  276.368663][ T5290]  elf_core_dump+0x57c7/0x5ae0
[  276.373772][ T5290]  do_coredump+0x32d5/0x4920
[  276.378731][ T5290]  get_signal+0x267e/0x2d00
[  276.383473][ T5290]  arch_do_signal_or_restart+0x53/0xcb0
[  276.389420][ T5290]  syscall_exit_to_user_mode+0x5d/0x160
[  276.395377][ T5290]  do_syscall_64+0xdc/0x1e0
[  276.409366][ T5290]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.418472][ T5290] 
[  276.421120][ T5290] Uninit was created at:
[  276.425722][ T5290]  __alloc_pages+0x9d6/0xe70
[  276.430952][ T5290]  alloc_pages_mpol+0x299/0x990
[  276.436442][ T5290]  alloc_pages+0x1bf/0x1e0
[  276.441097][ T5290]  dump_user_range+0x4a/0xee0
[  276.446301][ T5290]  elf_core_dump+0x57c7/0x5ae0
[  276.452017][ T5290]  do_coredump+0x32d5/0x4920
[  276.457061][ T5290]  get_signal+0x267e/0x2d00
[  276.461833][ T5290]  arch_do_signal_or_restart+0x53/0xcb0
[  276.467923][ T5290]  syscall_exit_to_user_mode+0x5d/0x160
[  276.473744][ T5290]  do_syscall_64+0xdc/0x1e0
[  276.478580][ T5290]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.484733][ T5290] 
[  276.487365][ T5290] CPU: 0 PID: 5290 Comm: segctord Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0
[  276.497198][ T5290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  276.516846][ T5290] =====================================================
[  276.523960][ T5290] Disabling lock debugging due to kernel taint
[  276.533391][ T5290] Kernel panic - not syncing: kmsan.panic set ...
[  276.540070][ T5290] CPU: 0 PID: 5290 Comm: segctord Tainted: G    B              6.9.0-syzkaller-02707-g614da38e2f7a #0
[  276.551239][ T5290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  276.562302][ T5290] Call Trace:
[  276.565835][ T5290]  <TASK>
[  276.568917][ T5290]  dump_stack_lvl+0x216/0x2d0
[  276.573880][ T5290]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  276.579907][ T5290]  dump_stack+0x1e/0x30
[  276.584284][ T5290]  panic+0x4e2/0xcd0
[  276.588450][ T5290]  ? kmsan_get_metadata+0xf1/0x1d0
[  276.593779][ T5290]  kmsan_report+0x2d5/0x2e0
[  276.598500][ T5290]  ? folio_mark_accessed+0x218/0x750
[  276.604194][ T5290]  ? __msan_warning+0x95/0x120
[  276.609169][ T5290]  ? crc32_le_base+0x43c/0xd80
[  276.614326][ T5290]  ? nilfs_add_checksums_on_logs+0xb80/0xe40
[  276.620556][ T5290]  ? nilfs_segctor_do_construct+0x9876/0xdeb0
[  276.626831][ T5290]  ? nilfs_segctor_construct+0x1eb/0xe30
[  276.632666][ T5290]  ? nilfs_segctor_thread+0xc50/0x11e0
[  276.638345][ T5290]  ? kthread+0x3e2/0x540
[  276.642805][ T5290]  ? ret_from_fork+0x6d/0x90
[  276.647584][ T5290]  ? ret_from_fork_asm+0x1a/0x30
[  276.652744][ T5290]  ? kmsan_get_metadata+0x146/0x1d0
[  276.658155][ T5290]  ? kmsan_internal_set_shadow_origin+0x66/0xe0
[  276.664655][ T5290]  ? kmsan_get_metadata+0x146/0x1d0
[  276.670055][ T5290]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  276.676098][ T5290]  ? kmsan_get_metadata+0x146/0x1d0
[  276.681517][ T5290]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  276.687545][ T5290]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  276.693594][ T5290]  ? cgroup_rstat_updated+0xb1/0x4f0
[  276.699143][ T5290]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  276.705173][ T5290]  ? kmsan_get_metadata+0x146/0x1d0
[  276.710566][ T5290]  ? kmsan_get_metadata+0x146/0x1d0
[  276.715964][ T5290]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  276.722055][ T5290]  __msan_warning+0x95/0x120
[  276.726864][ T5290]  crc32_le_base+0x43c/0xd80
[  276.731694][ T5290]  ? kmsan_get_metadata+0x146/0x1d0
[  276.737123][ T5290]  nilfs_add_checksums_on_logs+0xb80/0xe40
[  276.743210][ T5290]  nilfs_segctor_do_construct+0x9876/0xdeb0
[  276.749415][ T5290]  nilfs_segctor_construct+0x1eb/0xe30
[  276.755112][ T5290]  nilfs_segctor_thread+0xc50/0x11e0
[  276.760757][ T5290]  ? __kthread_parkme+0x1c5/0x1f0
[  276.766628][ T5290]  kthread+0x3e2/0x540
[  276.770941][ T5290]  ? __pfx_nilfs_segctor_thread+0x10/0x10
[  276.776925][ T5290]  ? __pfx_kthread+0x10/0x10
[  276.781773][ T5290]  ret_from_fork+0x6d/0x90
[  276.786388][ T5290]  ? __pfx_kthread+0x10/0x10
[  276.791194][ T5290]  ret_from_fork_asm+0x1a/0x30
[  276.796205][ T5290]  </TASK>
[  276.799642][ T5290] Kernel Offset: disabled
[  276.804092][ T5290] Rebooting in 86400 seconds..