last executing test programs:

2m29.103638683s ago: executing program 1 (id=50):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000300000000000000000000f195"], 0x0}, 0x94)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000140)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x2c}, 0x94)
r2 = socket$inet6(0xa, 0x3, 0x3)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'bond_slave_1\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r1, r3, 0x25, 0x2, @val=@tcx={@void, @value=r1}}, 0x1c)

2m28.872773395s ago: executing program 1 (id=53):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x12, 0x7, 0x4, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r3, 0x2000000, 0xe, 0x0, &(0x7f0000000600)="c9f7b98600"/14, 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2m28.577582509s ago: executing program 1 (id=56):
rseq(&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=ANY=[@ANYBLOB="180200000000000000000000cfffffff850000001700000095"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'veth0_macvtap\x00', <r2=>0x0})
r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000640)={r1, r2, 0x25, 0x2, @void}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000000000000000000000000001800000008000000000000006e14000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000140)={r3, r4}, 0x5)

2m28.44382488s ago: executing program 1 (id=58):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
setsockopt$packet_int(r1, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)
syz_emit_ethernet(0x36, &(0x7f00000000c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x40, 0x0, 0x1, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x0, 0x0, 0x1}}}}}}, 0x0)

2m28.317219041s ago: executing program 1 (id=59):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff0006}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0xa2003, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x20004, <r3=>r1, 0x2})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f00000004c0)={0x0, 0x0, r3})
mmap(&(0x7f0000001000/0x4000)=nil, 0x21000, 0x4, 0x11, r0, 0x100000000)
syz_clone(0xc001200, 0x0, 0x0, 0x0, 0x0, 0x0)

2m27.57325885s ago: executing program 1 (id=66):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6_vti0\x00'})
io_uring_register$IORING_REGISTER_ENABLE_RINGS(0xffffffffffffffff, 0xc, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f0000000080)=0x1)

2m27.103871155s ago: executing program 32 (id=66):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6_vti0\x00'})
io_uring_register$IORING_REGISTER_ENABLE_RINGS(0xffffffffffffffff, 0xc, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f0000000080)=0x1)

1m43.4713432s ago: executing program 0 (id=322):
io_setup(0x8000000, &(0x7f0000000080))
rt_sigprocmask(0x2, &(0x7f0000000080)={[0xffffffffffffffff]}, 0x0, 0x8)
r0 = gettid()
r1 = getpid()
rt_tgsigqueueinfo(r1, r0, 0x5, &(0x7f00000003c0)={0x18, 0x1851, 0x6})
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0xfffffffffffffffe]}, 0x8, 0x0)
read$FUSE(r2, &(0x7f0000004200)={0x2020}, 0x2020)

1m43.367400731s ago: executing program 0 (id=323):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000180)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r1, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
r2 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r2, &(0x7f0000000480)=@abs={0x1, 0x0, 0x4e20}, 0x6e)

1m43.231333082s ago: executing program 0 (id=325):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-avx\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
write$binfmt_misc(r1, &(0x7f0000001240)="0c000000ce151748cdfc09e148fc5c339b8d4f96d15316ed0507972e23d8bc7ea9e894c75535ec19294832ad44e3b9", 0x2f)
sendto$phonet(r3, &(0x7f0000000240)="8908a478bde8054371c85b6eccf7ba50082bf88a513d0a39610f768b067f60581f8417c3e5dfc839687463cd04aa20d068defda4b46a5c848d1d94bc4948941ed2ef880b7f95f065b37395fb5d0d256f49", 0x51, 0x20008001, 0x0, 0x0)
splice(r0, 0x0, r3, 0x0, 0x20000000084ffe8, 0xb)

1m43.100172224s ago: executing program 0 (id=326):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000010, &(0x7f0000000280)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
creat(&(0x7f0000000380)='./bus\x00', 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
pwrite64(r0, &(0x7f0000000080)='3', 0x1, 0xfeca)

1m42.399053951s ago: executing program 0 (id=330):
r0 = fsopen(&(0x7f0000000100)='sysfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x87)
fchdir(r1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x12)
lseek(r2, 0x3, 0x0)
getdents64(r2, 0x0, 0x22)

1m42.038520985s ago: executing program 0 (id=333):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f00000002c0)=ANY=[], 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000001480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001440)=""/16, 0x10}, 0xf0000000}], 0x1, 0x2b, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000040)=0x7, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x4, &(0x7f0000000000)=0x1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

1m41.713495649s ago: executing program 33 (id=333):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f00000002c0)=ANY=[], 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000001480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001440)=""/16, 0x10}, 0xf0000000}], 0x1, 0x2b, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000040)=0x7, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x4, &(0x7f0000000000)=0x1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

1m14.404324242s ago: executing program 6 (id=533):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x28}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4)
sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)

1m14.211132244s ago: executing program 6 (id=537):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x10, &(0x7f0000000100), 0xfe, 0x458, &(0x7f00000001c0)="$eJzs3MtvG8UfAPDvOnH6/iW/Uh4tLYSXqHgkTfqgBy5FIHEACQkORZxMmlalboOaINGqgoJQOaJK3BFHJP4CLpQLAk5IXOGOkCqUC4XTorV3UzexnThx4hJ/PtImM95xZr67O/F4xusA+tZo9iOJ2BkRv0bEcD17Z4HR+q9b81em/p6/MpVEmr7+Z1Ir99f8lamiaPG8HfVMOtCm3mtvRVSq1emLeX587vy747OXLj979nzlzPSZ6QuTx48fOXxg6Njk0a7EuStr674PZvbvffnN669Onbz+9o9fZ+3dme9vjKNbRutHt6knul1Zj+1qSCeDPWwIHcn6aHa6yrX+PxwDsW1h33C89HFPGwesqzQtpVta776apmm6tVYO2HwSfRv6VPFCn73/LbYNGnrcFW6eiIV5jFv5Vt8zGKW8THkd6x+NiJNX//ki22Kd5iEAABrdOBERzzQb/5XivoZy/8vXhkYi4v8RsTsi7omIPRFxb0St7P0R8UCH9S9eIVk6/kmHVxXYCmXjv+fzta07x3/F6C9GBvLcrlr85eT02er0ofyYHIzyliw/0aaO71785bNW+xrHf9mW1V+MBfN2/DG4aILuVKVcWUvMjW5+FBHJSJP4kyiWcbLx8d6I2Nfh3y7WhM4+9dX+VmWWj7+NLqwzpV9GPFk//1djUfyFpOX65MRzxyaPjm+N6vSh8eKqWOqnn6+91qr+NcXfBTdvpLG96fW/EP9IsjVi9tLlc7X12tnO67j226ct39Os7vqfqwwlb9TSQ/lj71fm5i5ORAwlryx9fPL2c4t8UT67/g8+1rz/747bR+LBiMgu4gMR8VBEPJy3/ZGIeDQiPmkT/w8vPP5O5/G3mZXvoiz+U8ud/2g8/50nBs59/03n8Rey83+kljqYP5Kd/+XiWmkD13LsAAAA4L+iVPsMfFIaW0iXSmNj9c/w74ntperM7NzTp2feu3Cq/ln5kSiXipmu4Yb50Il8brjITy7KH87njT8f2FbLj03NVDudKwa6a0eL/p/5vd0NPMDm4H4t6F/6P/Qv/R/6l/4P/Uv/h/7VrP9/2IN2ABtvmdf/bRvVDmDjGf9D/9L/oX/p/9CXWt4bX1rTLf8SPUp8O7S272pYeSJKd0nImyZRjqa7Blf8ZRarTGxpuqvX/5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6498AAAD//+qa3cY=")
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r0, 0x0)
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0xfffffffffffffff5, 0x0, {0x7, 0x29, 0xfffffffc, 0x14c0348, 0xc0be, 0x2, 0xf296, 0x2e64, 0x0, 0x0, 0x10, 0x3}}, 0x50)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000, 0x1)

1m13.118396205s ago: executing program 6 (id=550):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x1f9})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
openat$binderfs(0xffffffffffffff9c, 0x0, 0x800, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)

1m12.783859306s ago: executing program 6 (id=553):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x2048c5, &(0x7f0000000440)={[{@fat=@sys_immutable}, {@fat=@flush}, {@fat=@quiet}, {@shortname_mixed}, {@utf8no}, {@uni_xlateno}, {@shortname_win95}, {@utf8no}, {@fat=@nfs_nostale_ro}, {@uni_xlateno}, {@numtail}, {@utf8}, {@fat=@tz_utc}]}, 0x0, 0x2a1, &(0x7f0000000840)="$eJzs3UFrE1sYxvGnSdukKW2yKBfuhYsvutHN0MZPEKQFMaDURtSFMLUTDRmTkomRiNju3Po5iktXCuoX6Made3FTBMFNF2KkScamNWBaW6ea/w/CnJxz3pkzOTPhnYFMtq4/vVcuBk7RrSuWNMWkdW1LmZ1S10h3GWuXx9VrXecmP7/7/+qNm5dy+fz8otlCbul81symT7168OjZ6Tf1yWvPp18mtJm5tfUp+37zn81/t74uhWuvSq4tV6t1d9n3bKUUlB2zK77nBp6VKoFXq1tPe9Gvrq42za2sTKVWa14QmFtpWtlrWr1q9VrT3DtuqWKO49hUSsMmfuCIwsbiops7lsEgChP9Kmu1nJvo21jY+B2DAgAAJ0tU+f/dUmClwCrVPfl9mP9LYf4f0wHyf2mo8/+DI/8fBjv5f6p7/u5F/g8AAAAAAAAAAAAAAAAAAAAAwJ9gu9VKt1qtdLgMXwlJSUnh+6jHiePB/A+3nh/uJSX/SaPQKHSWnfZcUSX58jQ7Jn1pHw9dnfLCxfz8rLVl9Npf68avNQpxJcL4UKZ//Fwn3nrj1zSmVO/2s0prpn98tk98ozCus2daie6WPTlK6+1tVeVrpX1c78Y/njO7cDm/L36i3Q8AAAAAgL+BY9/9cP3ebncsfGzIvvZO5e79AaV/cn9g3/X1qP4bjW6/AQAAAAAYJkHzYdn1fa82BIXw/w+OZIXRf3TJQTuPSurWvDgpczFIISbpsOHxX5vlj5L21MxEPt1HUfhwv3MGDNI5ym8lAAAAAMchTPpHoh4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDbNCHh4X9D/PssZ7NxaPZSwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBk+BYAAP//lOkWvQ==")
r0 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333c06, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11480, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x310f848, 0x0)
read$FUSE(r0, &(0x7f0000000b00)={0x2020}, 0x2020)

1m12.494811889s ago: executing program 6 (id=556):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x94, 0x7fff0000}]})
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000180)=0x25d6, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r3=>0x0})
sendmsg$can_raw(r2, &(0x7f00000000c0)={&(0x7f0000000080)={0x1d, r3}, 0x10, &(0x7f0000000000)={&(0x7f0000000480)=@can={{0x3, 0x1}, 0x8, 0x3}, 0x10}, 0x1, 0x0, 0x0, 0x2400c015}, 0x4000811)
close_range(r0, 0xffffffffffffffff, 0x0)

1m12.018485631s ago: executing program 6 (id=561):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x4}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x80042, 0x1}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000380)={&(0x7f0000000140)=@name={0x1e, 0x2, 0x3, {{0x42, 0x2}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000884}, 0x48004)

1m11.825965811s ago: executing program 34 (id=561):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x4}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x80042, 0x1}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000380)={&(0x7f0000000140)=@name={0x1e, 0x2, 0x3, {{0x42, 0x2}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000884}, 0x48004)

1m9.335199932s ago: executing program 5 (id=581):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r0, 0x0, r3, 0x0, 0x39000, 0x0)
splice(r2, 0x0, r4, 0x0, 0x408cd, 0xc)
write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe3e)
statx(r2, &(0x7f0000000140)='./file1/file0\x00', 0x6000, 0x200, 0x0)

1m8.317753308s ago: executing program 5 (id=591):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x800)
poll(&(0x7f0000000080)=[{r1, 0x400}], 0x1, 0x73)
signalfd4(r1, &(0x7f0000000000), 0x8, 0x800)

1m8.008325192s ago: executing program 5 (id=592):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
setsockopt$sock_int(r0, 0x1, 0x2f, &(0x7f00000001c0)=0xa, 0x4)
recvfrom(r0, &(0x7f0000000480)=""/110, 0x168f6f3d, 0x734, 0x0, 0xfffffffffffffecb)

1m6.980439605s ago: executing program 5 (id=597):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000010, &(0x7f0000000280)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
creat(&(0x7f0000000380)='./bus\x00', 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
pwrite64(r0, &(0x7f0000000080)='3', 0x1, 0xfeca)

1m5.870105826s ago: executing program 5 (id=600):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmsg$unix(r0, &(0x7f00000000c0)={&(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x303de1f53b11ae}, 0x20008840)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x7, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000012c0)=0x44fb, 0x4)
recvmmsg(r0, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/57, 0x39}, 0x8}], 0x3ffffffffffff2e, 0x1000400000de, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x200000c, 0x3032, 0xffffffffffffffff, 0x0)

1m4.027069025s ago: executing program 5 (id=605):
mkdir(&(0x7f00000001c0)='./file1\x00', 0xb)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000140)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', &(0x7f0000000440), 0x0)

1m3.457477641s ago: executing program 35 (id=605):
mkdir(&(0x7f00000001c0)='./file1\x00', 0xb)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000140)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', &(0x7f0000000440), 0x0)

27.959096931s ago: executing program 3 (id=835):
lsetxattr$system_posix_acl(0x0, 0x0, &(0x7f00000002c0)={{}, {0x1, 0x4}, [{0x2, 0x3}], {0x4, 0x4}, [{0x8, 0x2}, {}, {0x8, 0x4}], {0x10, 0x96e861c38249012e}, {0x20, 0x7}}, 0x44, 0x1)
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
write$binfmt_script(r1, &(0x7f0000000080)={'#! ', './file1', [{}]}, 0x2)
write$binfmt_elf64(r1, &(0x7f0000000200)=ANY=[], 0x1cb)
close(r1)
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0)

27.730554543s ago: executing program 3 (id=837):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000200)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}})
lgetxattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=ANY=[@ANYBLOB="31f12d85"], 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f0000004280)={0x50, 0x0, 0x1000000000, {0x7, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000006300)="8b7b874dfc0eb58d1b1d1d73877bbfd0d4fc38bc32dd5d58c8c75eabde38b6cf83d2d265c05424bb00ff20b0e0c8d843f1685e0528f9e7c14c63b93352477099f20952bf4f03f6e46cafc6fd6776795f4c1c9b904a0d3a179a50b89418f18550e11237847d7261644c10a76f950e5bde3387c6efcc9afddaedbe10c6fc60793a52177eb01d7e5f2b52e304bd02d704663f7acdf9679ad8c91715453ad4669b711c0430b82bc277abc1ca2cee5e9d60153210bf01f9dbda9b4d61a61e01bd4c213ffccafc393a06e6782e6c2cd194f92f1f6a04bccef14d6afd125da9b19911d2af54dfae5c64b9c68d9572381b4cc4492dfd901a778c0ffa87a6884c7aafc12dbe84d9b3758e952e2c028b931ce700c1c527faf09dd973e654bb7aa5c99bc03d6c8102615474b56f3a7f8cc6b49d039c60ca4be0bc5d5c4a26038918c45f64a20b389c58430ae88541cf317279ea032df929915578127ce6e4c4f8d20a789e1021f28114dd3744cdfe44959f7dd5f719f9672b25ce0150866c80557d2e8f358a7e238372798a1b5248a06c9056e4a351b41c229c061a309956f9742d29cb37b4feab6ce0486899679d54e99d3d5a2294c247045aa46c034386c80b90ba5b004d25c36dfe2c7f2f7127e3ccea8b8bfe455680ff1506826c5539d51de8583dc592669dd135e8f8c7948bb745f692a9f6ebab65b15d41a54ab5f61f11d5b5298005943fefb8b0c0918f3d803f6ed5c47d52f8bb3f02a3465fea19b2d67362b9e55d923ed17695bfe83e14a365635231a36217d9e5284c1c5981e988602d629da3382370786d7bc5f04e33b6690fc203db42ac10cdb68fbe1d5fde5d6857f8ef348ea980768d632da0970402377f4eca48730c5aaeb3f13b8f0c955cf073d833a57beccccdec79f3bd50868d30364607d327f2dc29ab6c604b68b602d4bfd7c77e955b06dc72a0fdfe9d481df7dca3a22a84d0993bb7ee828033b756e8018fc2aa04a7facb82cc06d150532e38a19e163933d5ebb339992a5a1d2f37a9c84b04c6515dd4311d9466aebe383d9320c05ca3050d339638d0c0c1dea9d0f2195c2e1b12f0dc1ddd20b9510c80220d6f72153fb3165340e9938b5cdff0e39f412b21e6bd4fc2b8793da92dd81885dfa7075be805c797faa067e22ae551724c17fc630353b6f787428c06e3e7165bc17b7926e7d136b38aeffa8abf77f5bb03e4bf84309ac785c4424525ec496269f0853ff8b1f9b5a3711467d614f4537fa7011a0e08b5f40fbb0328a7aaca8b2123a511dcd0064538ac8949d63ee45410a6f595aaa9de608f356cb555e68d37e8744daadaf477bfed5b54851ce3e36241ef025442b34b7652ae19ee324f7e784cf566d787dca46bd2209a841d8c3dd0a9ac6731d4a0b757595e2dc3b57da3be9cc7ffadef567b6d7f713837c4ff04b8ad6bbcebf810a2b07a14dfa069275f33936e30737fc2de5af537c24924fcd7d58bb3c8ca7263647783526d69c3fc83c2bdce2acd2a673c3e4ed7befba9fe67ae366e37e5cdee4ea298cde2982e77b59d9669dec1f34fafb96854c9e7d7bbd906273176a5fa2c7b10256c3bb08c1afcf83429d9a93dd6295607886789a50f06fb38dd523e25554438871906d34f152897b8e2fa33be701f8eda38081f82289352eb4e8542b514f477bda5274e3925729bbe1f68f870ed55ef2e45c42bd2b5c4ea9f406c3cdf689ef7367abf8225b3e8e69ac03dcd9db5bfa52505a0547e3fe4da69c0cd9a7d02c97039bf9a8e426d13ca01dff26e04fc93948004cb8e0e1d34a6925c9fc72c85b1824af2113536624821b0890f5f157ce13bec320361209ddfb51c94fdf31e836ad8257803c81a7450060d2d52de04a639502abceb97c3e12cbb6b861a2e937bc4116f6c6c24a96837a541572e9389d2fc8239d19da35a0d208690afc50ddc05408bd745758238e43cfc1496a38ce4ad42cf510f00c60c6b0ae0977555fb8ffa26eb0e80c510b77d288cdae0e4ae272a1cdb322881e9fd35679be4cfdf5d36122716161cc50e03693eef1467c8ac29864aa701ad9fb20db01a2d9fa3dfec290bb4dbb3718ae9181c172edb258065eed91e42694ae296961907678e9bdb4cd552a9cf61282e47fe48ca06fe0ed1a96a8347011dc30870cc26c22470f6749c18e25d22c9edba20749b541c1be0067abca3449edd9e772d191ac48911b2de511261f333e9062135b19e152caa826c85d0c2ef3df8c0fc20555845f9b2745e277fbcfe92af577fa01567a0c8836b3409850fe94482a8a43024ae20e410fe4227a32b837796187207cab941b3f4c12344cfba6036c29a8e997f10bac7b0dc6116f04924c621bf78c4c3902dc8afc2437f62cc3874c3cd7c6e0f1e2b5ffb11c6b29d76cdb4a915c1b060b3d3fd04c391d2ace6cc8f6bdf049ccadc7066208a0dc2d8a49770143d5e2bcc0aa94e57784c1cc35261bb631afa30f91e17500b2d63a5ba3211a65b701e32abbfb1bf4988ce9abdf5e184086948b06f929bb655845086be5ffa05a7441141953ec28143d9efe58a6dd28b688e188dd53986f45d871de6e35a9b7b199d209ce101015e4a4f807c06d2071839895a9f7596797eec781ce987993329fc924e3e8e692246d9a5e3622413507e977ae58dbd490d33252333608e3791333794ddda936dcfd06e1f5e58a3856770a9997a92a4aa6f5d48f2b441c8399386aec662a90ecf17c7f402bb66bd2a994f820c563ca5ef4c994ec9f1d6fb27dda8e02ff225d646c46cb62aa550849af8068647b91bbe813a64adcad06dd8ed72a3d5e0623d8106d984fdc317f2701b74e97f14046b97d6eb40c4ad73dc16e93e703c282bb2ad22abf230f0dc8ad0d60e44cedd591c68125b968f28e605ade40cf7a0cd784b19ae81af1e1e317a0d0906fcb247f61ff2af6c612423c519f03f4985fcf37830a9ec686119dded0bbf029c04c6fc33b7b6e8688ffa269b55cfb0a2684067d059e83f9d788dbe21876dcf9b50ec04031b65518d933d4d41fb4581361a6c519a5a29116529132c9def03d3d56fd2aec1f6f557f6e1834d7070b997b95176cacf2c31bad61ae0b4778504b8768c46aae7b80153c9c93c53293a22bbbc49a702ad6ba345b8cf0582d276e6e56c6050846016d4f72bd46bf951497b08118f1ef84e83d5ff352f25d00fa0283823343d637ae14d3bce89615fda073b94e195a8f7d8c7fbc59f9a03072dd6a94f5e013db8973bd1d982a604f7a279009d8bb85a8f8ebad03b10605920fb93eb797477d7a56a43288915a23a2be0091fa4791b3a1073c32a9bfec4da713f896b52faaca0f723724fc03d738f7c83a73ed1a8f874e42edf7667a8b218c8c1584ab034aad2891740ec83f6f3fddd45e0e668d54294fe46995928d2d16c2c32cc69170c9fa984de7093af06c3b03012814a9f4eef0cf34ba3f8f6b6413003c97643c0aff2dad16a44c3ab39c392fc9eff1e37e1731f95e97622239aa26f20b64d4e733a53c38d8f6ab5b178ddf238e361ad7719a4f42d5ff383a4c89af3c951f5cee378bb29988bf32e445c7d21da12d8d9bbbed1fba00d88b06503c38b1dc59732d5e464a2ff347eb6475fed64f4de29fe87f73f302fde6e82954639d0a9472713f9a311ff13ab4c3c0a9fbd2a298ed3805d1c495839e2eb4a010e1266511e5025938df9303e7b0a9a15dcc3724e4d5573aac237d5ccaad194fab36d646b07537e4c1577d6ce0196f2d1fd37dbfece6e3d56a8d4774bd431ee6e3315112e5852e9ed6488898b1e3848c68af6f43245230bb29c099221b5875dfc111fa09e3cd183e6a315eb3faa018b6086b067cc589927e629f05aab2a52846024c682b4840cceba87ce7722b04ec7afb7d7efb01bfbcf848ea6a45ee7b97c1ada8c099028e73483e6ec52b624554a7a854be7643a0a8c8734ee86f9c4bdad045e3c32995f16905048057ce3580edb792e4016b558e753ee1e8b664f6bd7c46e176470366ac40f6be747c49046b266ad6ab13221f2c22f2588c2094e97804b7139c48e39cab60ba39259add21a3027188a7071405959e5072835f1080577cf39afdfcb9f25f6a5d1ab00ef6d077baa17a1b76406e508f009046f076489d1d102315758d691b9e7b2ce807ae18efcbb04106d41f23877f763099e99fd4e48d4478b646733bbb176065f3d01b69304489a6fa09c23457aa22cdf18fa191f206934139e792825a34a5b91fb7971eb16d67b5322a4c7946b74a3fd1cccbdbb0a7799802304227d8513dc23372b83ce7b6982de8bbd1b1272868373f3df9e591c4b01bcb64eb1db7dcb3c7a0fbff13e8769e7c8f139d1987e4e72c4679a65597a32761b9e61cc03a65b8e42e218f6b920893d4c0a9d5398183c280fdc752384ca562e475d7a8317c1a6a7e1b25a9442c5c4a8ef5b9fa012a472c9758ef9ba5bcb952bdc158e37d88b2fc96bca352587bcbf2e2713d3a9c8237e9c10dc2fcedc8911f0507160ac2ef901941b0482b2b1c5db71c05b81e7a9111703fc27b95ccdd8fdc91676bf5f435e0a845c39dc1507e85db10afdb2b5892f5b383d3509ab8828fffb08d40ca476c3c6b8a4b5e6fbb011f1676bee9c479763faf23009464ea2da850a916550fc1a7d59d82b87a8eaf604d1019075564a468837b0e5b658e00a2c777aa27e29f9ed955929985e3389a0e57dd1b12483a74a0264f42cd4baea44c3e88dad4aa5bedd6738d5403b8a4bb4212ae94d0b4f7cc8d22be934e74000af363b64c9559bc53bcc9c221462939a78cf44dc792fc2b48ea349da9567ab1f52efca23e522f4feb7a2f4bacff17152c93645c46cf2cbe61f2c7a4e55d21aa0fd4b2bd793974a3e6ed88f65e4d46c768042377ba28293536f5d1f8a5625521932fc3715364f954b9db5b5aa5daafad48cf5f1883a88b719b9286533ba4d42e28cd7220d91d69cd7ac2e0007382da21026323fa0b26ddbf1ac67cdcb27ab1970cc821423bfc4c42e017e16c972aaebd54a5dde9578d257897311e06277c584f732ca4c5c65f8a812fcbc8e96ede66dece553c6e71a3fa26f7390c23842927852a90a1990702a4da94b945df5f0a646a6011a3f3caf5211392a510b35f20df946562cbaab0d522ecc02dbae4e20606a0e7b19b919f08671ad38c14f0f16f400edb7c4d00192c8e09d3259dfc3e95558eaa7bbd792141ef38d7c0515b8226957cbcdfcac6062cdbfce8d7ababc306dc8d4c0868977e230ebe356aa009e425af8f140d7707fd81c05aa141504003cb1ba95dff7a52770d5efa7ef107f2a385765559f2121cd9ec8bf8fa5e8f2d0fef073c99e4c064920648065fb2acb11e368fb7e9a37239012131909eaadfbe8cfaa5dca35a8f3d47f40ab6e40198212f12c06b9ae4827f50c37329ae77e963d9c54da8ce0907c575918ad324158f5cccbf691f514e44ecfbb26e319323a4866ed288d28639b71857e0d72e40c46878eff37f4e8818625d0a1004e2cb7842a37bc9bf7ef4a282d4b20649d7454398c94057940753af3935c9819805e4391ebe86e497da1d23496812516702b9f964e0c97a43f9cad8f4884dcb9ddd0f5b5db55f4acb50cecf8e5fa6cb14a88a1b864eea4706d780afceb52cd7df626aff3cd1501d5f470c085b3eaae9bd0944e5df09a68e8d00c84a91b8a4965d3a74ae4cb4e1caaaa2e8ce4e58dc069afdebc203647a218907015c92399e06ba3ef3d8b90afe550de7cc1d1b2c512a66688660938520d22c490c76dbe2a23158b4923f6c3e0bcec0093ae9fd0627ec351ebc34cb1518ade376663029d0d2df6f05a61415f2ef96e07b8285485013c97188f800005701207985aab77bf314a433c7462220ffa38ea0c3f46601c9da2f98ac23e97e6a2fc41922aba97849244c9769931e3d07a7b726525c801dbae9b3a89f3ef06c92d7ae69b27abecc506ac72bfbcc0fd8c3fb2dd4a40b7ecccf8d6eef3072200eace62eef20c38a7a3f34d9b7d4c644f06844e0e7fe991c415dbd93e2b2fe7ff02e30a02c2ab35908646b38f3802ed2e21d9f0c0d378c75b3b30a83cf350ad5f9dedb87475772a3945485b80373c5976dd67b56bec51f79e4106cacc4efa993e2ad30add411f5432518be218517b9d6b0a7503c8b7a4886c942fff13bc7b5aa221fc3722419fb4d06d6e2b3d53f7d4b61daf41fda7d5b36a4bbe72ad5cec842c524396f5eda1f04ce4971555a0023d7ce8d51b70d1ce039e4c3e71f5b17c8de53501273fa3ba886e5528d5d5937141d4d483f6d6cd72ba36eedeaaf1fcb7f226af9c700d677a0a17d097d57e53bb2e376cb756080fffc31d7144141f56cb02488b8c76a7c6ccc7dcbd6ef9251aaa8b4c38a7695add3d3465f2c457ea0fd286f0e40bfd8f84badd2520aef5599d6ec0d3e8702d87a395e0cb12ab5c24bbd7993c3ab97e2f5d800810e018ea860ce80589b591996d81616f1034b2f9a508d9f4bd6581d723e3f74de2f10e83c1f3feed67542ba8ff4e01a4081dff26b2ac9fd98d06725dd4d43c4da4f6dd95d3bb075f25f03da6e250ce849a5e2ed8da1c0f170bfec0c7d16ebd9fd7032c2a159c997715dc38937571ae73a312f73d7cde070c75cff6f8e001993cc1c87053fd3fd57251c5f2ed27d2525a58d1d3ec26c057bef2255f612d3d307458431cd59b4c5df95254a80a78c58fce8f180d2eed0ed4bc33a87fbeef63ba77824ebb875093b9ee1243c47683e70d2ce379606783e8584272ee34e8fb8598d4b9f8368dcd8440b5566a5f7e63b54dbbb8d3bbe87e4d8c758a006357c8af4e82a6d2be1e1be07cd5267bed97c970156dd408b706dd8d2fe9f05718808b79b9081304814d76f26c29fb42b390560c75bb63bdcb4daff0dbfef04b5e2d6bab84922a4ed08f5fb59acdfa67f633304c9b9889d49f1988236866fc12a8b21b5a7b07c9e2b9af0f167685f472b32cb423655ce1ddcef8780f36d8a1e8e616d594c5e1c42ff4108ff77b7316ebd2beaf848a05d1f1c88310789977934dfd142fc78722c8c7fc113f1d940ddca2675d0803f09ac016b5ca3187d1894c95eb9df81ab5dcb3272e63cff04c51a409c4ef8fbd6659c4c0bfb139cc219f23136a031a3e6f7c820b4f35fbf5292d17f5e50bb66e40cfc398a3288985776764f3db6ce5ddc0648c4fa83a3c3a7bc4e141566b67c8726cf3eae6dd75e7e3c460b2f1955d9537f22a4202dd2188197b2197c1735dc9ae1ffad75c6c5c48785d0d0740431410e99adc11b225eb1eb1aee66078e6d0018b4fa4d6abf44b364fd708b3e52690b154ab79a1be25267028f11c8eac16337cc98c3b7bdc5fb7e90a33ea7549d70fab71474ef06190eb77fd9e2ccc91e565d738cdfec456a7bc2ed109798848a793ecd12efcae869b3f17d7be68d1f3df65fd4c2280f79fd62e4f34a00c9d6a39cbc6a3c79eec40cb67cbfee6668429610fa78d59eeab65aa41d6fdc2209b01a4f029fa28223414bdf00e3f7365150092d66c98c84d56f775f552b41c5377561348e7e39812df6d3e75e77ec9bb0dfe533275ac507d997d964911f6af6d61ff45cf2240f4baaf7236712fd5f5082429757c6bc21a6c8aaa86c57acb8c6a5580bdf8f69d671731652af19dfecec76d85a3f961cca26d98fa317278933bae49b841951f83312263f4c7d5c70c7652f54aaf96a61f29b430a89cb356591849340e388fec84dd91bdc85251241206759e06a0e38567d404193d1080c675edea8bfafd91e969631cce54b55c57fccb7170bb79f32e845b039cc80ebea77ed4d110830e39e00515053aa6afeca4d52812bfc91e5c302284a56de5b9db9ea4a0ce4c9bfef5d5885288e2bbf4a2bd4a13adf35ab1287a2fcb19eab824358986d3c0622a2f5a5d8e618f496837938a6090bebad45f163982a3afc8a99fc64670ca5ea6abf66de8515f77abfd4d8696629bb931508f03367c04b57a61ab0393cef908732743b3ece84426bbc0a57befa7e2825060372b38c561ffbb5aefaf680462c1a2da6b80b9c659f116d2366bee3d757d05b51f09078b771c084169aeb88c6c28448ba844ce984a6cb70dca25cdd17bb00ba76c013d0c7fb4ed2a259bc9811f0db5e21ab1cd1f43e6b73e292e31755c4e6271cbfe1c390e39c8c39fecac2e047f57974c2b48dafdfcc1c2ef7fe7999a637d27b78b036d4091e1995e98f7d7c09e5c96d9cacd77707406fdd030d83cd16d5f3200d62ea38617de89772373c7c39cf69aed9dfaa82b7a9f86f73c0d47eea5b4428f2da67f0f592f209687c72b6c2d28f39f26ba012190ef94116bc52cd64f8708ba9dfb41400bdd553e2384588336bad540b8fe5e9e38c93751ba4306330f0906fdaf4cb4359a1e30b6f82f0bfb5ad963a91e0fd1d8406cfacfd62e31c070bff60ce12d0943f36fad1c47619daad67c4b844249fc46278e3fb29884ae949051b9071406e904d5163dd344f0593cd031c8a0629ea524b119171bc39998488c9359db7c7e708ddbe0e8b0a1c16d23a606a406ea824e5b712e8f9966f82281faca062ef34a728f2ea55e7645d900e3cf72b5b6a30fe1fefe5a33ea82aafe4d5fa4fd7a5e32a27c8ab2167e97a6c6265c675cc3ea3f92bf556b94e6cf1f3e383458708e1c2155acc842ae459fbbe219ff29c37c7032bc8549ffde0d3a5cf03d2cf7474fd0493ea68e75a970af0f65fb23ea86fd8f254eca22c6d1f8fb6d980676916bfebae7c97889f1ee6ddb4016c6963939605b3ead437f0355c44158bfc9b52e397ae2a0b380a1ea0cc01546f990671bb664f4338d81eff0bc34b2aafc56db260c4ebabe4eb1c0883a4246677eb708b8946cf3fc4b10c095bcb8c2ecd3db8d3168f4d928ffa4df0b08c784c8fc5aeb67feda9442d762a4ae17539fdf37ea295c26ad0e76f96b64b2983e51f3644ac585724bfc8b94de463c6f83431754b1ee77deb6f4b08f95ec2880cfb403ca0c0341bfae487e758933c8db45b00c031489cd325be0234ecc88180b8092fe24bd8fcba59bd7f71f526d8b322e2c3856459626e04e80dd734e66e25d7705121c8f9ac3d0111d48bab2ac8c46d948ebe0d25a56eb5d2c32ac65a8ac3ef56bc23134fc107f08f8631343180fe92b7a232fbc7bd9c96707db4d07739f99dc8b6cc5edf2a8ce5f34e3c2437035fb7785421d49186fd653603673985e442ee0b80b2d3311b167c54c195c877bf7daf4854c9a8dc00eb644b9a832e62ef14bb5e7cee72db4f1db8703aa004011d9dadef6b5896c19e173df079e86cbd151cb5fb53c890d6774e168f70abc21f9a36531c20087f59c7f8d8751e69069f58310b4749d5425e2b617415599d440af034444684c4b579f5c1c3c2db80b51691c797d061d30a91b2dd41ddd2f7fbffa17b17279b47f1e8896f998e649864ef7cc0177072d1b25b74bdd845e61dc71a999cde02103607b33973d2f43bfc44465c30ade800f123c39b71ad69cbef201d13c920d14a9fb668d6c9f9b2a4e0fdc86c65488e65c3c2ee53e563999c460970751add4397caaf1e539f89fa8738a50b919a6ab86ea3d41349f6d6679ae00955e303c2a4e5011a3c47caf22ac1691e6786965b6359c1331c7fa6f128267ecb1e984b58c0da7989d5ced6bbe27b72ba22b1d9af025ef45f088d0466813941f75bb8e867e09b293653374c39c2646bb7caa33e5ab9841b78fae31ec81849cf651ffb23cd3a04879e1574babf06a553eb44bb8cbc80d64a637be9e36b17f051ab0ff8170185c3e08590641dbe293d79ae37192560365deff45a4fae1f6247b28cd8a6750458f5cde0a9d9602d234edf7c89a2a6982e3eb0f63bdf34686adb949f80c4108baeb84249b0a6c13fbf9eb8b7a19dcbd240b39678a32320876934aa07d67b9f481c13da2d255c58dd6170c13c67a64c8b2e7560c44b4b54b16e7622536dcfff3ee9767bd98971ffc99992514a9419c25a8ed80850eb44385a885c05aaaf56195dfd965598e0b906176edd06e5f51826141f9d3958b462a4da0a1eafa9bd827941f3243385e5f5e24a69e862c7dbaea6f3e8937e5a5169b3910b583cd367484286bf833ce789e6575a529b68224424a6724a188762ed233d2af9b6b964f8e2697c17e96d1c019317e3d4f05d0ec02cbe12555e64b70cee7aad2ec4ff89486d7c31904ecd49cc4328232dcb5e51e519b1bc4e2e381c0c1b4d8586c092ea6ccdf6ed1ce2f42afbfda2f743fb90ab31586bf0fd81b2e3fc9df89f02a79aa8592cb4e36d98b58ef212bcbefc01a98984a6931fcaedd635a1e324aeb37f37ebc604844eab547d240dcf2e58fd6aca68bf9e7de73fea9a3f74fb2f599588c27e6e6d4aa3951e8e6127b54dfb0f6959ce1704aea7c3c15933ecd61cafb3b4e6875b1fe579abea3c47ac43ecaf5132b3ab4b47ed21b0a6f846cfdcdc59d559f1c8badf715bd8e9bdbaa21c6bde526476a45a0d93b5e070b6496730d77f80c16686ca8f7d775cb3a25d21c3ef1fa66c60dc16c2816bdb1c48659905f9991d16e7b8c7b8849ead7e94c7fe49183d119a8cca3c86c825c5abb7c82cdb0b306cfd206e4d18d6ebc0d5bc5d90c6ca442adaabe795f98a77b367566004df68cae795a690a34859e1c4de1753481a4c21cc8c55c1c18e8cfb414d9d0fcea0222ef6ae9e723ff9aaec0588ce700f120047ed92fbc19e6c9ca28d6c5ab8f33237992481fa4b3cc02a1c9f82245ae6363adef84e30640c3a3f9b673b973194584ca72fa9713049a65cbabb9dfe8e8045a37e1084e14e2da79b13ef1cae879301055b158396217b3a86d6982c7071b8cf9675ec369485e27d39f023e14aa8feea76e43a680f15fa735b914c3609a7026d48465c87a75b9ef0a38d04861c56bfd69df93e46162e5e801484800ea22e6b8b4063817feec3576eac6d322bd8e621a1da13855e6df4028f1d77b8f29331ae84356ddbd52f7482f38b10f44838a980cde1b3fad43f94ca0f659261108357f32cb34dbb449476bd515aaf4029951441b2c77ae6cc159e3f3dc02d3a0e875942e6d35fea44f0838be1b5f91a4da4da8b4c979708807d589f8559b995719746b6a6397b84c53d2b93a8b127ae526620e8ded54d8692e69990c12dad241cba9944410738b8d932f5e6dcb627a881d39061b4e456fd5860b752b1e646686c30ac46c159f2b5dffc45cff921c6b1326bf57cd8292bfeaea502e32d20df1ea252625e4ce5765d8436162aa91b1f62a579f67d1f1d0bfb331ef26b846a5f7740ddc89aac75ff2bf1f151763bb1d52b784571fb37d525bd734899a2d8ca8556efd67b029d703c880bf2c7f1a634fdf86f4bfa628603b62f325bea04007ae7c496955a6d7fdd88206ba056675b6b30bea9861c6dfcc5c054a2fd5c2f31f0081dd4e1836d59efd90573864224f76385c8f1d6b4345e27304d1ab34d9c52cd76ced6ab45915590c261b46813421a0d0d20ebe19c161f6121012b55d073ed8a75f5b5b5ae3b24f0a1c9dc64a8182dcc6efac12c793966700dd7474b72ff81c8cbb076f1d2b271fcd1f9e92a0f23ef5473a2c31523ee8e5a8e74a02b3915fa05b148e59d522ba7b7116a3f12b13d12b8980ab5e3e6ca9af4152", 0x2000, &(0x7f0000000f00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x18, 0x0, 0xa, {0x3}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

27.374855367s ago: executing program 3 (id=840):
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f00000001c0)={0x1d, r1}, 0x10)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f00000003c0)=0x1, 0x4)
sendmsg$can_raw(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@can={{}, 0x0, 0x0, 0x0, 0x0, "00000010000300"}, 0x10}, 0x1, 0x0, 0x0, 0x24040801}, 0x20000000)
read(r0, &(0x7f0000002340)=""/232, 0xe8)

26.084057471s ago: executing program 3 (id=852):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x2048c5, &(0x7f0000000340)={[{@fat=@flush}, {@shortname_winnt}, {@rodir}, {@fat=@nfs_nostale_ro}, {@uni_xlate}, {@uni_xlateno}, {@fat=@umask={'umask', 0x3d, 0x9}}, {@shortname_win95}, {@fat=@debug}, {@shortname_mixed}, {@fat=@sys_immutable}, {@utf8no}]}, 0x0, 0x29f, &(0x7f0000000580)="$eJzs3UFrE1sYxvGnSdukKW2yKBfuhct9uW50M7TxEwRpQQwotRF1IUztREPGpGRiJCK2O7d+juLSlYL6Bbpx517cFEFw04UYaZKxaRswra1Tzf8HYU7OOe/MmZyZ8M5AJlvXn94rFwOn6NYVS5pi0rq2pcxOqWuku4y1y+Pqta5zk5/f/Xv1xs1LuXx+ftFsIbd0Pmtm0/+9evDo2f9v6pPXnk+/TGgzc2vrU/b95l+bf299XQrXXpVcW65W6+6y79lKKSg7Zld8zw08K1UCr1a3nvaiX11dbZpbWZlKrda8IDC30rSy17R61eq1prl33FLFHMexqZSGTfzQEYWNxUU3dyKDQRQm+lXWajk33rexsPErBgUAAE6XqPL/u6XASoFVqnvy+4P5f0yHyP+loc7/D4/8fxjs5P+p7vm7F/k/AAAAAAAAAAAAAAAAAAAAAAC/g+1WK91qtdLhMnwlJCUlhe+jHidOBvM/3Hp+uJeU/CeNQqPQWXbac0WV5MvT7Jj0pX08dHXKCxfz87PWltFrf60bv9YoxJUI40OZ/vFznXjrjV/TmFK9288qrZn+8dk+8Y3CuM6eaSW6W/bkKK23t1WVr5X2cb0b/3jO7MLl/L74iXY/AAAAAAD+BI59d+D6vd3uWPjYkH3tncrd+wNK/+D+wL7r61H9MxrdfgMAAAAAMEyC5sOy6/tebQgK4f8fHMsKo//okoN2HpXUrXlxWuZikEJM0lHD4z83yx8l7amZiXy6j6Pw4X7nDBikc5TfSgAAAABOQpj0j0Q9EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhtigDw8L+x/l2WM9m4tHs5cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA6fAtAAD//2kbF4o=")
r0 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000500)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11080, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
read$FUSE(r0, &(0x7f0000002c00)={0x2020}, 0x2020)

25.748608024s ago: executing program 3 (id=857):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f00000000c0)={0x2a00, 0x4c8, 0x0, 0x95ef, 0x1, "8003e3ffff072000"})
write$binfmt_aout(r0, &(0x7f00000006c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600)={0x0, 0x0, 0x800, 0x100102, 0x36, "b0bf00"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0xff)

25.415113548s ago: executing program 3 (id=860):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = add_key$user(&(0x7f0000000040), &(0x7f0000000180)={'syz', 0x0}, &(0x7f0000000080)='\x00', 0x1, 0xfffffffffffffffb)
pipe2$watch_queue(&(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r2, 0x5760, 0x1f)
keyctl$KEYCTL_WATCH_KEY(0x20, r0, r2, 0x5b)
read$watch_queue(r1, &(0x7f0000000000)=""/1, 0x1)
keyctl$revoke(0x3, r0)

24.943340633s ago: executing program 36 (id=860):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = add_key$user(&(0x7f0000000040), &(0x7f0000000180)={'syz', 0x0}, &(0x7f0000000080)='\x00', 0x1, 0xfffffffffffffffb)
pipe2$watch_queue(&(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r2, 0x5760, 0x1f)
keyctl$KEYCTL_WATCH_KEY(0x20, r0, r2, 0x5b)
read$watch_queue(r1, &(0x7f0000000000)=""/1, 0x1)
keyctl$revoke(0x3, r0)

4.857156128s ago: executing program 8 (id=988):
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x50}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x1c, 0x7, 0x6, 0x101, 0x0, 0x0, {0x2, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x111}, 0x1008)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

3.052273358s ago: executing program 2 (id=998):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x1c, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}}, 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="dc94837f0a356f1c5089d030a16a52ad", 0x10)

2.78064341s ago: executing program 2 (id=999):
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200000, &(0x7f0000000040)={[{@grpquota}]}, 0x1, 0xbac, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy")
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0xb, 0x204031, 0xffffffffffffffff, 0xfc778000)
socket$nl_xfrm(0x10, 0x3, 0x6)
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0xffffffffffffff9c, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000480)='.\x00', 0x10000, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020662a, &(0x7f0000000140)={0x709be22d, 0x0, 0x4, 0x77a, 0x2, 0x0, [{0x2, 0x3, 0x6, '\x00', 0x80}, {0x3, 0x4, 0xffffffffffffff0a, '\x00', 0x2083}]})

2.601328563s ago: executing program 8 (id=1002):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x4, 0x19}, {}, {0xc, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x4, 0x3, 0x8, 0x2}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20000090)

2.393772575s ago: executing program 9 (id=1003):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000001000)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000c00)="91f8a9849519def28691bbc4173c3d6f357d0272b7e95a0100000000000000937b7b22a1319130feaab952ac4703caae4be68907eb47fc5393de25000000000000f2ffffff2e3591ceb1757de97fb25500620d0d30506e742937b74945da657f794d5b5bf89588e07b14a17f069912dc0c3f201bff8b9a687b85baa11244632642a9eff0cbb4b5882b738f05eba73221490e2d5c17cf406be2796eec488a5b5268f507ee8d6f3dd131d64abc785708eb9bd24e352a984b2b1596d35ebe1d3443aa78fb4020", 0xc5}], 0x1}}, {{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000880)="b527ce144a9e865255e6f85f4d18156225c3396c992b47cedd740a6a6c3c82aba6b56bd441a6dd0856d664fb959853821ce9917ed023550816ba4b21413e5e7c41c7e2197da810d26109c4572ec3dfb28073599772cf3e04b596b22fce7db25609f21c6da4db35a48c20cdfa", 0x6c}, {&(0x7f0000002300)="27cb1547d73d51c2b9eb909bbb859214eabfa995b909a5faccc33d38140dc15d080af6eaf18b2031f0c88867e93763c3466f13a7e1c71f9b7ed9652a901d80e85e1ba265a9837970a9a20940b0208fa916a034be9eb50defe37271f579ecbb2f7e6157f8bac11e6657ddcd368291be85f6fbe3696d907770e9214e33190c4f9d0a048b2442a7dde887cf7c3f2e7fca619e0f1717850a65d661e72c55a293a7e4332309066fc4e40951535235d7a51b3c1bdfc5996f817e817caf5d035e24b79089ab10bf1a15448774f85810bb5276", 0xcf}], 0x2}}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000140)="91790da0bd1c560e30633259f42abd712cb00cd5f83f5f8fd4be4ff744c36a3b11e84fb8d6e6ca9d8831796fb98a386d3ad837a9e92affe1ba18adfbe1ea97dfdc3e665f3d20948ea7a1f32fc8b737b8dbbad63cfea88639ec022f58243597a6a8f892a5bc1680da9111e2eefeaaa73f48fd9cb40256f609234533d1860d9694bdef8fb9152b0d6387dbbf25b8dbc5daf811a32c6dabce201eecc67cc65a2b6a95c7d696bb6087d6b2f347adf0a15f0d61cc543e33b70bd51768ef036cc9fe1513dfdf4e2668bc05d99df6e75a76a3cb006d987aca0b729f67008428a161d4adc05a8065b609a0b1303258ecbcecfaee5d", 0xf1}, {&(0x7f00000002c0)="88deadb29a8d529be1a943d58d6e4e86dfd54f4020e334a38ffffcec69ff4e37184205ea57d5afc9409421ba8943ccd8d1e768b8edc1ed5477a5588ff0e4fa8401d11d513c5903d3b47ddb76bddc0507c468a2ad3b8a559302e0ab980cdcd3a5704b530e20a0f979ef7fc40ff82bb6cfe1b5ea7b1d816eb60fac3eafbfc670db13128df90739db9661311bb41b61e7636ca6d148ee4474eb348f3d922ffac67751a12be7e9c85637a90aee7f9c24046c4f76f906fdab6d7039950dc94e2392b2e3ae600214d9", 0xc6}, {&(0x7f0000000640)="8d0a42012e29", 0x6}], 0x3}}], 0x3, 0x0)

2.147963777s ago: executing program 2 (id=1005):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x6, 0x10, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0x800000e2, 0x0, 0x0, 0x0, 0x2000000}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8006}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x5c298795369ca04f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000800)={r1, r3, 0x25, 0x0, @val=@kprobe_multi=@addrs={0x1, 0x0, 0x0, 0x0, 0x7}}, 0x30)
syz_emit_ethernet(0xfdef, &(0x7f00000003c0)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x380, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000050000000026000400"}, {0x18, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x18, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x21, 0x7, "f5000000000000000000000200000000000000000000000000008879e66485201a0015ca837400"/55}, {0x0, 0x14, "5e14f0e7e72d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fa632dbf04542188b196e213408c"}, {0x3, 0x5, "d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0)

2.126878538s ago: executing program 7 (id=1006):
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0xba922ce0ca21f0e2)
sendmsg$inet(r0, &(0x7f00000007c0)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
setsockopt$sock_attach_bpf(r0, 0x1, 0xd, &(0x7f0000000080), 0x24)
close(r0)

2.047395018s ago: executing program 8 (id=1007):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
close(r0)
socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x2, 0x0, 0x2, 0x1, {0xa, 0x4e24, 0x4, @empty, 0x1f}}}, 0x3a)
ioctl$PPPIOCSFLAGS(r0, 0x40047459, 0x0)

2.046380658s ago: executing program 9 (id=1008):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r1, &(0x7f0000000580)='1\x00', 0x2)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
write$sysctl(r1, &(0x7f00000000c0)='2\x00', 0x2)

1.843368631s ago: executing program 7 (id=1010):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="38346b0dd6320000005400"], 0x38}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8], 0x1c}, 0x1, 0x0, 0x0, 0x24008855}, 0x48885)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f00000000c0)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

1.780473271s ago: executing program 8 (id=1011):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000002000095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'macsec0\x00', <r3=>0x0})
r4 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r1, r3, 0x25, 0x0, @val=@iter={0x0}}, 0x20)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0xffffffff, 0x0, {0x0, 0x0, 0x74, r3, {0x0, 0x7}, {0x0, 0x4}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
close(r4)

1.718998622s ago: executing program 2 (id=1012):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f00000000c0)=0x800, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x770, 0x0, 0xbabd}, 0x1c)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x1, 0x3fc, 0x0, 0x32}, 0x9c)
bind$inet6(r1, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x7e)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

1.649094983s ago: executing program 4 (id=1013):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x3}, 0x1c)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f00000005c0)=0x9, 0xfc17)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000480)={'syz_tun\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f00000002c0)="05030500d3fc030000004788800509101128", 0x100f, 0x4, &(0x7f0000000140)={0x11, 0x88a8, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)

1.376576946s ago: executing program 7 (id=1014):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000001a80)=@filter={'filter\x00', 0x42, 0x4, 0x2a8, 0xffffffff, 0xf8, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x240, 0x240, 0x240, 0xffffffff, 0x4, 0x0, {[{{@ip={@rand_addr, @loopback, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x73}, 0x0, 0xa0, 0xc8, 0x0, {0x100000000000000}, [@common=@unspec=@connmark={{0x30}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@ip={@private, @loopback, 0x0, 0x0, 'batadv_slave_0\x00', 'dvmrp0\x00'}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x308)
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000680)={0x0, <r2=>0x0, <r3=>0x0}, &(0x7f00000000c0)=0xc)
syz_mount_image$exfat(&(0x7f0000000400), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f0000004800)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX=r2, @ANYBLOB=',dmask=00000000000000000000152,fmask=00000000000000000000006,gid=', @ANYRESHEX=r3, @ANYBLOB=',uid=', @ANYRESHEX=0xee00, @ANYBLOB="2c646973636172642c00fb278330ab3b4884d36adf6908d11f57832035e96a1513231140da182ca77aeedc492bbc501d94f854a7e26909bde6e698d72a15ec808a86c25d", @ANYRES8=r1, @ANYRESDEC=0x0], 0x81, 0x14f3, &(0x7f0000001580)="$eJzs3AuYjlW7OPB1r7UexjTpbZLDsO51P7xpaJkkySGnHJIkCUlOCUmTJAmJcZY0JCHHSXIYkuQwjUnjfD7knDT5pEmSkJBk/S/V3r5v9327vf/f9//b1577d13rsm7Pc9/vWnPPNe963uua+bbXmHot69duRkTinwK//ZMihIgRQowQQlwnhAiEEBXjK8Zfvl5AQco/9yLsX6t5+tVeAbuauP95G/c/b+P+523c/7yN+5+3cf/zNu5/3sb9Zywv2zGv2PU88u7gz//zMn7//18kt9zULzeVu7H3fyOF+5+3cf/zNu5/3sb9z9u4/3kb9/9/v1r/yTXuf97G/WcsL7vanz/zuLrjan//McYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLG877K7QQ4t/m/zDh5z+7gTHGGGOMMcYYY//T+PxXewWMMcYYY4wxxhj7fw+EFEpoEYh8Ir+IEQVErLhGxIlrRUFxnYiI60W8uEEUEjeKwqKIKCqKiQRRXJQQRqCwgkQoSopSIipuEqXFzSJRlBFlxS3CiXIiSdwqyovbRAVxu6go7hCVxJ2isqgiqopq4i5RXdQQNUUtUVvcLeqIuqKeqC/uEQ3EvaKhuE80EveLxuIB0UQ8KJqKh0Qz0Vy0EA+LluIR0Uo8KlqLNqKtaCfa/1/lvyj6iZdEfzFApIiBYpAYLIaIoWKYGC5GiJfFSPGKGCVeFalitBgjXhNjxetinHhDjBcTxETxppgkJospYqqYJqaLNPGWmCHeFjPFO2KWmC3miLkiXcwT88W7YoF4TywU74tF4gOxWCwRS8UykSE+FJliucgSH4kV4mORLVaKVWK1WCPWinVivdggNopNYrPYIraKbWK72CE+ETvFLrFb7BF7xT6xX3wqDojPxEHxucgRX/w388/9h/zeIECABAkaNOSDfBADMRALsRAHcVAQCkIEIhAP8VAICkFhKAxFoSgkQAKUgBKAgEBAUBJKQhSiUBpKQyIkQlkoCw4cJEESlIfboAJUgIpQESpBJagMVaAKVINqUB2qQ02oCbWhNtSBOlAP6sE9cA/cCw2hITSCRtAYGkMTaAJNoSk0g2bQAlpAS2gJraAVtIbW0BbaQntoDx2gA3SEjtAZOkMX6AJdoSskQzJ0g27QHbpDD+gBPaEn9IJe0Bv6QB94EV6El+AlGAB15EAYBINgCAyBYTAchsPLMBJegVfgVUiF0TAGXoPX4HUYB2dhPEyAiTARqsvJMAWmAsnpkAZpMANmwEyYCbNgNsyGuZAO82A+zIcF8B68B+/DIvgAPoAlsASWQQZkQCYshyzIghVwDrJhJayC1bAG1sIaWA8bYD1sgs2wCbbCVtgO2+ET+AR2wS7YA3tgH+yDT+FT+Aw+g1TIgRw4BIfgMByGI3AEciEXjsJROAbH4DgchxNwAk7CKTgNp+AMnIGzcA7Ow3m4ABfgIjyf8HWLfWU2pgp5mZZa5pP5ZIyMkbEyVsbJOFlQFpQRGZHxMl4WkoVkYVlYFpVFZYJMkCVkCYkSJclQlpQlZVRGZWlZWibKRFlWlpVOOpkkk2R5WV5WkBVkRXmHrCTvlJVlFdnJVZPVZHXZ2dWUtWRtWVvWkXVlPVlf1pcNZAPZUDaUjWQj2Vg2lk3kg7KpHAjDoLm83JmWcjS0kmOgtWwj28p28nV4THaQ46Cj7CQ7yyfkBBgPXWUHlyyflt3kFOgun5VT4TnZU06HXvIF2Vv2kX3li7Kf7Oj6ywFyFgyUg+RcGCKHymFyuFwAdeXljtWTr8pUOVqOka/JZfC6HCffkOPlBDlRviknyclyipwqp8npMk2+JWfIt+VM+Y6cJWfLOXKuTJfz5Hz5rlwg35ML5ftykfxALpZL5FK5TGbID2WmXC6z5EdyhfxYZsuVcpVcLdfItXKdXC83yI1yk9wst8itcpvcLnfIT+ROuUvulnvkXrlP7pefygPyM3lQfi5z5BfykPyLPCy/lEfkVzJXfi2Pym/kMfmtPC6/kyfk9/KkPCVPyx/kGfmjPCvPyfPyJ3lB/iwvyl/kJemlUKCkUkqrQOVT+VWMKqBi1TUqTl2rCqrrVERdr+LVDaqQulEVVkVUUVVMJajiqoQyCpVVpEJVUpVSUXWTKq1uVomqjCqrblFOlVNJ6lZVXt2mKqjbVUV1h6qk7lSVVRVVVVVTd6nqqoaqqWqp2upuVUfVVfVUfXWPaqDuVQ3VfaqRul81Vg+oJupB1VQ9pJqp5qqFeli1VI+oVupR1Vq1UW1VO9VePaY6qMdVR9VJdVZPqC7qSdVVPaWS1dOqm3pGdVfPqh7qOdVTPa96qRdUb9VH9VW/qEvKq/5qgEpRA9UgNVgNUUPVMDVcjVAvq5HqFTVKvapS1Wg1Rr2mxqrX1Tj1hhqvJqiJ6k01SU1WU9RUNU1NV2nqLTVDva1mqnfULDVbzVFzVbqap4b9XmnhfyH/7b+TP+rXV9+udqhP1E61S+1We9RetU/tV/vVAXVAHVQHVY7KUYfUIXVYHVZH1BGVq3LVUXVUHVPH1HF1XJ1QJ9RJdUr9pH5QZ9SP6qw6p86pn9QFdUFd/P1rIDRoqZXWOtD5dH4dowvoWH2NjtPX6oL6Oh3R1+t4fYMupG/UhXURXVQX0wm6uC6hjUZtNelQl9SldFTfpEvrm3WiLqPL6lu00+V0kr71n87/s/W11+11B91Bd9QddWfdWXfRXXRX3VUn62TdTXfT3XV33UP30D11T91L99K9dW/dV/fV/XQ/3V/31yk6RQ/Sg/UQPVQP08P1CP2yHqlH6lF6lE7VqXqMHqPH6rF6nB6nx+vxeqKeqCfpSXqKnqKn6Wk6TafpGXqGnqln6ll6lp6j5+h0na7n6/l6gV6gF+qFepFepBfrxXqpXqozdIbO1Jk6S2fpFXqFztYr9Uq9Wq/Wa/VavV6v1xv1Rr1Zb9Zb9VadrXfoHXqn3ql36916r96r9+v9+oA+oA/qgzpH5+hD+pA+rA/rI/qIztW5+qg+qo/pY/q4Pq5P6BP6pD6pT+vT+ow+o8/qs/q8Pq8v6Av6or6oL+lLl499gQxkoAMd5AvyBTFBTBAbxAZxQVxQMCgYRIJIEB/EB4WCG4PCQZGgaFAsSAiKByUCE2BgAwrCoGRQKogGNwWlg5uDxKBMUDa4JXBBuSApuDUoH9wWVAhuDyoGdwSVgjuDykGVoGpQLbgrqB7UCGoGtYLawd1BnaBuUC+oH9wTNAjuDRoG9wWNgvuDxsEDQZPgwaBp8FDQLGgetAgeDloGjwStgkeD1kGboG3QLmj/L63v/dkij7v+ZoBJMQPNIDPYDDFDzTAz3IwwL5uR5hUzyrxqUs1oM8a8Zsaa180484YZbyaYieZNM8lMNlPMVDPNTDdp5i0zw7xtZpp3zCwz28wxc026mVfj90O3WWjeN4vMB2axWWKWmmUmw3xoMs1yk2U+MivMxybbrDSrzGqzxqw168x6s8FsNJvMZrPFbDXbzHazw3xidppdZrfZY/aafWa/+dQcMJ+Zg+Zzk2O+MIfMX8xh86U5Yr4yueZrc9R8Y46Zb81x8505Yb43J80pc9r8YM6YH81Zc86cNz+ZC+Znc9H8Yi4Zf/lwf/ntHTVqzIf5MAZjMBZjMQ7jsCAWxAhGMB7jsRAWwsJYGItiUUzABCyBJfAyQsKSWBKjGMXSWBoTMRHLYll06DAJk7A8lscKWAErYkWshJWwMlbGqlgV78K7sAbWwFpYC+/Gu7Eu1sX6WB8bYANsiA2xETbCxtgYm2ATbIpNsRk2wxbYAltiS2yFrbA1tsa22BbbY3vsgB2wI3bEztgZu2AX7IpdMRmTsRt2w+7YHXtgD+yJPbEX9sLe2Bv7Yl/sh/2wP/bHFEzBQTgIh+AQHIbDcASOwJE4EkfhKEzFVByDY3AsjsVxOA7H4wSciG/iJJyMU3AqTsPpmIZpOANn4EycibNwFs7BOZiO6Tgf5+MCXIALcSEuwkW4GBfjUlyKGZiBmZiJWZiFK3AFZmM2rsJVuAbX4DpchxtwA27CTbgFt+A23IY7cAfuxJ24G3fjXtyL+3E/HsADeBAPYg7m4CE8hIfxMB7BI5iLuXgUj+IxPIbH8TiewBN4Ek/iaTyNZ/AMnsWzeB7P4wX8GS/iL3gJPcZYKWLtNTbOXmsL2utsjC1g/zouaovZBFvclrDGFrZF/iZGa22iLWPL2luss+Vskr31D3FlW8VWtdXsXba6rWFr/iFuYO+1De19tpG939a39/xN3Ng+YJvYR2xT+6htZtvYFradbWkfsa3so7a1bWPb2na2i33SdrVP2WT7tO1mn/lDnGmX2w12o91kN9sD9jN73v5kj9lv7QX7s+1vB9gR9mU70r5iR9lXbaod/Yd4on3TTrKT7RQ71U6z0/8Qz7FzbbqdZ+fbd+0C+94f4gz7oV1ks+xiu8Qutct+jS+vKct+ZFfYj222XWlX2dV2jV1r19n1/77W1Xar3Wa32/32U7vT7rK77R671+77Nb68j4P2c5tjv7BH7Tf2sP3SHrHHba79+tf48v6O2+/sCfu9PWlP2dP2B3vG/mjP2nO/7v/y3n+wv9hL1ltBQJIUaQooH+WnGCpAsXQNxdG1VJCuowhdT/F0AxWiG6kwFaGiVIwSqDiVIENIlohCKkmlKEo3UWm6mRKpDJWlW8hROUqiW6k83UYV6HaqSHdQJbqTKlMVqkrV6C6qTjWoJtWi2nQ31aG6VI/q0z3UgO6lhnQfNaL7qTE9QE3oQWpKD1Ezak4t6GFqSY9QK3qUWlMbakvtqD09Rh3ocepInagzPUFd6EnqSk9RMj1N3egZ6k7PUg96jnrS89SLXqDe1If60ovUj16i/jSAUmggDaLBNISG0jAaTiPoZRpJr9AoepVSaTSNoddoLL1O4+gNGk8TaCK9SZNoMk2hqTSNplMavUUz6G2aSe/QLJpNc2gupdM8mk/v0gJ6jxbS+7SIPqDFtISW0jLKoA8pk5ZTFn1EK+hjyqaVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoE9oJ+2i3bSH9tI+2k+f0gH6jA7S55RDX9Ah+gsdpi/pCH1FufQ1HaVv6Bh9S8fpOzpB39NJOkWn6Qc6Qz/SWTpH5+knukA/00X6hS6RJxFCKEMV6jAI84X5w5iwQBgbXhPGhdeGBcPrwkh4fRgf3hAWCm8MC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Ulg5vDhPDMmHZ8JbQheXCpPDWsHx4W1ghvD2sGN4RVgrvDCuHVcJH7q8W3hVWD2uENcNaYe3w7rBOWDesF9YP7wkbhPeGDcP7wkbh/WGF8IGwSfhg2DR8KGwWNg9bhA+HLcNHwlbho2HrsE3YNmwXtg8fCzuEj4cdw05h5/CJsEv4ZNg1fCpMDp8Ou4XP/On1lHBgOCgcHA4Ovb9PLY0ui2ZEP4xmRpdHs6IfRVdEP45mR1dGV0VXR9dE10bXRddHN0Q3RjdFN0e3RLdGt0W3R72vn184cNIpp13g8rn8LsYVcLHuGhfnrnUF3XUu4q538e4GV8jd6Aq7Iq6oK+YSXHFXwhmHzjpyoSvpSrmou8mVdje7RDe4+W8HiHIuybVz7V1718E97jq6Tq6ze8I94Z50T7qn3FPuadfNPeO6u2ddD/ec6+med8+7F1xv18f1dS+6fu4l198NcCkuxQ1yg9wQN8QNc8PcCDfCjXQj3Sg3yqW6VDfGjXFj3Vg3zo1z4914N9FNdJPcJDfFTXHT3DSX5tLcDDfDzXQz3Sw3y81xc1y6S3fz3Xy3wC1wC91CtyhxkVvsFrulbqnLcBku02W6LJflVrgVLttlu1VulVvj1rh1bp3b4Da4TW6T2+K2uG1um9vhdridbqfb7Xa7vW6v2+/2uwPugDvoDrocl+MOuUPusDvsjrivXK772h1137hj7lt33H3nTrjv3Ul3yp12P7gz7kd31p1z591P7oL72V10v7hLzru0yFuRGZG3IzMj70RmRWZH5kTmRtIj8yLzI+9GFkTeiyyMvB9ZFPkgsjiyJLI0siySEfkwkhlZHsmKfBRZEfk4kh1ZGVkVWR1ZE1kb8b74ztCX9KV81N/kS/ubfaIv48v6W7zz5XySv9WX97f5Cv52X9Hf4Sv5O31lX8VX9Y/61r6Nb+vb+fb+Md/BP+47+k6+s3/Cd/FP+q7+KZ/sn/bd/DO+u3/W9/DP+Z7+ed/Lv+B7+z6+r3/R9/Mv+f5+gE/xA/0gP9gP8UP9MD/cj/Av+5H+FT/Kv+pT/Wg/xr/mx/rX/Tj/hh/vJ/iJ/k0/yU/2U/xUP81P92n+LT/Dv+1n+nf8LD/bz/Fzfbqf5+f7d/0C/55f6N/3i/wHfrFf4pf6ZT7Df+gz/XKf5T/yK/zHPtuv9Kv8ar/Gr/Xr/Hq/wW/0m/xmv8Vv9dv8dr/Df+J3+l1+t9/j9/p9fr//1B/wn/mD/nOf47/wh/xf/GH/pT/iv/K5/mt/1H/jj/lv/XH/nT/hv/cn/Sl/2v/gz/gf/Vl/zp/3P/kL/md/0f/iL/GvpDHGGGOM/ZeoP7k+8O/8n/x9XDZICHHtrmK5/7HmlsK/zYfKhC4RIcTTA3o1/7dRp05KSsrv92YrEZRaIoSIXMnPJ67EK0Vn8aRIFp1E+b+7vqGyzwX6k/rRO4SI/aucGHElvlL/tn9Q/7EnJmZWCs/H/yf1lwiRWOpKTgFxJb5Sv8I/qF+kw5+sv8CXaUJ0/KucOHElvlI/STwunhHJf3MnY4wxxhhjjDH2m6Gyao8/e36+/HyeoK/k5BdX4j97PmeMMcYYY4wxxtjV91yfvk89lpzcqQdPeMITnvz75Gr/ZGKMMcYYY4z9q1059F/tlTDGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY3nX/48/J3a198gYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xdbf8nAAD//yx2QLk=")
utime(&(0x7f0000000200)='.\x00', &(0x7f0000000240)={0x8000000000000000, 0xffffffffc86d5209})

1.286981107s ago: executing program 4 (id=1015):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x10, 0x572, 0x8000, 0x9, "ff000d00009a468e0cd912098d00"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000000c0))
ioctl$TCSETA(r1, 0x5406, &(0x7f0000000200)={0xfffe, 0x81, 0x8, 0xb3, 0xb, "6c06002004dc17a8"})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000140)=0x6)

1.277481187s ago: executing program 8 (id=1016):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
r0 = socket(0x1, 0x803, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r1}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x100}]}, 0x34}}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x88, 0x0, r1}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x370}]}, 0x34}}, 0x0)

1.226528007s ago: executing program 2 (id=1017):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
rename(&(0x7f0000000040)='./file1\x00', &(0x7f00000000c0)='./file0\x00')
creat(&(0x7f00000000c0)='./file0\x00', 0x40)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xc5001, 0x104)

1.063033019s ago: executing program 8 (id=1018):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x2008082, &(0x7f0000000100)=ANY=[@ANYBLOB="757365725f78617474722c3582907365725f78617474722c6e6f61636c2c757365725f78617474722c6e6f757365725f78617474722c63616368655f73747261746567793d726561646168656164"], 0x4, 0x177, &(0x7f0000000680)="$eJzslL9KA0EQxr/diwkROztBLAwYi1zuLio2IsEXCPgPO6M5Q/RiQnKCiZXY+gC2tr5CGsEXUSsRUlpH9naTWyV/RNAgzq+Y+/Z2dm52Dj4QBPFveX56e7x+bV0YAKaQQEy9fzHCHK7ln+XiB9OpjbvWzcPVenW20q9mp/P170cA3GcN+L2zH08n1HMLvKe3wbGo9C4YTKX3wbGjtAuGPaWPNV0R+aZ5VPJc87DiFYSwRLBFcETIfO6vfclQ0Ppj2n690TzJe55b+0Exan7tLMea1p/+v7qzsbT52eCwlc6AYVPpVcS6s5Ej0e4/EwnrG798fxIkSPw1EfpT55ZhQfOniOYfab9cTdcbzVSpnC+6RffUcTIr1pJlLTvpwIhkHOJ/8cCfJrX6EwNyoyyK87zv12wZe2tHxn6OywP/40jOy7Xw/ujAbuQ+U+dYoJLGkHSCIIixMQcWeOYInNy4GyUIgiAIgiAIgiAI4tu8BwAA//9iEXZY")
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000b40)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x25dfdbfe, {{@in6=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x81, 0x7ffffffffffffffd, 0x407ffffffffffe, 0x8001}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@empty, 0x4d3, 0x2b}, 0xa, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x34ff, 0x0, 0x3, 0x6, 0x2, 0x97}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
r2 = socket$kcm(0xa, 0x922000000003, 0x11)
sendmsg$kcm(r2, &(0x7f0000000100)={&(0x7f0000000880)=@l2tp6={0xa, 0x1100, 0x48, @dev={0xfe, 0x80, '\x00', 0x2f}, 0x0, 0x1}, 0x80, 0x0}, 0x4)

1.007566809s ago: executing program 4 (id=1019):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000bd52007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000940)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r3, r2, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000240)={@local, @local, @val, {@ipv6={0x86dd, @generic={0x0, 0x6, "76cd8a", 0x0, 0x0, 0x0, @rand_addr=' \x01\x00', @dev}}}}, 0x0)

990.0167ms ago: executing program 7 (id=1020):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='tracefs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000001480)={[{@userxattr}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r0, &(0x7f0000000400)=""/4096, 0xc00)

905.69765ms ago: executing program 9 (id=1021):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x8891}, 0x2000880)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000014c0)=@delchain={0x24, 0x64, 0x1, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x9, 0xfff2}, {0x10, 0xfff1}, {0xffff}}}, 0x24}}, 0xd4)

642.958704ms ago: executing program 4 (id=1022):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000000c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xeb0}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@noquota}]}, 0x1, 0x440, &(0x7f0000000780)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000580)={'#! ', './bus'}, 0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
fdatasync(r0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

594.112794ms ago: executing program 9 (id=1023):
r0 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x2, @empty}, 0x1c)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x20000000)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580), 0x100}, 0x0)
select(0x2a, 0x0, 0x0, &(0x7f0000000400)={0xfefdffffffffffff, 0x1, 0x2, 0x300}, &(0x7f0000000440)={0x0, 0x2710})

471.285076ms ago: executing program 7 (id=1024):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000b80)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000680)="5f62f632763c84825847145170282f67ba6d5dadf0baf135d503e93a17ee560409202f4c5f0de32b0e53e4d26d04c825d923318fd574b1924b09ebb91d5be30b532a2fb95030c6be2a14ccfbce6eef05ea88d2413dc3fc0ae8a2e071f8764a4843611ae28b340100ddefa8ffed32420677397aa63e880adc56d03d8799429f33741886bd6c4065bba5005d74f67508dc3434165b51bf8f73bf1a7c158d8905e518e8", 0xa2}, {&(0x7f0000000740)="dfd1db04f5eef4b5714a69f5392e27d1b79a961a16fbdc4f01a9e38a1f95f939a209f049ad8d4f9447506fd73cec26b8246758f684013c99b717e119d15432e9d46da8a0c25e7e3771b0b146e56d2fcf810733", 0x53}, {&(0x7f0000000c40)="a405df87c6e89abd7ae7e6b8550f9923917c9d38e14a4e9ace3100b34d0056282b", 0x21}, {&(0x7f0000000800)="f76c72c4066a174e1300da0da7d191a618fc5793ff23c6328c6d61df0a2fb72441d4ded25cf7b5f31eb5d65e412665a6177f09ca3ac5cfd751577dec547711dc43b694a601fcb6575547ee6ec2a01c32b65d3429fbb9623a83d457d3ddea9eb90ab14b6b323a9358af0b55cff95844d5b47f69", 0x73}, {&(0x7f00000008c0)="4b000ffd096c1b77cd99b1458609c4b82100375ca9411e734cc8e9627df29e9b97a002d7f15ea9f42bd71401384ed6b5772b5c618c35c4aab72b1d515ceada9e64d7a35fd435e98f06243fcd53966c196ff3f47537912a1a5dec7e8e1fbf4543d1a6c80467d6ba3d241e3fd22efa09c638c98b4ce9fbe6d2053fcfa334eaee64efad2d349f048afb2635ae06c05697746fe073ed230c9c7c4643396305424c1c7eaa3ee09891995a607de26be9abcd2b65a4f9093da8a07eea", 0xb9}, {&(0x7f0000002380)="a66554178426362975b882a7d6b43fe537b6b0036a966a05363793ec2f6830cc5b81e514b9cbe4c27c3f3a581556b832100a4233e3e80fda14dd84611893300a863a8a6f6d8e0c7633e168ad7e25d4bd14ba6812101488e9444165b8100d576a996fec019ae11a03498329bcbacd0e8a206bd0de0c7e09f64a57d56974599f09aa148b4224dcffe1b5a1e55bbc1fdae8bf2f72437cf399c4cda11554b21158e3ddb00ddb71a1bd1daa50d631b027238397d692214223af1d685e7a3318da65c9233eba674ff72097411ef3ee19b892b1b36eeb925a6698f4d455b02163a3504ee6accffad7aaf9d19763d886272559ef0501594ea23d45a43e13bba05d7d332750ce5d9d3b37d234f46464fcc5f495e0fae02a24efd67db315c92f9483196bd38b38b3675bc0de5873f9d7b01ee5c564f5573b474e3c9f3b955929d9112007049e4245d68b93f365a90d35c837cc13999f2d6a23be87786e4234d74b1160669c7962b3b413201192565fb93252c153dd735e280e01d13dc34468f67684a4308c7dbe07687e0f56fa54f44b0141895ad75781ca026d813e8c17794b9d87d97136d29aced71b1f526dfab6301b78f1deab7949c97cce6616f4afd46a331e2fb54342dd1964c70a2717f4239c9e5157ac93c42d05f230da440a9227f0f82ee95cc79ca2d3da3f889b37f85f50d75711a910a57d213edb4b981cde33e01ec960885f31511ed7f8e01ddd36d76e1b1e40e81cd21ef9c34134400fdd94e34e5d77f4b7ca3612663e0f6b364be4a9dc775f3b12386ec04960524a9a5e6879e50db657c89a7dc7ec1f919ba8c77e926538599e7969868a5ef3e92817a3402c13de0efcb9fef445ee49f4b0ed26c5dbadff51459d5229661e4b7d2548c9ea4ce89b828daf5f5873e1d9e693ba037fc00ccc3dd74096c0f1ea508ee96ad7d85664947193e011e2f037917af7716d7f27cac25c9785f13baddfeba40997af5f6f4029cf5b781b654a635ee8696078d99025012cbad5af13bc26e2d100726fc98c11f8f16057a8506f29cf30bcf9ab7883ad1708d11bf70ee54fced84c69d90eb302e8aff586c0b25893e09868426cb4649145ede32035c47360fba7fe863cb00b86f583090c5b8d8549ba62cb822ed182fc07f029a826b5c86dccd603408bfc060c80c8ae21be086998f45923e1fe36eea10a66a55cc9f3cb6a296535dabc831fefe26b80ee47c723c596c51e1d7c073df20874eef79a291934c4c6a7c6b656595fc76b25d0d50590c1df29d59842a19a6acd60e783069aa0c21d792129132d59d12cd4417583dc967d7d44f392770da18e30a70a330e7b05aebf09e93aa545ca382a29f810e8a4efc0fffd3660f76892c2027daccfd743734c359bacaec86e4f15ca31b83894b67b3a3539cb5567bbcacd9a52c9b8d87252ddab0dbdd373f7150b87893fa4b6c5e6016f2146471f092a2cf4c75b6ed08a2f27f9f68d1817d7e782c0fa3026fd4e283b6b23bff2a9d84f5cdea217ce396080b623fe6d5da91fcab0e563b8c54af99007f6680efc9fdcd35d1d2ad8539ee04744e38c750114de55b80192c5d6aee8cbc34a47426bb22a9e3e2fcb87530c418a65fad7d5fbb15f569a69fc2cb92dad8f574330fdf2aa6033d1be037d5e3e964ff01329c43401bc86a72025288100ce86c053b922e9a7a692912bca4dabfc0e3a8966a65c96d3a420809c2d600928546a4ea26ff7100081f3ca8a70c64b3a4fc33b3e2546ff4a43502d448f2c0b274a244d32c955b02d897b1c53a2724ff886a1ccc91ea3a22dbd1f5f3f2e33db9ac9aae458a27e2a529ac2d8671f0e30df63a5d1a579b8f5a68f4a53fb4f3f76d41bee8e10635606f2a7fde9af7bd0df3ab9750b0c6c962fbc36e9474e3efac01ea98a4fe6e0f819d62dcde2b9b77fb0d430495ee042d1e70a52debb0d13b09906f77327dd4ccfe2b6796f9aa5e5b2fa9b2249c66b49cd7e1cbdb194c239d7e2e0928a45c8c55904cd345c5d8b92a5526ff51b5c2e477089eeb16cb3996c243c66a82f4349370ac26bef5d900ec582f274cc38b0258993de6cc79574fdacb895721fd4d04f84c4d89e109629f48a24fb3241882f154a35ae6659e0bb35af409c51cb11a26413be88a1e5ae1e8d2b1333a6c80c42c654f269dd875aa7f19517f62b8e031f11bdb11bafcf4b4f06496142579f7769ee41dd24701cd3ed016030f7d5cf24a4cfdcd9b05e38524cd1a81e16b948672329bd111f7442bdc81b68b36495b5f4aa44d7c2fdea8703849a17f7d3327086355ca3b36c10eb38556bf95b3575ba32b97f268af1f1347ed28368828124361f6c1e6b64e6ba9efc3094d50bb049c35db5ea2b3c76576b1a8f37da0711436048ae443523032497e542c04458f04cfffd11c53c431065c20e8add72c0c31caeec12d0bf391fa1c0a75e23d39c31da409083f768f545090b05c54084ffc5d7fd85cea725807638f4ab0026204452a8c198cc60133ce00e9a2b9ebeb30d7f33a1bb25cb2948bf44288cce43b6ac13012d8860fce83d9a0f6f1886723f41130466186ac56d5384bfd04fe87c67528996c1ee1ad8e551dda563e75d5dc8ac6a47990a62c915dc23f4ae6596dcfdb44661de969aec7f6d3fa8f05e106a8db7abeb3682bdc8e87aefbb09e642b2cef2919ddc55ded8dbce0606d3c4a0747a293a991b8cd832381c30813b887a22c2df569c12c430cf7471578eb787acab65b54569bece6921805af9ac41b268ce329a25bacdb02f8f3c4ef930f1799ff940f42c21955ddd5496234d62447d1c9d8e0cc7bb8fd5ca5e9fa2ef99105a4d44d6ce37532407fcccc4e71103baa0c7ff1767e05762424d9301294daa95523792cb73b348c41ec713d19c2b917a4dc50be3f0742762e5055cd6ebb3afa2b89a94c6a921e039ddaee98fc7a961a5e415322bd4b333d83768ee8945f29556f94372a16285cb1ff103640d93b837861f1d0d9e65fe35583b6f76889e7d09a2cdf3c2ef305a0f6d205deedee94ac602974fa58284e33aee55947a7a042abf0759ec8c1410493114454320b5003f23dac1c600a471ff09bdbf5bb40be87a69d388592241d9989f0435eeede193e6994b80a2145eca4afb5e691341e37e4580b0c54d7fc506cc9641020cd342a85fe56946e49854756ae6534edd03de881481e11701851f0f30fedbfcf335c3855c8d9541ef234f8718fbb0d9f127093a3e7c1d49d8a20729ab41a0118683b7044ee490d7137bebbbbfb245d5e30356e102eda0052a37cca70c221475b5c596f68c745701dc6e31f7846270bcd516ded5d0b4666b249a32f0acb1b8a7de8e6f007ee740561f64b7f30b4764ec5116a1eda1526225ddd01b1d999ff17d0798be47e3a5957011aa6e03318897ce1c452b78f9badf89098fe696894953581b01ceffc4fa0eefd654df9ea70b1f2f1e287192a5a20a381e8fad0fb99814208970902fdd28cf6a6457d7873a76359e226e5b203bd6f85bea30cb0ab5817e1b32fbbbd33a4e67f3771b7256a3a9ec20dae8a248af32a909bb5ec28f0f85722b81151f0f0a500a5c39c36476ac42c30bcb68a61a13141541ec54d895f0d7ca1afb728202e77f2f85170a3c2de378f1cfa0c2d1b0353f5d2fd0537017dc5510232a7a27a444476bbca2b84394639cf8ded35568868f9dcfa445b33c694aa8696d899afdf0d98a542e6a3c0212480ef3063ae0b8bcaa133978e9ebd76a3ccf652b0022b3cc7f1c9f2731c1c08f45fc84f7dade8471f6855e3005d75390e36a6646b8ac0dd5da9f9ef4bc35639ac96280bc47a547c0941af4516278b66469c7fc22932cbb2ac92cc12745bdf4ab4411d48396120f0e397ff6c22c54873296a897928d0158a5e63e6d48016cb4af44a3d71296acffe59241a8537f8b2cbc88b8ee2f4090e8e16b8af4700a60d0c199cc45cedf8dfe9a78ddd8637f7a9cfc16b078b1f9acfb8cb35f94b7564b1e23904e40dd5bdef1c78397457c05dd1108c3257bfda2e36b31969e8642c825c9dafe2fa4ee2708023c26255e6c41c2c873923e98eb1397dbc51324dfbec7943a5564fa815b9492d53c6cf6d42cd07165ae54e81f7989f2e406a13bea4df4d4a6971d81a4492e5703b6ba1f21ca5ffd68cdb15a713abd70d411e64d873b9f36ced7f354273c5c9782dd8a410ac28fee250f4b82095f4ab7a5c5a7d57114b6196cc2accdb44e39351a5d7c2c519ff861db8e4a368fdc1c5459f2b4cef0076d9b57b9ba2e76b3d8b87a515fc5c777d7e8023ef898fcf31365abc3e0a1307fa85f29d3c8a7e70d58b1228e8376c212ffb76f895aadedcf3f70bddcc347473dba5602d7734c4e9a2054cd3763acbb7fe82155d4a50e6a72d917b22b16ea8abd987834b4b1b04556e5442b1b643fa842a08ab5d860715b250447170c8d30829730a53974b6554a6454bab2eeda2966cc13a02a2b2c2e157ccd1795bcbc9c7bec370d9f492745b7c03c5ba21a45", 0xc68}, {&(0x7f0000003000)="42174da4697726eb844d4deeba15a4f94391c0c30a3fd9e778e3bf5f1b6f4c5de06b7e33c4b155b6664f6c3048e9e40da2d997441217a0e5384c27cb272d20232749ff1d2d02af4b66c2989e1ac0f7722e4df16733b1142a3002de4148e7656e3d59e2be1ee0f63699ed96aa8657d2747525d7e4bed6003b3142317b7aa72047649e64adb8db88c6408533b3cc52d45b4a422af248f9560db3054dfe591724c6472c11d55204912ba1ac55ca3e13c6924bddd84fb9f28cce209ddff8d2ba10274f9e0faf10a8a5eedf14dde018e129a6a9bb52a5a66171b1a6cf82aced2cef01b656efc4cbb7e62977edbe763a418949c47bf791e77b86dece880fa4ab33da7b538beb5796cf3da1d000e0c81c61119170744743448f235d592d60ba433ada49724e5416600d31c6e7d809274590afdd5f0da18105f603063e0da80533b9a7db3d2375aeee8837fea21b9f36c8bc221a5c9d420999f1", 0x156}], 0x7}}], 0x1, 0x8800)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x604ab000)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xfffffffffffffdcc, 0x0, 0x0, 0xffffffffffffff87}, &(0x7f0000000000)=0x40)

374.965627ms ago: executing program 4 (id=1025):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000006080)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb7030000080000547d03000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, r3, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x32, &(0x7f0000000280)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x100, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2, 0x1, 0x1, 0xc0, 0x100}}}}}}}, 0x0)

333.276337ms ago: executing program 9 (id=1026):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f00000001c0), 0x8, &(0x7f00000002c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

151.684399ms ago: executing program 7 (id=1027):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000700)='./file2\x00', 0x102a, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000280)='./file0\x00', 0x288a0aa, &(0x7f0000000180)=ANY=[], 0x1, 0x0, 0x0)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0xffff})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0xc0189436, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x5f, 0x3})

77.61874ms ago: executing program 2 (id=1028):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=@newtfilter={0x6c, 0x2c, 0xd27, 0x30bd29, 0x40000002, {0x0, 0x0, 0x0, r3, {0x300, 0x3}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x3c, 0x2, [@TCA_BASIC_EMATCHES={0x38, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x2c, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x6}, {{0x3, 0x0, 0x1}, {0x2, 0x1, 0x1}}}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x1000, 0x7, 0x4}, {{0x3, 0x1, 0x1, 0x1}}}}]}]}]}}]}, 0x6c}}, 0x0)

31.28875ms ago: executing program 9 (id=1029):
r0 = fsopen(&(0x7f00000014c0)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0xa)
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
lseek(r2, 0x102, 0x0)
getdents64(r2, 0x0, 0x4f)

0s ago: executing program 4 (id=1030):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0600000004000000400000000500"], 0x50)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0), &(0x7f0000000380), 0xfff, r0, 0x0, 0xa0028000}, 0x38)

kernel console output (not intermixed with test programs):

ed
[  100.936067][ T4318] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  100.937896][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  101.141180][ T4318] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  101.195315][ T4318] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  101.225340][ T4553] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  101.246047][ T4318] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.275203][ T4553] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  101.299475][ T4318] usb 1-1: Product: syz
[  101.328330][ T4318] usb 1-1: Manufacturer: syz
[  101.333105][ T4318] usb 1-1: SerialNumber: syz
[  101.387742][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  101.431883][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  101.475075][ T4589] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.482727][ T4589] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.501520][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  101.513160][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  101.531651][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  101.546118][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  101.571853][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  101.584568][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  101.604482][ T4354] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  101.620256][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  101.629857][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  101.640002][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  101.659633][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  101.719942][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  101.742594][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  101.796127][ T4354] usb 3-1: Using ep0 maxpacket: 32
[  101.804760][ T4354] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  101.853862][ T4354] usb 3-1: config 0 interface 0 has no altsetting 0
[  101.864069][ T4354] usb 3-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[  101.885334][ T4354] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.930039][ T4354] usb 3-1: config 0 descriptor??
[  102.045307][ T4763] capability: warning: `syz.4.127' uses deprecated v2 capabilities in a way that may be insecure
[  102.374934][ T4771] loop3: detected capacity change from 0 to 512
[  102.394546][ T4771] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  102.467609][ T4318] cdc_ncm 1-1:1.0: MAC-Address: 42:42:42:42:42:42
[  102.485412][ T4318] cdc_ncm 1-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048
[  102.518096][ T4318] cdc_ncm 1-1:1.0: setting rx_max = 2048
[  102.592473][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  102.610759][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  102.648817][ T4553] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.672649][   T27] audit: type=1800 audit(1778539214.733:3): pid=4771 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.129" name="file2" dev="loop3" ino=1048595 res=0 errno=0
[  102.711678][ T4771] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[  102.721398][ T4354] corsair-cpro 0003:1B1C:0C10.0002: hidraw0: USB HID v4.06 Device [HID 1b1c:0c10] on usb-dummy_hcd.2-1/input0
[  102.870509][ T4318] cdc_ncm 1-1:1.0: setting tx_max = 88
[  102.883969][ T4771] FAT-fs (loop3): error, invalid access to FAT (entry 0x0fffff00)
[  102.937554][ T4318] cdc_ncm 1-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  102.960019][ T4771] FAT-fs (loop3): error, invalid access to FAT (entry 0x0fffff00)
[  102.999855][ T4318] usb 1-1: USB disconnect, device number 2
[  103.009752][ T4771] syz.3.129: attempt to access beyond end of device
[  103.009752][ T4771] loop3: rw=2049, sector=17179852706, nr_sectors = 64 limit=512
[  103.055568][ T4318] cdc_ncm 1-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM (NO ZLP)
[  103.142327][ T4354] corsair-cpro: probe of 0003:1B1C:0C10.0002 failed with error -71
[  103.183986][ T4354] usb 3-1: USB disconnect, device number 2
[  103.491077][ T4792] fido_id[4792]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  104.268311][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  104.289916][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  104.366603][   T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  104.378699][   T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  104.403193][ T4553] device veth0_vlan entered promiscuous mode
[  104.420689][   T57] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  104.433564][   T57] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  104.465354][ T4553] device veth1_vlan entered promiscuous mode
[  104.533200][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  104.546114][ T4827] netlink: 88 bytes leftover after parsing attributes in process `syz.3.140'.
[  104.563166][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  104.585788][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  104.604122][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  104.863076][ T4832] loop0: detected capacity change from 0 to 32768
[  104.873559][ T4553] device veth0_macvtap entered promiscuous mode
[  104.887882][ T4553] device veth1_macvtap entered promiscuous mode
[  104.906906][ T4553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  104.918090][ T4553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.929005][ T4553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  104.940260][ T4553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.953086][ T4553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  104.964345][ T4553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.985748][ T4553] batman_adv: batadv0: Interface activated: batadv_slave_0
[  105.009490][ T4832] XFS (loop0): Mounting V5 Filesystem
[  105.025240][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  105.043850][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  105.062883][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  105.072012][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  105.086770][ T4553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  105.114563][ T4832] XFS (loop0): Ending clean mount
[  105.163207][ T4553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.286336][ T4553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  105.348891][ T4553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.396692][ T4553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  105.426131][ T4553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.467233][ T4553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  105.504264][ T4553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.571794][ T4553] batman_adv: batadv0: Interface activated: batadv_slave_1
[  105.582066][ T4281] XFS (loop0): Unmounting Filesystem
[  105.602325][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  105.633535][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  105.648360][ T4323] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  105.689602][ T4553] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.722256][ T4553] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.747061][ T4553] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.769237][ T4553] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.810114][ T4864] netlink: 'syz.3.150': attribute type 11 has an invalid length.
[  105.820599][ T4864] netlink: 36 bytes leftover after parsing attributes in process `syz.3.150'.
[  105.837026][ T4323] usb 3-1: Using ep0 maxpacket: 32
[  105.844623][ T4323] usb 3-1: unable to get BOS descriptor or descriptor too short
[  105.869265][ T4865] netlink: 'syz.3.150': attribute type 11 has an invalid length.
[  105.891427][ T4323] usb 3-1: config 7 has an invalid interface number: 128 but max is 0
[  105.916851][ T4865] netlink: 36 bytes leftover after parsing attributes in process `syz.3.150'.
[  105.936060][ T4323] usb 3-1: config 7 contains an unexpected descriptor of type 0x1, skipping
[  105.958295][ T4865] netlink: 'syz.3.150': attribute type 11 has an invalid length.
[  105.976227][ T4865] netlink: 36 bytes leftover after parsing attributes in process `syz.3.150'.
[  105.981572][ T4323] usb 3-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  106.034273][ T4323] usb 3-1: config 7 has no interface number 0
[  106.049443][ T4323] usb 3-1: config 7 interface 128 altsetting 2 has an invalid endpoint with address 0x17, skipping
[  106.089486][ T4323] usb 3-1: config 7 interface 128 altsetting 2 endpoint 0x87 has an invalid bInterval 209, changing to 11
[  106.140917][ T4323] usb 3-1: config 7 interface 128 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 6
[  106.199902][ T4323] usb 3-1: config 7 interface 128 has no altsetting 0
[  106.232798][ T4323] usb 3-1: New USB device found, idVendor=6033, idProduct=4108, bcdDevice=cc.13
[  106.265732][ T4323] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.274669][ T4872] loop3: detected capacity change from 0 to 1024
[  106.290013][ T4872] EXT4-fs: Ignoring removed nomblk_io_submit option
[  106.296900][ T4323] usb 3-1: Product: syz
[  106.301149][ T4323] usb 3-1: Manufacturer: syz
[  106.305788][ T4323] usb 3-1: SerialNumber: syz
[  106.371604][ T4854] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  106.468402][ T4872] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  106.553680][ T4589] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.606271][ T4589] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.633718][ T4323] usb 3-1: MIDIStreaming interface descriptor not found
[  106.648465][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  106.730354][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.744832][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.782953][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  106.841948][ T4323] usb 3-1: USB disconnect, device number 3
[  107.169387][ T4358] udevd[4358]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:7.128/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  107.292603][ T4872] syz.3.152 (4872) used greatest stack depth: 20560 bytes left
[  107.566043][ T4322] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  107.662427][ T4271] EXT4-fs (loop3): unmounting filesystem.
[  107.758117][ T4322] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  107.795034][ T4322] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  107.866503][ T4322] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.911214][ T4322] usb 1-1: config 0 descriptor??
[  108.328426][ T4322] keytouch 0003:0926:3333.0003: fixing up Keytouch IEC report descriptor
[  108.358843][ T4322] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0003/input/input5
[  108.515622][ T4322] keytouch 0003:0926:3333.0003: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  108.963196][ T4354] usb 1-1: USB disconnect, device number 3
[  109.119435][ T4935] af_packet: tpacket_rcv: packet too big, clamped from 4087 to 3936. macoff=96
[  109.177292][ T4914] loop3: detected capacity change from 0 to 40427
[  109.249832][ T4914] F2FS-fs (loop3): Invalid SB checksum offset: 0
[  109.274273][ T4914] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  109.322385][ T4914] F2FS-fs (loop3): invalid crc value
[  109.380827][ T4914] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  109.488825][ T4354] libceph: connect (1)[c::]:6789 error -101
[  109.495352][ T4354] libceph: mon0 (1)[c::]:6789 connect error
[  109.614232][ T4943] ceph: No mds server is up or the cluster is laggy
[  109.752241][ T4914] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  109.792092][ T4914] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  110.088357][ T4964] fuse: Bad value for 'fd'
[  110.707911][ T4271] syz-executor: attempt to access beyond end of device
[  110.707911][ T4271] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  111.052732][ T4962] loop5: detected capacity change from 0 to 131072
[  111.067680][ T4962] F2FS-fs (loop5): Wrong CP boundary, start(512) end(1536) blocks(0)
[  111.076552][ T4962] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  111.096617][ T4962] F2FS-fs (loop5): invalid crc value
[  111.202856][ T4962] F2FS-fs (loop5): Found nat_bits in checkpoint
[  111.274122][ T4962] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  111.282252][ T4962] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  111.746812][ T4998] netlink: 12 bytes leftover after parsing attributes in process `syz.3.177'.
[  112.389412][ T5017] loop5: detected capacity change from 0 to 128
[  112.458554][ T5017] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  112.487046][ T5017] ext4 filesystem being mounted at /6/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  112.534519][ T5015] loop2: detected capacity change from 0 to 2048
[  112.689002][ T5015] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  112.726341][ T5017] syz.5.185 (pid 5017) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  112.738874][ T5015] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.873475][ T5015] fs-verity: sha512 using implementation "sha512-avx2"
[  113.147694][ T4319] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  113.227561][ T4275] EXT4-fs (loop2): unmounting filesystem.
[  113.356273][ T4319] usb 1-1: Using ep0 maxpacket: 8
[  113.377508][ T4319] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  113.434057][ T4319] usb 1-1: config 0 has no interfaces?
[  113.466249][ T5027] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-avx2)"
[  113.477295][ T4319] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[  113.498138][ T4319] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.531188][ T4319] usb 1-1: config 0 descriptor??
[  113.649986][ T4553] EXT4-fs (loop5): unmounting filesystem.
[  114.401287][ T4319] usb 1-1: USB disconnect, device number 4
[  114.636114][ T4322] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  114.709154][ T5074] netlink: 12 bytes leftover after parsing attributes in process `syz.4.203'.
[  114.776213][ T5074] netlink: 12 bytes leftover after parsing attributes in process `syz.4.203'.
[  114.839048][ T4322] usb 6-1: Using ep0 maxpacket: 32
[  114.849703][ T4322] usb 6-1: config 2 has an invalid interface number: 194 but max is 0
[  114.882291][ T4322] usb 6-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  114.928146][ T4322] usb 6-1: config 2 has no interface number 0
[  114.966629][ T4322] usb 6-1: config 2 interface 194 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 833
[  115.007476][ T4322] usb 6-1: config 2 interface 194 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7
[  115.046084][ T4322] usb 6-1: config 2 interface 194 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  115.116002][ T4322] usb 6-1: config 2 interface 194 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4
[  115.170003][ T4322] usb 6-1: New USB device found, idVendor=0499, idProduct=1025, bcdDevice=9c.f6
[  115.216493][ T4322] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.280208][ T5064] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  115.522592][ T4322] usb 6-1: string descriptor 0 read error: -71
[  115.524292][ T5059] loop3: detected capacity change from 0 to 32768
[  115.676115][ T4322] usb 6-1: USB disconnect, device number 2
[  115.790160][ T5059] XFS (loop3): Mounting V5 Filesystem
[  115.977624][ T5059] XFS (loop3): Ending clean mount
[  116.035320][ T5070] loop2: detected capacity change from 0 to 40427
[  116.049481][ T4358] udevd[4358]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:2.194/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  116.111326][ T5070] F2FS-fs (loop2): invalid crc value
[  116.151000][ T5070] F2FS-fs (loop2): Found nat_bits in checkpoint
[  116.337642][ T5070] F2FS-fs (loop2): Start checkpoint disabled!
[  116.345069][ T4271] XFS (loop3): Unmounting Filesystem
[  116.442557][ T5070] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  116.591551][   T27] audit: type=1800 audit(1778539228.653:4): pid=5070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.202" name="file1" dev="loop2" ino=10 res=0 errno=0
[  116.917650][ T4628] kworker/u4:8: attempt to access beyond end of device
[  116.917650][ T4628] loop2: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  117.055168][ T5121] loop3: detected capacity change from 0 to 512
[  117.098618][ T5121] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  117.218971][ T5121] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  117.240645][ T5121] ext4 filesystem being mounted at /32/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  117.453034][ T5121] EXT4-fs error (device loop3): ext4_get_first_dir_block:3583: inode #12: comm syz.3.210: Directory hole found for htree leaf block 0
[  117.610263][ T4271] EXT4-fs (loop3): unmounting filesystem.
[  117.892937][ T5142] Set syz1 is full, maxelem 14 reached
[  119.549305][ T5173] loop2: detected capacity change from 0 to 4096
[  119.575368][ T5173] EXT4-fs: inline encryption not supported
[  120.040721][ T5173] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  120.056239][ T5173] EXT4-fs (loop2): Test dummy encryption mode enabled
[  120.077755][ T5173] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  120.096118][ T5173] System zones: 0-5
[  120.104657][ T5173] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  120.296930][ T4275] EXT4-fs (loop2): unmounting filesystem.
[  120.387024][ T5189] fuse: Bad value for 'fd'
[  120.453078][ T5191] netlink: 7 bytes leftover after parsing attributes in process `syz.2.236'.
[  121.331089][ T5214] loop2: detected capacity change from 0 to 128
[  121.416053][ T4545] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  121.616151][ T4545] usb 4-1: Using ep0 maxpacket: 32
[  121.649124][ T4545] usb 4-1: config 0 has an invalid interface number: 132 but max is 0
[  121.683053][ T4545] usb 4-1: config 0 has no interface number 0
[  121.700349][ T4545] usb 4-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  121.774253][ T4545] usb 4-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  121.803376][ T4545] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.836285][ T4545] usb 4-1: Product: syz
[  121.844335][ T4545] usb 4-1: Manufacturer: syz
[  121.861452][ T4545] usb 4-1: SerialNumber: syz
[  121.886526][ T4545] usb 4-1: config 0 descriptor??
[  121.908367][ T4545] em28xx 4-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  121.931357][ T4545] em28xx 4-1:0.132: Video interface 132 found:
[  122.307494][ T4545] em28xx 4-1:0.132: unknown em28xx chip ID (0)
[  123.474181][ T5243] netlink: 'syz.5.256': attribute type 1 has an invalid length.
[  123.526764][ T4545] em28xx 4-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[  123.587148][ T4545] em28xx 4-1:0.132: board has no eeprom
[  123.668290][ T4545] em28xx 4-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  123.680050][ T4545] em28xx 4-1:0.132: analog set to bulk mode.
[  123.701102][ T4323] em28xx 4-1:0.132: Registering V4L2 extension
[  123.726213][ T4545] usb 4-1: USB disconnect, device number 3
[  123.762055][ T4545] em28xx 4-1:0.132: Disconnecting em28xx
[  124.441733][ T4323] em28xx 4-1:0.132: Config register raw data: 0xffffffed
[  124.460154][ T4323] em28xx 4-1:0.132: AC97 chip type couldn't be determined
[  124.466463][ T5269] loop0: detected capacity change from 0 to 128
[  124.480443][ T4323] em28xx 4-1:0.132: No AC97 audio processor
[  124.537015][ T4323] usb 4-1: Decoder not found
[  124.537090][ T5269] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  124.553686][ T4323] em28xx 4-1:0.132: failed to create media graph
[  124.553771][ T4323] em28xx 4-1:0.132: V4L2 device video103 deregistered
[  124.584190][ T4323] em28xx 4-1:0.132: Remote control support is not available for this card.
[  124.653285][ T4545] em28xx 4-1:0.132: Closing input extension
[  124.665230][ T5269] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  124.748522][ T4545] em28xx 4-1:0.132: Freeing device
[  125.427438][ T4589] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  126.145100][ T5297] netlink: 'syz.3.274': attribute type 15 has an invalid length.
[  126.159682][ T5297] netlink: 4 bytes leftover after parsing attributes in process `syz.3.274'.
[  126.212171][ T5297] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 2816 - 0
[  126.221578][ T5297] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 2816 - 0
[  126.231027][ T5297] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 2816 - 0
[  126.239998][ T5297] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 2816 - 0
[  126.352085][ T5297] netlink: 'syz.3.274': attribute type 15 has an invalid length.
[  126.398915][ T5297] netlink: 4 bytes leftover after parsing attributes in process `syz.3.274'.
[  128.078323][ T5321] loop5: detected capacity change from 0 to 32768
[  128.146178][ T5321] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.282 (5321)
[  128.188463][ T5321] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  128.232141][ T5321] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  128.273359][ T5321] BTRFS info (device loop5): enabling auto defrag
[  128.311081][ T5321] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  128.363808][ T5321] BTRFS info (device loop5): use zstd compression, level 3
[  128.401589][ T5321] BTRFS info (device loop5): allowing degraded mounts
[  128.473124][ T5321] BTRFS warning (device loop5): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  128.525821][ T5321] BTRFS info (device loop5): trying to use backup root at mount time
[  128.528414][ T5352] random: crng reseeded on system resumption
[  128.560354][ T5321] BTRFS info (device loop5): enabling ssd optimizations
[  128.584270][ T5321] BTRFS info (device loop5): using spread ssd allocation scheme
[  128.634532][ T5321] BTRFS info (device loop5): force zlib compression, level 3
[  128.647056][ T5321] BTRFS info (device loop5): using free space tree
[  128.706188][ T5356] loop3: detected capacity change from 0 to 2048
[  128.809500][ T5356] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  128.915869][ T5379] netlink: 'syz.4.293': attribute type 1 has an invalid length.
[  129.001305][ T4342] BTRFS warning (device loop5): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  129.086509][ T5321] BTRFS error (device loop5): failed to load root extent
[  129.093759][ T5321] BTRFS warning (device loop5): try to load backup roots slot 1
[  129.143322][ T2893] BTRFS warning (device loop5): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  129.169324][ T5379] device bond1 entered promiscuous mode
[  129.189086][ T5379] 8021q: adding VLAN 0 to HW filter on device bond1
[  129.198215][ T5321] BTRFS warning (device loop5): couldn't read tree root
[  129.205854][ T5321] BTRFS warning (device loop5): try to load backup roots slot 2
[  129.245160][ T5321] BTRFS error (device loop5): parent transid verify failed on logical 5255168 mirror 1 wanted 5 found 7
[  129.289030][ T5321] BTRFS warning (device loop5): couldn't read tree root
[  129.317582][ T5321] BTRFS warning (device loop5): try to load backup roots slot 3
[  129.347161][ T5384] 8021q: adding VLAN 0 to HW filter on device bond1
[  129.406779][ T5384] bond1: (slave vcan1): The slave device specified does not support setting the MAC address
[  129.407342][ T4364] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  129.429144][ T5321] BTRFS info (device loop5): rebuilding free space tree
[  129.470884][ T5321] BTRFS info (device loop5): checking UUID tree
[  129.506040][ T5384] bond1: (slave vcan1): Setting fail_over_mac to active for active-backup mode
[  129.548919][ T5384] bond1: (slave vcan1): making interface the new active one
[  129.586159][ T5384] device vcan1 entered promiscuous mode
[  129.593840][ T5384] bond1: (slave vcan1): Enslaving as an active interface with an up link
[  129.626899][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  129.653904][ T4364] usb 1-1: config 4 has an invalid interface number: 30 but max is 0
[  129.686300][ T4364] usb 1-1: config 4 has no interface number 0
[  129.692489][ T4364] usb 1-1: config 4 interface 30 altsetting 0 endpoint 0xC has invalid maxpacket 1023, setting to 64
[  129.764238][ T4364] usb 1-1: New USB device found, idVendor=067b, idProduct=04bb, bcdDevice=ed.d7
[  129.793843][ T4364] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.822937][ T4364] usb 1-1: Product: syz
[  129.827361][ T4364] usb 1-1: Manufacturer: syz
[  129.832026][ T4364] usb 1-1: SerialNumber: syz
[  129.924841][ T4553] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  129.958972][ T4318] kernel write not supported for file bpf-prog (pid: 4318 comm: kworker/0:3)
[  130.078465][ T4364] pl2303 1-1:4.30: required endpoints missing
[  130.122393][ T4364] usb 1-1: USB disconnect, device number 5
[  132.835316][ T5413] Set syz1 is full, maxelem 65536 reached
[  133.050706][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  133.057543][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  133.752914][ T5472] loop2: detected capacity change from 0 to 7
[  133.762253][ T5450] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.771283][ T5450] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.800651][ T5472] Dev loop2: unable to read RDB block 7
[  133.824254][ T5472]  loop2: unable to read partition table
[  133.850996][ T5472] loop2: partition table beyond EOD, truncated
[  133.867907][ T5472] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  134.665553][ T5450] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  134.722300][ T5450] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  135.210660][ T4278] Bluetooth: hci3: command 0x0411 tx timeout
[  135.420216][ T5500] loop0: detected capacity change from 0 to 2048
[  135.504880][ T5500] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  135.572680][ T5450] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  135.602499][ T5450] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  135.641585][ T5508] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1126: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  135.657371][ T5450] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  135.657443][ T5450] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  135.683608][ T5508] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 1 with error 28
[  135.699974][ T5508] EXT4-fs (loop0): This should not happen!! Data will be lost
[  135.699974][ T5508] 
[  135.718028][ T5508] EXT4-fs (loop0): Total free blocks count 0
[  135.786117][ T5508] EXT4-fs (loop0): Free/Dirty block details
[  135.793230][ T5500] loop0: detected capacity change from 2048 to 64
[  135.799160][ T5508] EXT4-fs (loop0): free_blocks=2415919104
[  135.835826][ T5508] EXT4-fs (loop0): dirty_blocks=32
[  135.852255][ T5508] EXT4-fs (loop0): Block reservation details
[  135.860638][ T5508] EXT4-fs (loop0): i_reserved_data_blocks=2
[  135.925505][ T5450] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 2816 - 0
[  135.934788][ T5450] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 2816 - 0
[  135.943939][ T5450] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 2816 - 0
[  135.953304][ T5450] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 2816 - 0
[  136.022914][   T11] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  136.072088][ T5503] kmmpd-loop0: attempt to access beyond end of device
[  136.072088][ T5503] loop0: rw=14337, sector=256, nr_sectors = 4 limit=64
[  136.077678][ T5450] syz.3.307 (5450) used greatest stack depth: 20528 bytes left
[  136.101967][ T5503] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[  137.023008][   T27] audit: type=1326 audit(1778539249.083:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5534 comm="syz.4.338" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63d9f9cdd9 code=0x7ffc0000
[  137.151994][   T27] audit: type=1326 audit(1778539249.083:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5534 comm="syz.4.338" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63d9f9cdd9 code=0x7ffc0000
[  137.272822][   T27] audit: type=1326 audit(1778539249.083:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5534 comm="syz.4.338" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63d9f9cdd9 code=0x7ffc0000
[  137.327122][   T27] audit: type=1326 audit(1778539249.083:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5534 comm="syz.4.338" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f63d9f9cdd9 code=0x7ffc0000
[  137.416200][   T27] audit: type=1326 audit(1778539249.093:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5534 comm="syz.4.338" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63d9f9cdd9 code=0x7ffc0000
[  137.453091][ T4364] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  137.490140][   T27] audit: type=1326 audit(1778539249.093:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5534 comm="syz.4.338" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63d9f9cdd9 code=0x7ffc0000
[  137.524077][ T4280] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  137.536452][   T27] audit: type=1326 audit(1778539249.093:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5534 comm="syz.4.338" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63d9f9cdd9 code=0x7ffc0000
[  137.560828][ T4280] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  137.570786][ T4280] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  137.580392][ T4280] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  137.588064][ T4280] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  137.595357][ T4280] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  137.624052][   T27] audit: type=1326 audit(1778539249.093:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5534 comm="syz.4.338" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f63d9f9cdd9 code=0x7ffc0000
[  137.648384][   T27] audit: type=1326 audit(1778539249.093:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5534 comm="syz.4.338" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63d9f9cdd9 code=0x7ffc0000
[  137.672767][   T27] audit: type=1326 audit(1778539249.093:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5534 comm="syz.4.338" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f63d9f9cdd9 code=0x7ffc0000
[  137.706984][ T4364] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.718180][ T4364] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.728301][ T4364] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  137.741463][ T4364] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  137.750807][ T4364] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.768633][ T4364] usb 6-1: config 0 descriptor??
[  138.188440][ T4364] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  138.200694][ T5547] chnl_net:caif_netlink_parms(): no params data found
[  138.237899][ T4364] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  138.388142][ T5544] loop3: detected capacity change from 0 to 32768
[  138.480389][ T5544] XFS (loop3): Mounting V5 Filesystem
[  138.564408][ T4321] usb 6-1: USB disconnect, device number 3
[  138.622005][ T5547] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.622545][ T5544] XFS (loop3): Ending clean mount
[  138.710871][ T5547] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.756224][ T5547] device bridge_slave_0 entered promiscuous mode
[  138.799313][ T5547] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.822359][ T5547] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.857374][ T5547] device bridge_slave_1 entered promiscuous mode
[  138.996679][ T5547] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  139.020500][ T4271] XFS (loop3): Unmounting Filesystem
[  139.030916][ T5547] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  139.173207][ T5547] team0: Port device team_slave_0 added
[  139.212628][ T5547] team0: Port device team_slave_1 added
[  139.342021][ T5547] batman_adv: batadv0: Adding interface: batadv_slave_0
[  139.370075][ T5547] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  139.477562][ T5547] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  139.518269][ T5547] batman_adv: batadv0: Adding interface: batadv_slave_1
[  139.555740][ T5547] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  139.615981][ T5547] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  139.686150][ T4280] Bluetooth: hci4: command 0x0409 tx timeout
[  139.821356][ T5547] device hsr_slave_0 entered promiscuous mode
[  139.849524][ T5547] device hsr_slave_1 entered promiscuous mode
[  139.865640][ T5547] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  139.884226][ T5547] Cannot create hsr debugfs directory
[  140.265804][ T5622] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.274057][ T5622] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.369640][ T5547] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  140.401990][ T5547] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  140.428794][ T5547] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  140.452513][ T5547] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  140.708211][ T5547] 8021q: adding VLAN 0 to HW filter on device bond0
[  140.763997][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  140.797054][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  140.822558][ T5547] 8021q: adding VLAN 0 to HW filter on device team0
[  140.846620][ T5636] netlink: 'syz.5.356': attribute type 12 has an invalid length.
[  140.858243][ T5636] netlink: 'syz.5.356': attribute type 29 has an invalid length.
[  140.893851][ T5636] netlink: 148 bytes leftover after parsing attributes in process `syz.5.356'.
[  140.920462][ T5636] netlink: 'syz.5.356': attribute type 2 has an invalid length.
[  140.937360][ T5636] netlink: 'syz.5.356': attribute type 3 has an invalid length.
[  140.950889][ T5636] netlink: 11 bytes leftover after parsing attributes in process `syz.5.356'.
[  140.986560][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  141.028339][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  141.060390][ T4589] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.067787][ T4589] bridge0: port 1(bridge_slave_0) entered forwarding state
[  141.125634][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  141.145231][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  141.165441][ T4589] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.172701][ T4589] bridge0: port 2(bridge_slave_1) entered forwarding state
[  141.210638][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  141.228225][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  141.263861][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  141.278582][ T5649] netlink: 12 bytes leftover after parsing attributes in process `syz.3.359'.
[  141.338408][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  141.371219][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  141.406850][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  141.426535][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  141.464757][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  141.491802][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  141.526614][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  141.543968][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  141.567460][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  141.572592][ T5658] netlink: 164 bytes leftover after parsing attributes in process `syz.5.360'.
[  141.588933][ T5547] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  141.598396][ T5655] netlink: 12 bytes leftover after parsing attributes in process `syz.2.361'.
[  141.705232][ T5655] 8021q: adding VLAN 0 to HW filter on device bond1
[  141.763736][ T5659] bond1: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  141.776500][ T4280] Bluetooth: hci4: command 0x041b tx timeout
[  141.802850][ T5659] bond1: (slave hsr0): The slave device specified does not support setting the MAC address
[  141.816321][ T5659] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  141.829282][ T5659] bond1: (slave hsr0): Error -22 calling dev_set_mtu
[  142.422190][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  142.440477][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  142.485485][ T5547] 8021q: adding VLAN 0 to HW filter on device batadv0
[  142.915729][    T9] Bluetooth: hci5: Frame reassembly failed (-84)
[  142.930709][    T9] Bluetooth: hci5: Frame reassembly failed (-84)
[  143.106393][    T7] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  143.311823][    T7] usb 6-1: Using ep0 maxpacket: 32
[  143.325077][    T7] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  143.339483][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  143.346336][    T7] usb 6-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  143.359877][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  143.374149][    T7] usb 6-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  143.389984][    T7] usb 6-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  143.404206][    T7] usb 6-1: config 0 interface 0 has no altsetting 0
[  143.411241][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  143.426005][    T7] usb 6-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00
[  143.427485][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  143.440082][    T7] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.462357][ T5547] device veth0_vlan entered promiscuous mode
[  143.468791][    T7] usb 6-1: config 0 descriptor??
[  143.475538][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  143.493216][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  143.515770][ T5547] device veth1_vlan entered promiscuous mode
[  143.583578][ T2893] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  143.614482][ T2893] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  143.638789][ T2893] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  143.647934][ T2893] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  143.662780][ T5547] device veth0_macvtap entered promiscuous mode
[  143.718933][ T5547] device veth1_macvtap entered promiscuous mode
[  143.738780][    T7] usbhid 6-1:0.0: can't add hid device: -71
[  143.751034][    T7] usbhid: probe of 6-1:0.0 failed with error -71
[  143.785544][ T5711] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  143.790416][    T7] usb 6-1: USB disconnect, device number 4
[  143.805228][ T5711] batman_adv: batadv0: Adding interface: ip6gretap1
[  143.812630][ T5711] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  143.846320][ T4278] Bluetooth: hci4: command 0x040f tx timeout
[  143.920914][ T5711] batman_adv: batadv0: Interface activated: ip6gretap1
[  143.964247][ T5547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  143.990569][ T5547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.029443][ T5547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.069647][ T5547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.106746][ T5547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.144955][ T5547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.185114][ T5547] batman_adv: batadv0: Interface activated: batadv_slave_0
[  144.203825][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  144.228958][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  144.257282][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  144.291209][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  144.331274][ T5547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.380995][ T5547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.411455][ T5547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.423346][   T27] kauditd_printk_skb: 1 callbacks suppressed
[  144.423362][   T27] audit: type=1326 audit(1778539256.483:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5721 comm="syz.2.373" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f296739cdd9 code=0x7ffc0000
[  144.484661][ T5547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.539260][   T27] audit: type=1326 audit(1778539256.483:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5721 comm="syz.2.373" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f296739cdd9 code=0x7ffc0000
[  144.540579][ T5547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.629585][   T27] audit: type=1326 audit(1778539256.483:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5721 comm="syz.2.373" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f296739cdd9 code=0x7ffc0000
[  144.635932][ T5547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.719639][   T27] audit: type=1326 audit(1778539256.483:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5721 comm="syz.2.373" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f296739cdd9 code=0x7ffc0000
[  144.735959][ T5547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.792254][   T27] audit: type=1326 audit(1778539256.523:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5721 comm="syz.2.373" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f296739cdd9 code=0x7ffc0000
[  144.805147][ T5547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.872022][ T5547] batman_adv: batadv0: Interface activated: batadv_slave_1
[  144.879822][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  144.891612][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  144.902634][   T27] audit: type=1326 audit(1778539256.523:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5721 comm="syz.2.373" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f296739cdd9 code=0x7ffc0000
[  144.933006][ T5547] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.962905][ T5547] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.972101][   T27] audit: type=1326 audit(1778539256.523:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5721 comm="syz.2.373" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f296739cdd9 code=0x7ffc0000
[  144.972142][   T27] audit: type=1326 audit(1778539256.523:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5721 comm="syz.2.373" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f296739cdd9 code=0x7ffc0000
[  144.972176][   T27] audit: type=1326 audit(1778539256.523:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5721 comm="syz.2.373" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f296739cdd9 code=0x7ffc0000
[  144.972209][   T27] audit: type=1326 audit(1778539256.523:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5721 comm="syz.2.373" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f296739cdd9 code=0x7ffc0000
[  145.016072][ T4280] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  145.023782][ T5547] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  145.044742][ T4278] Bluetooth: hci5: command 0x1003 tx timeout
[  145.160253][ T5547] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  145.344224][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  145.374077][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  145.410736][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  145.483901][ T4342] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  145.509147][ T4342] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  145.524006][ T5747] netlink: 'syz.2.379': attribute type 11 has an invalid length.
[  145.561712][ T5747] netlink: 36 bytes leftover after parsing attributes in process `syz.2.379'.
[  145.616676][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  145.633156][ T5750] netlink: 'syz.2.379': attribute type 11 has an invalid length.
[  145.656000][ T5750] netlink: 36 bytes leftover after parsing attributes in process `syz.2.379'.
[  145.665175][ T5750] netlink: 'syz.2.379': attribute type 11 has an invalid length.
[  145.695750][ T5750] netlink: 36 bytes leftover after parsing attributes in process `syz.2.379'.
[  145.926132][ T4278] Bluetooth: hci4: command 0x0419 tx timeout
[  146.509369][ T5771] netlink: 'syz.5.389': attribute type 10 has an invalid length.
[  146.533864][ T5771] device geneve0 entered promiscuous mode
[  147.667821][ T5798] loop5: detected capacity change from 0 to 32768
[  147.730354][ T5798] XFS (loop5): Mounting V5 Filesystem
[  147.878779][ T5798] XFS (loop5): Ending clean mount
[  147.923765][ T5798] XFS (loop5): Quotacheck needed: Please wait.
[  148.031491][ T5798] XFS (loop5): Quotacheck: Done.
[  148.374150][ T4553] XFS (loop5): Unmounting Filesystem
[  148.852912][ T5840] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  148.892948][ T5840] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  149.013519][ T5827] loop3: detected capacity change from 0 to 32768
[  149.216038][    T7] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  149.429664][    T7] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  149.451039][    T7] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  149.478845][    T7] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.517963][    T7] usb 6-1: config 0 descriptor??
[  149.533771][ T5857] netlink: 8 bytes leftover after parsing attributes in process `syz.2.421'.
[  149.766906][    T7] usbhid 6-1:0.0: can't add hid device: -71
[  149.780630][    T7] usbhid: probe of 6-1:0.0 failed with error -71
[  149.806316][    T7] usb 6-1: USB disconnect, device number 5
[  149.916804][ T5859] device ip6erspan0 entered promiscuous mode
[  150.386188][    T7] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  150.586079][    T7] usb 6-1: Using ep0 maxpacket: 32
[  150.599386][    T7] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  150.629972][    T7] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  150.651303][    T7] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.685393][    T7] usb 6-1: config 0 descriptor??
[  150.719244][    T7] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  150.774550][    T7] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  151.171458][ T4321] usb 6-1: USB disconnect, device number 6
[  151.187389][ T4321] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[  152.163156][ T5909] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  153.582386][ T4321] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  153.635438][   T27] kauditd_printk_skb: 142 callbacks suppressed
[  153.635454][   T27] audit: type=1326 audit(1778539265.693:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5931 comm="syz.5.450" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7f68d5d96b57 code=0x0
[  153.785083][ T4321] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  153.829812][ T4321] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  153.859761][ T4321] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.891749][ T4321] usb 4-1: Product: syz
[  153.904790][ T4321] usb 4-1: Manufacturer: syz
[  153.921443][ T4321] usb 4-1: SerialNumber: syz
[  154.119457][ T5952] netlink: 'syz.5.460': attribute type 21 has an invalid length.
[  154.145217][ T5952] netlink: 4 bytes leftover after parsing attributes in process `syz.5.460'.
[  154.227380][ T5952] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  154.236286][ T5952] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  154.245029][ T5952] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  154.253874][ T5952] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  154.327085][ T5952] netlink: 'syz.5.460': attribute type 21 has an invalid length.
[  154.345128][ T5952] netlink: 4 bytes leftover after parsing attributes in process `syz.5.460'.
[  154.836080][ T5968] loop6: detected capacity change from 0 to 128
[  154.855053][ T5968] EXT4-fs: Ignoring removed nobh option
[  154.920388][ T5968] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  154.931914][ T5968] ext4 filesystem being mounted at /19/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  154.986069][ T4321] cdc_ncm 4-1:1.0: MAC-Address: 42:42:42:42:42:42
[  155.001446][ T4321] cdc_ncm 4-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  155.017240][ T4321] cdc_ncm 4-1:1.0: setting rx_max = 2048
[  155.193716][ T4321] cdc_ncm 4-1:1.0: setting tx_max = 184
[  155.205543][ T4321] cdc_ncm 4-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.3-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  155.239229][ T5547] EXT4-fs (loop6): unmounting filesystem.
[  155.445084][ T5406] usb 4-1: USB disconnect, device number 4
[  155.468918][ T5406] cdc_ncm 4-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.3-1, CDC NCM (NO ZLP)
[  155.484938][ T5980] loop6: detected capacity change from 0 to 2048
[  155.486666][ T5982] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  155.519498][ T5982] batman_adv: batadv0: Removing interface: batadv_slave_0
[  155.550611][ T5982] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  155.587573][ T5982] batman_adv: batadv0: Removing interface: batadv_slave_1
[  155.629811][ T5980] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  155.760051][ T5547] EXT4-fs (loop6): unmounting filesystem.
[  156.249256][ T6003] loop3: detected capacity change from 0 to 8
[  156.332431][ T6003] SQUASHFS error: Unable to read inode 0x11f
[  157.027504][ T6027] loop5: detected capacity change from 0 to 256
[  157.330414][ T6030] loop6: detected capacity change from 0 to 1024
[  157.569438][ T6036] netlink: 68 bytes leftover after parsing attributes in process `syz.5.487'.
[  157.620552][ T6036] device syzkaller1 entered promiscuous mode
[  157.681334][ T6030] loop6: detected capacity change from 1024 to 0
[  157.714691][ T6037] hfsplus: xattr searching failed
[  157.788916][ T6039] overlayfs: failed to clone upperpath
[  157.875045][ T5547] hfsplus: xattr search failed
[  157.933998][ T5547] hfsplus: xattr search failed
[  157.968870][ T5547] hfsplus: xattr search failed
[  157.987054][ T5547] hfsplus: xattr search failed
[  158.001999][ T5547] hfsplus: xattr search failed
[  158.048572][ T5547] hfsplus: xattr search failed
[  158.094749][ T5547] hfsplus: xattr search failed
[  158.116995][ T5547] hfsplus: xattr search failed
[  158.122169][ T5547] hfsplus: xattr search failed
[  158.237708][ T6051] loop5: detected capacity change from 0 to 8
[  158.391026][ T6051] SQUASHFS error: Unable to read inode 0x11f
[  158.782976][ T6067] netlink: 12 bytes leftover after parsing attributes in process `syz.2.496'.
[  158.842949][ T6067] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  158.852235][ T6067] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  158.861057][ T6067] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  158.869857][ T6067] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  158.965349][ T6067] netlink: 12 bytes leftover after parsing attributes in process `syz.2.496'.
[  159.139942][ T6073] loop6: detected capacity change from 0 to 4096
[  159.341220][ T6073] ntfs3: loop6: Mark volume as dirty due to NTFS errors
[  160.325012][ T6100] netlink: 8 bytes leftover after parsing attributes in process `syz.2.507'.
[  160.796267][ T5406] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  160.925245][ T6120] overlayfs: failed to clone upperpath
[  160.987803][ T5406] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.014239][ T5406] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.036360][ T5406] usb 7-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  161.047074][ T5406] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.059224][ T5406] usb 7-1: config 0 descriptor??
[  161.326088][ T4323] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  161.516066][ T4323] usb 4-1: Using ep0 maxpacket: 8
[  161.534712][ T4323] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  161.585244][ T4323] usb 4-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  161.635203][ T4323] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.740022][ T4323] usb 4-1: config 0 descriptor??
[  161.764975][ T4323] gspca_main: vc032x-2.14.0 probing 046d:0892
[  161.899518][ T5406] hid-led 0003:27B8:01ED.0005: hidraw0: USB HID v0.00 Device [HID 27b8:01ed] on usb-dummy_hcd.6-1/input0
[  161.996500][ T5406] hid-led 0003:27B8:01ED.0005: ThingM blink(1) v1 initialized
[  162.337662][ T4320] usb 7-1: USB disconnect, device number 2
[  162.601436][ T6129] fido_id[6129]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  162.916101][ T4320] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  163.079857][ T6147] loop7: detected capacity change from 0 to 16384
[  163.108786][ T4320] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  163.130080][ T4320] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  163.217242][ T4320] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  163.270343][ T4321] usb 4-1: USB disconnect, device number 5
[  163.280342][ T4320] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  163.306001][ T4320] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  163.324491][ T4320] usb 6-1: Product: syz
[  163.331414][ T4320] usb 6-1: Manufacturer: syz
[  163.340346][ T4320] usb 6-1: SerialNumber: syz
[  163.360862][ T6150] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.369110][ T6150] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.426520][ T6149] loop7: detected capacity change from 16384 to 0
[  163.591079][ T4320] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 7 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  163.882709][ T4364] usb 6-1: USB disconnect, device number 7
[  163.901082][ T4364] usblp0: removed
[  164.252158][ T6176] loop6: detected capacity change from 0 to 512
[  164.385509][ T6176] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.537: bg 0: block 288: padding at end of block bitmap is not set
[  164.419964][ T6176] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6180: Corrupt filesystem
[  164.451679][ T6184] loop3: detected capacity change from 0 to 512
[  164.496125][ T6176] EXT4-fs error (device loop6): ext4_clear_blocks:883: inode #13: comm syz.6.537: attempt to clear invalid blocks 1024 len 1
[  164.539025][ T6184] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  164.592153][ T6184] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.618465][ T6176] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #13: comm syz.6.537: invalid indirect mapped block 1819239214 (level 0)
[  164.710586][ T6184] EXT4-fs error (device loop3): ext4_do_update_inode:5279: inode #2: comm syz.3.539: corrupted inode contents
[  164.758979][ T6176] EXT4-fs (loop6): 1 truncate cleaned up
[  164.764717][ T6176] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  164.773951][ T6192] netlink: 8 bytes leftover after parsing attributes in process `syz.5.542'.
[  164.826622][ T6192] netlink: 8 bytes leftover after parsing attributes in process `syz.5.542'.
[  164.827961][ T6184] EXT4-fs error (device loop3): ext4_dirty_inode:6156: inode #2: comm syz.3.539: mark_inode_dirty error
[  164.904593][ T6184] EXT4-fs error (device loop3): ext4_do_update_inode:5279: inode #2: comm syz.3.539: corrupted inode contents
[  164.924891][ T6184] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.539: mark_inode_dirty error
[  165.001710][ T6176] EXT4-fs error (device loop6): ext4_ind_map_blocks:604: inode #2: comm syz.6.537: Can't allocate blocks for non-extent mapped inodes with bigalloc
[  165.100900][ T4271] EXT4-fs (loop3): unmounting filesystem.
[  165.294828][ T5547] EXT4-fs (loop6): unmounting filesystem.
[  165.616340][ T4364] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  165.706639][ T6221] loop6: detected capacity change from 0 to 128
[  165.809080][ T4364] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  165.835613][ T4364] usb 6-1: config 0 has no interface number 0
[  165.856014][ T4364] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  165.884455][ T4364] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.908271][ T4364] usb 6-1: config 0 descriptor??
[  165.920748][ T4364] cp210x 6-1:0.1: cp210x converter detected
[  166.322284][ T4364] cp210x 6-1:0.1: failed to get vendor val 0x000e size 3: -32
[  166.388063][ T4342] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.513135][ T4342] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.558232][ T4364] usb 6-1: cp210x converter now attached to ttyUSB0
[  166.647769][ T4342] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.750832][ T4342] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.772503][ T4364] usb 6-1: USB disconnect, device number 8
[  166.803360][ T4364] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  166.830010][ T4364] cp210x 6-1:0.1: device disconnected
[  167.502306][ T4280] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  167.514034][ T4280] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  167.524046][ T4280] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  167.538888][ T4280] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  167.546543][ T4280] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  167.555106][ T4280] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  167.717176][ T6258] netlink: 164 bytes leftover after parsing attributes in process `syz.4.568'.
[  168.469577][ T6281] Set syz0 is full, maxelem 0 reached
[  169.022353][ T6248] chnl_net:caif_netlink_parms(): no params data found
[  169.149428][ T6297] netlink: 164 bytes leftover after parsing attributes in process `syz.3.580'.
[  169.549950][ T4342] device hsr_slave_0 left promiscuous mode
[  169.559584][ T4342] device hsr_slave_1 left promiscuous mode
[  169.592974][ T4342] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  169.606685][ T4280] Bluetooth: hci4: command 0x0409 tx timeout
[  169.619836][ T4342] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.659282][ T4342] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.696189][ T4342] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.725602][ T4342] device bridge_slave_1 left promiscuous mode
[  169.748855][ T4342] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.809868][ T4342] device bridge_slave_0 left promiscuous mode
[  169.846340][ T4342] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.966654][ T4342] device veth1_macvtap left promiscuous mode
[  169.980740][ T4342] device veth0_macvtap left promiscuous mode
[  170.000957][ T4342] device veth1_vlan left promiscuous mode
[  170.033912][ T4342] device veth0_vlan left promiscuous mode
[  171.592120][ T6352] loop5: detected capacity change from 0 to 2048
[  171.879928][ T6345] loop3: detected capacity change from 0 to 131072
[  171.889176][ T4280] Bluetooth: hci4: command 0x041b tx timeout
[  171.912377][ T6345] F2FS-fs (loop3): invalid crc value
[  171.921025][ T6345] F2FS-fs (loop3): Found nat_bits in checkpoint
[  171.934638][ T6352] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  171.994487][ T6345] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  172.067568][ T6352] loop5: detected capacity change from 2048 to 64
[  172.170276][ T6362] EXT4-fs error (device loop5): xattr_find_entry:297: inode #15: comm syz.5.597: corrupted xattr entries
[  172.236281][ T6362] EXT4-fs error (device loop5): get_max_inline_xattr_value_size:69: inode #15: comm syz.5.597: corrupt xattr in inline inode
[  172.267663][ T6362] EXT4-fs error (device loop5): xattr_find_entry:297: inode #15: comm syz.5.597: corrupted xattr entries
[  172.291608][ T6362] EXT4-fs error (device loop5): ext4_ind_map_blocks:604: inode #15: comm syz.5.597: Can't allocate blocks for non-extent mapped inodes with bigalloc
[  172.357478][ T6362] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 1 with error 117
[  172.396054][ T6362] EXT4-fs (loop5): This should not happen!! Data will be lost
[  172.396054][ T6362] 
[  172.569051][   T57] EXT4-fs error (device loop5): xattr_find_entry:297: inode #15: comm kworker/u4:4: corrupted xattr entries
[  172.610575][   T57] EXT4-fs error (device loop5): ext4_map_blocks:747: inode #15: block 1803188595: comm kworker/u4:4: lblock 0 mapped to illegal pblock 1803188595 (length 1)
[  172.655037][   T57] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  172.672013][ T4342] team0 (unregistering): Port device team_slave_1 removed
[  172.718042][   T57] EXT4-fs (loop5): This should not happen!! Data will be lost
[  172.718042][   T57] 
[  172.737652][ T4628] EXT4-fs error (device loop5): xattr_find_entry:297: inode #15: comm kworker/u4:8: corrupted xattr entries
[  172.786863][ T4553] EXT4-fs (loop5): Inode 15 (ffff8880542d2820): i_reserved_data_blocks (1) not cleared!
[  172.806874][ T4553] EXT4-fs (loop5): unmounting filesystem.
[  172.850056][ T6353] kmmpd-loop5: attempt to access beyond end of device
[  172.850056][ T6353] loop5: rw=14337, sector=256, nr_sectors = 4 limit=64
[  172.872324][ T4342] team0 (unregistering): Port device team_slave_0 removed
[  172.876141][ T6353] Buffer I/O error on dev loop5, logical block 64, lost sync page write
[  173.058957][ T4342] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  173.241688][ T4342] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  173.839849][ T4342] bond0 (unregistering): Released all slaves
[  173.926395][ T4280] Bluetooth: hci4: command 0x040f tx timeout
[  173.949418][ T6248] bridge0: port 1(bridge_slave_0) entered blocking state
[  173.958671][ T6248] bridge0: port 1(bridge_slave_0) entered disabled state
[  173.967051][ T6248] device bridge_slave_0 entered promiscuous mode
[  173.988811][ T6328] netlink: 8 bytes leftover after parsing attributes in process `syz.4.589'.
[  174.056110][ T6248] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.064064][ T6248] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.072464][ T6248] device bridge_slave_1 entered promiscuous mode
[  174.079355][ T6328] netlink: 8 bytes leftover after parsing attributes in process `syz.4.589'.
[  174.153678][ T6248] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  174.167002][ T6248] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  174.322343][ T6248] team0: Port device team_slave_0 added
[  174.377434][ T6248] team0: Port device team_slave_1 added
[  174.480850][ T6248] batman_adv: batadv0: Adding interface: batadv_slave_0
[  174.509999][ T6248] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  174.620897][ T6248] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  174.671162][ T6248] batman_adv: batadv0: Adding interface: batadv_slave_1
[  174.699966][ T6248] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  174.771708][ T6248] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  174.883225][ T6248] device hsr_slave_0 entered promiscuous mode
[  174.912473][ T6248] device hsr_slave_1 entered promiscuous mode
[  174.937399][ T6248] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  174.959620][ T6248] Cannot create hsr debugfs directory
[  175.140253][    T9] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  175.205232][    T9] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.445185][    T9] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  175.470973][    T9] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.647192][    T9] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  175.680690][ T4280] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  175.692136][ T4280] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  175.702508][ T4280] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  175.712003][ T4280] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  175.720942][ T4280] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  175.728286][ T4280] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  175.800586][    T9] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.873921][ T6399] loop3: detected capacity change from 0 to 32768
[  176.003923][    T9] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  176.032072][ T6399] JBD2: Ignoring recovery information on journal
[  176.055405][    T9] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.070622][ T4280] Bluetooth: hci4: command 0x0419 tx timeout
[  176.211043][ T6399] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  176.224123][   T27] audit: type=1326 audit(1778539288.215:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6395 comm="syz.4.608" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f63d9f9cdd9 code=0x0
[  176.456703][ T6248] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  176.511435][ T6415] (syz.3.609,6415,0):ocfs2_parse_options:1458 ERROR: Invalid heartbeat mount options
[  176.537334][ T6248] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  176.575196][ T6248] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  176.613330][ T6248] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  176.778366][ T6405] chnl_net:caif_netlink_parms(): no params data found
[  176.994284][ T4271] ocfs2: Unmounting device (7,3) on (node local)
[  177.492662][ T6248] 8021q: adding VLAN 0 to HW filter on device bond0
[  177.517408][ T6405] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.537572][ T6405] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.571380][ T6405] device bridge_slave_0 entered promiscuous mode
[  177.658937][ T6248] 8021q: adding VLAN 0 to HW filter on device team0
[  177.668230][ T6405] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.678566][ T6405] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.687487][ T6405] device bridge_slave_1 entered promiscuous mode
[  177.702617][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  177.740475][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  177.831272][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  177.846014][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  177.877703][ T4628] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.884944][ T4628] bridge0: port 1(bridge_slave_0) entered forwarding state
[  177.893365][ T4278] Bluetooth: hci3: command 0x0409 tx timeout
[  178.109486][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  178.133964][ T6405] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  178.189401][ T6405] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  178.282913][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  178.302819][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  178.325901][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.333142][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.350322][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  178.375673][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  178.442672][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  178.467442][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  178.506625][ T6458] netlink: 24 bytes leftover after parsing attributes in process `syz.3.618'.
[  178.578142][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  178.587804][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  178.612844][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  178.661541][ T6405] team0: Port device team_slave_0 added
[  178.742837][ T6467] netlink: 12 bytes leftover after parsing attributes in process `syz.2.622'.
[  178.812869][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  178.834695][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  178.856144][ T6405] team0: Port device team_slave_1 added
[  178.885628][ T6248] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  178.911035][ T6248] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  179.000975][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  179.015002][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  179.296702][ T6405] batman_adv: batadv0: Adding interface: batadv_slave_0
[  179.318341][ T6405] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.405529][ T6405] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  179.465390][ T6405] batman_adv: batadv0: Adding interface: batadv_slave_1
[  179.488247][ T6405] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.577367][ T6405] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  179.645414][    T9] device hsr_slave_0 left promiscuous mode
[  179.670855][    T9] device hsr_slave_1 left promiscuous mode
[  179.693087][    T9] device bridge_slave_1 left promiscuous mode
[  179.699476][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.734150][    T9] device bridge_slave_0 left promiscuous mode
[  179.754042][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.842530][    T9] device veth1_macvtap left promiscuous mode
[  179.873495][    T9] device veth0_macvtap left promiscuous mode
[  179.888195][    T9] device veth1_vlan left promiscuous mode
[  179.894084][    T9] device veth0_vlan left promiscuous mode
[  180.008915][ T4278] Bluetooth: hci3: command 0x041b tx timeout
[  181.176960][ T6506] fuse: Bad value for 'fd'
[  181.361170][    T9] team0 (unregistering): Port device team_slave_1 removed
[  181.416977][    T9] team0 (unregistering): Port device team_slave_0 removed
[  181.471527][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  181.524940][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  181.892763][    T9] bond0 (unregistering): Released all slaves
[  182.142606][ T4278] Bluetooth: hci3: command 0x040f tx timeout
[  182.231857][ T6405] device hsr_slave_0 entered promiscuous mode
[  182.278166][ T6405] device hsr_slave_1 entered promiscuous mode
[  182.297842][ T6405] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  182.311599][ T6405] Cannot create hsr debugfs directory
[  182.317894][ T6518] netlink: 20 bytes leftover after parsing attributes in process `syz.3.634'.
[  182.327291][ T6519] netlink: 20 bytes leftover after parsing attributes in process `syz.3.634'.
[  182.514211][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  182.529146][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  182.558116][ T6248] 8021q: adding VLAN 0 to HW filter on device batadv0
[  182.730592][ T6529] netlink: 'syz.2.638': attribute type 3 has an invalid length.
[  182.747478][ T6529] netlink: 'syz.2.638': attribute type 3 has an invalid length.
[  182.792921][ T6529] netlink: 'syz.2.638': attribute type 3 has an invalid length.
[  182.809490][ T6529] netlink: 'syz.2.638': attribute type 3 has an invalid length.
[  182.836480][ T6529] netlink: 'syz.2.638': attribute type 3 has an invalid length.
[  182.850880][ T6529] netlink: 'syz.2.638': attribute type 3 has an invalid length.
[  182.873302][ T6529] netlink: 'syz.2.638': attribute type 3 has an invalid length.
[  182.887725][ T6529] netlink: 'syz.2.638': attribute type 3 has an invalid length.
[  182.902082][ T6529] netlink: 'syz.2.638': attribute type 3 has an invalid length.
[  182.918792][ T6529] netlink: 'syz.2.638': attribute type 3 has an invalid length.
[  183.271830][ T6543] overlayfs: failed to clone upperpath
[  183.336901][ T6405] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  183.364634][ T6405] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  183.418295][ T6405] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  183.480768][ T6405] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  183.808442][ T6405] 8021q: adding VLAN 0 to HW filter on device bond0
[  183.892331][ T6405] 8021q: adding VLAN 0 to HW filter on device team0
[  183.949055][   T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  183.959516][   T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  183.999501][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  184.028038][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  184.070067][ T4589] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.077263][ T4589] bridge0: port 1(bridge_slave_0) entered forwarding state
[  184.121349][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  184.141878][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  184.153686][ T4589] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.160918][ T4589] bridge0: port 2(bridge_slave_1) entered forwarding state
[  184.169114][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  184.200468][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  184.251070][ T4280] Bluetooth: hci3: command 0x0419 tx timeout
[  184.280478][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  184.298344][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  184.324902][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  184.344354][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  184.400946][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  184.424909][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  184.443308][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  184.460617][ T6248] device veth0_vlan entered promiscuous mode
[  184.498084][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  184.510744][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  184.529990][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  184.550842][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  184.568684][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  184.591819][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  184.608586][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  184.632421][ T6248] device veth1_vlan entered promiscuous mode
[  184.655905][ T6405] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  184.677229][ T6405] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  184.702216][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  184.718176][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  184.762624][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  184.845059][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  184.855263][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  184.864756][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  184.879380][ T6248] device veth0_macvtap entered promiscuous mode
[  184.927513][ T6248] device veth1_macvtap entered promiscuous mode
[  185.032591][ T6248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  185.091330][ T6248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.132833][ T6248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  185.157443][ T6248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.199485][ T6248] batman_adv: batadv0: Interface activated: batadv_slave_0
[  185.239898][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  185.256469][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  185.298360][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  185.307345][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  185.361140][ T6248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  185.415954][ T6248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.459324][ T6248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  185.480640][ T6248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.494651][ T6248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  185.507296][ T6248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.531767][ T6248] batman_adv: batadv0: Interface activated: batadv_slave_1
[  185.563335][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  185.588247][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  185.626585][ T6248] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  185.643384][ T6248] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  185.688083][ T6248] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  185.726375][ T6248] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  186.076027][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  186.110780][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  186.140372][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  186.156809][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  186.187739][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  186.218121][ T4628] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  186.221597][ T6405] 8021q: adding VLAN 0 to HW filter on device batadv0
[  186.256647][ T4628] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  186.298802][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  187.380024][ T6646] loop7: detected capacity change from 0 to 1024
[  187.454890][ T6646] EXT4-fs: inline encryption not supported
[  187.475056][ T6646] EXT4-fs: Ignoring removed bh option
[  187.512184][ T6646] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  187.563217][ T6646] EXT4-fs (loop7): bad geometry: bigalloc file system with non-zero first_data_block
[  187.563217][ T6646] 
[  187.907907][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  187.944357][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  188.001457][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  188.033734][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  188.044335][ T6665] loop7: detected capacity change from 0 to 4096
[  188.055424][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  188.073850][ T6665] EXT4-fs: inline encryption not supported
[  188.106921][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  188.114902][ T6665] EXT4-fs: Ignoring removed bh option
[  188.140783][ T6405] device veth0_vlan entered promiscuous mode
[  188.163116][ T6665] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  188.207373][ T6665] EXT4-fs (loop7): Test dummy encryption mode enabled
[  188.219704][ T6405] device veth1_vlan entered promiscuous mode
[  188.261734][ T6665] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  188.295688][ T6665] System zones: 0-5
[  188.316913][ T6665] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  188.328065][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  188.352303][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  188.382961][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  188.424504][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  188.456705][ T6405] device veth0_macvtap entered promiscuous mode
[  188.509676][ T6405] device veth1_macvtap entered promiscuous mode
[  188.532155][ T6248] EXT4-fs (loop7): unmounting filesystem.
[  188.623448][ T6405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.636100][ T6405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.648217][ T6405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.672970][ T6405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.717409][ T6405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.765022][ T6405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.829030][ T6405] batman_adv: batadv0: Interface activated: batadv_slave_0
[  188.852453][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  188.865489][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  188.879542][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  188.888563][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  188.901586][ T6405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.913907][ T6405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.924629][ T6405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.938976][ T6405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.958195][ T6405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.969281][ T6405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.984900][ T6405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  189.016469][ T6405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.047816][ T6405] batman_adv: batadv0: Interface activated: batadv_slave_1
[  189.080505][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  189.093154][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  189.119705][ T6405] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  189.135628][ T6405] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  189.169463][ T6405] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  189.206045][ T6405] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  189.499366][ T4342] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  189.523381][ T4342] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  189.590499][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  189.680162][ T4342] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  189.699236][ T4342] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  189.728771][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  189.821653][ T6713] device ipvlan2 entered promiscuous mode
[  189.894498][ T6713] team0: Device ipvlan2 failed to register rx_handler
[  190.095271][ T6720] netlink: 52 bytes leftover after parsing attributes in process `syz.2.687'.
[  190.142259][ T6720] netlink: 52 bytes leftover after parsing attributes in process `syz.2.687'.
[  190.757568][ T6706] loop3: detected capacity change from 0 to 40427
[  190.809080][ T6706] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  190.848824][ T6706] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  190.941363][ T6706] F2FS-fs (loop3): Found nat_bits in checkpoint
[  191.128072][ T6706] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  191.139926][ T6706] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  193.700063][ T6839] device veth0 entered promiscuous mode
[  193.711127][ T6836] loop3: detected capacity change from 0 to 128
[  193.748894][ T6836] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  193.772285][ T6839] device veth0 left promiscuous mode
[  193.835536][ T6836] hpfs: filesystem error: improperly stopped
[  193.848871][ T6836] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  193.893346][ T6836] hpfs: You really don't want any checks? You are crazy...
[  193.933957][ T6836] hpfs: Code page index out of array
[  193.959888][ T6836] hpfs: code page support is disabled
[  194.002314][ T6836] hpfs: hpfs_map_4sectors(): unaligned read
[  194.028436][ T6836] hpfs: hpfs_map_4sectors(): unaligned read
[  194.066081][ T6836] hpfs: filesystem error: unable to find root dir
[  194.505305][ T6857] netlink: 4 bytes leftover after parsing attributes in process `syz.8.727'.
[  194.982427][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  194.988884][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  195.112062][ T6880] netlink: 65047 bytes leftover after parsing attributes in process `syz.2.735'.
[  196.172666][ T6918] loop7: detected capacity change from 0 to 128
[  196.190202][ T6918] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  196.251312][ T6918] ext4 filesystem being mounted at /19/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  196.497685][ T6927] overlayfs: failed to clone upperpath
[  196.796800][ T6248] EXT4-fs (loop7): unmounting filesystem.
[  197.248704][ T6948] device vxcan3 entered promiscuous mode
[  197.553331][ T6957] loop8: detected capacity change from 0 to 2048
[  199.305892][ T6994] loop3: detected capacity change from 0 to 512
[  199.412294][ T6994] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  199.469058][ T6994] ext4 filesystem being mounted at /143/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  199.805266][   T27] audit: type=1800 audit(1778539311.226:169): pid=6994 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.772" name="file1" dev="loop3" ino=15 res=0 errno=0
[  200.318534][ T4271] EXT4-fs (loop3): unmounting filesystem.
[  200.666806][    T7] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  200.879666][    T7] usb 9-1: Using ep0 maxpacket: 32
[  200.886923][    T7] usb 9-1: config 0 has no interfaces?
[  200.902018][    T7] usb 9-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[  200.930368][    T7] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.961607][    T7] usb 9-1: Product: syz
[  200.991361][    T7] usb 9-1: Manufacturer: syz
[  201.006874][    T7] usb 9-1: SerialNumber: syz
[  201.047363][    T7] usb 9-1: config 0 descriptor??
[  201.262394][ T7038] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 0
[  201.378881][ T4354] usb 9-1: USB disconnect, device number 2
[  201.545012][ T7012] loop7: detected capacity change from 0 to 32768
[  201.631925][ T7012] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  201.664696][ T7012] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  201.832941][ T7012] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 3ms
[  201.884655][ T4545] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  201.893200][ T4545] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  201.990816][ T7045] loop3: detected capacity change from 0 to 32768
[  202.002470][ T7045] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.786 (7045)
[  202.021532][ T7045] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  202.032026][ T7045] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  202.040893][ T7045] BTRFS info (device loop3): setting nodatasum
[  202.047299][ T7045] BTRFS info (device loop3): force zlib compression, level 3
[  202.054727][ T7045] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8)
[  202.064277][ T7045] BTRFS info (device loop3): use lzo compression, level 0
[  202.071547][ T7045] BTRFS info (device loop3): turning on flush-on-commit
[  202.078651][ T7045] BTRFS info (device loop3): enabling auto defrag
[  202.085241][ T7045] BTRFS info (device loop3): max_inline at 4096
[  202.091661][ T7045] BTRFS info (device loop3): using free space tree
[  202.299146][ T4278] Bluetooth: hci1: command 0x0406 tx timeout
[  202.299176][ T4280] Bluetooth: hci0: command 0x0406 tx timeout
[  202.299211][ T4280] Bluetooth: hci2: command 0x0406 tx timeout
[  202.326766][ T4545] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 427ms
[  202.399714][ T4545] gfs2: fsid=syz:syz.0: jid=0: Done
[  202.453905][ T7012] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  202.493879][ T7045] BTRFS info (device loop3): enabling ssd optimizations
[  202.525944][ T7012] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block)
[  202.563294][ T7012] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[  202.563294][ T7012]   inode = 12 2341
[  202.563294][ T7012]   function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 602
[  202.629073][ T7012] gfs2: fsid=syz:syz.0: G:  s:SH n:2/925 f:qob t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1
[  202.669687][ T7012] gfs2: fsid=syz:syz.0:  H: s:SH f:H e:0 p:7012 [syz.7.778] __gfs2_lookup+0xa9/0x290
[  202.739234][ T7012] gfs2: fsid=syz:syz.0:  I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0
[  202.803823][ T7012] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  202.811560][ T7012] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  202.827829][ T7012] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  202.861516][ T7012] gfs2: fsid=syz:syz.0: File system withdrawn
[  202.880165][ T7012] CPU: 0 PID: 7012 Comm: syz.7.778 Not tainted syzkaller #0
[  202.887546][ T7012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  202.897732][ T7012] Call Trace:
[  202.901132][ T7012]  <TASK>
[  202.904188][ T7012]  dump_stack_lvl+0x188/0x24e
[  202.909016][ T7012]  ? kobject_uevent_env+0x35f/0x8a0
[  202.914257][ T7012]  ? show_regs_print_info+0x12/0x12
[  202.919506][ T7012]  ? load_image+0x400/0x400
[  202.924061][ T7012]  ? kobject_uevent_env+0x35f/0x8a0
[  202.929333][ T7012]  gfs2_withdraw+0xde6/0x15d0
[  202.934081][ T7012]  ? gfs2_lm+0x240/0x240
[  202.938350][ T7012]  ? load_image+0x400/0x400
[  202.942882][ T7012]  ? gfs2_consist_inode_i+0xf1/0x110
[  202.948188][ T7012]  gfs2_dirent_scan+0x525/0x650
[  202.953064][ T7012]  ? gfs2_dirent_search+0x7f0/0x7f0
[  202.958289][ T7012]  gfs2_dirent_search+0x2e9/0x7f0
[  202.963533][ T7012]  ? gfs2_dirent_search+0x7f0/0x7f0
[  202.968747][ T7012]  ? gfs2_permission+0x40e/0x4e0
[  202.973792][ T7012]  ? gfs2_dir_search+0x220/0x220
[  202.978928][ T7012]  ? gfs2_lookupi+0x680/0x680
[  202.983889][ T7012]  gfs2_dir_search+0x49/0x220
[  202.988623][ T7012]  gfs2_lookupi+0x487/0x680
[  202.993457][ T7012]  ? gfs2_lookup_simple+0x100/0x100
[  202.998702][ T7012]  ? __gfs2_lookup+0xa9/0x290
[  203.003431][ T7012]  ? d_alloc+0x1e7/0x250
[  203.007711][ T7012]  __gfs2_lookup+0xa9/0x290
[  203.012246][ T7012]  ? gfs2_atomic_open+0x210/0x210
[  203.017296][ T7012]  ? do_raw_spin_unlock+0x11d/0x230
[  203.022599][ T7012]  ? _raw_spin_unlock+0x24/0x40
[  203.027466][ T7012]  ? d_alloc+0x1e7/0x250
[  203.031730][ T7012]  lookup_one_qstr_excl+0x10e/0x240
[  203.036952][ T7012]  filename_create+0x23a/0x470
[  203.041743][ T7012]  ? kern_path_create+0x50/0x50
[  203.046784][ T7012]  ? __virt_addr_valid+0x188/0x540
[  203.051937][ T7012]  ? __virt_addr_valid+0x465/0x540
[  203.057120][ T7012]  do_mkdirat+0xa5/0x440
[  203.061397][ T7012]  ? vfs_mkdir+0x570/0x570
[  203.065941][ T7012]  __x64_sys_mkdirat+0x85/0x90
[  203.070818][ T7012]  do_syscall_64+0x4c/0xa0
[  203.075268][ T7012]  ? clear_bhb_loop+0x60/0xb0
[  203.079961][ T7012]  ? clear_bhb_loop+0x60/0xb0
[  203.084665][ T7012]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  203.090576][ T7012] RIP: 0033:0x7f6824d9bc47
[  203.095107][ T7012] Code: 00 66 90 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 db f7 ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  203.114727][ T7012] RSP: 002b:00007f6825bbfe58 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  203.123420][ T7012] RAX: ffffffffffffffda RBX: 00007f6825bbfee0 RCX: 00007f6824d9bc47
[  203.131411][ T7012] RDX: 00000000000001ff RSI: 0000200000000000 RDI: 00000000ffffff9c
[  203.139401][ T7012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  203.147419][ T7012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000000
[  203.155431][ T7012] R13: 00007f6825bbfea0 R14: 0000000000000000 R15: 0000000000000000
[  203.163457][ T7012]  </TASK>
[  203.717455][ T4271] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  205.337443][ T7116] fuse: Bad value for 'fd'
[  205.519077][ T7094] loop8: detected capacity change from 0 to 32768
[  205.616889][ T7094] JBD2: Ignoring recovery information on journal
[  205.898888][ T7094] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  206.188992][ T6405] ocfs2: Unmounting device (7,8) on (node local)
[  206.546718][ T7134] loop3: detected capacity change from 0 to 40427
[  206.588766][ T7134] F2FS-fs (loop3): invalid crc value
[  206.627341][ T7134] F2FS-fs (loop3): Found nat_bits in checkpoint
[  206.671307][ T7134] F2FS-fs (loop3): Start checkpoint disabled!
[  206.692862][ T7134] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  207.093754][ T7149] overlayfs: failed to clone upperpath
[  207.096421][ T7151] loop8: detected capacity change from 0 to 256
[  207.504851][ T7163] netlink: 8 bytes leftover after parsing attributes in process `syz.4.814'.
[  207.717965][   T39] kworker/u4:2: attempt to access beyond end of device
[  207.717965][   T39] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  208.976765][ T7196] capability: warning: `syz.3.825' uses 32-bit capabilities (legacy support in use)
[  209.623661][ T7210] netlink: 4 bytes leftover after parsing attributes in process `syz.8.829'.
[  209.653200][ T7210] netlink: 24 bytes leftover after parsing attributes in process `syz.8.829'.
[  209.707216][ T7212] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  209.741304][ T7212] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  209.789089][ T7212] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  209.837009][ T7212] device bridge_slave_0 left promiscuous mode
[  209.874916][ T7212] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.928670][ T7212] device bridge_slave_1 left promiscuous mode
[  209.934985][ T7212] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.967618][ T7221] loop8: detected capacity change from 0 to 128
[  209.989423][ T7212] bond0: (slave bond_slave_0): Releasing backup interface
[  210.038092][ T7221] EXT4-fs (loop8): Test dummy encryption mode enabled
[  210.074471][ T7212] bond0: (slave bond_slave_1): Releasing backup interface
[  210.134316][ T7221] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  210.178431][ T7221] ext4 filesystem being mounted at /33/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  210.190804][ T7212] team0: Port device team_slave_0 removed
[  210.222972][ T7212] team0: Port device team_slave_1 removed
[  210.248385][ T7212] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  210.260978][ T7212] batman_adv: batadv0: Removing interface: batadv_slave_0
[  210.285337][ T7212] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  210.301741][ T7212] batman_adv: batadv0: Removing interface: batadv_slave_1
[  211.159518][ T7221] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  211.274156][ T7230] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  211.426008][ T6405] EXT4-fs (loop8): unmounting filesystem.
[  211.698207][ T7266] 9pnet: p9_errstr2errno: server reported unknown error ��n$�[
[  211.698207][ T7266] Q&|x�X
[  212.271292][ T7278] I/O error, dev loop9, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  212.345421][ T7278] EXT4-fs (loop9): unable to read superblock
[  212.376830][ T7291] loop3: detected capacity change from 0 to 128
[  212.804113][ T7300] loop8: detected capacity change from 0 to 4096
[  212.852206][ T7300] EXT4-fs: Ignoring removed nomblk_io_submit option
[  212.865413][ T7305] netlink: 8 bytes leftover after parsing attributes in process `syz.4.858'.
[  212.887788][ T7305] netlink: 4 bytes leftover after parsing attributes in process `syz.4.858'.
[  212.919451][ T7300] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  212.939310][ T7305] netlink: 8 bytes leftover after parsing attributes in process `syz.4.858'.
[  212.950748][ T7305] netlink: 4 bytes leftover after parsing attributes in process `syz.4.858'.
[  212.985824][   T27] audit: type=1800 audit(1778539324.328:170): pid=7300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.856" name="file1" dev="loop8" ino=15 res=0 errno=0
[  213.562779][ T6405] EXT4-fs (loop8): unmounting filesystem.
[  214.105042][ T7334] netlink: 4 bytes leftover after parsing attributes in process `syz.8.869'.
[  214.142585][ T7334] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  214.151517][ T7334] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  214.160417][ T7334] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  214.169516][ T7334] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  214.439717][ T7334] netlink: 4 bytes leftover after parsing attributes in process `syz.8.869'.
[  214.585557][ T4292] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  214.597343][ T4292] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  214.607340][ T4292] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  214.616127][ T4292] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  214.624427][ T4292] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  214.646268][ T4292] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  215.670573][ T7342] chnl_net:caif_netlink_parms(): no params data found
[  215.848367][ T7375] netlink: 8 bytes leftover after parsing attributes in process `syz.4.878'.
[  215.908063][ T4342] IPVS: stopping backup sync thread 7038 ...
[  216.212824][ T7381] loop8: detected capacity change from 0 to 2048
[  216.260527][ T7342] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.275678][ T7342] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.294194][ T7381] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  216.311546][ T7342] device bridge_slave_0 entered promiscuous mode
[  216.375097][ T7389] netlink: 8 bytes leftover after parsing attributes in process `syz.2.880'.
[  216.474305][ T7389] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  216.514256][ T7389] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  216.537925][ T7389] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  216.713190][ T7342] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.730820][ T7342] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.743782][ T4280] Bluetooth: hci0: command 0x0409 tx timeout
[  216.768158][ T7342] device bridge_slave_1 entered promiscuous mode
[  216.925525][ T7342] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  217.016466][ T7342] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  217.159677][ T4342] device hsr_slave_0 left promiscuous mode
[  217.225897][ T4342] device hsr_slave_1 left promiscuous mode
[  217.237247][ T4342] batman_adv: batadv0: Removing interface: batadv_slave_0
[  217.259284][ T4342] batman_adv: batadv0: Removing interface: batadv_slave_1
[  217.290248][ T4342] device bridge_slave_1 left promiscuous mode
[  217.310653][ T4342] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.338282][ T4342] device bridge_slave_0 left promiscuous mode
[  217.347306][ T4342] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.372498][ T7397] loop8: detected capacity change from 0 to 32768
[  217.406161][ T7397] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 scanned by syz.8.884 (7397)
[  217.466147][ T7397] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  217.506190][ T7397] BTRFS info (device loop8): using crc32c (crc32c-intel) checksum algorithm
[  217.533168][ T7397] BTRFS info (device loop8): force clearing of disk cache
[  217.574559][ T7397] BTRFS info (device loop8): setting nodatacow, compression disabled
[  217.592710][ T7397] BTRFS info (device loop8): disabling free space tree
[  217.629594][ T7397] BTRFS warning (device loop8): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  217.669444][ T7397] BTRFS info (device loop8): trying to use backup root at mount time
[  217.867725][   T39] BTRFS warning (device loop8): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xb6fb6650 level 0
[  217.882296][ T7397] BTRFS warning (device loop8): couldn't read tree root
[  217.889306][ T7397] BTRFS warning (device loop8): try to load backup roots slot 1
[  217.950438][   T39] BTRFS warning (device loop8): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x7a216cc0 level 0
[  217.988264][ T7397] BTRFS warning (device loop8): couldn't read tree root
[  218.008685][ T7397] BTRFS warning (device loop8): try to load backup roots slot 2
[  218.059979][ T7397] BTRFS error (device loop8): parent transid verify failed on logical 5255168 mirror 1 wanted 5 found 7
[  218.122402][ T7397] BTRFS warning (device loop8): couldn't read tree root
[  218.129440][ T7397] BTRFS warning (device loop8): try to load backup roots slot 3
[  218.209146][ T7397] BTRFS info (device loop8): enabling ssd optimizations
[  218.226036][ T7397] BTRFS info (device loop8): rebuilding free space tree
[  218.288056][ T7397] BTRFS info (device loop8): disabling free space tree
[  218.310075][ T7397] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  218.371106][ T7397] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  218.472409][   T27] audit: type=1800 audit(1778539329.776:171): pid=7397 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.884" name="bus" dev="loop8" ino=257 res=0 errno=0
[  218.529453][   T27] audit: type=1800 audit(1778539329.806:172): pid=7397 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.884" name="file1" dev="loop8" ino=258 res=0 errno=0
[  218.768881][ T6405] BTRFS info (device loop8): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  218.840893][ T4280] Bluetooth: hci0: command 0x041b tx timeout
[  220.025486][ T4342] team0 (unregistering): Port device team_slave_1 removed
[  220.117536][ T4342] team0 (unregistering): Port device team_slave_0 removed
[  220.248321][ T4342] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  220.308124][ T4342] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  220.704745][ T4342] bond0 (unregistering): Released all slaves
[  220.805943][ T7342] team0: Port device team_slave_0 added
[  220.876355][ T7342] team0: Port device team_slave_1 added
[  220.934572][ T4280] Bluetooth: hci0: command 0x040f tx timeout
[  221.034505][ T7342] batman_adv: batadv0: Adding interface: batadv_slave_0
[  221.050355][ T7342] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.076697][ T7342] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  221.182975][ T7342] batman_adv: batadv0: Adding interface: batadv_slave_1
[  221.193824][ T7342] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.288142][ T7342] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  221.370134][ T7482] fuse: Bad value for 'fd'
[  221.509303][ T7342] device hsr_slave_0 entered promiscuous mode
[  221.537408][ T7342] device hsr_slave_1 entered promiscuous mode
[  221.560056][ T7342] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  221.583378][ T7491] overlayfs: failed to clone upperpath
[  221.593895][ T7342] Cannot create hsr debugfs directory
[  222.085980][ T7342] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  222.110602][ T7500] netlink: 24 bytes leftover after parsing attributes in process `syz.4.907'.
[  222.161444][ T7342] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  222.191239][ T7342] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  222.211286][ T7342] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  222.541279][ T7342] 8021q: adding VLAN 0 to HW filter on device bond0
[  222.621458][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  222.630259][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  222.673510][ T7342] 8021q: adding VLAN 0 to HW filter on device team0
[  222.713030][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  222.743099][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  222.783840][ T4342] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.791055][ T4342] bridge0: port 1(bridge_slave_0) entered forwarding state
[  222.861431][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  222.862609][    C0] Unknown status report in ack skb
[  222.904351][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  222.959383][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  222.985559][ T4342] bridge0: port 2(bridge_slave_1) entered blocking state
[  222.992907][ T4342] bridge0: port 2(bridge_slave_1) entered forwarding state
[  223.012563][ T4280] Bluetooth: hci0: command 0x0419 tx timeout
[  223.056946][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  223.104146][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  223.195567][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  223.230227][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  223.264177][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  223.302260][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  223.378152][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  223.391749][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  223.417690][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  223.448502][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  223.515674][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  223.534731][ T7342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  224.668530][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  224.779129][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  224.854200][ T7342] 8021q: adding VLAN 0 to HW filter on device batadv0
[  224.925730][ T7570] loop8: detected capacity change from 0 to 256
[  225.131223][ T7570] exFAT-fs (loop8): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3967cd3a, utbl_chksum : 0xe619d30d)
[  225.155689][ T7576] netlink: 12 bytes leftover after parsing attributes in process `syz.4.932'.
[  225.230642][    T7] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  225.431081][    T7] usb 8-1: Using ep0 maxpacket: 32
[  225.449877][    T7] usb 8-1: New USB device found, idVendor=06a2, idProduct=0003, bcdDevice=b4.8c
[  225.480436][ T7576] device bond2 entered promiscuous mode
[  225.530485][    T7] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.553480][ T7576] 8021q: adding VLAN 0 to HW filter on device bond2
[  225.601094][    T7] usb 8-1: Product: syz
[  225.643296][    T7] usb 8-1: Manufacturer: syz
[  225.647973][    T7] usb 8-1: SerialNumber: syz
[  225.753436][    T7] usb 8-1: config 0 descriptor??
[  225.810618][    T7] gspca_main: gspca_topro-2.14.0 probing 06a2:0003
[  226.246528][ T7591] loop8: detected capacity change from 0 to 128
[  226.394263][   T27] audit: type=1800 audit(1778539337.645:173): pid=7591 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.934" name="bus" dev="loop8" ino=1048613 res=0 errno=0
[  226.819076][ T4280] Bluetooth: hci2: unexpected event 0x03 length: 1 < 11
[  227.321511][    T7] gspca_topro: reg_r err -71
[  227.348914][    T7] gspca_topro: Sensor soi763a
[  227.608611][    T7] usb 8-1: USB disconnect, device number 2
[  227.951544][ T7105] kernel write not supported for file 143/task/144/loginuid (pid: 7105 comm: kworker/0:13)
[  227.962837][ T7619] netlink: 4 bytes leftover after parsing attributes in process `syz.4.940'.
[  228.045897][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  228.099916][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  228.213562][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  228.233416][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  228.278874][ T7342] device veth0_vlan entered promiscuous mode
[  228.293204][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  228.321514][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  228.361559][ T7342] device veth1_vlan entered promiscuous mode
[  228.464117][ T2893] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  228.489181][ T2893] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  228.540626][ T2893] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  228.590343][ T2893] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  228.606950][ T7342] device veth0_macvtap entered promiscuous mode
[  228.638514][ T7342] device veth1_macvtap entered promiscuous mode
[  228.686968][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.708418][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.735347][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.755021][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.770740][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.803029][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.849342][ T7342] batman_adv: batadv0: Interface activated: batadv_slave_0
[  228.889104][ T7609] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  228.908297][ T7609] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  228.930022][ T7609] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  228.968390][ T7609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  228.997073][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.071362][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.107896][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.153303][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.191975][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.246465][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.266354][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.288117][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.309823][ T7342] batman_adv: batadv0: Interface activated: batadv_slave_1
[  229.365288][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  229.375248][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  229.427350][ T7342] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  229.463861][ T7342] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  229.472663][ T7342] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  229.570133][ T7342] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  229.862851][ T7609] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  229.918800][ T7609] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  229.996354][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  230.057938][ T2893] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  230.084675][ T2893] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  230.092366][ T2893] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  230.337460][ T7689] loop7: detected capacity change from 0 to 16
[  230.377424][ T7689] erofs: (device loop7): mounted with root inode @ nid 36.
[  230.490834][ T7689] erofs: (device loop7): z_erofs_read_folio: failed to read, err [-117]
[  231.353028][ T7720] netlink: 8 bytes leftover after parsing attributes in process `syz.7.972'.
[  231.558517][ T7105] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  231.749296][ T7105] usb 10-1: Using ep0 maxpacket: 32
[  231.756660][ T7105] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  231.795898][ T7105] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  231.856998][ T7105] usb 10-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  231.925357][ T7105] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.978720][ T7105] usb 10-1: config 0 descriptor??
[  232.036207][ T7105] hub 10-1:0.0: USB hub found
[  232.237008][ T7105] hub 10-1:0.0: 1 port detected
[  232.658131][ T7753] netlink: 20 bytes leftover after parsing attributes in process `syz.4.980'.
[  232.698983][ T7755] loop7: detected capacity change from 0 to 8
[  232.742995][ T7753] netlink: 20 bytes leftover after parsing attributes in process `syz.4.980'.
[  232.868528][ T4364] hub 10-1:0.0: activate --> -90
[  232.983840][ T7760] validate_nla: 40 callbacks suppressed
[  232.983897][ T7760] netlink: 'syz.4.983': attribute type 18 has an invalid length.
[  233.060741][ T7760] netlink: 4 bytes leftover after parsing attributes in process `syz.4.983'.
[  233.102489][ T7760] netlink: 'syz.4.983': attribute type 18 has an invalid length.
[  233.131535][ T7760] netlink: 4 bytes leftover after parsing attributes in process `syz.4.983'.
[  233.208173][ T7764] device ipip0 entered promiscuous mode
[  233.280304][ T4364] usb 10-1: Failed to suspend device, error -71
[  233.280610][ T4323] usb 10-1: USB disconnect, device number 2
[  235.018108][ T7804] loop9: detected capacity change from 0 to 128
[  235.087941][ T7804] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  235.106221][ T7804] System zones: 1-3, 19-19, 35-36
[  235.139591][ T7804] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  235.157367][ T7804] ext4 filesystem being mounted at /7/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  235.340112][ T7342] EXT4-fs (loop9): unmounting filesystem.
[  235.919142][ T7822] netlink: 'syz.4.1001': attribute type 1 has an invalid length.
[  236.076102][ T7824] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  236.085455][ T7824] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  236.095839][ T7824] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  236.105193][ T7824] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  236.116381][ T7824] bond3: (slave geneve2): making interface the new active one
[  236.126775][ T7824] bond3: (slave geneve2): Enslaving as an active interface with an up link
[  236.679905][ T7846] Bluetooth: MGMT ver 1.22
[  236.685035][ T7846] Bluetooth: hci0: unsupported parameter 255
[  236.719316][ T7846] Bluetooth: hci0: unsupported parameter 84
[  236.732727][ T7848] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1011'.
[  236.738083][ T7846] Bluetooth: hci0: unsupported parameter 255
[  236.765222][ T7848] device veth1_macvtap left promiscuous mode
[  236.783683][ T7846] Bluetooth: hci0: unsupported parameter 84
[  237.130332][ T4292] Bluetooth: hci1: command 0x0406 tx timeout
[  237.158878][ T7863] loop7: detected capacity change from 0 to 256
[  237.196744][ T7863] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x204dac4c, utbl_chksum : 0xe619d30d)
[  237.407965][ T7870] loop8: detected capacity change from 0 to 16
[  237.445607][ T7870] erofs: Unknown parameter '5��ser_xattr'
[  237.543237][ T7876] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  237.616344][ T7879] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1021'.
[  238.447547][    C0] ------------[ cut here ]------------
[  238.453141][    C0] WARNING: CPU: 0 PID: 7926 at net/mac80211/tx.c:4944 __ieee80211_beacon_get+0x1233/0x1600
[  238.463242][    C0] Modules linked in:
[  238.467183][    C0] CPU: 0 PID: 7926 Comm: modprobe Not tainted syzkaller #0
[  238.474468][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  238.484603][    C0] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600
[  238.490983][    C0] Code: 24 4c 89 e7 e8 fe 0f 0a f8 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 f9 6f d1 f7 0f 0b e9 f6 f7 ff ff e8 ed 6f d1 f7 <0f> 0b e9 48 fb ff ff e8 e1 6f d1 f7 48 c7 c7 10 f1 fa 8d 4c 89 e6
[  238.510694][    C0] RSP: 0000:ffffc90000007a30 EFLAGS: 00010246
[  238.516861][    C0] RAX: ffffffff89b10563 RBX: ffffffff89b0f366 RCX: ffff888049ea1dc0
[  238.524917][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  238.533054][    C0] RBP: 0000000000000000 R08: ffff888049ea1dc0 R09: 0000000000000003
[  238.541260][    C0] R10: 0000000000000007 R11: 0000000000000100 R12: ffff888057b9e228
[  238.549318][    C0] R13: dffffc0000000000 R14: ffff888057b9e760 R15: ffff888056dda024
[  238.557653][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  238.566695][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  238.573357][    C0] CR2: 00007fbc4aca7be8 CR3: 0000000065036000 CR4: 00000000003506f0
[  238.581476][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  238.589560][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  238.597614][    C0] Call Trace:
[  238.600930][    C0]  <IRQ>
[  238.603874][    C0]  ? __ieee80211_beacon_get+0x36/0x1600
[  238.609483][    C0]  ieee80211_beacon_get_tim+0x63/0x4e0
[  238.615040][    C0]  mac80211_hwsim_beacon_tx+0x21c/0xae0
[  238.620641][    C0]  ? read_lock_is_recursive+0x10/0x10
[  238.626114][    C0]  __iterate_interfaces+0x243/0x500
[  238.631376][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  238.637714][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x26/0x170
[  238.645007][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  238.651470][    C0]  ieee80211_iterate_active_interfaces_atomic+0xd7/0x170
[  238.658615][    C0]  mac80211_hwsim_beacon+0xb7/0x1b0
[  238.663906][    C0]  __hrtimer_run_queues+0x54a/0xd50
[  238.669165][    C0]  ? hw_scan_work+0xf50/0xf50
[  238.673940][    C0]  ? hrtimer_interrupt+0x9c0/0x9c0
[  238.679098][    C0]  ? ktime_get_update_offsets_now+0x3ce/0x3e0
[  238.685364][    C0]  hrtimer_run_softirq+0x183/0x2a0
[  238.690616][    C0]  handle_softirqs+0x2a1/0x930
[  238.695480][    C0]  ? __irq_exit_rcu+0x13b/0x230
[  238.700514][    C0]  ? do_softirq+0x210/0x210
[  238.705133][    C0]  __irq_exit_rcu+0x13b/0x230
[  238.709853][    C0]  ? irq_exit_rcu+0x20/0x20
[  238.714550][    C0]  irq_exit_rcu+0x5/0x20
[  238.718889][    C0]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  238.724613][    C0]  </IRQ>
[  238.727584][    C0]  <TASK>
[  238.730552][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  238.736625][    C0] RIP: 0010:preempt_count_sub+0x61/0x160
[  238.742321][    C0] Code: ff ff ff 7f 39 cf 7f 25 81 ff ff 00 00 00 0f 93 c1 84 c0 0f 95 c0 08 c8 74 53 65 8b 05 00 83 a9 7e f7 df 65 01 3d f7 82 a9 7e <5b> 5d c3 e8 37 33 b5 02 85 c0 74 f4 48 c7 c0 a8 28 20 8e 48 c1 e8
[  238.762034][    C0] RSP: 0000:ffffc90004f0f468 EFLAGS: 00000297
[  238.768197][    C0] RAX: 0000000080000001 RBX: dffffc0000000000 RCX: 0000000000000000
[  238.776307][    C0] RDX: 0000000000000000 RSI: ffffffff8adf1300 RDI: 00000000ffffffff
[  238.784364][    C0] RBP: 0000000000000000 R08: 000000000000001e R09: 0000000000000009
[  238.792390][    C0] R10: dffffc0000000000 R11: fffff520009e1ead R12: ffff888049ea1dc0
[  238.800477][    C0] R13: 1ffff110093d4466 R14: 0000000000000001 R15: 1ffff920009e1eaa
[  238.808567][    C0]  is_module_text_address+0xe0/0x140
[  238.813952][    C0]  kernel_text_address+0x8b/0xd0
[  238.818939][    C0]  __kernel_text_address+0x9/0x30
[  238.824049][    C0]  unwind_get_return_address+0x49/0x80
[  238.829571][    C0]  ? stack_trace_save+0xf0/0xf0
[  238.834536][    C0]  arch_stack_walk+0xf2/0x140
[  238.839300][    C0]  stack_trace_save+0xa6/0xf0
[  238.844076][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  238.849251][    C0]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  238.855342][    C0]  save_stack+0x121/0x230
[  238.859736][    C0]  ? __reset_page_owner+0x1a0/0x1a0
[  238.865033][    C0]  ? post_alloc_hook+0x173/0x1a0
[  238.870019][    C0]  ? get_page_from_freelist+0x1a1e/0x1ab0
[  238.875842][    C0]  ? __alloc_pages+0x1ec/0x4f0
[  238.880673][    C0]  ? __folio_alloc+0xe/0x30
[  238.885278][    C0]  ? vma_alloc_folio+0x4a3/0x900
[  238.890272][    C0]  ? wp_page_copy+0x2bd/0x1680
[  238.895125][    C0]  ? handle_mm_fault+0x1d19/0x3ee0
[  238.900290][    C0]  ? do_user_addr_fault+0x51f/0xb10
[  238.905851][    C0]  ? exc_page_fault+0x60/0x100
[  238.910661][    C0]  ? asm_exc_page_fault+0x22/0x30
[  238.915789][    C0]  ? __lock_acquire+0x7d10/0x7d10
[  238.920875][    C0]  __set_page_owner+0x19/0x60
[  238.925648][    C0]  post_alloc_hook+0x173/0x1a0
[  238.930516][    C0]  get_page_from_freelist+0x1a1e/0x1ab0
[  238.936174][    C0]  ? __next_zones_zonelist+0x99/0x120
[  238.941623][    C0]  __alloc_pages+0x1ec/0x4f0
[  238.946459][    C0]  ? zone_statistics+0x170/0x170
[  238.951474][    C0]  ? verify_lock_unused+0x140/0x140
[  238.957076][    C0]  __folio_alloc+0xe/0x30
[  238.961495][    C0]  vma_alloc_folio+0x4a3/0x900
[  238.966553][    C0]  wp_page_copy+0x2bd/0x1680
[  238.971283][    C0]  ? do_wp_page+0xaf4/0x1680
[  238.976075][    C0]  ? fault_dirty_shared_page+0x3c0/0x3c0
[  238.981794][    C0]  handle_mm_fault+0x1d19/0x3ee0
[  238.986838][    C0]  ? mt_find+0x157/0x830
[  238.991164][    C0]  ? numa_migrate_prep+0x250/0x250
[  238.996371][    C0]  ? lock_chain_count+0x20/0x20
[  239.001283][    C0]  ? lock_mm_and_find_vma+0xae/0x2f0
[  239.006667][    C0]  do_user_addr_fault+0x51f/0xb10
[  239.011766][    C0]  exc_page_fault+0x60/0x100
[  239.016473][    C0]  asm_exc_page_fault+0x22/0x30
[  239.021387][    C0] RIP: 0033:0x7fbc4af54418
[  239.025893][    C0] Code: fe ff ff 0f 1f 80 00 00 00 00 48 85 f6 0f 84 af 00 00 00 41 f6 85 56 03 00 00 20 0f 85 a1 00 00 00 49 8b 45 60 48 85 c0 74 04 <48> 01 70 08 49 8b 45 58 48 85 c0 74 04 48 01 70 08 49 8b 45 68 48
[  239.045947][    C0] RSP: 002b:00007ffeddb380f0 EFLAGS: 00010202
[  239.052086][    C0] RAX: 00007fbc4aca7be0 RBX: 0000000000000030 RCX: 00007fbc4af4bb60
[  239.060148][    C0] RDX: 00007fbc4aca7d30 RSI: 00007fbc4ac98000 RDI: 000000006fffffff
[  239.068208][    C0] RBP: 00007ffeddb38240 R08: 0000000000000006 R09: 00000000effffef5
[  239.076534][    C0] R10: 0000000070000029 R11: 00007ffeddb38328 R12: 00007ffeddb37fa0
[  239.084877][    C0] R13: 00007fbc4af4bb20 R14: 00007ffeddb382e0 R15: 00007fbc4aca8010
[  239.092930][    C0]  </TASK>
[  239.096034][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  239.103449][    C0] CPU: 0 PID: 7926 Comm: modprobe Not tainted syzkaller #0
[  239.110688][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  239.121301][    C0] Call Trace:
[  239.124592][    C0]  <IRQ>
[  239.127445][    C0]  dump_stack_lvl+0x188/0x24e
[  239.132145][    C0]  ? memcpy+0x3c/0x60
[  239.136140][    C0]  ? show_regs_print_info+0x12/0x12
[  239.141349][    C0]  ? load_image+0x400/0x400
[  239.145872][    C0]  panic+0x2e5/0x730
[  239.149786][    C0]  ? bpf_jit_dump+0xd0/0xd0
[  239.154308][    C0]  __warn+0x2f8/0x4f0
[  239.158385][    C0]  ? __ieee80211_beacon_get+0x1233/0x1600
[  239.164210][    C0]  ? __ieee80211_beacon_get+0x1233/0x1600
[  239.169962][    C0]  report_bug+0x2ba/0x4f0
[  239.174312][    C0]  ? __ieee80211_beacon_get+0x1233/0x1600
[  239.180049][    C0]  handle_bug+0x3a/0x70
[  239.184218][    C0]  exc_invalid_op+0x16/0x40
[  239.188733][    C0]  asm_exc_invalid_op+0x16/0x20
[  239.193600][    C0] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600
[  239.199937][    C0] Code: 24 4c 89 e7 e8 fe 0f 0a f8 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 f9 6f d1 f7 0f 0b e9 f6 f7 ff ff e8 ed 6f d1 f7 <0f> 0b e9 48 fb ff ff e8 e1 6f d1 f7 48 c7 c7 10 f1 fa 8d 4c 89 e6
[  239.219551][    C0] RSP: 0000:ffffc90000007a30 EFLAGS: 00010246
[  239.225630][    C0] RAX: ffffffff89b10563 RBX: ffffffff89b0f366 RCX: ffff888049ea1dc0
[  239.233609][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  239.241591][    C0] RBP: 0000000000000000 R08: ffff888049ea1dc0 R09: 0000000000000003
[  239.249567][    C0] R10: 0000000000000007 R11: 0000000000000100 R12: ffff888057b9e228
[  239.257545][    C0] R13: dffffc0000000000 R14: ffff888057b9e760 R15: ffff888056dda024
[  239.265544][    C0]  ? __ieee80211_beacon_get+0x36/0x1600
[  239.271121][    C0]  ? __ieee80211_beacon_get+0x1233/0x1600
[  239.276871][    C0]  ? __ieee80211_beacon_get+0x36/0x1600
[  239.282451][    C0]  ieee80211_beacon_get_tim+0x63/0x4e0
[  239.287931][    C0]  mac80211_hwsim_beacon_tx+0x21c/0xae0
[  239.293573][    C0]  ? read_lock_is_recursive+0x10/0x10
[  239.298960][    C0]  __iterate_interfaces+0x243/0x500
[  239.304170][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  239.310420][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x26/0x170
[  239.317633][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  239.323898][    C0]  ieee80211_iterate_active_interfaces_atomic+0xd7/0x170
[  239.330956][    C0]  mac80211_hwsim_beacon+0xb7/0x1b0
[  239.336185][    C0]  __hrtimer_run_queues+0x54a/0xd50
[  239.341404][    C0]  ? hw_scan_work+0xf50/0xf50
[  239.346100][    C0]  ? hrtimer_interrupt+0x9c0/0x9c0
[  239.351324][    C0]  ? ktime_get_update_offsets_now+0x3ce/0x3e0
[  239.357526][    C0]  hrtimer_run_softirq+0x183/0x2a0
[  239.362663][    C0]  handle_softirqs+0x2a1/0x930
[  239.367447][    C0]  ? __irq_exit_rcu+0x13b/0x230
[  239.372311][    C0]  ? do_softirq+0x210/0x210
[  239.376830][    C0]  __irq_exit_rcu+0x13b/0x230
[  239.381546][    C0]  ? irq_exit_rcu+0x20/0x20
[  239.386063][    C0]  irq_exit_rcu+0x5/0x20
[  239.390331][    C0]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  239.395977][    C0]  </IRQ>
[  239.398914][    C0]  <TASK>
[  239.401851][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  239.407850][    C0] RIP: 0010:preempt_count_sub+0x61/0x160
[  239.413520][    C0] Code: ff ff ff 7f 39 cf 7f 25 81 ff ff 00 00 00 0f 93 c1 84 c0 0f 95 c0 08 c8 74 53 65 8b 05 00 83 a9 7e f7 df 65 01 3d f7 82 a9 7e <5b> 5d c3 e8 37 33 b5 02 85 c0 74 f4 48 c7 c0 a8 28 20 8e 48 c1 e8
[  239.433136][    C0] RSP: 0000:ffffc90004f0f468 EFLAGS: 00000297
[  239.439212][    C0] RAX: 0000000080000001 RBX: dffffc0000000000 RCX: 0000000000000000
[  239.447196][    C0] RDX: 0000000000000000 RSI: ffffffff8adf1300 RDI: 00000000ffffffff
[  239.455281][    C0] RBP: 0000000000000000 R08: 000000000000001e R09: 0000000000000009
[  239.463367][    C0] R10: dffffc0000000000 R11: fffff520009e1ead R12: ffff888049ea1dc0
[  239.471382][    C0] R13: 1ffff110093d4466 R14: 0000000000000001 R15: 1ffff920009e1eaa
[  239.479396][    C0]  is_module_text_address+0xe0/0x140
[  239.484701][    C0]  kernel_text_address+0x8b/0xd0
[  239.489699][    C0]  __kernel_text_address+0x9/0x30
[  239.494742][    C0]  unwind_get_return_address+0x49/0x80
[  239.500238][    C0]  ? stack_trace_save+0xf0/0xf0
[  239.505126][    C0]  arch_stack_walk+0xf2/0x140
[  239.509846][    C0]  stack_trace_save+0xa6/0xf0
[  239.514549][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  239.519682][    C0]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  239.525687][    C0]  save_stack+0x121/0x230
[  239.530026][    C0]  ? __reset_page_owner+0x1a0/0x1a0
[  239.535230][    C0]  ? post_alloc_hook+0x173/0x1a0
[  239.540178][    C0]  ? get_page_from_freelist+0x1a1e/0x1ab0
[  239.545929][    C0]  ? __alloc_pages+0x1ec/0x4f0
[  239.550736][    C0]  ? __folio_alloc+0xe/0x30
[  239.555358][    C0]  ? vma_alloc_folio+0x4a3/0x900
[  239.560367][    C0]  ? wp_page_copy+0x2bd/0x1680
[  239.565154][    C0]  ? handle_mm_fault+0x1d19/0x3ee0
[  239.570361][    C0]  ? do_user_addr_fault+0x51f/0xb10
[  239.575568][    C0]  ? exc_page_fault+0x60/0x100
[  239.580348][    C0]  ? asm_exc_page_fault+0x22/0x30
[  239.585388][    C0]  ? __lock_acquire+0x7d10/0x7d10
[  239.590437][    C0]  __set_page_owner+0x19/0x60
[  239.595126][    C0]  post_alloc_hook+0x173/0x1a0
[  239.599906][    C0]  get_page_from_freelist+0x1a1e/0x1ab0
[  239.605591][    C0]  ? __next_zones_zonelist+0x99/0x120
[  239.611015][    C0]  __alloc_pages+0x1ec/0x4f0
[  239.615641][    C0]  ? zone_statistics+0x170/0x170
[  239.620617][    C0]  ? verify_lock_unused+0x140/0x140
[  239.625936][    C0]  __folio_alloc+0xe/0x30
[  239.630285][    C0]  vma_alloc_folio+0x4a3/0x900
[  239.635068][    C0]  wp_page_copy+0x2bd/0x1680
[  239.639836][    C0]  ? do_wp_page+0xaf4/0x1680
[  239.644530][    C0]  ? fault_dirty_shared_page+0x3c0/0x3c0
[  239.650182][    C0]  handle_mm_fault+0x1d19/0x3ee0
[  239.655125][    C0]  ? mt_find+0x157/0x830
[  239.659392][    C0]  ? numa_migrate_prep+0x250/0x250
[  239.664696][    C0]  ? lock_chain_count+0x20/0x20
[  239.669648][    C0]  ? lock_mm_and_find_vma+0xae/0x2f0
[  239.674947][    C0]  do_user_addr_fault+0x51f/0xb10
[  239.680081][    C0]  exc_page_fault+0x60/0x100
[  239.684689][    C0]  asm_exc_page_fault+0x22/0x30
[  239.689550][    C0] RIP: 0033:0x7fbc4af54418
[  239.693974][    C0] Code: fe ff ff 0f 1f 80 00 00 00 00 48 85 f6 0f 84 af 00 00 00 41 f6 85 56 03 00 00 20 0f 85 a1 00 00 00 49 8b 45 60 48 85 c0 74 04 <48> 01 70 08 49 8b 45 58 48 85 c0 74 04 48 01 70 08 49 8b 45 68 48
[  239.713848][    C0] RSP: 002b:00007ffeddb380f0 EFLAGS: 00010202
[  239.719951][    C0] RAX: 00007fbc4aca7be0 RBX: 0000000000000030 RCX: 00007fbc4af4bb60
[  239.727961][    C0] RDX: 00007fbc4aca7d30 RSI: 00007fbc4ac98000 RDI: 000000006fffffff
[  239.735952][    C0] RBP: 00007ffeddb38240 R08: 0000000000000006 R09: 00000000effffef5
[  239.743935][    C0] R10: 0000000070000029 R11: 00007ffeddb38328 R12: 00007ffeddb37fa0
[  239.751914][    C0] R13: 00007fbc4af4bb20 R14: 00007ffeddb382e0 R15: 00007fbc4aca8010
[  239.759911][    C0]  </TASK>
[  239.763066][    C0] Kernel Offset: disabled
[  239.767428][    C0] Rebooting in 86400 seconds..