last executing test programs:

3m36.502601346s ago: executing program 0 (id=1):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x248, &(0x7f00000002c0), 0xfd, 0x4a0, &(0x7f0000000e00)="$eJzs3MtrXNUfAPDvnZkkfSe//uqjtdpoFYuPpEmrFhR8gOBCQdBFXUlM0lKbNtJEsCXYKKVuBC24F8GN4F/gypWoK8Gt7qVQpJtWVyM3c+90kszk0Ztkms7nAzdzzsy5c873Ps89d24C6Fj96Z8kYkdE/BERvRFRaiywtTal5W5enxn95/rMaBLV6lt/J+lsceP6zGheNMlet9cylfSLSpeSeKlJvVPnL5wemZgYP5flB6fPfDA4df7C06fOjJwcPzl+dvjYsaNHhp57dviZNYkzbdONfR9P7t/72jtX3hg9fuW9X75PGhrdGEdBz/fWkzP1ZbLQY2tU2Z1iZ0M6qbSxIaxKT0Skq6trbv/vjfKlXfXPeuPVT9vaOGBdVavV6nDrj2erwF0siXa3AGiP/ESfXv/m0wZ1Pe4I116uXQClcd/Mptonldo4SE/t2mjnOtXfHxHHZ//9Op1i1eMQXevUKgDgbvZj2v95qkn/rxJxb0O5Xdm9ob6I+F9E7I6I/0fEnoi4J2pl74uI+5tX0/9ui/r7F+QX939KVwuEt6y0//dCdm9rfv+vfhesr5zlds7F35WcODUxfjhbJoeiqyfNDzX99iRiNn39/YtW9Tf2/9IprT/vC2btuFrpmT/P2Mj0SOHAM9c+idhXaRZ/EpVbUcTeiNh3m3WceuK7/fPfKddTy8e/hDW4z1T9JuLx2vqfjQXx55Kl708ObomJ8cOD+Vax2K+/XX6zVf21+EuxdPxbiwfaQrr+tzXb/l+sx9+XNN6vnVr0Fd3L1XH5z89aXtPcWv8RW+beWdn23528Pa/yj0amp88NRXQnry9+v2GAO8/n5dP4Dx1svv/vzuZJ438gItKN+MGIeCgiDmRtfzgiHomIg0vE//Mrj77fMv4DBbb/NZDGP9b0+Ndq/a8+UT790w+t6l/Z8e9onplr1EqOfyttYJFlBwAAAJtFKSJ2RFIaqKdLpYGB2u/l98S20sTk1PSTJyY/PDtWe0agL7pK+UhXb8N46FA2Npznh7P8xSx/JBs3/qq8dS4/MDo5Mdbu4KHDbW+x/6f+KjeZYf2GooF28LwWdK7V7//L3vMFNonbP//rOcBmt8xeXNqodgAbz1kcOlez/f9iYyaJ2q/kgbuO8z90rvr+/+UKCjcM/S98eBPYfJY6/1d7N7AhwIbT/4eOVOS5/jwRUWj2Yon4NmLpMkl7GlYw8XmR2Ssb0MIotXH5dLdlpQyX27qpV1b6Xy3ifPVi4UrbfWQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYG/8FAAD//64O3bE=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000200, 0x0, 0xffffffffffffffff, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)=@o_path={&(0x7f0000000100)='./file0\x00', 0x0, 0x4000}, 0x18)
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x4000, &(0x7f0000000040)={[{@test_dummy_encryption}, {@grpquota}]}, 0x2, 0xbbf, &(0x7f0000000440)="$eJzs3M9rHOUbAPBnJptt2ub73VRErBcjIi2I26SSYotgKxUvHgS9Cg3ppoRsf5BEatIcNvoPiHoWvAhqUTzYcy+KXr1oe1U8CEVioyCikdkfSdpk09TudmL7+cC7877z7u7zPDvszrywuwHctwazmzRib0ScSCJKzf1pRBTrvb6IWuN+S4vzY78vzo8lsbz8yi9JJBFxfXF+rPVcSXO7uznoi4hvn0/igbfWx52enZscrVYrU83xgZnT5w5Mz849NXF69FTlVOXM8KFnRg6OHBo6PNKxWv/44eil3x578afanx//dfHXdz9M4mj0N+fW1tEpgzG48pqsVYiI0U4Hy0lPs561dSaFWzwo7XJSAAC0la65hnsoStETqxdvpfjyu1yTAwAAADpiuSdiGQAAALjHJdb/AAAAcI9rfQ/g+uL8WKvl+42Eu+vasYgYaNS/1GyNmULU6tu+6I2IXdeTWPuz1qTxsDs2GBE/Xj38WdaiS79D3kxtISIe3uj4J/X6B+q/4l5ffxoRQx2IP3jT+L9U/9EOxM+7fgDuT5ePNU5k689/6cr1T2xw/itscO76N/I+/7Wu/5bWXf+t1t/T5vrv5S3GuPDR++fbzWX1P3vphU9bLYufbe+oqNtwbSHikcJG9Scr9Sdt6j+xxRilv89X2s3lXf/yBxH7YuP6W5LN/5/owPhEtTLUuN0wxsI3I5+0i593/dnx39Wm/tb/P7U7/ue2GOO148c/X7fz6mp38/rTn4vJq/VesbnnjdGZmanhiGLy0vr9BzfPpXWf1nNk9e9/fPP3/0b1Z58JtebrkK0FFprbbPzmTTGfu3jhi3b5tNZ/eR7/k22O/9r6vy6sP/5vbzHGE1+9s7/d3Nr1b9ay+K21MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0pBHRH0laXumnabkcsTsiHoxdafXs9MyT42dfP3Mym4sYiN50fKJaGYqIUmOcZOPhen91fPCm8dMRsSci3ivtrI/LY2erJ/MuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBW7I6I/krQcEWlELJXStFzOOysAAACg4wZuHBbzygMAAADonoG8EwAAAAC6zvofAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALtvz6OUrSUTUjuyst0yxOdeba2ZAt6V5JwDkpifvBIDcFPJOAMjNba7xXS7APSi5xXxf25kdHc8FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgO1r397LV5KIqB3ZWW+ZYnOuN9fMgG5L804AyE3PZpOFu5cHcPd5i8P9yxofSG4x37d6n9qNMzu6lhMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA209/vSVpOSKKzX3lcsT/ImIgepPxiWplKCL+HxHfl3p3ZOPhlUf35ZY3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnTU9Ozc5Wq1WprJOGs3Oyh6d1U7SeMVq2yUfnTvsFGNbpLFNO3l/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkIfp2bnJ0Wq1MjWddyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3qZn5yZHq9XKVBc7edcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB+/gkAAP//FUoKgg==")
syz_mount_image$vfat(&(0x7f0000001040), &(0x7f0000001000)='./bus\x00', 0xd01ce0, 0x0, 0x82, 0x0, &(0x7f0000001040))
chdir(0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x4000, &(0x7f0000000280)={[{@dax_always}, {@block_validity}]}, 0x0, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0xb}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)

3m33.705632017s ago: executing program 0 (id=15):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/cpuinfo\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1e00000005000000040000000700000024220400", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="0500000002000000040000170a"], 0x50)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000040)={0x0, &(0x7f00000000c0)=[@cpuid={0x64, 0x18, {0x7, 0x8}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x0, @control_area=0xa3, 0xfffffffffffffff7, 0x40, 0xfffffffffffffffb}}, @nested_load_code={0x12e, 0x5b, {0x2, "b9800000c00f3235008000000f30420f01f836410f23b4410f01c9431026c4a17e121dfe870000460f013bc4c33d426e071d66ba2000b87d1d8e71ef2e2666410f6f12"}}], 0xab})
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000680)=[@cpuid={0x14, 0x18}], 0x18})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$UFFDIO_UNREGISTER(0xffffffffffffffff, 0x8010aa01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f00000000c0)={0x3})
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000040)={0x0, &(0x7f00000007c0)=[@wr_crn={0x46, 0x20, {0x4, 0x6}}, @wr_drn={0x6e, 0x20, {0x0, 0x5}}, @rdmsr={0x32, 0x18, {0x181}}, @code={0xa, 0x53, {"67735a2e0f019ee0000000650f01cfab66ba420066b89b1566ef4d0fc79ee388ef1966450f38803266baf80cb8947a2c89ef66bafc0ced40e80018000043d07c7800"}}, @out_dx={0xaa, 0x28, {0x5b77, 0x5, 0x8}}, @cpuid={0x14, 0x18, {0x10001, 0x9}}, @rdmsr={0x32, 0x18, {0xb7d}}, @rdmsr={0x32, 0x18, {0x2f0}}, @out_dx={0xaa, 0x28, {0xe6cb, 0x3, 0x80000000004}}, @code={0xa, 0x46, {"26640f35360f060f2084b9f70b00000f32420fc75d00c461fc298f0a630000c462c3f521c40299ac66410f01c9b8010000000f01d9"}}, @rdmsr={0x32, 0x18, {0x966}}, @rdmsr={0x32, 0x18, {0x4000009e}}, @nested_create_vm={0x12d, 0x18, 0x1}, @in_dx={0x82, 0x20, {0xbde0, 0x7}}], 0x1f1})
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r3, 0x4068aea3, &(0x7f00000002c0)={0xbe, 0x0, 0x1})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3m33.024706436s ago: executing program 0 (id=17):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x180, 0x0, 0x200, 0x0, 0x0, 0x250, 0x2e8, 0x2e8, 0x250, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x15, 0x0, 0x0, 0x0, 'syz1\x00', 'syz0\x00'}}}, {{@ipv6={@local, @empty, [], [], 'ip6_vti0\x00', 'veth0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE1={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000400)={[{@debug}, {@stripe={'stripe', 0x3d, 0x61}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@test_dummy_encryption_v1}, {@nodiscard}, {@nomblk_io_submit}, {@nodioread_nolock}, {@nojournal_checksum}, {@resuid}]}, 0x1, 0xbb4, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnHy2zb2TXi6X27tpLpdLC+I0raTYIthKxY0LQbdCQzopIdMPkkhNmsVE/wFR14IbQS1KF3bdjYJbN1q3FhdCkdgoiGjkzEeSJjNJ2k5yYvL7wZvzvvOcOe/z5DBzzgszE8CeNZD9SSMORcT5JKJQfzyNiO5qrzeiUttvYX525Jf52ZEkFhdf/jGJJCLuz8+ONI6V1LcH6oPeiPjquST+8ebaeSenZ8aHy+XSRH18bOrS1WOT0zNPjl0avli6WLp8/OTTQyeGTg6eGmpbrb9+d+bWz/994fvKbx/9fuOndz5I4kz01WMr66hX/dgGYmDpf7JSZ0QMt+H4O0FHvZ6VdSadGzwp3eKkAABoKV1xD/evKERHLN+8FeLzr3NNDgAAAGiLxY6IRQAAAGCXS6z/AQAAYJdrfA7g/vzsSKPl+4mE7XXvbET01+pfqLdapDMq1W1vdEXE/vtJrPxaa1J72mMbiIi73576NGvR5HvIW60yFxH/bnb+k2r9/fVvQq+uP42IwTbMP7Bq/Feq/0wb5s+7fgD2pttnaxeytde/dOn+J5pc/zqbXLseRd7Xv8b938Ka+7/l+jta3P+9tMk5rn/43rVWsaz+Z249/0mjZfNn28cq6iHcm4v4T2ez+pOl+pMW9Z/f5ByFP66VWsXyrn/x/Ygj0bz+hmT93yc6NjpWLg3W/jadY+7LoY9bzZ93/dn539+i/o3O/9UHjtT6R31ePXfuZqvYxvWnP3Qnr1R73fVHXh+empo4HtGdvLj28RPr19vYp3GMrP6j/1v/9d+s/uw9oVL/P2SVz9W32fiNVXM+e+P6Z+vVn6398jz/Fx7x/L+1yTn+/8XbR1vFVq5/s5bNfzeprYUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCGNiL5I0mJEJNV+mhaLEQci4p+xPy1fmZx6YvTKa5cvZLGI/uhKR8fKpcGIKNTGSTY+Xu0vj0+sGj8VEQcj4t3Cvuq4OHKlfCHv4gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhyICL6IkmLEZFGxEIhTYvFvLMCAAAA2q4/7wQAAACALWf9DwAAALuf9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb7ODh23eSiKic3ldtme56rCvXzICtluadAJCbjrwTAHLTmXcCQG4eco3vdgF2oWSDeG/LSE/bcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg5zpy6PadJCIqp/dVW6a7Hutq+ozD25gdsJXSvBMActOxXrBz+/IAtp+XOOxdzdf4wF6SbBDvXd6n8mCkZ8tyAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDn6au2JC1GRFrtp2mxGPG3iOiPrmR0rFwajIi/R8Q3ha6ebNyTd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC03eT0zPhwuVya0NHRybeT7Iw0ap2835kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjD5PTM+HC5XJqYzDsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIG+T0zPjw+VyaWITnZsPs/OKTt41AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQnz8DAAD//9b4DfQ=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x31056, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r1 = socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, 0x0, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r2, &(0x7f0000006b40)={0x2020}, 0x2020)

3m32.224463362s ago: executing program 32 (id=22):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000002240)='./file0\x00', 0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c666c7573682c646d61736b3d30303030303030303030303030303030303137373737372c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c757466383d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d312c726f6469722c696f636861727365743d757466382c666d61736b3d30303030303030303030303030303030303030303030342c646d61736b3d30303030303030303030303030303030303030303030372c757466383d312c726f6469722c73686f72746e616d653d77696e39352c726f6469722c00743ccfec81d6c7d05b0f2a54ddce151ec4cbbaacb9552647fd950fedfdc024b3953e7669bc9d4f66e3beaecb80fe73633280b1d3e82023d4f5c7f5a4989406c0f0d0cf537f132dc1e63d84a17532cb78ae7a368bc0029207b9b166705972f4e8dad041e6be170bf43057b456d43f100c53b471aa6c8e3751", @ANYRES16], 0x1, 0x2c2, &(0x7f00000006c0)="$eJzs3T+LI2UYAPBndpNJ7iySwkoEB7SwOm6vtckiOThMpaRQC128O5AkCHew4CkGK1sbSz+BINj5JWwEP4DgB7DzioNXJpkh2btJsoHLrX9+vyL77Lzv877POzPZPyzz7sevziZ3i7j/9Ze/R7ebxdEgBvE4i34cRS2llGJl8G0AAP9mj1OKP9PSJVMG5UsWEd3DlgYAHMje3/9/OnhJAMCBvff+B++cjkbDd4uiG7dn35yPy9/sy4/L9tP78WlM417cjF48Wf4toP5poXy9nVKat4pSP96Yzc/HZebso1+q8U/riU6iF/1FdDH/zmh4Uiyt5c/LOq5X8w/K+W9FL15umP/OaHirIT/Gebz5+lr9N6IXv34Sn8U07i6KWOV/dVIUb6fv/vriw7K8Mj+bn487i34r6fjFXRUAAAAAAAAAAAAAAAAAAAAAAP7rblR753RisX9Peajaf+f4SflJO4pa/+L+PMv8rB7oqf2B5im+T6nTihgNbxZFkaqOq/xWvNKK1tWsGgAAAAAAAAAAAAAAAAAAAP5ZHn7+aHI2nd570BD8dj1iQ9OGoN4NoH6sf0fW8aamwdqR1+LR5KyzecC1pqMq3DJpHNd9soity4lWux65v9dJ2D+4tqnmH37cd8Du7j7tbefn+QT13TU5y6KxTyfqI936mv683iePS86Vb2pKu2+/tSBvbOrtvfb8pUUw39Insm2FvfXH8sxVR7KnV5EvzmpjenttN47me6P5Wmx6pzwjW7yt8+f3xQcAAAAAAAAAAAAAAAAAALhg9dDvM03XdqQepc7BygIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAF2r1///3COZV8iU65/Hg4RUvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+BvwMAAP//QSRWPA==")
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@usrjquota}, {@resuid}, {@jqfmt_vfsv1}, {@errors_remount}, {@nobh}, {@lazytime, 0x2e}], [], 0x2e}, 0x1, 0x48f, &(0x7f00000013c0)="$eJzs28tvG8UfAPDvOnHS5y/5lfLoAwgURMQjadICPXABgdQLEhIcyjGkaVWaNqgJEq0qGhAqEhfUvwA4IvEXcIILAk4gOILEBQkhVagXCge0aO3dxrGd1Ekcm9afj+RkZnY2M9/dnex41g6gZ41kP5KIHRHx00DEUDW7vMJI9df1axen/7p2cTqJNH35j6RS789rF6eLqsV+2/PMaCmi9F4S+5q0O3/+wump2dmZc3l+fOHMG+Pz5y88cerM1MmZkzNnJ48cOXxo4umnJp9sS5w7s77ufXtu/56jr155cfrYlde++Swr35Fvr42janjDbY7ESHFM0vptD0f8mqYNxbesnTXppL+LHWFN+iIiO13lbPzHUPTF0skbihfe7WrngE2Vpmk62FDaVyQWU+A2lkS3ewB0R3Gjz97/Fq8OTj+67uqz1TdAWdzX81d1S3+U8jrluve37TQSEccW//7o2GI222q2DgEA0F5fZPOfx5vN/0pxV029/0X12dBwRPw/InZFxB0RsTsi7oyo1L07Iu5Z/udv+iRgpC7fOP/5fuu6g2tBNv97Jn+2tXz+V8z+Yrgvz+2sxF9OTpyanTmYH5PRKA9m+YlV2vjy+R8+XGnb0vyv+sraz34v1Sj93l+3QHd8amFqIzHXuvpOxN7+ZvEnN05eEhF7ImLvOv5+dsxOPfrp/pW23zz+VbThOVP6ScQj1fO/GHXxF5LVn0+Ob4nZmYPjxVXR6NvvLr+0Uvsbir8NsvO/ren1fyP+4aT2ee18NC4XL/NBQ8nln99f8T3Neq//geSVSnogL3tramHh3ETEQLLYWD65tG+RL+pn8Y8eaD7+d0X883G+376IyC7ieyPivoi4P+/7AxHxYEQcWOWIfP3cQ6+vP/7NlcV/fE3nf+2JvtNffb5S+62d/8OV1Ghe0sr/v1Y7uJFjBwAAALeKpPIZ+KQ0lq9x7ohSaWys+hn+3bGtNDs3v/DYibk3zx6vflZ+OMqlYqVrqGY9dCJfGy7yk3X5Q5V14zRN062V/Nj03OxmPVMHWrN9hfGf+S3/GLCvc8BtbE0DPNm8fgCd5wYPvcv4h97V6vgvb3I/gM5z/4fe1Wz8X4q43oWuAB3m/g+9q+n4L3W+H0Dnuf9D7zL+oSdt5Hv9qyV2Ha0rGWx593RDrW/JA1vn7r9sytFYLdHXwbbamYhS003liPiP9LBp4sdKotTtbtQmBiOi1cqX1nthrznR5X9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbfJvAAAA//9BL+kV")
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')

3m32.044579743s ago: executing program 0 (id=25):
r0 = socket$inet(0x2, 0x3, 0x8d)
setsockopt$inet_msfilter(r0, 0x0, 0x8, &(0x7f0000000340)=ANY=[@ANYRES32], 0x1)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000000c0)={<r1=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x7b, r1})
r2 = socket(0xa, 0x1, 0x0)
ioctl(r2, 0x8916, &(0x7f0000000000))

3m30.719513549s ago: executing program 0 (id=28):
socket(0x0, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x0, 0x0, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='bridge_slave_0\x00', 0x10)
connect$inet(r2, &(0x7f0000000540)={0x2, 0x4e60, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10)
sendmmsg$inet(r2, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x300, 0x401eb94)

3m29.902773326s ago: executing program 33 (id=28):
socket(0x0, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x0, 0x0, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='bridge_slave_0\x00', 0x10)
connect$inet(r2, &(0x7f0000000540)={0x2, 0x4e60, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10)
sendmmsg$inet(r2, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x300, 0x401eb94)

2m48.242078964s ago: executing program 2 (id=173):
socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x2, 0x6, 0x0, 0x0, 0x2, 0x0, 0x70bd28, 0x4000}, 0x10}}, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5459, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$erofs(&(0x7f00000001c0), &(0x7f0000000200)='./file2\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x1f0, &(0x7f0000000440)="$eJzslb+r01AUx7/3Ji9pfW5uLg4+8DmYJqm/lgfPxclB8Edxs9i0VFMrbQZbEPEvcHdzcPFfEKGu/hFSBVEQXdT5SnJvkptqSltbing+0JNv7j09OfeccAKCIP5bPrz/ORU/Dj5VABzFHmy1/tnIfbjm/67y7dGbK5cbT80Xb+2pUy1Gs5d+vglgcslApO6FEELf31PX6+CZvgGO00o3wOAofRscN5UOwHBL6bua7u8oEQbOnX7YanfDwI2NFxs/NvXZ/L4+YWhp+TFtfzga32uGYTDYmLBKKjf5kuVXAQ60/PR+OZDZulr9PHB4StfBcE3pi7DhOE5eEu38x808vjH3/BaWP+SuvvIx6U660p5xNrBkHXfm+MS1Xa0xAPtz719t9m1YRVgorOBlvmXIrbSjW0917QJm8aR/EVDYBtaf4QV7DUPk9aHsX5bqY3lfdO7vzu/y4WLvz6KVz+aneM5wSptPcpQ8Sz4Wtaj3oDYcjc90e81O0Anu+379vHvWdc/5tWQQSVsyA+P41WQ+HZGhY6plvhaz8LAZRQNP2uzelzY/QP4fnsw/jv2TSL4cDMeuzsb9DiB9KFM/nlxjtW+UJk8QBLFFToBlg9NMhfqaqA1LCOH/NvQIgiAIgiAIgiAIgvhn+BUAAP//aA9ZjQ==")
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x1e1)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x100000c, 0x12, r4, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)

2m47.202708424s ago: executing program 2 (id=175):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x34, 0x0, 0x8, 0x201, 0x0, 0x0, {0x7, 0x0, 0x4}, [@CTA_TIMEOUT_DATA={0x4}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x86dd}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x88}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x881}, 0x8)

2m47.059444142s ago: executing program 2 (id=176):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a000090400000103010100092100080001220100090581"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_ep_read(r0, 0x81, 0x52, &(0x7f0000000200)=""/82)

2m43.918416443s ago: executing program 2 (id=190):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x180, 0x0, 0x200, 0x0, 0x0, 0x250, 0x2e8, 0x2e8, 0x250, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x15, 0x0, 0x0, 0x0, 'syz1\x00', 'syz0\x00'}}}, {{@ipv6={@local, @empty, [], [], 'ip6_vti0\x00', 'veth0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE1={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000400)={[{@debug}, {@stripe={'stripe', 0x3d, 0x61}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@test_dummy_encryption_v1}, {@nodiscard}, {@nomblk_io_submit}, {@nodioread_nolock}, {@nojournal_checksum}, {@resuid}]}, 0x1, 0xbb4, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnHy2zb2TXi6X27tpLpdLC+I0raTYIthKxY0LQbdCQzopIdMPkkhNmsVE/wFR14IbQS1KF3bdjYJbN1q3FhdCkdgoiGjkzEeSJjNJ2k5yYvL7wZvzvvOcOe/z5DBzzgszE8CeNZD9SSMORcT5JKJQfzyNiO5qrzeiUttvYX525Jf52ZEkFhdf/jGJJCLuz8+ONI6V1LcH6oPeiPjquST+8ebaeSenZ8aHy+XSRH18bOrS1WOT0zNPjl0avli6WLp8/OTTQyeGTg6eGmpbrb9+d+bWz/994fvKbx/9fuOndz5I4kz01WMr66hX/dgGYmDpf7JSZ0QMt+H4O0FHvZ6VdSadGzwp3eKkAABoKV1xD/evKERHLN+8FeLzr3NNDgAAAGiLxY6IRQAAAGCXS6z/AQAAYJdrfA7g/vzsSKPl+4mE7XXvbET01+pfqLdapDMq1W1vdEXE/vtJrPxaa1J72mMbiIi73576NGvR5HvIW60yFxH/bnb+k2r9/fVvQq+uP42IwTbMP7Bq/Feq/0wb5s+7fgD2pttnaxeytde/dOn+J5pc/zqbXLseRd7Xv8b938Ka+7/l+jta3P+9tMk5rn/43rVWsaz+Z249/0mjZfNn28cq6iHcm4v4T2ez+pOl+pMW9Z/f5ByFP66VWsXyrn/x/Ygj0bz+hmT93yc6NjpWLg3W/jadY+7LoY9bzZ93/dn539+i/o3O/9UHjtT6R31ePXfuZqvYxvWnP3Qnr1R73fVHXh+empo4HtGdvLj28RPr19vYp3GMrP6j/1v/9d+s/uw9oVL/P2SVz9W32fiNVXM+e+P6Z+vVn6398jz/Fx7x/L+1yTn+/8XbR1vFVq5/s5bNfzeprYUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCGNiL5I0mJEJNV+mhaLEQci4p+xPy1fmZx6YvTKa5cvZLGI/uhKR8fKpcGIKNTGSTY+Xu0vj0+sGj8VEQcj4t3Cvuq4OHKlfCHv4gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhyICL6IkmLEZFGxEIhTYvFvLMCAAAA2q4/7wQAAACALWf9DwAAALuf9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb7ODh23eSiKic3ldtme56rCvXzICtluadAJCbjrwTAHLTmXcCQG4eco3vdgF2oWSDeG/LSE/bcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg5zpy6PadJCIqp/dVW6a7Hutq+ozD25gdsJXSvBMActOxXrBz+/IAtp+XOOxdzdf4wF6SbBDvXd6n8mCkZ8tyAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDn6au2JC1GRFrtp2mxGPG3iOiPrmR0rFwajIi/R8Q3ha6ebNyTd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC03eT0zPhwuVya0NHRybeT7Iw0ap2835kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjD5PTM+HC5XJqYzDsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIG+T0zPjw+VyaWITnZsPs/OKTt41AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQnz8DAAD//9b4DfQ=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x31056, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r1, &(0x7f0000006b40)={0x2020}, 0x2020)

2m43.28027085s ago: executing program 2 (id=195):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe8c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000000c0)={0x1, 0x8, 0x0, 'queue0\x00', 0x2})
write$sndseq(r0, &(0x7f00000001c0), 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x4, 0x0, 0x800, 0x0, 0xffffffff}, 0x0, &(0x7f0000000240)={0x1f, 0x9, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffd, 0x8000000000000}, 0x0, 0x0)
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)

2m42.365623312s ago: executing program 2 (id=199):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0xfffffff1})
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x14, 0x4, 0x4, 0x22}, 0x50)

2m41.619666126s ago: executing program 34 (id=199):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0xfffffff1})
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x14, 0x4, 0x4, 0x22}, 0x50)

2m11.13816424s ago: executing program 6 (id=357):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x10, @mcast2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000005b00)=[{{0x0, 0x0, &(0x7f0000000380)=[{0x0}], 0x1, &(0x7f0000005c80)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x72}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x1}}, @flowinfo={{0x14, 0x29, 0xb, 0x200}}, @rthdr_2292={{0x38, 0x29, 0x39, {0x21, 0x4, 0x2, 0x8, 0x0, [@mcast2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}]}}}, @hopopts_2292={{0x38, 0x29, 0x36, {0x3b, 0x3, '\x00', [@jumbo={0xc2, 0x4, 0xf9}, @pad1, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x4}, @pad1]}}}, @rthdrdstopts={{0x78, 0x29, 0x37, {0x3a, 0xb, '\x00', [@calipso={0x7, 0x48, {0x3, 0x10, 0x2, 0x7, [0x7, 0x7, 0x10, 0x20000000000, 0x1, 0x0, 0x8, 0x3]}}, @hao={0xc9, 0x10, @loopback}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0xfb4}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x10001}}, @rthdr={{0x68, 0x29, 0x39, {0x62, 0xa, 0x2, 0x51, 0x0, [@dev={0xfe, 0x80, '\x00', 0x2e}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private1, @empty, @local]}}}], 0x1c8}}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000580)=' L#g', 0x4}], 0x1}}, {{0x0, 0x0, &(0x7f0000001200)=[{&(0x7f0000000e80)="0e4ffc8d171f", 0x6}], 0x1}}], 0x3, 0x400c404)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

2m10.878165426s ago: executing program 6 (id=361):
r0 = socket$inet6(0xa, 0x3, 0x87)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000300)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, {0x0, 0x0, 0x9}, 0x0, 0x0, 0x1, 0x0, 0x9bd29a3e9a5fc05f}, {{@in6=@mcast2, 0x2000000, 0x33}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x0, 0x0, 0x3}}, 0xe8)
connect$inet6(r0, &(0x7f00000000c0), 0x1c)

2m10.642774119s ago: executing program 6 (id=364):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={0x18, r0, 0x321, 0x70bd29, 0x25dfdbfb, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4c811}, 0x4)
recvmmsg(r1, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000001bc0)=[{&(0x7f0000000bc0)=""/4073, 0xff4}, {&(0x7f0000000000)=""/15, 0xf}, {&(0x7f0000000140)=""/54, 0x36}, {&(0x7f0000000080)=""/24, 0x18}], 0x4}, 0x8}], 0x4000000000001b6, 0x180, 0x0)

2m10.414177252s ago: executing program 6 (id=368):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000140)='./file1\x00', 0x80, &(0x7f0000000300)=ANY=[], 0x44, 0x70a, &(0x7f0000000bc0)="$eJzs3U1sHGcZAOB31uu115Xc7U/agpBiNSKCBhLbS0mQkAgVQj5UKBKXXpfEaSyv3ch2kRMh4gKFI5xQDhyKKnPoCfWABOIAlDMSEleUeyTuEQcWzezMendtr3cb2xvC80iz883M9/PO25nPu7ONNoD/W0tvxeROJLF04c3tdPvBbr35YLe+VpQjYioiShHl9iqS9Yjkk4ir0V7iM+nOvLvksHFef/j7X52//1G9vVXOl6x+aVC7Pa0BI+zkS8xFxES+HlH5sP6uxxv7+rs3UtdJJ+40YeeKxMG4tfbZGaX5EPct8KS7FzExecD+WsRMREzn7wMinx1KpxzesRtplgMAAIAn08RRFZ59FI9iO2ZPJxwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4OiTt3wxM8qVUlOciKX7/v5LvS1UqY453sC8dcfz9m6cUCAAAAAAAAACciI/zL+7PPopHsR2zxf5Wkn3n/2q28WL2+ky8G5uxHBtxMbajEVuxFRuxEDE529VhZbuxtbWxsL/lLyNt2Wq17uUtFyOitq/l4imcNAAAAAAAAAA8vX4USzE77iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBbEjHRXmXLi0W5FqVy/DmrUklfdiL+WJSfdNUBx/50inEAAADAmBQfjWeT/7QLrST7zP9S9rl/Ot6N9diKldiKZizHjexZQPtTf+nvO/Xmg936Wrrs7/ib/xopjqzHiJiI9w4ZeT6rcabTYim+Hd+NCzEX12IjVuL70YitWI65qKYnEY1IolZtP72oFXEeHO/Vnq1r/bGd7dt+JYukGjdjJYvtYlyvRPuxSXYO6ZivdI32u0pE34jvpdlJvpEbMkc3uv57/SJ/LpNrPTtkHyejlp35ZCcj81HN90U8Nzj3I14n/SMtRKnzDOrFvVHSzf6Ripx/b5Scz+TrNNc/7c35cRvxUVp/JhajlF99ES/15vz25+8/39v4i//4y7VbpfXVWzc3L5zgKT2OuaMqTBaF/kzUuzLx8uCrL89EM83EzvCZmOzfMT1sy5NVybORTUVDzpbfykqNeLXrEnwnbsRyXI75WIgrMR9fi8Wod66wdDnTk9dyfa03J9m9Vto/vw16EnvuC12VfnZE5dOV5uW5rrx2z3S17Fi+5+rPY77r6nt+8NU38l+BdPzP5uV0jB93/uI8CXoykc/NRXQvDM7Er1vp62ZzfXXjVuP2kOOdz9fpbft+79z84fBR9/91Pw7p9ZLOuOVsK8tJtbhe0mMvdKLtzVcl/8al3a6079iZzrFazMZKfOfQO7WSv4fb31P72Mvdx/65N3NW8vc3xbGedznxTjSzdyF9jpyqATgVU53SzGszlerD6t+qH1R/Ur1VfXP6jakrU5+rxORfy3+Y+G3pN6WvJ6/FB/HDmB1rwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8JTYvHN3tdFsLm90CjHdv+dxC5VDxxpciNKRdXafGa7DqEUMHivJC5XjPfdRCx/ORIxv9HahGquNZqsrjOIXlh63548jYkCdymMHn4x8jY1cSPNwLB0WP5yW7WlNjNC8XLQ6uE45NqdjtZGUD7jjpvbugqitNpr/bvU0r8bdTs/jmY+A03Npa+32pc07d7+8stZ4e/nt5fXFK5evXK5/deErl26uNJfn26/jjhI4CZt37k6MOwYAAAAAAAAAAABgNPn//b/1qf8xQ/mIOpWNzYNHPnvapwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8j1p6KyZ3IomF+Yvz6faD3XozXYpyREy3a5YjohQRyQ8ikk8irkZ7iVpXd8lh47z+MErn739U3+urXNQvDWo3nJ18ibmImMjXR5s6oJv9/V3v6m/nU4WXtIPKE3auSByM238DAAD//wLu82E=")
unshare(0x20000400)
syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
getdents64(r0, &(0x7f0000000180)=""/122, 0x7a)

2m9.195399602s ago: executing program 6 (id=375):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000001c0)={{{@in=@private=0xa010101, @in=@loopback, 0x0, 0x20, 0x4e22, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x400000000, 0x3, 0x0, 0xffffffffffffffff, 0x40000, 0xffffffff}, {}, 0x0, 0x6e6bb7, 0x1}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0xffffffff, 0x6c}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x3507, 0x0, 0x3, 0x0, 0xe, 0x4000000, 0x3}}, 0xe8)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0xeeee0000, 0xb, 0xba1, 0x8c5f, 0x0, [{0x46, 0x8, 0x1}, {0x2, 0x29, 0x6, '\x00', 0xf8}, {0x60, 0x3, 0x0, '\x00', 0xbd}, {0x7, 0x4, 0x9, '\x00', 0xd}, {0x5, 0x4, 0x8, '\x00', 0x5}, {0x3, 0x40, 0x71, '\x00', 0x2}, {0x7, 0x7, 0xfd, '\x00', 0x34}, {0x9, 0xc5, 0x1, '\x00', 0x5}, {0x7, 0xfb, 0x3, '\x00', 0x2}, {0xfe, 0x1, 0xd, '\x00', 0x4}, {0x1, 0x4e, 0x0, '\x00', 0x2}, {0x9, 0x2, 0x5, '\x00', 0x3}, {0xfa, 0x0, 0x8, '\x00', 0x7}, {0x80, 0x2, 0x80, '\x00', 0x4}, {0x6, 0x8, 0x3, '\x00', 0x4}, {0x9, 0xf1, 0x8, '\x00', 0x4}, {0x2, 0x7, 0x8, '\x00', 0x3}, {0x4, 0x6, 0x9, '\x00', 0x48}, {0x90, 0x0, 0x81, '\x00', 0x6}, {0xb, 0xff, 0x5}, {0x0, 0x4, 0x3, '\x00', 0x6a}, {0x7, 0x35, 0x7a, '\x00', 0x8}, {0x4, 0x7, 0x5, '\x00', 0xf}, {0x8, 0x2, 0x62, '\x00', 0x1}]}})

2m8.625779665s ago: executing program 6 (id=383):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x70bd28, 0x0, {0x2, 0x20, 0x20, 0x0, 0x0, 0x0, 0x0, 0x7}, [@RTA_IIF={0x8}]}, 0x24}}, 0xea5bc50b6199d77e)
sendto$inet_nvme_pdu(0xffffffffffffffff, &(0x7f00000001c0)=@data_h2c={{}, 0x0, 0x0, 0x1, 0x0, "cfbf3586"}, 0x80, 0x0, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000804}, 0x4c844)
socket$nl_route(0x10, 0x3, 0x0)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, 0x0, 0x14)

2m6.486890578s ago: executing program 35 (id=383):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x70bd28, 0x0, {0x2, 0x20, 0x20, 0x0, 0x0, 0x0, 0x0, 0x7}, [@RTA_IIF={0x8}]}, 0x24}}, 0xea5bc50b6199d77e)
sendto$inet_nvme_pdu(0xffffffffffffffff, &(0x7f00000001c0)=@data_h2c={{}, 0x0, 0x0, 0x1, 0x0, "cfbf3586"}, 0x80, 0x0, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000804}, 0x4c844)
socket$nl_route(0x10, 0x3, 0x0)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, 0x0, 0x14)

1m52.397950419s ago: executing program 7 (id=459):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x44, 0x0, &(0x7f0000000440)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x400c6313, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

1m52.079659308s ago: executing program 7 (id=461):
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6(0xa, 0x3, 0x2f)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
close(0x3)
setrlimit(0x7, &(0x7f00000000c0)={0x9, 0x8001})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

1m51.202139448s ago: executing program 7 (id=463):
r0 = socket(0x2, 0xa, 0x300)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, 0x0)

1m50.869948577s ago: executing program 7 (id=467):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000400)={[{@debug}, {@stripe={'stripe', 0x3d, 0x61}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@test_dummy_encryption_v1}, {@nodiscard}, {@nomblk_io_submit}, {@nodioread_nolock}, {@nojournal_checksum}, {@resuid}]}, 0x1, 0xbb4, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnHy2zb2TXi6X27tpLpdLC+I0raTYIthKxY0LQbdCQzopIdMPkkhNmsVE/wFR14IbQS1KF3bdjYJbN1q3FhdCkdgoiGjkzEeSJjNJ2k5yYvL7wZvzvvOcOe/z5DBzzgszE8CeNZD9SSMORcT5JKJQfzyNiO5qrzeiUttvYX525Jf52ZEkFhdf/jGJJCLuz8+ONI6V1LcH6oPeiPjquST+8ebaeSenZ8aHy+XSRH18bOrS1WOT0zNPjl0avli6WLp8/OTTQyeGTg6eGmpbrb9+d+bWz/994fvKbx/9fuOndz5I4kz01WMr66hX/dgGYmDpf7JSZ0QMt+H4O0FHvZ6VdSadGzwp3eKkAABoKV1xD/evKERHLN+8FeLzr3NNDgAAAGiLxY6IRQAAAGCXS6z/AQAAYJdrfA7g/vzsSKPl+4mE7XXvbET01+pfqLdapDMq1W1vdEXE/vtJrPxaa1J72mMbiIi73576NGvR5HvIW60yFxH/bnb+k2r9/fVvQq+uP42IwTbMP7Bq/Feq/0wb5s+7fgD2pttnaxeytde/dOn+J5pc/zqbXLseRd7Xv8b938Ka+7/l+jta3P+9tMk5rn/43rVWsaz+Z249/0mjZfNn28cq6iHcm4v4T2ez+pOl+pMW9Z/f5ByFP66VWsXyrn/x/Ygj0bz+hmT93yc6NjpWLg3W/jadY+7LoY9bzZ93/dn539+i/o3O/9UHjtT6R31ePXfuZqvYxvWnP3Qnr1R73fVHXh+empo4HtGdvLj28RPr19vYp3GMrP6j/1v/9d+s/uw9oVL/P2SVz9W32fiNVXM+e+P6Z+vVn6398jz/Fx7x/L+1yTn+/8XbR1vFVq5/s5bNfzeprYUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCGNiL5I0mJEJNV+mhaLEQci4p+xPy1fmZx6YvTKa5cvZLGI/uhKR8fKpcGIKNTGSTY+Xu0vj0+sGj8VEQcj4t3Cvuq4OHKlfCHv4gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhyICL6IkmLEZFGxEIhTYvFvLMCAAAA2q4/7wQAAACALWf9DwAAALuf9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb7ODh23eSiKic3ldtme56rCvXzICtluadAJCbjrwTAHLTmXcCQG4eco3vdgF2oWSDeG/LSE/bcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg5zpy6PadJCIqp/dVW6a7Hutq+ozD25gdsJXSvBMActOxXrBz+/IAtp+XOOxdzdf4wF6SbBDvXd6n8mCkZ8tyAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDn6au2JC1GRFrtp2mxGPG3iOiPrmR0rFwajIi/R8Q3ha6ebNyTd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC03eT0zPhwuVya0NHRybeT7Iw0ap2835kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjD5PTM+HC5XJqYzDsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIG+T0zPjw+VyaWITnZsPs/OKTt41AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQnz8DAAD//9b4DfQ=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x31056, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r1, &(0x7f0000006b40)={0x2020}, 0x2020)

1m50.234786164s ago: executing program 7 (id=470):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$packet(r0, &(0x7f0000000080)={0x1f, 0x2, 0x0, 0x1, 0x2, 0x6, @link_local}, 0x14)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x1e0000015})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040)={0x1, 0x37fffe}, 0x8)
shutdown(r0, 0x1)

1m49.586141991s ago: executing program 7 (id=474):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000600)}, {&(0x7f0000000040)}], 0x2}, 0x400c021)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x8, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0xd000, 0x0, 0x0, 0x7, 0x8, 0x0, 0x3, 0x7, 0x0, 0x8, 0x9}, {0x6000, 0x10000, 0xc, 0x0, 0x3, 0x0, 0xfd, 0x0, 0x7, 0xff, 0x1}, {0x2000, 0x8080000, 0xc, 0x0, 0x7, 0xc4, 0x0, 0x0, 0x8, 0x3, 0x40, 0x3}, {0xeeef0000, 0x33331000, 0x18592cbc7c573fc6, 0x9, 0x1, 0x0, 0x9, 0x0, 0x8, 0x0, 0x4}, {0x0, 0xeeee0000, 0xb, 0x0, 0xfd, 0x4, 0x0, 0x0, 0x0, 0x3f}, {0x100000, 0x0, 0x0, 0x78, 0x2, 0x1, 0x2, 0x80, 0x0, 0xff, 0x1}, {0x0, 0xeeee0000, 0xa, 0x4, 0x3, 0x0, 0xa1, 0x6, 0x0, 0x0, 0x8}, {0x2, 0x6000, 0xc, 0x0, 0x0, 0x7, 0x1, 0x40, 0x26, 0x0, 0x0, 0x2}, {0x80a0000, 0x8cc}, {0xdddd1000}, 0xddf8ffdb, 0x0, 0x0, 0x110, 0x0, 0xf801, 0x0, [0x80000001, 0x0, 0x1, 0x1]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m49.028521243s ago: executing program 36 (id=474):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000600)}, {&(0x7f0000000040)}], 0x2}, 0x400c021)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x8, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0xd000, 0x0, 0x0, 0x7, 0x8, 0x0, 0x3, 0x7, 0x0, 0x8, 0x9}, {0x6000, 0x10000, 0xc, 0x0, 0x3, 0x0, 0xfd, 0x0, 0x7, 0xff, 0x1}, {0x2000, 0x8080000, 0xc, 0x0, 0x7, 0xc4, 0x0, 0x0, 0x8, 0x3, 0x40, 0x3}, {0xeeef0000, 0x33331000, 0x18592cbc7c573fc6, 0x9, 0x1, 0x0, 0x9, 0x0, 0x8, 0x0, 0x4}, {0x0, 0xeeee0000, 0xb, 0x0, 0xfd, 0x4, 0x0, 0x0, 0x0, 0x3f}, {0x100000, 0x0, 0x0, 0x78, 0x2, 0x1, 0x2, 0x80, 0x0, 0xff, 0x1}, {0x0, 0xeeee0000, 0xa, 0x4, 0x3, 0x0, 0xa1, 0x6, 0x0, 0x0, 0x8}, {0x2, 0x6000, 0xc, 0x0, 0x0, 0x7, 0x1, 0x40, 0x26, 0x0, 0x0, 0x2}, {0x80a0000, 0x8cc}, {0xdddd1000}, 0xddf8ffdb, 0x0, 0x0, 0x110, 0x0, 0xf801, 0x0, [0x80000001, 0x0, 0x1, 0x1]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

40.082220343s ago: executing program 1 (id=829):
r0 = syz_open_dev$loop(&(0x7f0000000080), 0xae309b6, 0x20080)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, &(0x7f00000000c0)={0xffffffff9b6a9ee9, 0x2, 0x1})

39.893905634s ago: executing program 1 (id=834):
syz_80211_join_ibss(&(0x7f0000000000)='wlan1\x00', &(0x7f0000000040)=@default_ibss_ssid, 0x6, 0x0)

38.9141042s ago: executing program 1 (id=837):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
fadvise64(r0, 0xec, 0x4, 0x3)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000080)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@journal_checksum}]}, 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
creat(&(0x7f00000000c0)='./bus\x00', 0x1a2)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f00000001c0)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020100000a0000000600000000000000030006000000000002000000ffffffff0000000000000000030005000000000002000000ac1e00010000000000000000020013"], 0x50}}, 0x0)

37.805707794s ago: executing program 1 (id=841):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x180, 0x0, 0x200, 0x0, 0x0, 0x250, 0x2e8, 0x2e8, 0x250, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x15, 0x0, 0x0, 0x0, 'syz1\x00', 'syz0\x00'}}}, {{@ipv6={@local, @empty, [], [], 'ip6_vti0\x00', 'veth0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE1={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000400)={[{@debug}, {@stripe={'stripe', 0x3d, 0x61}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@test_dummy_encryption_v1}, {@nodiscard}, {@nomblk_io_submit}, {@nodioread_nolock}, {@nojournal_checksum}, {@resuid}]}, 0x1, 0xbb4, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnHy2zb2TXi6X27tpLpdLC+I0raTYIthKxY0LQbdCQzopIdMPkkhNmsVE/wFR14IbQS1KF3bdjYJbN1q3FhdCkdgoiGjkzEeSJjNJ2k5yYvL7wZvzvvOcOe/z5DBzzgszE8CeNZD9SSMORcT5JKJQfzyNiO5qrzeiUttvYX525Jf52ZEkFhdf/jGJJCLuz8+ONI6V1LcH6oPeiPjquST+8ebaeSenZ8aHy+XSRH18bOrS1WOT0zNPjl0avli6WLp8/OTTQyeGTg6eGmpbrb9+d+bWz/994fvKbx/9fuOndz5I4kz01WMr66hX/dgGYmDpf7JSZ0QMt+H4O0FHvZ6VdSadGzwp3eKkAABoKV1xD/evKERHLN+8FeLzr3NNDgAAAGiLxY6IRQAAAGCXS6z/AQAAYJdrfA7g/vzsSKPl+4mE7XXvbET01+pfqLdapDMq1W1vdEXE/vtJrPxaa1J72mMbiIi73576NGvR5HvIW60yFxH/bnb+k2r9/fVvQq+uP42IwTbMP7Bq/Feq/0wb5s+7fgD2pttnaxeytde/dOn+J5pc/zqbXLseRd7Xv8b938Ka+7/l+jta3P+9tMk5rn/43rVWsaz+Z249/0mjZfNn28cq6iHcm4v4T2ez+pOl+pMW9Z/f5ByFP66VWsXyrn/x/Ygj0bz+hmT93yc6NjpWLg3W/jadY+7LoY9bzZ93/dn539+i/o3O/9UHjtT6R31ePXfuZqvYxvWnP3Qnr1R73fVHXh+empo4HtGdvLj28RPr19vYp3GMrP6j/1v/9d+s/uw9oVL/P2SVz9W32fiNVXM+e+P6Z+vVn6398jz/Fx7x/L+1yTn+/8XbR1vFVq5/s5bNfzeprYUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCGNiL5I0mJEJNV+mhaLEQci4p+xPy1fmZx6YvTKa5cvZLGI/uhKR8fKpcGIKNTGSTY+Xu0vj0+sGj8VEQcj4t3Cvuq4OHKlfCHv4gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhyICL6IkmLEZFGxEIhTYvFvLMCAAAA2q4/7wQAAACALWf9DwAAALuf9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb7ODh23eSiKic3ldtme56rCvXzICtluadAJCbjrwTAHLTmXcCQG4eco3vdgF2oWSDeG/LSE/bcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg5zpy6PadJCIqp/dVW6a7Hutq+ozD25gdsJXSvBMActOxXrBz+/IAtp+XOOxdzdf4wF6SbBDvXd6n8mCkZ8tyAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDn6au2JC1GRFrtp2mxGPG3iOiPrmR0rFwajIi/R8Q3ha6ebNyTd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC03eT0zPhwuVya0NHRybeT7Iw0ap2835kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjD5PTM+HC5XJqYzDsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIG+T0zPjw+VyaWITnZsPs/OKTt41AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQnz8DAAD//9b4DfQ=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x31056, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x0, 0x887008, 0x0)
r1 = socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, 0x0, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r2, &(0x7f0000006b40)={0x2020}, 0x2020)

37.454736374s ago: executing program 1 (id=845):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
mbind(&(0x7f0000bdc000/0x3000)=nil, 0x3000, 0x1, &(0x7f0000000140)=0x3ff, 0x3, 0x0)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c4604070001040000000000040002000600030000000903000038000104ce0000000e0000000b0020"], 0x58)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x44}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000140)={@rand_addr, @initdev}, &(0x7f00000001c0)=0xc)
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x25, &(0x7f0000000080)={@private, @multicast2, @loopback}, &(0x7f0000000240)=0xc)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='fdinfo/3\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x101, 0xaec4, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x20000, 0x1c, 0x0, 0x5, 0x1], 0x0, 0x41981})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

37.201488279s ago: executing program 1 (id=849):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000340)={0x2, 0x0, [{0xd, 0x0, 0x5, 0x9, 0x6, 0x8, 0x5b0}, {0x7, 0x9, 0x4, 0x101, 0x80, 0x2003fe, 0x1}]})

36.731070876s ago: executing program 37 (id=849):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000340)={0x2, 0x0, [{0xd, 0x0, 0x5, 0x9, 0x6, 0x8, 0x5b0}, {0x7, 0x9, 0x4, 0x101, 0x80, 0x2003fe, 0x1}]})

16.225254476s ago: executing program 8 (id=958):
syz_usb_connect(0x2, 0x0, 0x0, 0x0)
clock_getres(0xfffffffffffffffe, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
ftruncate(r0, 0x80079a0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000000), 0x1, 0x51a, &(0x7f0000000680)="$eJzs3c9vI1cdAPDvjOM0u5tiFxAqlSgVLcpWdO2koW2EEJQTp0pAuS8hcaIodhzFTtlEFaTiP0BIIHHijsQfgFT1wB+AKlWCC+KAAIEQbOGABHSQ7THNOrYTaBJn489HejvvvRn7+54jP8+PtzMBTK2nIuLliChExLMRUcrr0zzFUS91tnv3/utrnZRElr36lySSvK6/fac8ExG38pfNRcTXvhzxzeRk3NbB4fZqvV7by8vVdmO32jo4vLPVWN2sbdZ2lpeXXlx5aeWFlcUs94H6We4tnouIL7z53Ld+e/dPt7/dadbnPxbFONaP89brerH7WfR1PqO9iwg2AYW8P8X/1hQn2h4AAMbr7Ld/OCI+1d3/L0Whuzc3oDCJlgEAAADnJfvifPwricgAAACAayuNiPlI0ko+F2A+0nQ2Pzfw0biZ1put9mc2mvs76511EeUophtb9dpiPle4HMWkU17K59j2y88PlJcj4rGI+H7pRrdcWWvW1yd87gMAAACmxa2B4/+/l9Ju/nRD/p8AAAAAcHWVRxYAAACA68IhPwAAAFx/g8f/b06oHQAAAMCF+Morr3RS1n/+9fprB/vbzdfurNda25XGfqGy1tzbrWw2m5vde/Y1Tnu/erO5+9nY2b9Xbdda7Wrr4PBuo7m/07679cAjsAEAAIBL9Ngn3/pVEhFHn7vRTZHfBxDgAb+fdAOA81SYdAOAiXEXb5hexUk3AJi45JT1Ju8AAMDDb+HjJ6//95//79wAXG/m+gDA9HH9H6ZXcewMQLMD4VrLL/x/qLd4ZNRmI6///+KsgbIs4u3S8RrnFwEA4HLNd1OSVvJrgfORppVKxKMRaTmKycZWvbaYHx/8slR8pFNe6r4yOXXOMAAAAAAAAAAAAAAAAAAAAAAAAADQk2VJZAAAAMC1FpH+MckfA7ZQemZ+8PzAbPKPUvwhL/zo1R/cW22395Y69X/tPstrNiLaP8zrnx/5+DAAAADgvCVHI1f1jtPz5dKltgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAKfDu/dfX+uky4/75SxFRHhZ/Jua6y7koRsTNvyUxc+x1SUQUziH+0RsR8fiw+Em8l2VZOW/FYPw0Im5ccPxy96MZHf/WOcSHafZWZ/x5edj3L42nusvh37+ZPH1Qo8e/NI/8eHecGzb+PXri3RpDYzzxzk+rI+O/EfHEzPDxpz/+JiPiP33i3f6ZZVl3ZXK89htfPzwcFT/7ccTC0N+f5IFY1XZjt9o6OLyz1VjdrG3WdpaXl15ceWnlhZXF6sZWvZb/OzTG9z7xs/fG9f/mkPi/+XVv/B3X/2dGvemAf79z7/5HetnisPi3nx76+zsXI+Kn+W/fp/N8Z/1CP3/Uyx/35E/efnJc/9dHfP6n/f1vn7H/z371u78746YAwCVoHRxur9brtb0xmbkzbPMwZn4+dyWa8T9msu/0/nJXpT3/b6azt/p+Tb9XV6BhxzLZpcUqxCQ6ODtmm4kOSwAAwAV4f6d/0i0BAAAAAAAAAAAAAAAAAACA6XUZdxobjHk0ma4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIz1nwAAAP//bbzekQ==")
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8923, &(0x7f00000000c0)={'team_slave_1\x00', @random="01320136b1ff"})
symlink(0x0, &(0x7f0000000940)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

12.553685658s ago: executing program 9 (id=970):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x41)
copy_file_range(r0, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x0)
r1 = dup(0xffffffffffffffff)
ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r1)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@multicast, @random="ecbeba5e4101", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x3c, 0x1c, 0x4400, 0x0, 0xb, 0x11, 0x0, @remote, @multicast1}, {0x0, 0x4e21, 0x8}}}}}, 0x0)
mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x300000f)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000003c0)="410f01d12636440fc5f100c744240004000000c74424020c000000ff1c2466440f3526430f01c8f3ab660f38397e00b9000300000f32c74424000e000000c7442402ce150000c7442406000000000f011424b8010000000f01c1", 0x5a}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000007c0)=[@text16={0x10, 0x0}], 0x1, 0x25, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net\x00')
r7 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r7, &(0x7f0000002100), 0x0, 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r7)
ioctl$TCSETSF(r5, 0x5404, &(0x7f0000000000)={0x4, 0x0, 0x0, 0x5, 0x0, "8eef10098502988d352a70e1133459910d6a00"})
write$UHID_INPUT(r6, &(0x7f0000001040)={0xd, {"a2e3ad21ed6b0af99cfbf4c007f70eb4d04fe7ff7fc6e5539b0872fc8b546a1b4d09940f08900c878f0e1ac6e7049b4cb4956c409b3c2a0867f3988f7ef319520100ffe8d178708c523c921b1b0f5a0a169b50d336cd3b78130daa61d8f809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1010}}, 0x1b7)

9.892169631s ago: executing program 3 (id=973):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300090a0000000000000004000000030006000000000002000000ac1414000000000000000000020001000000000000000002fffffffb030005000000000002"], 0x50}}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
rt_sigqueueinfo(0x0, 0x3b, &(0x7f0000000580)={0x37, 0x5, 0x9})
r5 = syz_open_procfs(0x0, &(0x7f00000193c0)='net/igmp6\x00')
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000140)=0x1, 0x4)

9.811647996s ago: executing program 4 (id=974):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000140)={{0xeeeea000, 0x3000, 0xb, 0x6, 0x7, 0xff, 0xfe, 0x79, 0x0, 0xff, 0x4, 0x2}, {0x3000, 0x0, 0x10, 0x5, 0x5, 0x2, 0x8, 0xb, 0x82, 0x3, 0x27, 0xf}, {0xeeee0002, 0x10000, 0x10, 0x6, 0x5, 0x0, 0xa, 0x7, 0x5, 0x2, 0x0, 0x9}, {0x80a0000, 0x0, 0xd, 0x6, 0x8, 0x1, 0x1, 0x9, 0x8, 0x28, 0x7, 0xc5}, {0xe6e61000, 0x100000, 0x0, 0x6, 0x7, 0x0, 0xfb, 0xf8, 0xf7, 0x4, 0x4, 0xff}, {0xdddd1000, 0xffff3000, 0xc, 0xc, 0x7b, 0x6, 0x8, 0x5, 0x82, 0xc4, 0x2, 0x89}, {0xd000, 0x8080000, 0x4, 0x90, 0x0, 0x3, 0x2, 0x2, 0x2, 0x0, 0x59, 0xe2}, {0xffff1000, 0x2000, 0x4, 0xfa, 0x7, 0x1, 0x2, 0xb, 0x4c, 0xb, 0x3, 0xa}, {0x80a7000, 0x5}, {0x6000, 0x4382}, 0x28, 0x0, 0x1000, 0x500b2, 0x3, 0x7080, 0x5000, [0xe, 0x81, 0x80000000000, 0x7]})
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"a66ff5bfbf32d9d3fa1e01daafede45d0157d003711f9b5f96a53b65c43968f6d3d2092ad371bd1574c2d6c6f67de32d7cece92e4cbaac38188b5ac142f757f799f35608818960a7215389c1f49c202367dcd9cbad7664320dbef3fb0a80ad6a5214e854621f5ee4529fb9cf7e1101ab2c7431d45b2bafbd50a728622d8c60d7ddbf283d7f597c8ab09079cee6edd90f1d95923989e527d803ab082354582253780e2c15c8a566510a016169b5e206fb5f9c197f758ad36f9d7ed2d52270b3a509a9e183d85a2a559f1f9f660ff9355a89d84d6ebbd0bc70fdd068caafbafcf01ad094664ae9f75c66d8559484099661424bbeb0a5d61d66c0c6768f9928cae37b22bd2bfbc4a57b53de1bbd20c8c47082c0e41511056723ab7595dc90918480b132a5a7c7359979206e7ff9869950653e0f8490ee61ba33a5b37adbb89c940fb443df80157282848b37d3128b99e88463665ac71ba4681f62b19b45fd152f7af4c2800edfba0760a92337ce8cd4fdb55799f2e6db9c979dec0d9ee04005267b0180ed2204170fd648d4e1cdb562aa436fe125d06ad3b6fba8de2f0a1a328c4229a88e635172a084dd7a6b3c6cba999042a6c2e67d1e276bcd3d60b0b25b8fc2de812b714ac0514a17196cd1a8a31a482c9d6c4716bcbe93e3d9e092acfc493ba1071e1dd044c0f056aa86b505c901c5bc33263fe06851d7cf7ab0d436a112b33086d9e25410f16e33544ebe99afca1ba2c57f9a16a02d4b5f96754f572e542f494ad1644bcbb74e44ee1d9b6f36aba6030ce085528682d70f850658eb80f08b0bdec414c902ee3e83aab4fa06c07ddb7db5e31ed7eac89e2986b5ea19f1d18ef359261af9f577623e648c4a32e27330d1c5c6f22e7b1a9e06e488fb08f5cbd08861c3c55899b20c5fc3d4955e2433a368eaaf39ddb04f2861a39523c40d594436c5e9a75acb7ad84f31a023a63a56f41e03733bd9b5a4ae43d17575bd1a25eca42afb2405dc027a0a870cdfc2b306bb360f55879cf97da2f1407b9a5d097af80855dbeca192476f245ca8c77f850c66d13340a802f81cc39c5eceda0e271d7ad3e849efe546ba5cd930e466b73d9d71504a054f6d277f8eed062a712e4c55d4c5844857f541f5cc6bfffd84488d89dd0796b88c35083cb41eadb9cd566b26c67697732b6e49e3e8b064198a6282e233d6ca8f6aebe769af04f9394e23d1a4f9fe3be0dfe27c661c7d4544d6b3de62534fd86e3720611923d8d4411cdbb6622463766c8d28c7f43b0d85de0f95585a09e00cf2b22712cd58bfda9e8c32f233e7e6476ac5ab5f35db5f35b520bcac91bdab918d054bc2ebdd8aea769d39d5b54bb79f1252f6e1164dd17aa0024abbd07d859710d6c19d79ef88a9684de5e82f083c24325a9eaccfc676d20d31fc084ce9d92d2546bf588eef4d5366c2fa0cc835"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

6.402624942s ago: executing program 3 (id=976):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x3c, 0x1c, 0xc07, 0x2001, 0x0, {0x2, 0x0, 0x0, r1, 0x8, 0x10, 0x4}, [@NDA_DST_IPV6={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @broadcast}}, @NDA_LLADDR={0xa, 0x2, @random="44328a67ad89"}]}, 0x3c}}, 0x20024090)

6.26596995s ago: executing program 4 (id=977):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000000c0)=0x81)
fanotify_init(0x12, 0x1000)
r1 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x8480)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000001180)={{0xfffffffe, 0x0, 0x0, 0x803, 'syz0\x00', 0x2}, 0x6, 0x2, 0x4, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5414, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x7)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x34, r3, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x1a900000}]}, 0x34}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000280)={'syztnl1\x00', 0x0})
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0xa, 0x8000000000002})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r7 = dup3(r6, r5, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r8, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xbaab6425dfc0eb9d}], 0x0, 0x0, 0x0})
sendmsg$nl_route_sched(r4, 0x0, 0x44080)

6.26243475s ago: executing program 8 (id=978):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x1, 0xfffff000, 0x1000, &(0x7f0000000000/0x1000)=nil})

6.205273303s ago: executing program 9 (id=979):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r2, &(0x7f0000000080)={'#! ', '', [{}]}, 0x5)
close(r2)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

6.102252679s ago: executing program 3 (id=981):
syz_emit_ethernet(0x96, &(0x7f0000000140)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x60, 0x6, 0x1, @remote, @local, {[], {{0x4e20, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x18, 0x2, 0x0, 0x0, 0xd, {[@timestamp={0x8, 0xa, 0x2, 0x98ca}, @sack_perm={0x4, 0x2}, @window={0x3, 0x3, 0xd7}, @fastopen={0x22, 0x4, "914f"}, @timestamp={0x8, 0xa, 0x4, 0xad}, @md5sig={0x13, 0x12, "8098cf093cc9cd7b8ec814f9bcfdfea9"}, @sack={0x5, 0x1a, [0x1, 0xfffffffe, 0x3, 0x6, 0x1, 0x10001]}]}}}}}}}}, 0x0)

6.024668993s ago: executing program 8 (id=982):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="6c01000010001307fefffffffcdbdf256401010100000000000000000000000020010000000000000000000000000001000000004e2100020a0000006c000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="e0000002000000000000000000000000000000fe3200000020010000000000000000000000000000020000000000000001000000000000000000000000000000080000000000000000000000000000000000000000002000000000000000000043050000000000000400000000000000ffffffffffffff7f0000000000000000000000000000000002000000000000000000000026bd7000003500000a000100500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000a000000060000000210466d38547aa140db9a200000000c538c7cb7a1c00040000004e"], 0x16c}, 0x1, 0x0, 0x0, 0x40840}, 0x0)

6.002556675s ago: executing program 4 (id=983):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0x1, 0x53b, &(0x7f0000000b80)="$eJzs3cFvHFcZAPBvNl7HSZzaBQ5QqaWiRUkF2Y1r2locSpEQnCohyj0Ye2NZWXste93GVgXrvwAJIUDiBBcuSPwBSCgSF44IKRKcQSoCIUhBggN00OzO2mY9a2/SjTde/37SZN6b2Znvexu/2Zmdp9kAzq3nI+KNiPggTdOXImImX17Kp2h1pux17z94dymbkkjTt/6WRJIv6+4ryedX8s2mIuJrX4n4ZnI07tbO7p3Fer22mderzbWN6tbO7o3VtcWV2kptfX5+7tWF1xZeWbg5lHZejYjXv/Sn73/np19+/ZeffeePt/5y/VtZWtP5+sPteEgTx63sNL18capng81HDPYkytpT7lYuDbbN3mPMBwCA/rJz/I9ExKci4qWYiQvHn84CAAAAZ1D6hen4TxKRFpvssxwAAAA4Q0rtMbBJqZKPBZiOUqlS6Yzh/VhcLtUbW83P3G5sry93xsrORrl0e7Veu5mPFZ6NcpLV59rlg/rLPfX5iHg6Ir43c6ldryw16suj/vIDAAAAzokrPdf//5zpXP8DAAAAY2Z21AkAAAAAj53rfwAAABh/rv8BAABgrH31zTezKe3+/vXy2zvbdxpv31iubd2prG0vVZYamxuVlUZjpf3MvrWT9ldvNDY+F+vbd6vN2lazenVn99ZaY3u9eWs1pk6lQQAAAMART3/y3u+TiGh9/lJ7ykyOOingVEzsl5J8XtD7//BUZ/7eKSUFnIoLA7zmvYvFy50nwNk20bugT18Hxk951AkAI5ecsL7v4J3fdGalIecDAAAM37VPFN//P/l8vuWUH844nRjOr577/+nMqBIBTl37/v+gA3mcLMBYKQ80AhAYZx/2/v/J0vShEgIAAIZuuj0lpUr+9d50lEqVSsTV9s8ClJPbq/XazYh4KiJ+N1O+mNXn2lsmJ14zAAAAAAAAAAAAAAAAAAAAAAAAAAAdaZpECgAAAIy1iNKfk191nuV/bebF6d7vByaTf7d/EngyIt750Vs/uLvYbG7OZcv/vr+8+cN8+cuj+AYDAAAA6NW9Tm/P/zXqbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYN+8/eHepOw3w8kvDivvXL0bEbFH8iZhqz6eiHBGX/5HExKHtkoi4MIT4rb2I+HhR/CRLaz9kUfxhvAmtvaSVthXGj9n8XSiKf2UI8eE8u5cdf94o6v+leL49L+5/ExH/V39U/Y9/sX/8u9Cn/18dMMYz939e7Rt/L+KZieLjXzd+0if+CwPG/8bXd3f7rUt/HHGt+/nTPuIdjnBQqjbXNqpbO7s3VtcWV2ortfX5+blXF15beGXhZvX2ar2W/1sY47vP/uKD49p/ufDzL8mz6d/+Fwv2V/SZ9N/7dx98tFtpHY1//YWC+L/+Sf6Ko/FLeZxP5+Vs/bVuudUpH/bcz3773HHtXz5of/lh/v+v99tpryMd5dlB/3QAgMdga2f3zmK9Xtsc20J2lf4EpPEohcl4ItIY38K3s8L9Ye0wTdM061MFq+5FxCD7SWLILS0V53NQ6HsEGPWRCQAAGLaDk/5RZwIAAAAAAAAAAAAAAAAAAADn12k8Za035sEjkJNhPEIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAo/hcAAP//Yw3Xfw==")
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000004, &(0x7f00000004c0), 0x1, 0x56c, &(0x7f00000010c0)="$eJzs3d9rW1UcAPDvTZv91nUwhopIZA9O5tK1RZ3gw3wUHQ70fYY2K6PpMpp0rHXg9uBefJEhiDgR3/XdJxn+A/4VAx0MGUUffKnc9qbt2qRNu2zpvJ8P3Pac3Juc+82535NzcxMSQG6V0j+FiBcj4qsk4nBEJNm6wchWlpa3W3h4fTxdklhc/PivZGm7tN56rNb9DmaVFyLity8iThY2ttuYm5+q1GrVmaw+3Jy+MtyYmz91aboyWZ2sXh4dGzvz5tjoO2+/1bNYXz//z7cf3X3/zJfHF775+f6R20mcjUPZurVxPIYbayulKGXPSTHOrttwZPlfL9rcFZJ+7wA7MpDleTHSMeBwDGRZD/z/fR4Ri0BOJfIfcqo1D2id2/foPPiZ8eC95ROgjfEPRin2rWx3YCF55MwoPd8d6kH7pYj45c87t9MltvE+xPc9aBvItxs3I+L04ODG8S9Zfm84Wm/obt/pLrYpravn7fUH+uluOv95o938p5Dl5vIcaP3852Cb3N2JrfO/cL8HzXSUzv/ebTv/XbloNTSQ1Z5bmvMVk4uXatV0bHs+Ik5EcW9aH9mkjTML9xY7rVs7/0uXtP3WXDDbj/uDex+9z0SlWXmcmNd6cDPipbbz32Sl/5M2/Z8+H+e7bONY9c4rndZtHf+TtfhjxGtt+3/1ilay+fXJ4aXjYbh1VGz0961jv3dqv9/xp/1/YPP4h5K112sb22/jh33/VjuteyT+6P7435N8slTek912rdJszoxE7Ek+3Hj76Op9W/XW9mn8J45vPv6tHv+/rjzO/oj4tMv4bx396eV93cTfp/6f2Fb/b79w74PPvuvUfjfj3/6sdCL73834t8V+FWPHRzMAAAAAAADsXoWIOBRJobxSLhTK5eXPdxyNA4VavdE8ebE+e3kilr4rOxTFQutK9+E1n4cYyT4P26qPrquPRcSRiPh6YP9SvTxer030O3gAAAAAAAAAAAAAAAAAAADYJQ52+P5/6o+Bfu8d8MT5yW/Iry3zvxe/9ATsSl7/Ib/kP+SX/If8kv+QX/If8mvT/H/16e0H8PR5/Yf8kv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQU+fPnUuXxYWH18fT+sTVudmp+tVTE9XGVHl6drw8Xp+5Up6s1ydr1fJ4fXqrx6vV61dGRmP22nCz2mgON+bmL0zXZy83L1yarkxWL1SLTyUqAAAAAAAAAAAAAAAAAAAAeLY05uanKrVadUZBYUeFwd2xGwo9LvR7ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAVf8FAAD//1qoOHo=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f00000005c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf94d8000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet_tcp(0x2, 0x1, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x181601, 0x0)
r3 = fsopen(&(0x7f00000002c0)='virtiofs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)

5.90721967s ago: executing program 9 (id=984):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}, 0x9}, 0x1c)

5.90582903s ago: executing program 3 (id=985):
ioctl$KDDELIO(0xffffffffffffffff, 0x4b35, 0x400)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = creat(&(0x7f0000000340)='./file0\x00', 0xdafbe5d6891b7d4)
inotify_init1(0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000680)={'wg1\x00', &(0x7f0000000640)=@ethtool_ringparam={0x11, 0x4, 0x4, 0x80000000, 0x2, 0x8, 0xfffffff8, 0x7, 0xfffffff9}})
close(r3)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)

5.857988493s ago: executing program 5 (id=986):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee7, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x5, 0xfffffffffffffffb}, {0x0, 0x40000000000000, 0x200000000000000}, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x4000015}, 0x2c000010)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xc4, 0x19, 0x1, 0x0, 0x400000, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, {0x0, 0x0, 0x200000000000000}}, [@mark={0xc, 0x15, {0x35075a, 0x81}}]}, 0xc4}, 0x1, 0x0, 0x0, 0x40100}, 0x2c000010)
syz_emit_ethernet(0x4e, &(0x7f0000000100)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x18, 0x6, 0x7e, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@sack={0x5, 0x2}, @sack={0x5, 0x2}]}}}}}}}}, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x300001a, &(0x7f0000001e80)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c646d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75650000000000000003667365743d30121df478303030383030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be27ef17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e676cc6e5b2e542e426bceaab9b2cf261046247bce0565d13a6ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4656e47fe5a25502919954242f8d771fc2acf14f2cee04696a9d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d32da887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab924472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893f64421a40f4822ffcc284dfe9ae1c6e4a04293c970f2dae776decf07b085eb5fdeda7d365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2c7fb0340a249135057f87882717e166ef509c14fdcf38f63141e4ed36737c6e55498b350f41c8caed3e347c149162b4c6ed629be8eaaa25d59747816197aff2cf68a42d73e8146c72fedb130521de285872a4ca5353cc354a0b0e2ce57275b34276d28d91b2c0c2fa1041f818ea96f65a3000057dfb8858cfd194f7431e4b734f848268c5a000f01000000010000000360236584faaf1a4d4fabd3b68929729fd006fa91186ac3d0d222e00c77ad726cdc16c8456d6f598254bda7c72b24a6b213162cd6e6f205d16a083b5bf85cd0ea669c5fb5535a49d95389c186be0d5d6aaf673c3b675e34dbc89407aa23b2cd4f0d7674421b4896983d7958b0cf1c7c1322b944e316711ed73c720ac25fea464ea96fdf6be3f67430188cb9f1ea81316df61c875ff59c8ffa9ffe954ccb28f037ca003109618cff0ec917fc7abe19b6a10a0eae6c72b067e29580d666042466d68ce5d192fae5bdea0b94a9bfbd0efae746ff081eb028e5566a25db8f43ddd07c39db9bed54a8a9d5763d42", @ANYRESOCT], 0xfc, 0x2bc, &(0x7f0000000900)="$eJzs3T9ra2UYAPDn5F9THRLERRE8oINTuXVwcWmUK4idlAjqYvD2giTlQi8EvIL1TvcTOIpfw9VJZ7+B4Cq4tUPlyPnXJDZpo/0H9fdb+vZ93+c9T85zSKY8+fyV/fGDR0k8Pfotut0kGjuxE8dJ9KMRtW+jFQDA3XGcZfFnFhHt8v9k7chW4/qyAgCuU/n5X7rtXACAm/HRJ59+MNjdvf9hmnbjpd6z6TCJiP1n02G5PngYX8Yk9uJe9OIkIjtVjt97f/d+tNJcP17fP5wOpwvnD/6IzSJ+O3rRXx6/nZaq+GFE/rcdz0Uag4ft+qhevLg8/s0l8THsxBuvzeW/Fb349Yt4FJN4EHnsLP6b7TR9N/vu6OvP8svk8UkjhhvFvspmRNa8saIAAAAAAAAAAAAAAAAAAAAAAHDnbaVpUrbvKfr35FNV/53mSbG+ldb6i/15yvjTfsFlf6AsqhY9h1l8X/fXuZemaVZtnMW34uWWHxYAAAAAAAAAAAAAAAAAAACA3OOvnoxHk8newaUHzfFoUncDqL/W/18P3JmbeTWejEfN1QdurH+t+W4Dea7nbo5WK67gtlw8iJ8283xW7PnhrZ+LfP/9yRuz4n5chdeFudJX8cI7UWeYVkv1TR6Pkouu1a0L9+P8UifWTiNJFmaK2k72DrLikTjJFmvajeU3s3MFdyN/RjvPL136K8uy9c55+/eyRtVMUrTYWC+NdjVY+bR0z9bil9UHrnzLaF7+XQcAAAAAAAAAAAAAAAAAAFhm8YvT//D03NDGtSUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADds9vv/9aAbEYszZwaHVfB5e6pBJw4e3/JLBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4H/g7wAAAP//CrhHhw==")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = socket$inet6(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f00000000c0)={@local, 0x0, 0x0, 0x1, 0x1}, 0x20)

2.427019881s ago: executing program 4 (id=987):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00"/11], 0x48)
fsopen(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2a, 0xa9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
readahead(r0, 0xfffffffffffffff7, 0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
futex(&(0x7f000000cffc), 0x1, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000100)=ANY=[@ANYBLOB="c60a0100000000006111b400000000008510000002000000850000000700000095000e000000000095000000000000003764e7be95cd1b051a0f3cd983c673d1cc389e632d686ff6bfc1884d28861b616a4e21cc0c6b735256c1d8389642393b41331d67072eac14cc61e5392e2bfdb6c35de43684005670f403f1fc05a286a2029fb37849d0ec6f224dd3578c7a5f29bfec9c769e5eb33f3737ee2f36d9d6bd53f70c048c0985405510c8994db5"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195}, 0x70)
mount(0x0, 0x0, &(0x7f0000000140)='tracefs\x00', 0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x1040022, &(0x7f00000003c0)={[{}]})
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
open_tree(r2, &(0x7f0000000080)='./file0\x00', 0x1)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r4}, 0xc)

2.426382051s ago: executing program 5 (id=988):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_TSC_KHZ_cpu(r2, 0xaea2, 0xffffffffffff7fff)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.391239523s ago: executing program 3 (id=989):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000003c0), 0xc2e82, 0x0)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x400, 0x0)
r2 = gettid()
fcntl$lock(r0, 0x7, &(0x7f0000000080)={0x1, 0x3, 0x8, 0x100000000, r2})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000b00)={0x4, "abacd211119ca94c633774262eb5ab2c7b9c5cff6ce78185d8c4dc064744e042", <r3=>0xffffffffffffffff})
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @random, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0xe000, 0x0, 0x2, 0x0, @empty, @multicast1}, @timestamp_reply={0x11}}}}}, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000f40)={0x8, "b546baa5cc590d3033de139c2996817bb959ebab028deda525e19bdeffafde25", <r4=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r3, 0xc0303e03, &(0x7f0000000780)={"d1ed39d88b014076ab94c1fb10628c46d2e681cdb9e581a38ebb0ddd5f307e56", r4, <r5=>0xffffffffffffffff})
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r6)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r7, &(0x7f00000000c0)=""/31, 0x1f)
getdents(r7, 0x0, 0x58)
close_range(r0, r1, 0x0)
r8 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000001b40)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
r9 = syz_open_dev$loop(&(0x7f0000000040), 0x13, 0x8000)
ioctl$LOOP_SET_FD(r9, 0x4c00, r8)
ioctl$LOOP_CHANGE_FD(r9, 0x4c06, r8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x0, &(0x7f0000000080)})
poll(&(0x7f0000000000)=[{r5, 0x1200}], 0x1, 0x1)

2.334207016s ago: executing program 9 (id=990):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
getsockopt$bt_BT_POWER(r0, 0x112, 0x9, 0x0, &(0x7f0000000140))

2.284735929s ago: executing program 8 (id=991):
shmat(0x0, &(0x7f0000ff9000/0x1000)=nil, 0x5000)
shmctl$SHM_STAT_ANY(0x0, 0xf, &(0x7f0000001680)=""/113)

2.043749063s ago: executing program 5 (id=992):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f00000005c0)={0x1f, 0x0, @none, 0x4}, 0xe)
connect$bt_l2cap(r0, &(0x7f0000000140)={0x1f, 0x4, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x0, 0x2}, 0xe)

1.345927343s ago: executing program 9 (id=993):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000000c0)=0x81)
fanotify_init(0x12, 0x1000)
r1 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x8480)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000001180)={{0xfffffffe, 0x0, 0x0, 0x803, 'syz0\x00', 0x2}, 0x6, 0x2, 0x4, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5414, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x7)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x34, r3, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x1a900000}]}, 0x34}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000280)={'syztnl1\x00', 0x0})
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0xa, 0x8000000000002})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r7 = dup3(r6, r5, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r8, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xbaab6425dfc0eb9d}], 0x0, 0x0, 0x0})
sendmsg$nl_route_sched(r4, 0x0, 0x44080)

1.281078337s ago: executing program 3 (id=994):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)={0x90, r2, 0x205, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x53, 0xe, {{{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x81}, @device_b, @device_b, @initial, {0x6}}, 0x9, @default, 0x1971, @val, @void, @val={0x3, 0x1, 0xb5}, @void, @val={0x6, 0x2, 0xe}, @void, @void, @val={0x2a, 0x1, {0x1, 0x1, 0x1}}, @val={0x3c, 0x4, {0x1, 0x9, 0x30, 0xb6}}, @void, @val={0x72, 0x6}, @val={0x71, 0x7, {0xffffffffffffffff, 0x0, 0x1, 0xffffffffffffffff, 0x2, 0xb}}, @val={0x76, 0x6, {0x4, 0x2, 0x7, 0x5}}}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x90}}, 0x24000080)
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r0, 0x0, 0x4000)

1.272279947s ago: executing program 8 (id=995):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@updpolicy={0xc0, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8, 0x1f, 0x2}]}, 0xc0}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@newspdinfo={0x1c, 0x24, 0x21, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000b40)=ANY=[@ANYBLOB="d80000001b0001"], 0xd8}, 0x1, 0x0, 0x0, 0x4044001}, 0x0)

1.213855601s ago: executing program 4 (id=996):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000580), 0x3, 0x510, &(0x7f00000005c0)="$eJzs3c1vG2kZAPDHzsembZbsLgjtLhJbqUjlQ7XzIdQEkBAn4FAJUYkLSCUkbihx6ih2ShMqkcKtBw5ICCTEgTt/ARd6oqqEOIM4cOGEWkEJUkFFGuSxJ3USO3UhsbuZ309yPePX9fO8Tp4343dmPAHk1vnmP4WIyYj4fURMtVb3P+F86273yZ2l5q0QSXL1b4X0ec317KnZ/zsXETsRMRERX/1ixLcKh+PWt7ZXF6vVykZ7vdxYWy/Xt7Yv3VhbXKmsVG7OzF9eWJifnptdOLa+3vvRd+5d+fWXx3/19IePHvz4t79ppjXZbuvsx3FqdX0s3ux4bDQiPncSwYZgpN2fM8NOhP9J8+f3wYi4kNb/VIykP83+PDvRzICTliRJ8p/ktV7NOwlwahXTbeBCsRQRreVisVRqbcN/KM4Wq7V641PXa5s3l1vbym/EWPH6jWpluv1Z4Y0YKzTXZ9Ll5+uzB9bnItJt4O/9uTWwlJZq1eUBjnPAYecO1P8/R1r1D+RE/x/5gdNG/UN+qX/IL/UP+aX+Ib/UP+SX+of8Uv+QX+of8quz/rMTuV4fUi7AYB319398gHkAA/WVK1eatyQ7/3351tbmau3WpeVKfbW0trlUWqptrJdWarWVaqW0VFt70etVa7X1mU/H5u1yo1JvlOtb29fWaps3G9fS8/qvVcYG0iugH2++d/+PhYjY+cyZ9BYdf/LVKpxuSVKIYZ+DDAzHyLAHIGBo7PqD/HqJz/g9vyQMeH/r8hW9eybO9Wz6fKyfSDrAABSPanz2cHCJAAN38R37/yCvzP9Dfpn/h/x6wTa+zQPIgaPm/6N9Lb+u+p3/f/py+QAn78j5f+BUm+xy/a8kSb7/ese1u6Yj4gMR8YeRsdeya30Bp0Hxr4X29v/FqY9NHmwdL/wrnQMYj4jv/vzqT28vNhobM83H/773eONn7cdnh5E/0Nv+Gb6sTrM6BgDya/fJnaXsNsi4j7/QOgjhcPzR9tzkRLoFc3a3sO9YhcIxHbuwczci3u4Wv9C+3nlrz8fZ3ZFD8d9q3xdaL5HmO5peN30w8d/piP/Rjvjv/t/vCuTD/eb4M92t/oppTcde/e0ffyaP6fjobPzLjrnujJ+NfyM9xr/3+ozx7V/8oNvu3fRg78d3I97tOv5m8SbSWAfjN3O72Gf8R9/42od7tSW/bL1Ot/iZ5lK5sbZerm9tX7qRZTF/eWFhfnpudqGczlGXs5nqwz779u8e9Irf7H9bj/7/6VD/z7Rz+kSf/f/3Rx5+/fwR8T9+ofvv31vp/YH3P0n2cvhkn/H/MfuXb/Zqa8Zf7vH+F7vFj6w1Yq7P+PWffMm5wwDwCqlvba8uVquVjS4LY72bLOR8oRivRBr5WhiNw03J1AkFfdHIsTOYAQo4Mc+LftiZAAAAAAAAAAAAAP3qdfTv/WM8nHjYfQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA3+GwAA//9kyNKk")
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000006c0)={0x1, &(0x7f0000000500)=[{0x6, 0x43, 0x0, 0x7fff0000}]})
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000000180)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
r2 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
bind$inet(0xffffffffffffffff, &(0x7f0000e15000)={0x2, 0x4e20, @empty}, 0x10)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
listen(r1, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000140)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[], 0x18, 0x20008801}}], 0x1, 0x20044034)
close_range(r0, 0xffffffffffffffff, 0x0)
r6 = open(&(0x7f0000001b80)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000000)=0x400000)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x2)

1.202207501s ago: executing program 5 (id=997):
unshare(0x400)
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
fcntl$setlease(r0, 0x400, 0x2)

1.003134103s ago: executing program 9 (id=998):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
mbind(&(0x7f0000bdc000/0x3000)=nil, 0x3000, 0x1, &(0x7f0000000140)=0x3ff, 0x3, 0x0)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c4604070001040000000000040002000600030000000903000038000104ce0000000e0000000b0020"], 0x58)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x44}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, 0x0, &(0x7f00000001c0))
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x25, &(0x7f0000000080)={@private, @multicast2, @loopback}, &(0x7f0000000240)=0xc)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='fdinfo/3\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x101, 0xaec4, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x20000, 0x1c, 0x0, 0x5, 0x1], 0x0, 0x41981})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

887.501409ms ago: executing program 8 (id=999):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee7, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x5, 0xfffffffffffffffb}, {0x0, 0x40000000000000, 0x200000000000000}, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x4000015}, 0x2c000010)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xc4, 0x19, 0x1, 0x0, 0x400000, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, {0x0, 0x0, 0x200000000000000}}, [@mark={0xc, 0x15, {0x35075a, 0x81}}]}, 0xc4}, 0x1, 0x0, 0x0, 0x40100}, 0x2c000010)
syz_emit_ethernet(0x4e, &(0x7f0000000100)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x18, 0x6, 0x7e, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@sack={0x5, 0x2}, @sack={0x5, 0x2}]}}}}}}}}, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x300001a, &(0x7f0000001e80)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c646d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75650000000000000003667365743d30121df478303030383030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be27ef17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e676cc6e5b2e542e426bceaab9b2cf261046247bce0565d13a6ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4656e47fe5a25502919954242f8d771fc2acf14f2cee04696a9d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d32da887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab924472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893f64421a40f4822ffcc284dfe9ae1c6e4a04293c970f2dae776decf07b085eb5fdeda7d365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2c7fb0340a249135057f87882717e166ef509c14fdcf38f63141e4ed36737c6e55498b350f41c8caed3e347c149162b4c6ed629be8eaaa25d59747816197aff2cf68a42d73e8146c72fedb130521de285872a4ca5353cc354a0b0e2ce57275b34276d28d91b2c0c2fa1041f818ea96f65a3000057dfb8858cfd194f7431e4b734f848268c5a000f01000000010000000360236584faaf1a4d4fabd3b68929729fd006fa91186ac3d0d222e00c77ad726cdc16c8456d6f598254bda7c72b24a6b213162cd6e6f205d16a083b5bf85cd0ea669c5fb5535a49d95389c186be0d5d6aaf673c3b675e34dbc89407aa23b2cd4f0d7674421b4896983d7958b0cf1c7c1322b944e316711ed73c720ac25fea464ea96fdf6be3f67430188cb9f1ea81316df61c875ff59c8ffa9ffe954ccb28f037ca003109618cff0ec917fc7abe19b6a10a0eae6c72b067e29580d666042466d68ce5d192fae5bdea0b94a9bfbd0efae746ff081eb028e5566a25db8f43ddd07c39db9bed54a8a9d5763d42", @ANYRESOCT], 0xfc, 0x2bc, &(0x7f0000000900)="$eJzs3T9ra2UYAPDn5F9THRLERRE8oINTuXVwcWmUK4idlAjqYvD2giTlQi8EvIL1TvcTOIpfw9VJZ7+B4Cq4tUPlyPnXJDZpo/0H9fdb+vZ93+c9T85zSKY8+fyV/fGDR0k8Pfotut0kGjuxE8dJ9KMRtW+jFQDA3XGcZfFnFhHt8v9k7chW4/qyAgCuU/n5X7rtXACAm/HRJ59+MNjdvf9hmnbjpd6z6TCJiP1n02G5PngYX8Yk9uJe9OIkIjtVjt97f/d+tNJcP17fP5wOpwvnD/6IzSJ+O3rRXx6/nZaq+GFE/rcdz0Uag4ft+qhevLg8/s0l8THsxBuvzeW/Fb349Yt4FJN4EHnsLP6b7TR9N/vu6OvP8svk8UkjhhvFvspmRNa8saIAAAAAAAAAAAAAAAAAAAAAAHDnbaVpUrbvKfr35FNV/53mSbG+ldb6i/15yvjTfsFlf6AsqhY9h1l8X/fXuZemaVZtnMW34uWWHxYAAAAAAAAAAAAAAAAAAACA3OOvnoxHk8newaUHzfFoUncDqL/W/18P3JmbeTWejEfN1QdurH+t+W4Dea7nbo5WK67gtlw8iJ8283xW7PnhrZ+LfP/9yRuz4n5chdeFudJX8cI7UWeYVkv1TR6Pkouu1a0L9+P8UifWTiNJFmaK2k72DrLikTjJFmvajeU3s3MFdyN/RjvPL136K8uy9c55+/eyRtVMUrTYWC+NdjVY+bR0z9bil9UHrnzLaF7+XQcAAAAAAAAAAAAAAAAAAFhm8YvT//D03NDGtSUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADds9vv/9aAbEYszZwaHVfB5e6pBJw4e3/JLBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4H/g7wAAAP//CrhHhw==")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = socket$inet6(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f00000000c0)={@local, 0x0, 0x0, 0x1, 0x1}, 0x20)

886.793309ms ago: executing program 5 (id=1000):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/cpuinfo\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1e000000050000000400", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="0500000002000000040000170a"], 0x50)
syz_kvm_add_vcpu$x86(0x0, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000680)=[@cpuid={0x14, 0x18}], 0x18})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f00000000c0)={0x3})
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000040)={0x0, &(0x7f00000007c0)=[@wr_crn={0x46, 0x20, {0x4, 0x6}}, @wr_drn={0x6e, 0x20, {0x0, 0x5}}, @rdmsr={0x32, 0x18, {0x181}}, @code={0xa, 0x53, {"67735a2e0f019ee0000000650f01cfab66ba420066b89b1566ef4d0fc79ee388ef1966450f38803266baf80cb8947a2c89ef66bafc0ced40e80018000043d07c7800"}}, @out_dx={0xaa, 0x28, {0x5b77, 0x5, 0x8}}, @cpuid={0x14, 0x18, {0x10001, 0x9}}, @rdmsr={0x32, 0x18, {0xb7d}}, @rdmsr={0x32, 0x18, {0x2f0}}, @out_dx={0xaa, 0x28, {0xe6cb, 0x3, 0x80000000004}}, @code={0xa, 0x46, {"26640f35360f060f2084b9f70b00000f32420fc75d00c461fc298f0a630000c462c3f521c40299ac66410f01c9b8010000000f01d9"}}, @rdmsr={0x32, 0x18, {0x966}}, @rdmsr={0x32, 0x18, {0x4000009e}}, @nested_create_vm={0x12d, 0x18, 0x1}, @in_dx={0x82, 0x20, {0xbde0, 0x7}}], 0x1f1})
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r3, 0x4068aea3, &(0x7f00000002c0)={0xbe, 0x0, 0x1})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

22.083639ms ago: executing program 4 (id=1001):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
close(0x3)
socket$inet_icmp(0x2, 0x2, 0x1)
sendto$inet(r0, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)

0s ago: executing program 5 (id=1002):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000005680)={0x14, 0x1b, 0xa01, 0x70bd2b, 0x1, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x200080c1}, 0x48000)

kernel console output (not intermixed with test programs):

ournal. Quota mode: none.
[  113.985995][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  114.006778][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  114.017099][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  114.056815][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  114.080415][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  114.106672][ T4527] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  114.153915][ T4527] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  114.186313][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  114.196738][ T4279] EXT4-fs (loop4): unmounting filesystem.
[  114.214981][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  114.238056][ T4334] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  114.415660][ T4868] loop4: detected capacity change from 0 to 1024
[  114.454384][ T4334] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  114.478231][ T4868] EXT4-fs: inline encryption not supported
[  114.493157][ T4868] EXT4-fs: Ignoring removed i_version option
[  114.504666][ T4334] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  114.525840][ T4334] usb 3-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[  114.535986][ T4868] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  114.576117][ T4334] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.636217][ T4334] usb 3-1: config 0 descriptor??
[  114.645726][ T4868] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  114.877995][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  114.907394][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  114.977736][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  114.996478][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  115.004886][ T4868] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3852: comm syz.4.120: Allocating blocks 497-513 which overlap fs metadata
[  115.028290][ T4478] device veth0_vlan entered promiscuous mode
[  115.050203][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  115.071000][ T4334] holtek_kbd 0003:04D9:A055.0001: unknown main item tag 0x5
[  115.080261][ T4868] EXT4-fs (loop4): pa ffff8880743f3000: logic 256, phys. 385, len 8
[  115.088921][ T4868] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[  115.095273][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  115.116990][ T4478] device veth1_vlan entered promiscuous mode
[  115.128747][ T4334] holtek_kbd 0003:04D9:A055.0001: hidraw0: USB HID v0.00 Device [HID 04d9:a055] on usb-dummy_hcd.2-1/input0
[  115.190423][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  115.213774][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  115.246009][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  115.270865][ T4325] usb 3-1: USB disconnect, device number 3
[  115.293393][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  115.325125][ T4478] device veth0_macvtap entered promiscuous mode
[  115.379544][ T4478] device veth1_macvtap entered promiscuous mode
[  115.472540][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  115.494038][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  115.520144][ T4886] netlink: 'syz.1.123': attribute type 11 has an invalid length.
[  115.538073][ T4886] netlink: 8 bytes leftover after parsing attributes in process `syz.1.123'.
[  115.548651][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  115.556201][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  115.571233][ T4279] EXT4-fs (loop4): unmounting filesystem.
[  115.586381][ T4883] fido_id[4883]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  115.625353][ T4478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.656012][ T4478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.681758][ T4478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.713260][ T4478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.753969][ T4478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.772898][ T4478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.786981][ T4478] batman_adv: batadv0: Interface activated: batadv_slave_0
[  115.807852][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  115.825783][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  115.876590][ T4527] 8021q: adding VLAN 0 to HW filter on device batadv0
[  115.907105][ T4478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.947869][ T4478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.977776][ T4478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  116.022654][ T4478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.046814][ T4478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  116.069558][ T4478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.115249][ T4898] loop2: detected capacity change from 0 to 1024
[  116.247657][ T4478] batman_adv: batadv0: Interface activated: batadv_slave_1
[  116.278299][ T4478] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.287145][ T4478] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.296367][ T4478] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.305583][ T4478] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.334157][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  116.363335][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  116.646952][ T4360] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.665401][ T4360] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.719453][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  116.810816][ T4467] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.829627][ T4467] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.839928][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  117.105800][ T4925] loop4: detected capacity change from 0 to 512
[  117.175921][ T4925] EXT4-fs (loop4): filesystem is read-only
[  117.225184][ T4925] EXT4-fs (loop4): filesystem is read-only
[  117.257168][ T4925] EXT4-fs (loop4): orphan cleanup on readonly fs
[  117.267752][ T4925] EXT4-fs error (device loop4): ext4_orphan_get:1425: comm syz.4.129: bad orphan inode 16
[  117.327626][ T4925] ext4_test_bit(bit=15, block=3) = 0
[  117.367667][ T4925] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  117.430662][ T4937] loop7: detected capacity change from 0 to 16384
[  118.013030][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  118.037568][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  118.047577][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  118.057565][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  118.067591][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  118.077571][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  118.087564][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  118.097564][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  118.258646][ T4279] EXT4-fs (loop4): unmounting filesystem.
[  118.377810][ T4944] loop5: detected capacity change from 0 to 2048
[  118.421603][ T4944] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  118.526303][ T4944] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  118.643069][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  118.666561][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  118.779787][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  118.812680][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  118.872245][ T4527] device veth0_vlan entered promiscuous mode
[  118.885653][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  118.935604][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  118.995639][ T4527] device veth1_vlan entered promiscuous mode
[  119.137384][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  119.218582][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  119.268127][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  119.295146][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  119.353149][ T4527] device veth0_macvtap entered promiscuous mode
[  119.399646][ T4962] loop5: detected capacity change from 0 to 1024
[  119.407489][ T4527] device veth1_macvtap entered promiscuous mode
[  119.428680][ T4962] EXT4-fs: Ignoring removed oldalloc option
[  119.721729][ T4962] journal_path: Lookup failure for './file1'
[  119.758249][ T4962] EXT4-fs: error: could not find journal device path
[  120.328138][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  120.336543][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  120.405876][ T4527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.545247][ T4527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.577615][ T4527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.657577][ T4527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.695515][ T4527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.726527][ T4527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.767954][ T4527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.809304][ T4527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.845941][ T4527] batman_adv: batadv0: Interface activated: batadv_slave_0
[  120.875847][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  120.885748][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  120.946769][ T4527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.980637][ T4527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.011083][ T4527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.032030][ T4979] loop1: detected capacity change from 0 to 512
[  121.040662][ T4527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.077677][ T4527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.106496][ T4527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.116618][ T4527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.127428][ T4527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.159037][ T4979] EXT4-fs (loop1): DAX unsupported by block device.
[  121.168484][ T4527] batman_adv: batadv0: Interface activated: batadv_slave_1
[  121.215482][ T4527] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.243160][ T4527] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.272355][ T4527] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.291937][ T4527] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.332311][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  121.361049][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  121.439942][ T4988] loop2: detected capacity change from 0 to 16
[  121.459141][ T4988] erofs: (device loop2): mounted with root inode @ nid 36.
[  121.472622][ T4988] bio_check_eod: 8 callbacks suppressed
[  121.472660][ T4988] syz.2.144: attempt to access beyond end of device
[  121.472660][ T4988] loop2: rw=524288, sector=1342177272, nr_sectors = 32 limit=16
[  121.492672][ T4988] syz.2.144: attempt to access beyond end of device
[  121.492672][ T4988] loop2: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  121.508742][ T4988] syz.2.144: attempt to access beyond end of device
[  121.508742][ T4988] loop2: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  121.524873][ T4987] syz.2.144: attempt to access beyond end of device
[  121.524873][ T4987] loop2: rw=524288, sector=1342178800, nr_sectors = 16 limit=16
[  121.539643][ T4987] syz.2.144: attempt to access beyond end of device
[  121.539643][ T4987] loop2: rw=0, sector=1342178808, nr_sectors = 8 limit=16
[  121.545714][ T4988] syz.2.144: attempt to access beyond end of device
[  121.545714][ T4988] loop2: rw=524288, sector=1342177304, nr_sectors = 1496 limit=16
[  121.553708][ T4987] syz.2.144: attempt to access beyond end of device
[  121.553708][ T4987] loop2: rw=0, sector=1342178808, nr_sectors = 8 limit=16
[  121.577694][ T4988] syz.2.144: attempt to access beyond end of device
[  121.577694][ T4988] loop2: rw=524288, sector=1342178816, nr_sectors = 1016 limit=16
[  121.581984][ T4987] syz.2.144: attempt to access beyond end of device
[  121.581984][ T4987] loop2: rw=0, sector=1342178808, nr_sectors = 8 limit=16
[  121.610572][   T27] audit: type=1800 audit(1770614278.146:9): pid=4988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.144" name="file1" dev="loop2" ino=86 res=0 errno=0
[  121.630449][ T4987] syz.2.144: attempt to access beyond end of device
[  121.630449][ T4987] loop2: rw=0, sector=1342178808, nr_sectors = 8 limit=16
[  121.770259][   T27] audit: type=1800 audit(1770614278.166:10): pid=4988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.144" name="file1" dev="loop2" ino=86 res=0 errno=0
[  122.710938][   T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.743943][ T4993] loop4: detected capacity change from 0 to 1024
[  122.754245][   T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.797356][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  122.840998][ T4358] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.972942][ T4358] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.024886][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  123.097510][ T5000] input: syz0 as /devices/virtual/input/input6
[  123.431411][ T5012] loop1: detected capacity change from 0 to 16
[  123.487351][ T5012] erofs: (device loop1): mounted with root inode @ nid 36.
[  124.335846][ T5040] loop1: detected capacity change from 0 to 512
[  124.401196][ T5040] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  124.481920][ T5040] EXT4-fs (loop1): orphan cleanup on readonly fs
[  124.517249][ T5043] device syzkaller0 entered promiscuous mode
[  124.553684][ T5040] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.159: bad orphan inode 15
[  124.641316][ T5040] ext4_test_bit(bit=14, block=18) = 1
[  124.646786][ T5040] is_bad_inode(inode)=0
[  124.657682][ T5040] NEXT_ORPHAN(inode)=1023
[  124.662209][ T5040] max_ino=32
[  124.665452][ T5040] i_nlink=0
[  124.686313][ T5040] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2916: inode #15: comm syz.1.159: corrupted xattr block 19
[  124.798583][ T5040] EXT4-fs warning (device loop1): ext4_evict_inode:299: xattr delete (err -117)
[  124.841774][ T5040] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  124.843624][ T5053] loop4: detected capacity change from 0 to 256
[  124.896892][ T5053] FAT-fs (loop4): Directory bread(block 1285) failed
[  125.049324][ T5053] FAT-fs (loop4): Directory bread(block 1285) failed
[  125.390503][ T5040] EXT4-fs warning (device loop1): ext4_resize_begin:74: won't resize using backup superblock at 0
[  126.381601][ T5060] loop4: detected capacity change from 0 to 1024
[  126.715865][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  129.230551][ T5075] loop4: detected capacity change from 0 to 2048
[  129.292080][ T5075] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  130.030083][ T5090] loop2: detected capacity change from 0 to 16
[  130.040101][ T5090] erofs: Unknown parameter ''
[  131.247643][  T126] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  131.462598][  T126] usb 3-1: Using ep0 maxpacket: 32
[  131.470786][  T126] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  131.481097][  T126] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  131.491851][  T126] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.510807][  T126] usb 3-1: config 0 descriptor??
[  131.519835][  T126] hub 3-1:0.0: bad descriptor, ignoring hub
[  131.530967][  T126] hub: probe of 3-1:0.0 failed with error -5
[  131.542985][  T126] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  132.161393][ T5101] loop4: detected capacity change from 0 to 1024
[  132.354532][ T5112] loop5: detected capacity change from 0 to 256
[  132.472011][ T5112] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  132.514330][ T5112] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  132.576934][ T5112] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  132.736061][ T5122] loop1: detected capacity change from 0 to 1024
[  132.760801][ T5122] EXT4-fs: Ignoring removed nobh option
[  132.938211][ T1266] ieee802154 phy0 wpan0: encryption failed: -22
[  132.951532][ T1266] ieee802154 phy1 wpan1: encryption failed: -22
[  132.977425][ T5122] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.184: bad orphan inode 11
[  133.064677][ T5132] loop4: detected capacity change from 0 to 16
[  133.075475][ T5132] erofs: Unknown parameter ''
[  133.193098][ T5122] ext4_test_bit(bit=10, block=4) = 0
[  133.531604][ T5122] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  133.809052][ T5136] loop4: detected capacity change from 0 to 256
[  133.857754][ T5136] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbc8dc3cd, utbl_chksum : 0xe619d30d)
[  133.904800][ T5138] loop5: detected capacity change from 0 to 512
[  133.981394][ T5136] syz.4.187: attempt to access beyond end of device
[  133.981394][ T5136] loop4: rw=524288, sector=34225520824, nr_sectors = 1 limit=256
[  134.005539][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  134.032144][ T5138] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  134.052252][ T5136] syz.4.187: attempt to access beyond end of device
[  134.052252][ T5136] loop4: rw=0, sector=34225520824, nr_sectors = 1 limit=256
[  134.058957][ T5138] ext4 filesystem being mounted at /13/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  134.114343][ T4325] usb 3-1: USB disconnect, device number 4
[  134.140319][ T5146] loop2: detected capacity change from 0 to 4096
[  134.147995][ T5146] EXT4-fs: Ignoring removed nomblk_io_submit option
[  134.188571][ T5146] EXT4-fs (loop2): Test dummy encryption mode enabled
[  134.210205][   T27] audit: type=1800 audit(1770614290.856:11): pid=5136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.187" name="file1" dev="loop4" ino=1048612 res=0 errno=0
[  134.274158][ T5146] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a802c018, mo2=0002]
[  134.298564][ T5146] System zones: 0-5
[  134.317265][ T5146] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  134.479412][ T4478] EXT4-fs (loop5): unmounting filesystem.
[  134.660779][ T5155] loop6: detected capacity change from 0 to 512
[  135.291024][ T5163] loop1: detected capacity change from 0 to 16
[  135.305268][ T5163] erofs: (device loop1): mounted with root inode @ nid 36.
[  135.314324][ T5163] syz.1.196: attempt to access beyond end of device
[  135.314324][ T5163] loop1: rw=524288, sector=1342177272, nr_sectors = 32 limit=16
[  135.332434][ T5163] syz.1.196: attempt to access beyond end of device
[  135.332434][ T5163] loop1: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  135.346775][   T27] audit: type=1800 audit(1770614291.986:12): pid=5163 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.196" name="file1" dev="loop1" ino=86 res=0 errno=0
[  135.366478][ T5163] syz.1.196: attempt to access beyond end of device
[  135.366478][ T5163] loop1: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  135.389902][ T4267] EXT4-fs (loop2): unmounting filesystem.
[  135.467643][   T27] audit: type=1800 audit(1770614292.026:13): pid=5163 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.196" name="file1" dev="loop1" ino=86 res=0 errno=0
[  135.742796][ T5155] EXT4-fs (loop6): Test dummy encryption mode enabled
[  135.797766][ T5155] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  135.839796][ T5155] EXT4-fs error (device loop6): ext4_orphan_get:1425: comm syz.6.192: bad orphan inode 131083
[  135.928368][ T5155] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  136.197210][ T5155] fscrypt (loop6): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  136.333843][ T4527] EXT4-fs (loop6): unmounting filesystem.
[  136.411098][ T5189] loop4: detected capacity change from 0 to 128
[  136.625799][ T5192] loop6: detected capacity change from 0 to 1024
[  137.260471][   T48] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  137.269706][   T48] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  137.278020][   T48] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  137.287455][   T48] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  137.293119][ T5204] device syzkaller0 entered promiscuous mode
[  137.301358][   T48] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  137.308878][   T48] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  138.400732][ T5225] loop5: detected capacity change from 0 to 1024
[  138.413904][ T5225] EXT4-fs: Ignoring removed orlov option
[  138.487047][ T5225] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  138.713401][ T5234] loop1: detected capacity change from 0 to 512
[  138.734061][ T4478] EXT4-fs (loop5): unmounting filesystem.
[  138.755288][ T5234] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  138.846144][ T5234] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  138.877783][ T5234] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  139.157258][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  139.327812][ T4283] Bluetooth: hci3: command 0x0409 tx timeout
[  140.373491][ T5246] loop1: detected capacity change from 0 to 2048
[  140.443290][ T5246] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  141.408137][   T48] Bluetooth: hci3: command 0x041b tx timeout
[  141.514468][ T5279] loop1: detected capacity change from 0 to 2048
[  141.543735][ T5279] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  143.487849][   T48] Bluetooth: hci3: command 0x040f tx timeout
[  144.128804][ T5317] loop6: detected capacity change from 0 to 1024
[  144.136077][ T5317] EXT4-fs: Ignoring removed mblk_io_submit option
[  144.259740][ T5208] chnl_net:caif_netlink_parms(): no params data found
[  144.278501][ T5317] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  144.287059][ T5317] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.342744][ T5208] bridge0: port 1(bridge_slave_0) entered blocking state
[  144.350190][ T5208] bridge0: port 1(bridge_slave_0) entered disabled state
[  144.358880][ T5208] device bridge_slave_0 entered promiscuous mode
[  144.376628][ T5208] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.402354][ T5208] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.455139][ T5208] device bridge_slave_1 entered promiscuous mode
[  144.463950][ T5317] EXT4-fs error (device loop6): ext4_map_blocks:745: inode #15: comm syz.6.249: lblock 0 mapped to illegal pblock 0 (length 1)
[  144.562387][ T5317] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  144.588711][ T5208] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  144.607818][ T5317] EXT4-fs (loop6): This should not happen!! Data will be lost
[  144.607818][ T5317] 
[  144.627040][ T5208] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  144.645216][ T5336] EXT4-fs error (device loop6): ext4_map_blocks:635: inode #15: comm syz.6.249: lblock 0 mapped to illegal pblock 0 (length 1)
[  144.731696][ T5208] team0: Port device team_slave_0 added
[  144.758845][ T5208] team0: Port device team_slave_1 added
[  144.830155][ T4527] EXT4-fs (loop6): unmounting filesystem.
[  144.853427][ T5208] batman_adv: batadv0: Adding interface: batadv_slave_0
[  144.883747][ T5345] loop1: detected capacity change from 0 to 512
[  144.897488][ T5208] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.975099][ T5345] EXT4-fs: Ignoring removed nobh option
[  145.000916][ T5208] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  145.088980][ T5345] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  145.122683][ T5208] batman_adv: batadv0: Adding interface: batadv_slave_1
[  145.140671][ T5208] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.206755][ T5345] EXT4-fs (loop1): 1 truncate cleaned up
[  145.212708][ T5345] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  145.324342][ T5208] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  145.544342][ T5208] device hsr_slave_0 entered promiscuous mode
[  145.572681][   T48] Bluetooth: hci3: command 0x0419 tx timeout
[  145.587467][ T5208] device hsr_slave_1 entered promiscuous mode
[  145.621936][ T5208] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  145.647811][ T5208] Cannot create hsr debugfs directory
[  145.882380][ T5349] loop6: detected capacity change from 0 to 164
[  145.916795][ T5349] Unable to read rock-ridge attributes
[  145.979406][ T5208] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  146.005881][ T5349] Unable to read rock-ridge attributes
[  146.011572][ T5208] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  146.025962][ T5208] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  146.064761][ T5208] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  146.068712][ T5349] iso9660: Corrupted directory entry in block 4 of inode 1792
[  146.337998][ T5208] 8021q: adding VLAN 0 to HW filter on device bond0
[  146.386315][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  146.401959][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  146.419475][ T5208] 8021q: adding VLAN 0 to HW filter on device team0
[  146.446525][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  146.477802][ T4790] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  146.500622][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  146.531848][ T4467] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.539082][ T4467] bridge0: port 1(bridge_slave_0) entered forwarding state
[  146.575566][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  146.590976][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  146.604931][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  146.619162][ T4467] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.626360][ T4467] bridge0: port 2(bridge_slave_1) entered forwarding state
[  146.649453][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  146.676392][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  146.684548][ T4790] usb 6-1: Using ep0 maxpacket: 16
[  146.692070][ T4790] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  146.705725][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  146.714779][ T4790] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  146.730687][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  146.749994][ T4790] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  146.782433][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  146.797595][ T4790] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  146.807185][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  146.819057][ T4790] usb 6-1: SerialNumber: syz
[  146.838910][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  146.878764][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  146.916481][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  147.022539][ T5208] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  147.057288][ T5208] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  147.079466][ T4790] usb 6-1: bad CDC descriptors
[  147.118461][ T5394] loop6: detected capacity change from 0 to 2048
[  147.128596][ T4790] usb 6-1: USB disconnect, device number 2
[  147.148771][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  147.169676][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  147.189677][ T5394] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  147.749752][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  147.968557][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  148.002296][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  148.032112][ T5208] 8021q: adding VLAN 0 to HW filter on device batadv0
[  149.787488][ T5440] loop5: detected capacity change from 0 to 2048
[  149.843650][ T5440] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  150.284006][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  150.308471][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  150.436223][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  150.455371][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  150.505636][ T5208] device veth0_vlan entered promiscuous mode
[  151.367788][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  151.375938][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  151.437737][ T5473] loop1: detected capacity change from 0 to 2048
[  151.466577][ T5208] device veth1_vlan entered promiscuous mode
[  151.478150][ T5473] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  151.623501][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  151.637172][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  151.688351][ T5208] device veth0_macvtap entered promiscuous mode
[  151.724868][ T5208] device veth1_macvtap entered promiscuous mode
[  151.836015][ T5208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.856652][ T5483] loop1: detected capacity change from 0 to 1024
[  151.883786][ T5208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.899720][ T5208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.929660][ T5208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.947225][ T5208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.965115][ T5208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.975667][ T5483] EXT4-fs error (device loop1): __ext4_iget:5095: inode #2: block 127754: comm syz.1.291: invalid block
[  152.000657][ T5483] EXT4-fs (loop1): get root inode failed
[  152.006551][ T5208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  152.023164][ T5483] EXT4-fs (loop1): mount failed
[  152.032926][ T5208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.061721][ T5208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  152.076872][ T5208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.100109][ T5208] batman_adv: batadv0: Interface activated: batadv_slave_0
[  152.248961][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  152.268802][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  152.542660][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  152.854161][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  152.950819][ T5208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  152.997632][ T5208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.077787][ T5208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.129677][ T5208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.170507][ T5208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.372889][ T5208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.408924][ T5208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.447613][ T5512] loop1: detected capacity change from 0 to 256
[  153.568949][ T5514] loop5: detected capacity change from 0 to 2048
[  153.583335][ T5514] UDF-fs: bad mount option "gid=ÿ" or missing value
[  153.765032][ T5208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.011732][ T5208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.187165][ T5208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.239412][ T5208] batman_adv: batadv0: Interface activated: batadv_slave_1
[  154.248143][ T5493] device veth0 entered promiscuous mode
[  154.253971][ T5493] device veth0 left promiscuous mode
[  154.267313][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  154.286721][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  154.320724][ T4754] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  154.396808][   T27] audit: type=1800 audit(1770614311.036:14): pid=5512 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.298" name="file1" dev="loop1" ino=1048615 res=0 errno=0
[  154.430360][ T5208] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  154.441694][ T5208] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  154.467667][ T5208] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  154.498258][ T5208] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  154.756029][ T4365] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  154.773994][ T4365] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  154.832556][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  154.911565][ T4407] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  154.971074][ T4407] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.025465][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  155.162410][ T5533] loop5: detected capacity change from 0 to 1024
[  155.398101][ T5533] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  155.408050][ T5533] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.425097][ T5539] loop6: detected capacity change from 0 to 512
[  156.315151][ T5539] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.307: bg 0: block 248: padding at end of block bitmap is not set
[  156.408995][ T5539] Quota error (device loop6): write_blk: dquota write failed
[  156.427606][ T5539] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  156.496616][ T5539] EXT4-fs error (device loop6): ext4_acquire_dquot:6835: comm syz.6.307: Failed to acquire dquot type 1
[  156.591819][ T5539] EXT4-fs (loop6): 1 truncate cleaned up
[  156.632973][ T5539] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  156.668168][ T5539] ext4 filesystem being mounted at /21/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.462460][ T4382] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  157.669019][ T4382] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  157.714540][ T4382] usb 6-1: New USB device found, idVendor=056a, idProduct=00e6, bcdDevice= 0.00
[  157.787820][ T4382] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.285132][   T52] EXT4-fs error (device loop5): ext4_map_blocks:745: inode #15: comm kworker/u4:4: lblock 0 mapped to illegal pblock 0 (length 6)
[  158.360591][   T52] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117
[  158.424875][   T52] EXT4-fs (loop5): This should not happen!! Data will be lost
[  158.424875][   T52] 
[  158.480146][ T4382] usb 6-1: config 0 descriptor??
[  158.489694][ T4527] EXT4-fs (loop6): unmounting filesystem.
[  158.508579][   T52] EXT4-fs error (device loop5): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:4: lblock 8 mapped to illegal pblock 8 (length 8)
[  158.575564][ T4382] usb 6-1: can't set config #0, error -71
[  158.582483][ T4382] usb 6-1: USB disconnect, device number 3
[  158.641681][   T52] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  158.689675][   T52] EXT4-fs (loop5): This should not happen!! Data will be lost
[  158.689675][   T52] 
[  158.922771][ T5584] loop6: detected capacity change from 0 to 2048
[  158.939849][ T4478] EXT4-fs (loop5): unmounting filesystem.
[  158.993951][ T5584] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  159.258465][ T5592] loop5: detected capacity change from 0 to 1024
[  159.302798][ T5592] EXT4-fs: Ignoring removed nomblk_io_submit option
[  159.345306][ T5594] loop6: detected capacity change from 0 to 128
[  159.355856][ T5592] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  159.428094][ T5592] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  159.497146][ T5592] System zones: 0-1, 3-36
[  159.537742][ T5592] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  159.834101][ T5607] nfs: Unknown parameter 'Œ'
[  160.619232][ T5609] loop7: detected capacity change from 0 to 512
[  160.721984][ T4478] EXT4-fs (loop5): unmounting filesystem.
[  160.730959][ T5609] EXT4-fs error (device loop7): ext4_orphan_get:1399: inode #15: comm syz.7.320: inode has both inline data and extents flags
[  160.757972][ T5609] EXT4-fs error (device loop7): ext4_orphan_get:1404: comm syz.7.320: couldn't read orphan inode 15 (err -117)
[  160.776412][ T5609] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  161.024983][ T5617] loop1: detected capacity change from 0 to 1024
[  161.042485][ T5618] loop6: detected capacity change from 0 to 16
[  161.055615][ T5609] EXT4-fs error (device loop7): ext4_empty_dir:3136: inode #2: comm syz.7.320: invalid size
[  161.065773][ T5618] erofs: (device loop6): mounted with root inode @ nid 36.
[  161.076274][ T5618] syz.6.322: attempt to access beyond end of device
[  161.076274][ T5618] loop6: rw=524288, sector=1342177272, nr_sectors = 32 limit=16
[  161.090693][ T5618] syz.6.322: attempt to access beyond end of device
[  161.090693][ T5618] loop6: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  161.104672][   T27] audit: type=1800 audit(1770614317.746:15): pid=5618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.322" name="file1" dev="loop6" ino=86 res=0 errno=0
[  161.108376][ T5617] EXT4-fs: Ignoring removed nomblk_io_submit option
[  161.124305][ T5618] syz.6.322: attempt to access beyond end of device
[  161.124305][ T5618] loop6: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  161.156449][ T5618] syz.6.322: attempt to access beyond end of device
[  161.156449][ T5618] loop6: rw=524288, sector=1342177304, nr_sectors = 2528 limit=16
[  161.194265][   T27] audit: type=1800 audit(1770614317.786:16): pid=5618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.322" name="file1" dev="loop6" ino=86 res=0 errno=0
[  161.229780][ T5617] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  161.254874][ T5617] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  161.264087][ T5621] loop5: detected capacity change from 0 to 512
[  161.271749][ T5617] System zones: 0-1, 3-36
[  161.309027][ T5617] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  161.338051][ T5621] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.323: bg 0: block 248: padding at end of block bitmap is not set
[  161.427465][ T5621] Quota error (device loop5): write_blk: dquota write failed
[  161.457712][ T5621] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  161.468486][ T5621] EXT4-fs error (device loop5): ext4_acquire_dquot:6835: comm syz.5.323: Failed to acquire dquot type 1
[  161.486807][ T5621] EXT4-fs (loop5): 1 truncate cleaned up
[  161.507337][ T5621] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  161.544067][ T5621] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.658072][ T5208] EXT4-fs (loop7): unmounting filesystem.
[  161.708253][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  162.341510][ T5632] loop6: detected capacity change from 0 to 2048
[  162.394621][ T5632] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  162.590505][ T4478] EXT4-fs (loop5): unmounting filesystem.
[  162.742783][ T5647] loop6: detected capacity change from 0 to 128
[  163.492566][ T5667] loop5: detected capacity change from 0 to 16
[  163.930837][ T5667] erofs: (device loop5): mounted with root inode @ nid 36.
[  163.939992][ T5667] syz.5.334: attempt to access beyond end of device
[  163.939992][ T5667] loop5: rw=524288, sector=1342177272, nr_sectors = 32 limit=16
[  163.954266][ T5667] syz.5.334: attempt to access beyond end of device
[  163.954266][ T5667] loop5: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  163.968944][ T5667] syz.5.334: attempt to access beyond end of device
[  163.968944][ T5667] loop5: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  164.013906][   T27] audit: type=1800 audit(1770614320.616:17): pid=5667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.334" name="file1" dev="loop5" ino=86 res=0 errno=0
[  164.249351][   T27] audit: type=1800 audit(1770614320.626:18): pid=5667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.334" name="file1" dev="loop5" ino=86 res=0 errno=0
[  164.749041][ T5674] loop7: detected capacity change from 0 to 16
[  164.760255][ T5674] erofs: (device loop7): mounted with root inode @ nid 36.
[  164.770471][ T5674] syz.7.337: attempt to access beyond end of device
[  164.770471][ T5674] loop7: rw=524288, sector=1342177272, nr_sectors = 32 limit=16
[  164.784924][ T5674] syz.7.337: attempt to access beyond end of device
[  164.784924][ T5674] loop7: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  164.799838][ T5674] syz.7.337: attempt to access beyond end of device
[  164.799838][ T5674] loop7: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  164.804022][   T27] audit: type=1800 audit(1770614321.446:19): pid=5674 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.337" name="file1" dev="loop7" ino=86 res=0 errno=0
[  165.030775][   T27] audit: type=1800 audit(1770614321.456:20): pid=5674 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.337" name="file1" dev="loop7" ino=86 res=0 errno=0
[  165.151087][ T5685] loop5: detected capacity change from 0 to 2048
[  165.230318][ T5685] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  166.032933][ T5716] binder_alloc: 5715: binder_alloc_buf, no vma
[  166.250992][ T5723] loop7: detected capacity change from 0 to 16
[  166.274473][ T5723] erofs: (device loop7): mounted with root inode @ nid 36.
[  166.283993][ T5723] bio_check_eod: 1 callbacks suppressed
[  166.284008][ T5723] syz.7.351: attempt to access beyond end of device
[  166.284008][ T5723] loop7: rw=524288, sector=1342177272, nr_sectors = 32 limit=16
[  166.304385][ T5723] syz.7.351: attempt to access beyond end of device
[  166.304385][ T5723] loop7: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  166.318255][   T27] audit: type=1800 audit(1770614322.966:21): pid=5723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.351" name="file1" dev="loop7" ino=86 res=0 errno=0
[  166.339873][ T5723] syz.7.351: attempt to access beyond end of device
[  166.339873][ T5723] loop7: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  166.366001][ T5723] syz.7.351: attempt to access beyond end of device
[  166.366001][ T5723] loop7: rw=524288, sector=1342177304, nr_sectors = 2056 limit=16
[  166.381236][ T5723] syz.7.351: attempt to access beyond end of device
[  166.381236][ T5723] loop7: rw=524288, sector=1342179360, nr_sectors = 472 limit=16
[  166.403666][ T5726] loop6: detected capacity change from 0 to 1024
[  166.509360][   T27] audit: type=1800 audit(1770614322.996:22): pid=5723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.351" name="file1" dev="loop7" ino=86 res=0 errno=0
[  166.598673][ T5726] hfsplus: xattr search failed
[  166.606740][ T5731] loop7: detected capacity change from 0 to 128
[  167.625273][ T5768] loop6: detected capacity change from 0 to 1024
[  168.128638][ T5768] hfsplus: bad catalog entry type
[  168.736602][ T4527] hfsplus: bad catalog entry type
[  169.083871][ T5798] netlink: 4 bytes leftover after parsing attributes in process `syz.1.377'.
[  169.178282][   T52] hfsplus: b-tree write err: -5, ino 4
[  169.549735][    T9] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.059596][ T5818] loop1: detected capacity change from 0 to 2048
[  171.200481][ T5818] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  171.330376][    T9] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.385557][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  171.535342][    T9] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.591777][ T5833] netlink: 32 bytes leftover after parsing attributes in process `syz.4.389'.
[  171.664831][ T5832] loop7: detected capacity change from 0 to 1024
[  171.701163][ T5832] hfsplus: unable to parse mount options
[  171.739861][    T9] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.173187][ T5843] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  173.219932][ T5860] loop1: detected capacity change from 0 to 2048
[  173.309751][ T4283] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  173.325310][ T4283] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  173.344465][ T4286] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  173.352401][ T4283] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  173.360334][ T4286] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  173.379997][ T4286] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  173.396763][ T5860] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  173.566552][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  173.835023][ T5876] netlink: 8 bytes leftover after parsing attributes in process `syz.1.401'.
[  174.236816][ T5862] chnl_net:caif_netlink_parms(): no params data found
[  174.691323][ T5862] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.698612][ T5862] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.707327][ T5862] device bridge_slave_0 entered promiscuous mode
[  174.716311][ T5862] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.723641][ T5862] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.732414][ T5862] device bridge_slave_1 entered promiscuous mode
[  175.009995][ T5862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  175.033506][    T9] device hsr_slave_0 left promiscuous mode
[  175.056499][    T9] device hsr_slave_1 left promiscuous mode
[  175.081560][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  175.102854][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  175.120122][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  175.137896][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  175.168280][    T9] device bridge_slave_1 left promiscuous mode
[  175.183563][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.208068][    T9] device bridge_slave_0 left promiscuous mode
[  175.214370][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.311378][ T5929] loop1: detected capacity change from 0 to 164
[  175.323504][    T9] device veth1_macvtap left promiscuous mode
[  175.344718][    T9] device veth0_macvtap left promiscuous mode
[  175.358344][    T9] device veth1_vlan left promiscuous mode
[  175.374500][    T9] device veth0_vlan left promiscuous mode
[  175.498302][   T48] Bluetooth: hci1: command 0x0409 tx timeout
[  175.757678][  T126] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  175.967652][  T126] usb 2-1: Using ep0 maxpacket: 16
[  175.982512][  T126] usb 2-1: config 0 has no interfaces?
[  176.022930][  T126] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  176.068732][  T126] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.110499][  T126] usb 2-1: Product: syz
[  176.133276][  T126] usb 2-1: Manufacturer: syz
[  176.157922][  T126] usb 2-1: SerialNumber: syz
[  176.229209][  T126] usb 2-1: config 0 descriptor??
[  176.579135][ T4313] usb 2-1: USB disconnect, device number 3
[  177.488525][    T9] team0 (unregistering): Port device team_slave_1 removed
[  177.568526][   T48] Bluetooth: hci1: command 0x041b tx timeout
[  177.631171][    T9] team0 (unregistering): Port device team_slave_0 removed
[  177.758141][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  177.805800][ T5972] loop1: detected capacity change from 0 to 16
[  177.835635][ T5972] erofs: (device loop1): mounted with root inode @ nid 36.
[  177.866585][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  177.893320][ T5972] syz.1.429: attempt to access beyond end of device
[  177.893320][ T5972] loop1: rw=524288, sector=1342177272, nr_sectors = 32 limit=16
[  177.943264][ T5972] syz.1.429: attempt to access beyond end of device
[  177.943264][ T5972] loop1: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  177.959145][   T27] audit: type=1800 audit(1770614334.606:23): pid=5972 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.429" name="file1" dev="loop1" ino=86 res=0 errno=0
[  178.433578][ T4382] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  178.473818][    T9] bond0 (unregistering): Released all slaves
[  178.562791][ T5862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  178.640859][ T5862] team0: Port device team_slave_0 added
[  178.648274][ T4382] usb 2-1: config 220 has an invalid interface number: 76 but max is 2
[  178.656592][ T4382] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  178.690606][ T4382] usb 2-1: config 220 has no interface number 2
[  178.696991][ T4382] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  178.728737][ T5862] team0: Port device team_slave_1 added
[  178.777356][ T4382] usb 2-1: config 220 interface 0 has no altsetting 0
[  178.791693][ T4382] usb 2-1: config 220 interface 76 has no altsetting 0
[  178.800639][ T4382] usb 2-1: config 220 interface 1 has no altsetting 0
[  178.820638][ T4382] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  178.831495][ T5862] batman_adv: batadv0: Adding interface: batadv_slave_0
[  178.848680][ T4382] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.856819][ T4382] usb 2-1: Product: syz
[  178.865122][ T5985] input: syz1 as /devices/virtual/input/input7
[  178.871584][ T5862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  178.878335][ T4382] usb 2-1: Manufacturer: syz
[  178.936326][ T5862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  178.954725][ T4382] usb 2-1: SerialNumber: syz
[  178.971220][ T5862] batman_adv: batadv0: Adding interface: batadv_slave_1
[  179.005375][ T5862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.189152][ T4382] usb 2-1: selecting invalid altsetting 0
[  179.223421][ T4382] usb 2-1: Found UVC 7.01 device syz (8086:0b07)
[  179.250487][ T4382] usb 2-1: No valid video chain found.
[  179.277568][ T5862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  179.353189][ T5993] loop7: detected capacity change from 0 to 512
[  179.668642][   T48] Bluetooth: hci1: command 0x040f tx timeout
[  180.104228][ T4382] usb 2-1: selecting invalid altsetting 0
[  180.111054][ T4382] usbtest: probe of 2-1:220.1 failed with error -22
[  180.128763][ T4382] usb 2-1: USB disconnect, device number 4
[  180.179525][ T5993] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  180.343600][ T5862] device hsr_slave_0 entered promiscuous mode
[  181.590178][ T5862] device hsr_slave_1 entered promiscuous mode
[  181.625111][ T5862] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  181.666010][ T5862] Cannot create hsr debugfs directory
[  181.727741][ T4286] Bluetooth: hci1: command 0x0419 tx timeout
[  182.245110][ T6011] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  182.252916][ T6011] IPv6: NLM_F_CREATE should be set when creating new route
[  182.260242][ T6011] IPv6: NLM_F_CREATE should be set when creating new route
[  182.367855][ T5862] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  182.406127][ T5862] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  182.467431][ T5862] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  182.562386][ T5862] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  182.680977][ T6018] binder: BINDER_SET_CONTEXT_MGR already set
[  182.703409][ T6018] binder: 6016:6018 ioctl 4018620d 200000000040 returned -16
[  182.948002][ T5862] 8021q: adding VLAN 0 to HW filter on device bond0
[  182.989357][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  183.008713][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  183.061297][ T5862] 8021q: adding VLAN 0 to HW filter on device team0
[  183.116869][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  183.165987][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  183.188625][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.195880][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  183.224490][ T6038] loop1: detected capacity change from 0 to 512
[  183.250828][ T6038] EXT4-fs: inline encryption not supported
[  183.275365][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  183.295413][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  183.314949][ T6038] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  183.364984][ T6041] loop7: detected capacity change from 0 to 512
[  183.372033][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  183.396017][ T6038] EXT4-fs (loop1): 1 truncate cleaned up
[  183.413514][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.420726][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  183.446783][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  183.455629][ T6038] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  183.496931][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  183.527116][ T6041] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.448: bg 0: block 248: padding at end of block bitmap is not set
[  183.600856][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  183.617899][ T6041] Quota error (device loop7): write_blk: dquota write failed
[  183.651926][ T6041] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  183.675197][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  183.704803][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  183.728036][ T6041] EXT4-fs error (device loop7): ext4_acquire_dquot:6835: comm syz.7.448: Failed to acquire dquot type 1
[  183.744296][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  183.778199][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  183.808321][ T6041] EXT4-fs (loop7): 1 truncate cleaned up
[  183.824367][ T6041] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  183.836325][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  183.842878][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  183.861080][ T6041] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  183.878368][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  183.903163][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  184.013554][ T5862] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  184.279958][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  184.578808][ T6065] 9pnet_fd: p9_fd_create_unix (6065): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  184.758688][ T6068] loop1: detected capacity change from 0 to 1024
[  184.964753][ T5208] EXT4-fs (loop7): unmounting filesystem.
[  185.020524][ T6068] EXT4-fs: inline encryption not supported
[  185.026549][ T6068] EXT4-fs: Ignoring removed bh option
[  185.035635][ T6068] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  185.262060][ T6068] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  185.421953][ T5862] 8021q: adding VLAN 0 to HW filter on device batadv0
[  185.459245][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  185.466818][ T4467] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  185.553402][ T6068] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3852: comm syz.1.455: Allocating blocks 497-513 which overlap fs metadata
[  185.650109][ T6068] EXT4-fs (loop1): pa ffff8880743f3a80: logic 256, phys. 385, len 8
[  185.658806][ T6068] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[  185.977223][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  186.886619][ T6105] syz.7.463 uses obsolete (PF_INET,SOCK_PACKET)
[  187.221359][ T6118] loop1: detected capacity change from 0 to 16
[  187.250417][ T6118] erofs: (device loop1): mounted with root inode @ nid 36.
[  187.284699][ T6114] loop7: detected capacity change from 0 to 4096
[  187.353237][ T6114] EXT4-fs: Ignoring removed nomblk_io_submit option
[  187.397348][ T6114] EXT4-fs (loop7): Test dummy encryption mode enabled
[  187.426172][ T6114] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a802c018, mo2=0002]
[  187.436946][ T6114] System zones: 0-5
[  187.490021][ T6114] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  187.935577][ T6129] loop1: detected capacity change from 0 to 1024
[  187.948930][ T6129] EXT4-fs: Ignoring removed nobh option
[  188.024466][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  188.036699][ T6129] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.471: bad orphan inode 11
[  188.048208][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  188.075255][ T5862] device veth0_vlan entered promiscuous mode
[  188.103281][ T5208] EXT4-fs (loop7): unmounting filesystem.
[  188.162531][ T6129] ext4_test_bit(bit=10, block=4) = 0
[  188.168015][ T6129] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  188.185963][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  188.194621][ T6129] EXT4-fs (loop1): shut down requested (1)
[  188.210807][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  188.274823][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  188.314592][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  188.371412][ T5862] device veth1_vlan entered promiscuous mode
[  188.385728][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  188.517613][   T46] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.610307][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  188.634545][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  188.664100][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  188.695645][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  188.714572][ T6146] netlink: 4 bytes leftover after parsing attributes in process `syz.1.475'.
[  188.880711][   T46] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.923719][ T5862] device veth0_macvtap entered promiscuous mode
[  188.948918][ T5862] device veth1_macvtap entered promiscuous mode
[  188.985704][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  189.016482][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  189.113509][   T46] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.179449][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.211059][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.247594][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.277608][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.321805][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.367623][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.412210][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.463536][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.594768][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.804339][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.052466][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_0
[  190.329711][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  190.409187][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  190.582435][   T46] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.638366][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.689792][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.700411][   T48] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  190.710556][   T48] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  190.718805][   T48] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  190.726753][   T48] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  190.741778][   T48] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  190.749336][   T48] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  190.758427][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.778243][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.788188][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.798706][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.808651][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.819172][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.829425][ T5862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.839990][ T5862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.851698][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_1
[  190.863381][ T5862] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.872338][ T5862] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.881155][ T5862] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.892005][ T5862] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.904517][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  190.913648][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  191.298506][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  191.320913][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  191.366890][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  191.556610][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  191.587252][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  191.638345][ T5133] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  191.908311][ T6194] loop8: detected capacity change from 0 to 1024
[  191.956551][ T6194] ext4: Bad value for 'barrier'
[  191.965820][ T6169] chnl_net:caif_netlink_parms(): no params data found
[  192.303515][ T6209] loop1: detected capacity change from 0 to 16
[  192.370106][ T6209] erofs: (device loop1): mounted with root inode @ nid 36.
[  192.537841][ T6169] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.548076][ T6169] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.602140][ T6169] device bridge_slave_0 entered promiscuous mode
[  192.728703][ T6169] bridge0: port 2(bridge_slave_1) entered blocking state
[  192.740028][ T6224] fuse: Bad value for 'fd'
[  192.744724][ T6169] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.917297][ T4286] Bluetooth: hci3: command 0x0409 tx timeout
[  192.933863][ T6169] device bridge_slave_1 entered promiscuous mode
[  194.778972][ T1266] ieee802154 phy0 wpan0: encryption failed: -22
[  194.790570][ T1266] ieee802154 phy1 wpan1: encryption failed: -22
[  194.927655][ T4286] Bluetooth: hci3: command 0x041b tx timeout
[  195.069368][ T6169] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  195.137411][ T6169] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  195.244487][ T6169] team0: Port device team_slave_0 added
[  195.258161][ T6169] team0: Port device team_slave_1 added
[  195.421660][ T6243] loop8: detected capacity change from 0 to 16
[  195.444482][ T6243] erofs: (device loop8): mounted with root inode @ nid 36.
[  195.466552][ T6243] syz.8.501: attempt to access beyond end of device
[  195.466552][ T6243] loop8: rw=524288, sector=1342177272, nr_sectors = 32 limit=16
[  195.561899][ T6243] syz.8.501: attempt to access beyond end of device
[  195.561899][ T6243] loop8: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  195.650873][   T27] audit: type=1800 audit(1770614608.287:24): pid=6243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.501" name="file1" dev="loop8" ino=86 res=0 errno=0
[  195.711663][ T6169] batman_adv: batadv0: Adding interface: batadv_slave_0
[  195.723485][ T6169] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.750646][ T6169] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  195.764057][ T6169] batman_adv: batadv0: Adding interface: batadv_slave_1
[  195.771306][ T6169] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.797901][  T128] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  195.967902][ T6169] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  196.709557][  T128] usb 2-1: config 220 has an invalid interface number: 76 but max is 2
[  196.726773][   T46] device hsr_slave_0 left promiscuous mode
[  196.736033][  T128] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  196.759885][   T46] device hsr_slave_1 left promiscuous mode
[  196.771987][  T128] usb 2-1: config 220 has an invalid descriptor of length 13, skipping remainder of the config
[  196.786830][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  196.803781][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  196.806528][  T128] usb 2-1: config 220 has no interface number 2
[  196.843900][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  196.849573][  T128] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  196.888739][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  196.889155][  T128] usb 2-1: config 220 interface 0 has no altsetting 0
[  196.918009][   T46] device bridge_slave_1 left promiscuous mode
[  196.924345][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.935196][  T128] usb 2-1: config 220 interface 76 has no altsetting 0
[  196.963986][  T128] usb 2-1: config 220 interface 1 has no altsetting 0
[  196.995463][  T128] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  197.007589][ T4286] Bluetooth: hci3: command 0x040f tx timeout
[  197.024991][  T128] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.033963][   T46] device bridge_slave_0 left promiscuous mode
[  197.041533][  T128] usb 2-1: Product: syz
[  197.045847][  T128] usb 2-1: Manufacturer: syz
[  197.051015][  T128] usb 2-1: SerialNumber: syz
[  197.066140][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.195731][   T46] device veth1_macvtap left promiscuous mode
[  197.215597][   T46] device veth0_macvtap left promiscuous mode
[  197.241499][   T46] device veth1_vlan left promiscuous mode
[  197.282597][   T46] device veth0_vlan left promiscuous mode
[  197.302807][  T128] usb 2-1: selecting invalid altsetting 0
[  197.324874][  T128] usb 2-1: Found UVC 7.01 device syz (8086:0b07)
[  197.350046][  T128] usb 2-1: No valid video chain found.
[  197.382317][ T6278] loop8: detected capacity change from 0 to 16
[  197.399118][  T128] usb 2-1: selecting invalid altsetting 0
[  197.404935][  T128] usbtest: probe of 2-1:220.1 failed with error -22
[  197.443754][ T6278] erofs: (device loop8): mounted with root inode @ nid 36.
[  197.456026][  T128] usb 2-1: USB disconnect, device number 5
[  197.506624][ T6278] syz.8.510: attempt to access beyond end of device
[  197.506624][ T6278] loop8: rw=524288, sector=1342177272, nr_sectors = 32 limit=16
[  197.584940][ T6278] syz.8.510: attempt to access beyond end of device
[  197.584940][ T6278] loop8: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  197.657839][   T27] audit: type=1800 audit(1770614610.297:25): pid=6278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.510" name="file1" dev="loop8" ino=86 res=0 errno=0
[  199.305518][ T4286] Bluetooth: hci3: command 0x0419 tx timeout
[  199.479272][ T6309] loop8: detected capacity change from 0 to 16
[  199.508086][ T6309] erofs: (device loop8): mounted with root inode @ nid 36.
[  199.518226][ T6309] syz.8.521: attempt to access beyond end of device
[  199.518226][ T6309] loop8: rw=524288, sector=1342177272, nr_sectors = 32 limit=16
[  199.532864][ T6309] syz.8.521: attempt to access beyond end of device
[  199.532864][ T6309] loop8: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  199.546996][   T27] audit: type=1800 audit(1770614612.177:26): pid=6309 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.521" name="file1" dev="loop8" ino=86 res=0 errno=0
[  199.566755][ T6309] syz.8.521: attempt to access beyond end of device
[  199.566755][ T6309] loop8: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  199.591885][ T6309] syz.8.521: attempt to access beyond end of device
[  199.591885][ T6309] loop8: rw=524288, sector=1342177304, nr_sectors = 2528 limit=16
[  199.684624][   T27] audit: type=1800 audit(1770614612.217:27): pid=6309 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.521" name="file1" dev="loop8" ino=86 res=0 errno=0
[  199.740864][ T6311] loop8: detected capacity change from 0 to 1024
[  199.750684][ T6311] EXT4-fs: Ignoring removed nobh option
[  199.756831][ T6311] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  199.805604][ T6311] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  199.881696][ T6311] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  199.960782][ T6311] EXT4-fs (loop8): Remounting filesystem read-only
[  200.056103][ T6311] syz.8.523 (6311) used greatest stack depth: 19064 bytes left
[  200.076588][ T5862] EXT4-fs (loop8): unmounting filesystem.
[  201.216567][   T46] team0 (unregistering): Port device team_slave_1 removed
[  201.337165][   T46] team0 (unregistering): Port device team_slave_0 removed
[  201.358308][ T6342] loop1: detected capacity change from 0 to 16
[  201.383732][ T6342] erofs: (device loop1): mounted with root inode @ nid 36.
[  201.407703][   T48] Bluetooth: hci3: command 0x0411 tx timeout
[  201.451978][ T6342] syz.1.533: attempt to access beyond end of device
[  201.451978][ T6342] loop1: rw=524288, sector=1342177272, nr_sectors = 32 limit=16
[  201.477049][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  201.493548][ T6342] syz.1.533: attempt to access beyond end of device
[  201.493548][ T6342] loop1: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  201.549068][   T27] audit: type=1800 audit(1770614614.177:28): pid=6342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.533" name="file1" dev="loop1" ino=86 res=0 errno=0
[  201.594872][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  201.716425][ T6347] loop1: detected capacity change from 0 to 128
[  201.734405][ T6347] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  201.749483][ T6347] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  201.760331][ T6347] ext2 filesystem being mounted at /128/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  202.012967][ T6351] fuse: Bad value for 'fd'
[  202.069092][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  202.131500][ T6353] loop8: detected capacity change from 0 to 256
[  202.223016][ T6353] exFAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  202.247750][ T6353] exFAT-fs (loop8): Medium has reported failures. Some data may be lost.
[  202.291666][ T6353] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  202.865791][ T6370] loop1: detected capacity change from 0 to 16
[  202.894326][   T46] bond0 (unregistering): Released all slaves
[  202.923180][ T6370] erofs: (device loop1): mounted with root inode @ nid 36.
[  202.977428][ T6370] syz.1.544: attempt to access beyond end of device
[  202.977428][ T6370] loop1: rw=524288, sector=1342177272, nr_sectors = 32 limit=16
[  203.028567][ T6370] syz.1.544: attempt to access beyond end of device
[  203.028567][ T6370] loop1: rw=0, sector=1342177272, nr_sectors = 8 limit=16
[  203.072952][   T27] audit: type=1800 audit(1770614615.707:29): pid=6370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.544" name="file1" dev="loop1" ino=86 res=0 errno=0
[  203.149854][ T6169] device hsr_slave_0 entered promiscuous mode
[  203.166901][ T6169] device hsr_slave_1 entered promiscuous mode
[  203.176840][ T6169] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  203.185042][ T6169] Cannot create hsr debugfs directory
[  205.343014][ T6393] loop8: detected capacity change from 0 to 256
[  205.466863][   T27] audit: type=1326 audit(1770614618.097:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6390 comm="syz.5.553" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f97d719aeb9 code=0x0
[  205.535645][ T6393] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3ec, utbl_chksum : 0xe619d30d)
[  205.560246][ T6169] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  205.635526][ T6169] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  205.691922][ T6169] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  205.750749][ T6169] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  206.245080][ T6169] 8021q: adding VLAN 0 to HW filter on device bond0
[  206.309830][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  206.345392][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  206.388332][ T6169] 8021q: adding VLAN 0 to HW filter on device team0
[  206.419904][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  206.453841][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  206.503414][ T4407] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.510736][ T4407] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.579519][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  206.641019][ T4295] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  206.688250][ T4295] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  206.701035][ T4295] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.708321][ T4295] bridge0: port 2(bridge_slave_1) entered forwarding state
[  206.781791][ T4295] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  206.825325][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  206.884340][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  206.910948][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  206.948885][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  206.986391][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  207.015537][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  207.169056][   T46] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.242570][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  207.271196][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  207.308287][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  207.325046][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  207.573618][   T46] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.689840][ T6169] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  207.833835][ T6439] loop1: detected capacity change from 0 to 1024
[  207.878832][ T6439] EXT4-fs: Ignoring removed mblk_io_submit option
[  208.006320][   T46] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.026748][ T6439] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  208.212974][   T46] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.470405][   T27] audit: type=1800 audit(1770614621.107:31): pid=6439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.564" name="file1" dev="loop1" ino=15 res=0 errno=0
[  208.657422][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  209.048522][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  209.056063][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  209.096215][ T6169] 8021q: adding VLAN 0 to HW filter on device batadv0
[  209.187751][ T4334] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  209.282711][ T6482] skbuff: bad partial csum: csum=65506/2 headroom=144 headlen=65526
[  209.312054][ T6477] loop8: detected capacity change from 0 to 4096
[  209.339973][ T6477] EXT4-fs: Ignoring removed nomblk_io_submit option
[  209.407725][ T4334] usb 2-1: Using ep0 maxpacket: 16
[  209.414964][ T4334] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  209.430527][ T6477] EXT4-fs (loop8): Test dummy encryption mode enabled
[  209.464632][ T6477] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a802c018, mo2=0002]
[  209.493053][ T4334] usb 2-1: New USB device found, idVendor=046d, idProduct=c52b, bcdDevice= 0.00
[  209.532431][ T6477] System zones: 0-5
[  209.564594][ T6477] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  209.611789][ T4334] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.674073][ T4334] usb 2-1: config 0 descriptor??
[  209.933951][ T4334] usbhid 2-1:0.0: can't add hid device: -71
[  209.951058][ T4334] usbhid: probe of 2-1:0.0 failed with error -71
[  209.998301][ T4334] usb 2-1: USB disconnect, device number 6
[  210.054942][ T5862] EXT4-fs (loop8): unmounting filesystem.
[  210.666860][   T46] device hsr_slave_0 left promiscuous mode
[  210.691066][   T46] device hsr_slave_1 left promiscuous mode
[  210.707429][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  210.728381][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  210.745515][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  210.763500][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  210.780000][   T46] device bridge_slave_1 left promiscuous mode
[  210.794402][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.813905][   T46] device bridge_slave_0 left promiscuous mode
[  210.821124][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.865518][   T46] device veth1_macvtap left promiscuous mode
[  210.871746][   T46] device veth0_macvtap left promiscuous mode
[  210.884949][   T46] device veth1_vlan left promiscuous mode
[  210.891184][   T46] device veth0_vlan left promiscuous mode
[  210.928479][ T4334] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  212.001857][ T4334] usb 2-1: Using ep0 maxpacket: 32
[  212.019345][ T4334] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  212.108263][ T6537] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  212.539181][ T4334] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  212.549125][ T4334] usb 2-1: config 0 interface 0 has no altsetting 0
[  212.555782][ T4334] usb 2-1: New USB device found, idVendor=056a, idProduct=030a, bcdDevice= 0.00
[  212.564921][ T4334] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.583635][ T4334] usb 2-1: config 0 descriptor??
[  213.234365][ T4334] wacom 0003:056A:030A.0002: unknown main item tag 0x0
[  213.266385][ T4334] wacom 0003:056A:030A.0002: unknown main item tag 0x0
[  213.487786][ T4334] wacom 0003:056A:030A.0002: hidraw0: USB HID v0.00 Device [HID 056a:030a] on usb-dummy_hcd.1-1/input0
[  213.684383][ T4334] usb 2-1: USB disconnect, device number 7
[  214.133298][ T6554] fido_id[6554]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  214.254993][   T46] team0 (unregistering): Port device team_slave_1 removed
[  214.282185][ T6565] loop1: detected capacity change from 0 to 256
[  214.326911][ T6565] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  214.372942][   T46] team0 (unregistering): Port device team_slave_0 removed
[  214.462355][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  214.568143][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  215.579732][ T6578] loop8: detected capacity change from 0 to 512
[  215.668755][ T6578] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  215.822204][ T6578] EXT4-fs (loop8): 1 truncate cleaned up
[  215.828114][ T6578] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  216.575165][ T5862] EXT4-fs (loop8): unmounting filesystem.
[  216.745435][   T46] bond0 (unregistering): Released all slaves
[  217.019858][ T6596] loop8: detected capacity change from 0 to 1024
[  217.058465][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  217.099449][ T6596] EXT4-fs: Ignoring removed nomblk_io_submit option
[  217.140965][ T6599] loop1: detected capacity change from 0 to 128
[  217.147322][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  217.195148][ T6599] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  217.215440][ T6596] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  217.294186][ T6599] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  217.376288][ T6599] ext2 filesystem being mounted at /144/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  217.389495][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  217.422445][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  217.479390][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  217.512799][ T5862] EXT4-fs (loop8): unmounting filesystem.
[  217.522878][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  217.600382][ T6169] device veth0_vlan entered promiscuous mode
[  217.710646][ T6169] device veth1_vlan entered promiscuous mode
[  217.723841][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  217.801160][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  217.840182][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  217.873305][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  217.909603][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  217.952400][ T6169] device veth0_macvtap entered promiscuous mode
[  218.008302][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  218.040870][ T6169] device veth1_macvtap entered promiscuous mode
[  218.143063][ T6169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  218.160020][ T6169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.181221][ T6169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  218.209775][ T6169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.385997][ T6169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  218.453672][ T6626] loop1: detected capacity change from 0 to 1024
[  218.585424][ T6169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.632482][ T6626] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  218.853188][ T6169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  219.043005][ T6626] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  219.087706][ T6169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.110572][ T6169] batman_adv: batadv0: Interface activated: batadv_slave_0
[  219.118108][ T6626] System zones: 0-1, 3-36
[  219.137552][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  219.156385][ T6626] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  219.218891][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  219.240357][ T6169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.327627][ T6169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.357606][ T6169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.396351][ T6169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.419992][ T6169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.441031][ T6169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.494518][ T6169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.518391][ T6169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.542090][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  219.560291][ T6169] batman_adv: batadv0: Interface activated: batadv_slave_1
[  219.644378][ T6169] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  219.663772][ T6169] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  219.672641][ T6169] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  219.681455][ T6169] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  219.707126][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  219.728943][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  220.381149][ T6649] loop1: detected capacity change from 0 to 1024
[  220.437689][ T4329] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  220.450952][ T6649] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  220.647730][ T4329] usb 9-1: Using ep0 maxpacket: 8
[  220.660249][ T4329] usb 9-1: unable to get BOS descriptor or descriptor too short
[  220.674772][ T4329] usb 9-1: config 9 has an invalid interface number: 210 but max is 1
[  220.727645][ T4329] usb 9-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[  220.755299][ T6649] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  220.836483][ T5133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.847216][   T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.858235][ T4329] usb 9-1: config 9 has 1 interface, different from the descriptor's value: 2
[  220.872752][ T5133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.880389][   T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.905077][ T4329] usb 9-1: config 9 has no interface number 0
[  220.918715][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  220.948282][ T6661] netlink: 4 bytes leftover after parsing attributes in process `syz.4.629'.
[  220.975863][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  220.992339][ T4329] usb 9-1: config 9 interface 210 altsetting 14 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  221.081042][ T4329] usb 9-1: config 9 interface 210 has no altsetting 0
[  221.887422][ T4329] usb 9-1: New USB device found, idVendor=22b8, idProduct=6425, bcdDevice=7a.93
[  221.957016][ T4329] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.996113][ T4329] usb 9-1: Product: syz
[  222.027603][ T4329] usb 9-1: Manufacturer: syz
[  222.032273][ T4329] usb 9-1: SerialNumber: syz
[  222.413974][ T4329] usb 9-1: USB disconnect, device number 2
[  223.515018][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  224.513202][ T6716] loop1: detected capacity change from 0 to 736
[  224.945799][ T6732] loop9: detected capacity change from 0 to 1024
[  225.180695][ T6732] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  225.271211][   T27] audit: type=1800 audit(1770614637.907:32): pid=6732 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.652" name="file1" dev="loop9" ino=15 res=0 errno=0
[  225.293123][ T6732] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 25 vs 161808409 free clusters
[  225.314481][ T6732] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  225.329335][ T6732] EXT4-fs (loop9): This should not happen!! Data will be lost
[  225.329335][ T6732] 
[  225.343264][ T6732] EXT4-fs (loop9): Total free blocks count 0
[  225.378582][ T6732] EXT4-fs (loop9): Free/Dirty block details
[  225.394800][ T6732] EXT4-fs (loop9): free_blocks=2588934144
[  225.426382][ T6753] loop8: detected capacity change from 0 to 512
[  225.433175][ T6732] EXT4-fs (loop9): dirty_blocks=16
[  225.479141][    T7] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  225.511980][ T6732] EXT4-fs (loop9): Block reservation details
[  225.536383][ T6753] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.658: bg 0: block 248: padding at end of block bitmap is not set
[  225.581337][ T6732] EXT4-fs (loop9): i_reserved_data_blocks=2
[  225.595677][ T6753] Quota error (device loop8): write_blk: dquota write failed
[  225.604016][ T6753] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  225.615516][ T6753] EXT4-fs error (device loop8): ext4_acquire_dquot:6835: comm syz.8.658: Failed to acquire dquot type 1
[  225.634626][ T6753] EXT4-fs (loop8): 1 truncate cleaned up
[  225.641323][ T6753] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  225.659771][ T6751] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 1 with error 28
[  225.673517][ T6753] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  225.692365][    T7] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  225.717911][    T7] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  225.907512][    T7] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.957861][    T7] usb 2-1: config 0 descriptor??
[  226.174704][ T6765] loop9: detected capacity change from 0 to 2048
[  226.285917][ T6765] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  226.358255][   T27] audit: type=1800 audit(1770614638.997:33): pid=6765 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.661" name="file1" dev="loop9" ino=1415 res=0 errno=0
[  226.379824][    T7] lg-g15 0003:046D:C222.0003: unbalanced delimiter at end of report description
[  226.443786][    T7] lg-g15: probe of 0003:046D:C222.0003 failed with error -22
[  226.470460][   T27] audit: type=1800 audit(1770614638.997:34): pid=6765 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.661" name="file1" dev="loop9" ino=1415 res=0 errno=0
[  226.564786][   T27] audit: type=1800 audit(1770614639.047:35): pid=6765 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.661" name="file1" dev="loop9" ino=1415 res=0 errno=0
[  226.586502][    T7] usb 2-1: USB disconnect, device number 8
[  226.781157][ T6774] loop9: detected capacity change from 0 to 1024
[  226.811429][ T6774] EXT4-fs: inline encryption not supported
[  226.852737][ T6774] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  226.944194][ T6774] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  227.257954][ T6169] EXT4-fs (loop9): unmounting filesystem.
[  228.035989][ T5862] EXT4-fs (loop8): unmounting filesystem.
[  229.191059][ T6823] loop1: detected capacity change from 0 to 256
[  229.421100][ T6823] Zero length message leads to an empty skb
[  229.569535][ T6829] loop8: detected capacity change from 0 to 2048
[  229.657247][ T6829] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  229.835918][   T27] audit: type=1804 audit(1770614642.467:36): pid=6834 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.680" name="/newroot/39/bus/file1" dev="loop8" ino=15 res=1 errno=0
[  229.927607][   T27] audit: type=1804 audit(1770614642.537:37): pid=6829 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.8.680" name="/newroot/39/bus/file1" dev="loop8" ino=15 res=1 errno=0
[  230.039597][ T5862] EXT4-fs (loop8): unmounting filesystem.
[  230.423601][ T6843] loop1: detected capacity change from 0 to 512
[  230.589399][ T6843] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.684: bg 0: block 248: padding at end of block bitmap is not set
[  230.699023][ T6843] Quota error (device loop1): write_blk: dquota write failed
[  230.709953][ T6843] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  230.748796][ T6843] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.684: Failed to acquire dquot type 1
[  230.959851][ T6843] EXT4-fs (loop1): 1 truncate cleaned up
[  230.987658][ T6843] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  231.773371][ T6843] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  232.343524][ T6870] loop8: detected capacity change from 0 to 164
[  234.704539][ T6894] loop9: detected capacity change from 0 to 1024
[  234.823749][ T6894] EXT4-fs: Ignoring removed nomblk_io_submit option
[  234.873662][ T6894] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  235.045640][ T6894] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e055c01c, mo2=0003]
[  235.067721][ T6894] System zones: 0-1, 3-36
[  235.086640][ T6894] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  235.305221][ T6169] EXT4-fs (loop9): unmounting filesystem.
[  235.617055][ T6913] loop8: detected capacity change from 0 to 128
[  235.635262][ T6912] netlink: 4 bytes leftover after parsing attributes in process `syz.5.702'.
[  236.638621][   T26] usb 10-1: new low-speed USB device number 2 using dummy_hcd
[  236.874649][   T26] usb 10-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  236.976961][   T26] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.208076][   T26] usb 10-1: config 0 descriptor??
[  237.258890][   T26] asix: probe of 10-1:0.0 failed with error -22
[  237.719960][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  237.877387][ T6942] loop1: detected capacity change from 0 to 128
[  237.923441][ T6942] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  238.643281][ T6956] netlink: 4 bytes leftover after parsing attributes in process `syz.8.714'.
[  238.837699][ T6963] support for the xor transformation has been removed.
[  239.488273][ T6932] usb 10-1: USB disconnect, device number 2
[  239.642781][ T6987] loop9: detected capacity change from 0 to 256
[  239.750830][ T6987] exFAT-fs (loop9): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  239.866197][ T6987] exFAT-fs (loop9): error, invalid access to FAT free cluster (entry 0x00000008)
[  241.092890][ T6997] loop9: detected capacity change from 0 to 1024
[  241.348475][ T6997] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  241.378309][ T6997] ext4 filesystem being mounted at /19/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  241.466402][ T6997] EXT4-fs error (device loop9): ext4_readdir:263: inode #2: block 16: comm syz.9.726: path /19/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0
[  241.491669][   T48] Bluetooth: hci3: command 0x0405 tx timeout
[  241.645145][ T6997] EXT4-fs (loop9): Remounting filesystem read-only
[  241.782353][ T6169] EXT4-fs (loop9): unmounting filesystem.
[  244.450791][  T126] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  245.337757][  T126] usb 10-1: Using ep0 maxpacket: 16
[  245.364629][  T126] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  245.396906][  T126] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  245.448998][  T126] usb 10-1: New USB device found, idVendor=05ac, idProduct=0249, bcdDevice= 0.00
[  245.498923][  T126] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.529293][  T126] usb 10-1: config 0 descriptor??
[  245.970233][  T126] apple 0003:05AC:0249.0004: unknown main item tag 0x0
[  245.982466][  T126] apple 0003:05AC:0249.0004: unknown main item tag 0x0
[  246.000355][  T126] apple 0003:05AC:0249.0004: item fetching failed at offset 2/160
[  246.032678][  T126] apple 0003:05AC:0249.0004: parse failed
[  246.061075][  T126] apple: probe of 0003:05AC:0249.0004 failed with error -22
[  246.170692][  T126] usb 10-1: USB disconnect, device number 3
[  248.785224][ T7127] loop1: detected capacity change from 0 to 4096
[  248.868487][ T7127] EXT4-fs: Ignoring removed nomblk_io_submit option
[  248.967428][ T7127] EXT4-fs (loop1): Test dummy encryption mode enabled
[  249.082046][ T7127] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0002]
[  249.133147][ T7127] System zones: 0-5
[  249.155744][ T7127] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  249.672662][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  250.261143][ T7176] loop1: detected capacity change from 0 to 256
[  250.325002][ T7176] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  250.340229][ T7176] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  250.357214][ T7176] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  251.257840][ T7189] loop1: detected capacity change from 0 to 1764
[  252.874256][ T7220] loop8: detected capacity change from 0 to 512
[  252.984490][ T7220] EXT4-fs (loop8): can't mount with journal_checksum, fs mounted w/o journal
[  255.089708][ T7237] loop9: detected capacity change from 0 to 512
[  255.121716][ T7237] EXT4-fs (loop9): Test dummy encryption mode enabled
[  255.156570][ T7237] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  255.260875][ T7237] EXT4-fs error (device loop9): ext4_orphan_get:1425: comm syz.9.804: bad orphan inode 131083
[  255.343718][ T7237] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  255.526460][ T7250] loop1: detected capacity change from 0 to 8
[  255.651023][ T1266] ieee802154 phy0 wpan0: encryption failed: -22
[  255.657498][ T1266] ieee802154 phy1 wpan1: encryption failed: -22
[  255.660355][ T7250] SQUASHFS error: Failed to read block 0x8f: -5
[  255.717784][   T27] audit: type=1800 audit(1770614668.357:38): pid=7250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.808" name="file1" dev="loop1" ino=5 res=0 errno=0
[  255.989261][ T7266] loop8: detected capacity change from 0 to 128
[  256.076177][ T7237] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  256.093625][ T7268] mmap: syz.4.814 (7268): VmData 49217536 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  256.257159][ T6169] EXT4-fs (loop9): unmounting filesystem.
[  257.402681][ T7297] loop1: detected capacity change from 0 to 512
[  257.507693][ T7297] EXT4-fs (loop1): can't mount with journal_checksum, fs mounted w/o journal
[  257.827636][   T26] usb 10-1: new low-speed USB device number 4 using dummy_hcd
[  258.226865][   T26] usb 10-1: config 179 has an invalid interface number: 65 but max is 0
[  258.241619][   T26] usb 10-1: config 179 has no interface number 0
[  258.251329][   T26] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  258.264299][   T26] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  258.275123][   T26] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  259.028988][   T26] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 58368, setting to 8
[  259.041015][   T26] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  259.059295][   T26] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  259.069229][   T26] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.080220][ T7303] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  259.117308][   T26] xpad 10-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  259.167838][   T26] xpad: probe of 10-1:179.65 failed with error -5
[  259.188586][ T7331] loop1: detected capacity change from 0 to 512
[  259.298959][   T26] usb 10-1: USB disconnect, device number 4
[  259.403373][ T7331] EXT4-fs (loop1): can't mount with journal_checksum, fs mounted w/o journal
[  260.262490][ T7347] loop1: detected capacity change from 0 to 4096
[  260.270728][ T7347] EXT4-fs: Ignoring removed nomblk_io_submit option
[  260.290167][ T7347] EXT4-fs (loop1): Test dummy encryption mode enabled
[  260.323616][ T7347] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a802c018, mo2=0002]
[  260.337747][ T7347] System zones: 0-5
[  260.352893][ T7347] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  260.641866][ T4269] EXT4-fs (loop1): unmounting filesystem.
[  260.774707][ T6686] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.965681][ T6686] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.139156][ T6686] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.250472][ T6686] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.318158][ T7371] loop9: detected capacity change from 0 to 512
[  261.396511][ T7371] EXT4-fs (loop9): can't mount with journal_checksum, fs mounted w/o journal
[  261.993364][ T4381] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  262.069800][ T7386] loop9: detected capacity change from 0 to 2048
[  262.764095][ T7386] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  262.852527][ T4381] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  263.118452][ T7397] fido_id[7397]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  263.149742][   T48] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  263.174705][   T48] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  263.182939][   T48] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  263.191085][   T48] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  263.203659][   T48] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  263.216502][   T48] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  265.329352][   T48] Bluetooth: hci2: command 0x0409 tx timeout
[  265.956086][ T7401] chnl_net:caif_netlink_parms(): no params data found
[  266.246031][ T7456] netlink: 9 bytes leftover after parsing attributes in process `syz.9.877'.
[  266.272139][ T7456] device gretap0 entered promiscuous mode
[  266.509898][ T6686] device hsr_slave_0 left promiscuous mode
[  266.556754][ T6686] device hsr_slave_1 left promiscuous mode
[  266.614050][ T6686] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  266.631819][ T6686] batman_adv: batadv0: Removing interface: batadv_slave_0
[  266.670303][ T6686] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  266.689818][ T6686] batman_adv: batadv0: Removing interface: batadv_slave_1
[  266.719657][ T6686] device bridge_slave_1 left promiscuous mode
[  266.749065][ T6686] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.788256][ T6686] device bridge_slave_0 left promiscuous mode
[  266.835375][ T6686] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.984141][ T6686] device veth1_macvtap left promiscuous mode
[  267.040409][ T6686] device veth0_macvtap left promiscuous mode
[  267.141216][ T6686] device veth1_vlan left promiscuous mode
[  267.306605][ T6686] device veth0_vlan left promiscuous mode
[  267.408288][ T4286] Bluetooth: hci2: command 0x041b tx timeout
[  267.723691][ T7483] capability: warning: `syz.9.886' uses deprecated v2 capabilities in a way that may be insecure
[  269.544649][ T4286] Bluetooth: hci2: command 0x040f tx timeout
[  270.153395][ T6686] team0 (unregistering): Port device team_slave_1 removed
[  270.205670][ T6686] team0 (unregistering): Port device team_slave_0 removed
[  270.298537][ T6686] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  270.400696][ T6686] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  271.182830][ T6686] bond0 (unregistering): Released all slaves
[  271.534937][ T7401] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.573912][   T48] Bluetooth: hci2: command 0x0419 tx timeout
[  271.594075][ T7401] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.695757][ T7401] device bridge_slave_0 entered promiscuous mode
[  271.709973][ T7401] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.747581][ T7401] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.766109][ T7401] device bridge_slave_1 entered promiscuous mode
[  271.940110][ T7570] loop9: detected capacity change from 0 to 512
[  271.953624][ T7570] EXT4-fs: Ignoring removed bh option
[  271.976707][ T7401] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  271.992261][ T7570] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[  272.012008][ T7401] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  272.071509][ T7570] EXT4-fs (loop9): 1 truncate cleaned up
[  272.123988][ T7570] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  272.155899][ T7401] team0: Port device team_slave_0 added
[  272.212962][ T7570] EXT4-fs (loop9): shut down requested (1)
[  272.219595][ T7578] netlink: 4 bytes leftover after parsing attributes in process `syz.8.912'.
[  272.269854][ T7401] team0: Port device team_slave_1 added
[  272.346994][ T6169] EXT4-fs (loop9): unmounting filesystem.
[  272.354279][ T7401] batman_adv: batadv0: Adding interface: batadv_slave_0
[  272.377410][ T7401] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  272.478460][ T7401] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  272.518964][ T7401] batman_adv: batadv0: Adding interface: batadv_slave_1
[  272.526002][ T7401] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  272.697556][ T7401] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  272.834251][ T7401] device hsr_slave_0 entered promiscuous mode
[  273.046831][ T7401] device hsr_slave_1 entered promiscuous mode
[  273.070145][ T7401] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  273.077988][ T7401] Cannot create hsr debugfs directory
[  273.083733][ T7595] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  273.091060][ T7595] IPv6: NLM_F_CREATE should be set when creating new route
[  273.098476][ T7595] IPv6: NLM_F_CREATE should be set when creating new route
[  273.444437][ T7604] netlink: 'syz.4.919': attribute type 2 has an invalid length.
[  273.700953][ T7607] netlink: 12 bytes leftover after parsing attributes in process `syz.8.920'.
[  275.939922][ T7401] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  275.960897][ T7401] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  276.002262][ T7401] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  276.034380][ T7401] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  276.264940][ T7653] loop9: detected capacity change from 0 to 4096
[  276.308261][ T7653] EXT4-fs (loop9): Test dummy encryption mode enabled
[  276.371837][ T7653] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  276.596056][ T7401] 8021q: adding VLAN 0 to HW filter on device bond0
[  276.657750][ T7653] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  276.664156][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  276.688799][ T7653] EXT4-fs error (device loop9): __ext4_new_inode:1075: comm syz.9.932: reserved inode found cleared - inode=1
[  276.718657][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  276.766425][ T7401] 8021q: adding VLAN 0 to HW filter on device team0
[  276.828144][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  276.858355][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  276.888797][ T5091] bridge0: port 1(bridge_slave_0) entered blocking state
[  276.895963][ T5091] bridge0: port 1(bridge_slave_0) entered forwarding state
[  276.906627][ T6169] EXT4-fs (loop9): unmounting filesystem.
[  277.005012][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  277.038420][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  277.078410][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  277.095174][ T5091] bridge0: port 2(bridge_slave_1) entered blocking state
[  277.102383][ T5091] bridge0: port 2(bridge_slave_1) entered forwarding state
[  277.152211][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  277.206105][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  277.248846][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  277.316599][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  277.377640][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  277.628999][ T7401] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  277.890589][ T7401] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  278.292406][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  278.326133][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  278.388118][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  278.421122][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  278.440107][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  278.460335][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  278.506191][ T7697] netlink: 116 bytes leftover after parsing attributes in process `syz.8.942'.
[  278.553584][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  279.053834][ T4295] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  279.080873][ T4295] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  279.160816][ T7401] 8021q: adding VLAN 0 to HW filter on device batadv0
[  279.985457][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  280.018468][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  280.170595][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  280.190701][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  280.234828][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  280.278827][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  280.302152][ T7401] device veth0_vlan entered promiscuous mode
[  280.339152][ T7401] device veth1_vlan entered promiscuous mode
[  280.420130][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  280.439262][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  280.473593][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  280.509113][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  280.541454][ T7401] device veth0_macvtap entered promiscuous mode
[  280.589649][ T7401] device veth1_macvtap entered promiscuous mode
[  280.664433][ T7401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  280.695699][ T7401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.726990][ T7401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  280.775038][ T7401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.795400][ T7401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  280.824872][ T7738] loop9: detected capacity change from 0 to 512
[  280.835805][ T7401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.866722][ T7401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  280.885426][ T7401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.905241][ T7401] batman_adv: batadv0: Interface activated: batadv_slave_0
[  280.914464][ T7738] EXT4-fs error (device loop9): ext4_validate_block_bitmap:429: comm syz.9.954: bg 0: block 5: invalid block bitmap
[  280.938035][ T7738] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6181: Corrupt filesystem
[  280.950914][ T7401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  280.957891][ T7738] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #11: comm syz.9.954: invalid indirect mapped block 3 (level 2)
[  280.962205][ T7401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.984864][ T7401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  280.995826][ T7401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.006230][ T7401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  281.037538][ T7401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.047754][ T7401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  281.058783][ T7401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.070674][ T7401] batman_adv: batadv0: Interface activated: batadv_slave_1
[  281.073137][ T7738] EXT4-fs (loop9): 1 orphan inode deleted
[  281.081263][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  281.092999][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  281.114265][ T7738] EXT4-fs (loop9): 1 truncate cleaned up
[  281.124964][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  281.150915][ T7738] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  281.160049][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  281.196344][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  281.236008][ T4468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  281.407138][ T7401] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  281.431373][ T7401] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  281.891842][ T7401] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  282.120784][ T7401] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  282.319766][ T6169] EXT4-fs (loop9): unmounting filesystem.
[  282.741409][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  282.758711][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  282.793144][ T6686] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  283.638881][   T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  283.646787][   T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  284.366673][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  284.649163][ T7774] binder: BINDER_SET_CONTEXT_MGR already set
[  284.655221][ T7774] binder: 7773:7774 ioctl 4018620d 200000000040 returned -16
[  284.763624][ T7783] loop3: detected capacity change from 0 to 512
[  284.855798][ T7783] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.850: bg 0: block 248: padding at end of block bitmap is not set
[  284.888032][ T7783] Quota error (device loop3): write_blk: dquota write failed
[  284.927805][ T7783] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  284.970814][ T7783] EXT4-fs error (device loop3): ext4_acquire_dquot:6835: comm syz.3.850: Failed to acquire dquot type 1
[  285.216684][ T7783] EXT4-fs (loop3): 1 truncate cleaned up
[  285.227599][ T7783] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  285.349464][ T7783] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  287.960194][ T7802] netlink: 32 bytes leftover after parsing attributes in process `syz.4.971'.
[  287.983050][ T7802] netlink: 20 bytes leftover after parsing attributes in process `syz.4.971'.
[  287.992513][ T7802] netlink: 20 bytes leftover after parsing attributes in process `syz.4.971'.
[  288.035607][ T7401] EXT4-fs (loop3): unmounting filesystem.
[  296.805918][ T7889] netlink: 24 bytes leftover after parsing attributes in process `syz.8.995'.
[  297.930585][    C1] ------------[ cut here ]------------
[  297.936773][    C1] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0xfff with flags 0x40
[  297.947848][    C1] WARNING: CPU: 1 PID: 4279 at net/mac80211/rate.c:385 __rate_control_send_low+0x635/0x880
[  297.958065][    C1] Modules linked in:
[  297.962015][    C1] CPU: 1 PID: 4279 Comm: syz-executor Not tainted syzkaller #0
[  297.969745][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  297.980117][    C1] RIP: 0010:__rate_control_send_low+0x635/0x880
[  297.986432][    C1] Code: 30 42 0f b6 04 28 84 c0 0f 85 e6 01 00 00 41 8b 0e 48 c7 c7 e0 93 a6 8b 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 db 05 a6 f7 <0f> 0b e9 78 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fa ff
[  298.007292][    C1] RSP: 0018:ffffc900001e0560 EFLAGS: 00010246
[  298.013446][    C1] RAX: a8e3ca5f03c00700 RBX: 000000000000000c RCX: ffff88801ab9bb80
[  298.021706][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[  298.029776][    C1] RBP: 0000000000000084 R08: ffffc900001e01e7 R09: 1ffff9200003c03c
[  298.037851][    C1] R10: dffffc0000000000 R11: fffff5200003c03d R12: 0000000000000040
[  298.045878][    C1] R13: dffffc0000000000 R14: ffff8880737a3378 R15: ffff88802d6708e8
[  298.053992][    C1] FS:  00005555688e9500(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  298.062995][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  298.069760][    C1] CR2: 00007f5fbf7f37b0 CR3: 000000005b481000 CR4: 00000000003526e0
[  298.077807][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  298.085815][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  298.093885][    C1] Call Trace:
[  298.097221][    C1]  <IRQ>
[  298.100156][    C1]  rate_control_send_low+0x194/0x790
[  298.105515][    C1]  rate_control_get_rate+0x207/0x5c0
[  298.110895][    C1]  ieee80211_beacon_get_finish+0x391/0x6d0
[  298.116800][    C1]  ? ieee80211_set_beacon_cntdwn+0x660/0x660
[  298.122869][    C1]  ? __local_bh_enable_ip+0x136/0x1c0
[  298.128319][    C1]  ? _local_bh_enable+0xa0/0xa0
[  298.133224][    C1]  ieee80211_beacon_get_ap+0xff9/0x1700
[  298.138879][    C1]  ? ieee80211_tx_8023+0x600/0x600
[  298.144070][    C1]  ? read_lock_is_recursive+0x10/0x10
[  298.149550][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  298.155178][    C1]  __ieee80211_beacon_get+0x10eb/0x1600
[  298.160808][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  298.166405][    C1]  ieee80211_beacon_get_tim+0x63/0x4e0
[  298.171959][    C1]  mac80211_hwsim_beacon_tx+0x21c/0xae0
[  298.177618][    C1]  ? read_lock_is_recursive+0x10/0x10
[  298.183046][    C1]  __iterate_interfaces+0x243/0x500
[  298.188372][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  298.194671][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x26/0x170
[  298.202070][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  298.208394][    C1]  ieee80211_iterate_active_interfaces_atomic+0xd7/0x170
[  298.215482][    C1]  mac80211_hwsim_beacon+0xb7/0x1b0
[  298.220834][    C1]  __hrtimer_run_queues+0x560/0xd70
[  298.226103][    C1]  ? hw_scan_work+0xf50/0xf50
[  298.230909][    C1]  ? hrtimer_interrupt+0x9c0/0x9c0
[  298.236069][    C1]  ? ktime_get_update_offsets_now+0x3ce/0x3e0
[  298.242255][    C1]  hrtimer_run_softirq+0x183/0x2a0
[  298.247465][    C1]  handle_softirqs+0x2a1/0x930
[  298.252287][    C1]  ? __irq_exit_rcu+0x13b/0x230
[  298.257195][    C1]  ? do_softirq+0x210/0x210
[  298.261820][    C1]  ? irqtime_account_irq+0xb2/0x1b0
[  298.267072][    C1]  __irq_exit_rcu+0x13b/0x230
[  298.271852][    C1]  ? irq_exit_rcu+0x20/0x20
[  298.276416][    C1]  irq_exit_rcu+0x5/0x20
[  298.280772][    C1]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  298.286464][    C1]  </IRQ>
[  298.289484][    C1]  <TASK>
[  298.292454][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  298.298538][    C1] RIP: 0010:preempt_count_sub+0x58/0x160
[  298.304217][    C1] Code: 05 95 84 a9 7e 89 c1 81 e1 ff ff ff 7f 39 cf 7f 25 81 ff ff 00 00 00 0f 93 c1 84 c0 0f 95 c0 08 c8 74 53 65 8b 05 70 84 a9 7e <f7> df 65 01 3d 67 84 a9 7e 5b 5d c3 e8 d7 d2 b4 02 85 c0 74 f4 48
[  298.323941][    C1] RSP: 0018:ffffc900044174a0 EFLAGS: 00000202
[  298.330099][    C1] RAX: 0000000080000003 RBX: dffffc0000000000 RCX: 0000000000000000
[  298.338162][    C1] RDX: 0000000000000005 RSI: ffffffff8a8c23a0 RDI: 0000000000000001
[  298.346259][    C1] RBP: 0000000000000001 R08: ffffffff8e1fcb6f R09: 1ffffffff1c3f96d
[  298.354331][    C1] R10: dffffc0000000000 R11: fffffbfff1c3f96e R12: dffffc0000000000
[  298.362386][    C1] R13: 0000000000000008 R14: 0000000000000001 R15: ffff88813fff9180
[  298.370469][    C1]  ? pfn_valid+0xcd/0x420
[  298.374866][    C1]  pfn_valid+0x3cf/0x420
[  298.379227][    C1]  page_table_check_set+0x25/0x6d0
[  298.384404][    C1]  copy_page_range+0x24ea/0x3900
[  298.389489][    C1]  ? pfn_valid+0x450/0x450
[  298.393998][    C1]  ? up_write+0x1bb/0x420
[  298.398425][    C1]  ? vma_interval_tree_insert_after+0x245/0x2a0
[  298.404821][    C1]  copy_mm+0xec3/0x1690
[  298.409102][    C1]  ? copy_signal+0x680/0x680
[  298.413754][    C1]  ? lockdep_init_map_type+0x98/0x8d0
[  298.419245][    C1]  ? __init_rwsem+0x11e/0x160
[  298.423979][    C1]  ? copy_signal+0x556/0x680
[  298.428668][    C1]  copy_process+0x1979/0x4030
[  298.433400][    C1]  ? wp_page_reuse+0x374/0x670
[  298.438269][    C1]  ? copy_process+0x94d/0x4030
[  298.443178][    C1]  ? do_raw_spin_unlock+0x11d/0x230
[  298.448486][    C1]  ? idle_dummy+0x10/0x10
[  298.452874][    C1]  kernel_clone+0x24b/0x900
[  298.457477][    C1]  ? create_io_thread+0x170/0x170
[  298.462610][    C1]  ? __lock_acquire+0x7d10/0x7d10
[  298.467757][    C1]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  298.473793][    C1]  __x64_sys_clone+0x1a7/0x220
[  298.478662][    C1]  ? __might_fault+0xc2/0x120
[  298.483386][    C1]  ? __ia32_sys_vfork+0x140/0x140
[  298.488522][    C1]  ? lock_chain_count+0x20/0x20
[  298.493437][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  298.499347][    C1]  do_syscall_64+0x4c/0xa0
[  298.504193][    C1]  ? clear_bhb_loop+0x60/0xb0
[  298.508978][    C1]  ? clear_bhb_loop+0x60/0xb0
[  298.513713][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  298.519726][    C1] RIP: 0033:0x7faf165c3952
[  298.524209][    C1] Code: 89 e7 e8 f1 8b f7 ff 45 31 c0 31 d2 31 f6 64 48 8b 04 25 10 00 00 00 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 89 c5 85 c0 75 3b 64 48 8b 04 25 10 00 00
[  298.543927][    C1] RSP: 002b:00007ffe59870db0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  298.552434][    C1] RAX: ffffffffffffffda RBX: 00007ffe59870db0 RCX: 00007faf165c3952
[  298.560517][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  298.568659][    C1] RBP: 00007ffe59870f3c R08: 0000000000000000 R09: 0000000000000001
[  298.576681][    C1] R10: 00005555688e97d0 R11: 0000000000000246 R12: 0000000000000001
[  298.584934][    C1] R13: 00000000000927c0 R14: 0000000000048a9d R15: 00007ffe59870f90
[  298.593034][    C1]  </TASK>
[  298.596089][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  298.603754][    C1] CPU: 1 PID: 4279 Comm: syz-executor Not tainted syzkaller #0
[  298.611330][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  298.621512][    C1] Call Trace:
[  298.624841][    C1]  <IRQ>
[  298.627718][    C1]  dump_stack_lvl+0x188/0x24e
[  298.632447][    C1]  ? memcpy+0x3c/0x60
[  298.636465][    C1]  ? show_regs_print_info+0x12/0x12
[  298.641734][    C1]  ? load_image+0x400/0x400
[  298.646293][    C1]  panic+0x2e5/0x730
[  298.650225][    C1]  ? bpf_jit_dump+0xd0/0xd0
[  298.654786][    C1]  __warn+0x2f8/0x4f0
[  298.658797][    C1]  ? __rate_control_send_low+0x635/0x880
[  298.664464][    C1]  ? __rate_control_send_low+0x635/0x880
[  298.670126][    C1]  report_bug+0x2ba/0x4f0
[  298.674492][    C1]  ? __rate_control_send_low+0x635/0x880
[  298.680163][    C1]  handle_bug+0x3a/0x70
[  298.684451][    C1]  exc_invalid_op+0x16/0x40
[  298.689027][    C1]  asm_exc_invalid_op+0x16/0x20
[  298.693910][    C1] RIP: 0010:__rate_control_send_low+0x635/0x880
[  298.700182][    C1] Code: 30 42 0f b6 04 28 84 c0 0f 85 e6 01 00 00 41 8b 0e 48 c7 c7 e0 93 a6 8b 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 db 05 a6 f7 <0f> 0b e9 78 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fa ff
[  298.719826][    C1] RSP: 0018:ffffc900001e0560 EFLAGS: 00010246
[  298.725942][    C1] RAX: a8e3ca5f03c00700 RBX: 000000000000000c RCX: ffff88801ab9bb80
[  298.733948][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[  298.741945][    C1] RBP: 0000000000000084 R08: ffffc900001e01e7 R09: 1ffff9200003c03c
[  298.749943][    C1] R10: dffffc0000000000 R11: fffff5200003c03d R12: 0000000000000040
[  298.757946][    C1] R13: dffffc0000000000 R14: ffff8880737a3378 R15: ffff88802d6708e8
[  298.766071][    C1]  rate_control_send_low+0x194/0x790
[  298.771398][    C1]  rate_control_get_rate+0x207/0x5c0
[  298.776727][    C1]  ieee80211_beacon_get_finish+0x391/0x6d0
[  298.782592][    C1]  ? ieee80211_set_beacon_cntdwn+0x660/0x660
[  298.788633][    C1]  ? __local_bh_enable_ip+0x136/0x1c0
[  298.794041][    C1]  ? _local_bh_enable+0xa0/0xa0
[  298.799020][    C1]  ieee80211_beacon_get_ap+0xff9/0x1700
[  298.804878][    C1]  ? ieee80211_tx_8023+0x600/0x600
[  298.810034][    C1]  ? read_lock_is_recursive+0x10/0x10
[  298.815460][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  298.821136][    C1]  __ieee80211_beacon_get+0x10eb/0x1600
[  298.826737][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  298.832320][    C1]  ieee80211_beacon_get_tim+0x63/0x4e0
[  298.837816][    C1]  mac80211_hwsim_beacon_tx+0x21c/0xae0
[  298.843409][    C1]  ? read_lock_is_recursive+0x10/0x10
[  298.848830][    C1]  __iterate_interfaces+0x243/0x500
[  298.854066][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  298.860341][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x26/0x170
[  298.867670][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  298.873944][    C1]  ieee80211_iterate_active_interfaces_atomic+0xd7/0x170
[  298.881010][    C1]  mac80211_hwsim_beacon+0xb7/0x1b0
[  298.886254][    C1]  __hrtimer_run_queues+0x560/0xd70
[  298.891494][    C1]  ? hw_scan_work+0xf50/0xf50
[  298.896399][    C1]  ? hrtimer_interrupt+0x9c0/0x9c0
[  298.901563][    C1]  ? ktime_get_update_offsets_now+0x3ce/0x3e0
[  298.907694][    C1]  hrtimer_run_softirq+0x183/0x2a0
[  298.912860][    C1]  handle_softirqs+0x2a1/0x930
[  298.917674][    C1]  ? __irq_exit_rcu+0x13b/0x230
[  298.922570][    C1]  ? do_softirq+0x210/0x210
[  298.927107][    C1]  ? irqtime_account_irq+0xb2/0x1b0
[  298.932338][    C1]  __irq_exit_rcu+0x13b/0x230
[  298.937045][    C1]  ? irq_exit_rcu+0x20/0x20
[  298.941595][    C1]  irq_exit_rcu+0x5/0x20
[  298.945872][    C1]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  298.951551][    C1]  </IRQ>
[  298.954508][    C1]  <TASK>
[  298.957473][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  298.963488][    C1] RIP: 0010:preempt_count_sub+0x58/0x160
[  298.969167][    C1] Code: 05 95 84 a9 7e 89 c1 81 e1 ff ff ff 7f 39 cf 7f 25 81 ff ff 00 00 00 0f 93 c1 84 c0 0f 95 c0 08 c8 74 53 65 8b 05 70 84 a9 7e <f7> df 65 01 3d 67 84 a9 7e 5b 5d c3 e8 d7 d2 b4 02 85 c0 74 f4 48
[  298.988802][    C1] RSP: 0018:ffffc900044174a0 EFLAGS: 00000202
[  298.994902][    C1] RAX: 0000000080000003 RBX: dffffc0000000000 RCX: 0000000000000000
[  299.002904][    C1] RDX: 0000000000000005 RSI: ffffffff8a8c23a0 RDI: 0000000000000001
[  299.010913][    C1] RBP: 0000000000000001 R08: ffffffff8e1fcb6f R09: 1ffffffff1c3f96d
[  299.018929][    C1] R10: dffffc0000000000 R11: fffffbfff1c3f96e R12: dffffc0000000000
[  299.026946][    C1] R13: 0000000000000008 R14: 0000000000000001 R15: ffff88813fff9180
[  299.034967][    C1]  ? pfn_valid+0xcd/0x420
[  299.039338][    C1]  pfn_valid+0x3cf/0x420
[  299.043628][    C1]  page_table_check_set+0x25/0x6d0
[  299.048783][    C1]  copy_page_range+0x24ea/0x3900
[  299.053810][    C1]  ? pfn_valid+0x450/0x450
[  299.058273][    C1]  ? up_write+0x1bb/0x420
[  299.062632][    C1]  ? vma_interval_tree_insert_after+0x245/0x2a0
[  299.068909][    C1]  copy_mm+0xec3/0x1690
[  299.073165][    C1]  ? copy_signal+0x680/0x680
[  299.077820][    C1]  ? lockdep_init_map_type+0x98/0x8d0
[  299.083251][    C1]  ? __init_rwsem+0x11e/0x160
[  299.087974][    C1]  ? copy_signal+0x556/0x680
[  299.092599][    C1]  copy_process+0x1979/0x4030
[  299.097453][    C1]  ? wp_page_reuse+0x374/0x670
[  299.102257][    C1]  ? copy_process+0x94d/0x4030
[  299.107046][    C1]  ? do_raw_spin_unlock+0x11d/0x230
[  299.112270][    C1]  ? idle_dummy+0x10/0x10
[  299.116625][    C1]  kernel_clone+0x24b/0x900
[  299.121172][    C1]  ? create_io_thread+0x170/0x170
[  299.126224][    C1]  ? __lock_acquire+0x7d10/0x7d10
[  299.131272][    C1]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  299.137280][    C1]  __x64_sys_clone+0x1a7/0x220
[  299.142066][    C1]  ? __might_fault+0xc2/0x120
[  299.146759][    C1]  ? __ia32_sys_vfork+0x140/0x140
[  299.151810][    C1]  ? lock_chain_count+0x20/0x20
[  299.156689][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  299.161907][    C1]  do_syscall_64+0x4c/0xa0
[  299.166360][    C1]  ? clear_bhb_loop+0x60/0xb0
[  299.171080][    C1]  ? clear_bhb_loop+0x60/0xb0
[  299.175780][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  299.181780][    C1] RIP: 0033:0x7faf165c3952
[  299.186220][    C1] Code: 89 e7 e8 f1 8b f7 ff 45 31 c0 31 d2 31 f6 64 48 8b 04 25 10 00 00 00 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 89 c5 85 c0 75 3b 64 48 8b 04 25 10 00 00
[  299.205850][    C1] RSP: 002b:00007ffe59870db0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  299.214284][    C1] RAX: ffffffffffffffda RBX: 00007ffe59870db0 RCX: 00007faf165c3952
[  299.222276][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  299.230265][    C1] RBP: 00007ffe59870f3c R08: 0000000000000000 R09: 0000000000000001
[  299.238261][    C1] R10: 00005555688e97d0 R11: 0000000000000246 R12: 0000000000000001
[  299.246262][    C1] R13: 00000000000927c0 R14: 0000000000048a9d R15: 00007ffe59870f90
[  299.254262][    C1]  </TASK>
[  299.257898][    C1] Kernel Offset: disabled
[  299.262281][    C1] Rebooting in 86400 seconds..