last executing test programs:

50.47195216s ago: executing program 2 (id=388):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newtfilter={0x84, 0x2c, 0xd27, 0x70bd26, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0x2, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x1000, 0x20000000, 0xfffffffc, 0x7ff}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x4811}, 0x40884)
r5 = syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x40, 0x1b96, 0xe, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x3, 0x10, 0x7, "", [{{0x9, 0x4, 0x0, 0x7, 0x1, 0x3, 0x1, 0x2, 0xa, {0x9, 0x21, 0x3, 0x41, 0x1, {0x22, 0x7f6}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x1, 0x5e, 0x4}}, [{{0x9, 0x5, 0x2, 0x3, 0x8, 0x7, 0xf, 0x5}}]}}}]}}]}}, &(0x7f0000000340)={0xa, &(0x7f00000000c0)={0xa, 0x6, 0x201, 0x4, 0xee, 0x53, 0x20, 0x53}, 0x8, &(0x7f0000000140)={0x5, 0xf, 0x8, 0x1, [@ptm_cap={0x3}]}, 0x5, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x43e}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x455}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0xf0ff}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x1801}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0xf0ff}}]})
syz_usb_control_io$hid(r5, &(0x7f0000000640)={0x24, &(0x7f00000003c0)={0x0, 0xc, 0x1b, {0x1b, 0x6, "902690ec4051e765110b596a31562e189476f4ceb3073f5853"}}, &(0x7f0000000540)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0xfcff}}, &(0x7f0000000580)={0x0, 0x22, 0x8, {[@global=@item_4={0x3, 0x1, 0x7, "103e87bd"}, @local=@item_012={0x2, 0x2, 0xb, 'X\"'}]}}, &(0x7f0000000600)={0x0, 0x21, 0x9, {0x9, 0x21, 0x800, 0x0, 0x1, {0x22, 0x4b7}}}}, &(0x7f0000000a00)={0x2c, &(0x7f0000000740)={0x40, 0x8, 0xe2, "6176e95fb5ca8e3c6ea57eeb468fa80175226f71e1c075f59126dab89d83b8d45f1b9d977a1c1eca2aecb65bf90aa970561038cdc4b55b8fc7c7c98d3edaebbef8b90fe25d08d72efd678bbbf316760a8aa6f8d3e594d369fe43b1f567b2998e1403a1023d7203f5ce8870d14279e10b4747ae0be99e4c242db0a3a2d2e92fd0a40a1508c57a65c6a64282a9aafee4ad843c49a982edcdb4598e9f26a8c77939b61194f78839f7202a4477589a7cc199472791b06f622c9fb4ee485647393699b9029522e4ea827d6ee13e72af8446a3ca5de570527a3032c173d1ed90dac876a9d1"}, &(0x7f0000000840)={0x0, 0xa, 0x1, 0x87}, &(0x7f0000000880)={0x0, 0x8, 0x1, 0x7}, &(0x7f00000008c0)={0x20, 0x1, 0xfa, "a05087e67eb1bc10336b070bbe9f24d076671c241410658b845e0e3cff9f0bc2c5acf1e6f81c8e0324983f011a78000b5ea5c592d5b8279875fb60797855ae2f23997b5742bc93153103ffd6999cef548f01293b3ad9f4ba00daa5538a5c19be3e48c4c49179a73c3b7a0a6bd6b0931772f731cfe12fcd1ac92d5710741e0d8107c6e9a555da0a64381791a30914da9c6991ab71a2556c35684097da6c58bc5ced77fafab1323655ca9a5a9fe8c31732540b13d1ae0c8399352304fbfb132746b6fa8b3cac050238d943ff106191de290803fca23e5d92893483a75160d2d9b0dd452d9910401ea29c4a6c2e8422cce160f0be83354fd9d1a5f0"}, &(0x7f00000009c0)={0x20, 0x3, 0x1, 0x1}})
sendmsg$nl_route_sched(r0, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x32, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0)

49.739977927s ago: executing program 2 (id=400):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000380)={'syztnl0\x00', 0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r3], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=@newqdisc={0x88, 0x24, 0xe0b, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x58, 0x2, {{0x1, 0x6, 0xa00, 0x3, 0x987, 0x200ff}, [@TCA_NETEM_LATENCY64={0xc}, @TCA_NETEM_JITTER64={0xc}, @TCA_NETEM_RATE64={0xc, 0x8, 0xe62077891e54f027}, @TCA_NETEM_LOSS={0x18, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0x4, 0x4, 0x6b08, 0x7}}]}]}}}]}, 0x88}}, 0x4000080)
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r0, 0x0, 0x0, 0x880, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)

49.484601195s ago: executing program 2 (id=401):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x802, 0x0)
write$vga_arbiter(r0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000018010000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085030100a600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$kcm(0x10, 0x3, 0x10)

48.60538537s ago: executing program 2 (id=407):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100000}}, {@resuid}, {@jqfmt_vfsv1}, {@errors_remount}, {@nobh}, {@usrjquota, 0x2e}], [], 0x2e}, 0x1, 0x46f, &(0x7f0000000580)="$eJzs20tvG0UcAPD/OnH6JqGURx9AoCAiHkmTFuiBCwikXpCQ4FCOIU2r0rRBTZBoVdGAUDmifgLgiMQn4AQXBJxAXEHigoSQKtQLhQNatPZu6ya28Stxi38/ye3M7mxm/rs79uyMHcDAGs/+SSK2R8RPIxGj1ezNBcar/127emHur6sX5pJI01f/SCrl/rx6Ya4oWhy3Lc9MlCJKHySxt069S+fOn5pdWJg/m+enlk+/NbV07vxTJ0/Pnpg/MX9m5vDhQwenn31m5umexLkja+uedxf37T7y+uWX545efuPbz7Pt2/P9tXFUjXVd53iM33wuazwa8Wuapl3XcavYUZNOhvvYENoyFBHZ5Spn/T9GYyhuXLzReOn9vjYOWFdpmqab1mwdKhIrKfA/lkS/WwD0R/FBnz3/Fq8NHH703ZXnqw9AWdzX8ld1z3CU8jLlVc+3vTQeEUdX/v44e0XdeQgAgN76Mhv/PFlv/FeKe2rK3RHVtaGxiLgzInZGxF0RsSsi7o6olL03Iu5rs/7xVfm1458ftnQUWIuy8d9z+drWzeO/YvQXY0N5bkcl/nJy/OTC/IH8nExEeVOWn25Sx1cv/vhRo32147/sldVfjAXzdvw+vGqC7tjs8mw3Mde68l7EnuF68SfXVwKSiNgdEXs6+PvZOTv5+Gf7Gu3/7/ib6ME6U/ppxGPV678Sq+IvJM3XJ6c2x8L8ganirljru+8vvdKo/q7i74Hs+m+te/9fj38sqV2vXWq/jks/f9jwmabT+38kea2SHsm3vTO7vHx2OmIkWVm7febGsUW+KJ/FP7G/fv/fGfHPJ/lxeyMiu4nvj4gHIuLBvO0PRcTDEbG/SfzfvPDIm53Hv76y+I+1df3bTwyd+vqLRvW3dv0PVVIT+ZZW3v9abWA35w4AAABuF0nlO/BJaTKf49wepdLkZPU7/Ltia2lhcWn5ieOLb585Vv2u/FiUS8VM12jNfOh0Pjdc5GdW5Q9W5o3TNE23VPKTc4sL67WmDrRmW4P+n/ltqN+tA9ZdW+tojX7RBtyW/F4TBpf+D4Or1f5fXud2ABvP5z8Mrnr9/2LEtT40BdhgPv9hcOn/MLj0fxhc+j8MpG5+198ssfNIx4enXdW+OQ+sw8N/WZez0SwxtIF19TIRpbq7yhFxi7SwSaJ0azSjmtgUEa0Wvtjpjd12os9vTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3ybwAAAP//pCzokA==")
r0 = socket$inet_tcp(0x2, 0x1, 0x0) (async)
r1 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f0000000040)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000540)={0x0, 0x0, r2, 0x0, 0x0, 0x9e, 0x4, 0xf7, {0x0, 0xc, 0x1, 0x9, 0x9, 0x9, 0x200, 0x6, 0x80, 0x6, 0x4081, 0xc, 0x38, 0x62, "bcddcb51bad91240eba0c4350bc15988b348e72c1608bf00000100"}}) (async, rerun: 32)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0}) (async, rerun: 32)
r4 = syz_clone3(&(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r5 = syz_pidfd_open(r4, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r5, 0xff0a) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002240)={r6, r3, 0x25, 0x2, @val=@tracing={0xffffffffffffffff, 0x8}}, 0x20) (async)
syz_emit_ethernet(0x4e, &(0x7f0000000980)=ANY=[@ANYBLOB="aaaaaaaaaaaa4a26292432ca86dd6ee0fef600180600fc01000000000000000000000000000000000000008db685ed4e68f9ab9aaa40f5e5991100ecff00"/78], 0x0) (async)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x28042, 0x0)
execveat(r7, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000240)={[&(0x7f0000000140)='\'\x00', &(0x7f0000000200)='\x00']}, &(0x7f00000004c0)={[&(0x7f0000000280)='ext4\x00', &(0x7f00000002c0)='\x00', &(0x7f0000000300)='inode_readahead_blks', &(0x7f0000000380)='inode_readahead_blks', &(0x7f00000003c0)='\x00', &(0x7f0000000400)='ext4\x00']}, 0x1000)

48.431976748s ago: executing program 2 (id=409):
syz_read_part_table(0x61c, &(0x7f0000000640)="$eJzs3D2IXFUUB/D/m483M2t0t7A32CSmSWBRhBBBlmUFwQ2IJoX40UiaqQSt1oy6IhZrLNSATZqAZF0IgmUQAiFsqoBWYmssgtbiij6ZeW/WneAHmrUQfr/i3nPePfedu8udcib8r7Vy6e20x1HVG4+93ZWynjqTsRoPRR2Mmo1Jntk8tfzsmycfr9cmdn56P0m3atfpZzfrefBEPU3GbrJ4pTPc2Ozl4SSfH/z5h3smjcqMWjtV7ePn009a5V8ev2k7ao65qzrbBI/cO1N4h51HF179+/8Rf+7wK0euFqMvp+nxueHpM2Ueam11dsb5r/V96ty57WCe3p/+l09cn+9Pk4UUuf/SIAs5f+FoeS4pbh+bLLT3bpmbXoY/vhP/zPCXU+WnF68trd8aLG5PD7K23P39A5TxZZ45wIF96AsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH+jlSNXHyjKJrtxfG54+szWoaWzWzdPdpN8UhyoV4726rlopk7yRnLfXfe/fOL6/FtlVWV+nK19u/J9VjsrT52/8Fh5bpBDt481dS9Oxo2vX36tzqsb/ZR33T0ZDpJcvLa0fmuwuP3k6uoH3XyYtXyx/nonSfnuSxnUhcW4XavMVx+9UCW97Et3AAAAAAAAAAAAAAAAAAAAqC330pnGz5VJ2vlmHFeDPUVl8uAk2C3N4pXOcGNz5Z33DjcPmt8HGLWSUZLvipk22/00L9h9xST4saqq2QONpkHRnl2YfN9++qwYF/aT1r/4k9njtwAAAP//WYNshA==")

48.109800189s ago: executing program 2 (id=411):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000380)={'syztnl0\x00', 0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r3], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=@newqdisc={0x88, 0x24, 0xe0b, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x58, 0x2, {{0x1, 0x6, 0xa00, 0x3, 0x987, 0x200ff}, [@TCA_NETEM_LATENCY64={0xc}, @TCA_NETEM_JITTER64={0xc}, @TCA_NETEM_RATE64={0xc, 0x8, 0xe62077891e54f027}, @TCA_NETEM_LOSS={0x18, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0x4, 0x4, 0x6b08, 0x7}}]}]}}}]}, 0x88}}, 0x4000080)
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r0, &(0x7f0000000800), 0x0, 0x880, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)

48.00749567s ago: executing program 32 (id=411):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000380)={'syztnl0\x00', 0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r3], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=@newqdisc={0x88, 0x24, 0xe0b, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x58, 0x2, {{0x1, 0x6, 0xa00, 0x3, 0x987, 0x200ff}, [@TCA_NETEM_LATENCY64={0xc}, @TCA_NETEM_JITTER64={0xc}, @TCA_NETEM_RATE64={0xc, 0x8, 0xe62077891e54f027}, @TCA_NETEM_LOSS={0x18, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0x4, 0x4, 0x6b08, 0x7}}]}]}}}]}, 0x88}}, 0x4000080)
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r0, &(0x7f0000000800), 0x0, 0x880, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)

4.169229372s ago: executing program 0 (id=813):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'vlan0\x00'})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, 0x0}, 0x24040084)

4.117172595s ago: executing program 0 (id=815):
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3001009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})

4.030464163s ago: executing program 0 (id=818):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x4000094, &(0x7f000005ffe4)={0xa, 0x4e23, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x40006}, 0x1c) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x0, 0x800, 0xbbba, 0x0, 0x18, 0x0, {0x8000}, {0x0, 0xfffffffd, 0xfffffffe}, {0x0, 0xffff0000}, {0x1000000}, 0x0, 0x3f0, 0x0, 0xd613, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x4})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) (async, rerun: 64)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) (async, rerun: 64)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}) (async)
ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000380)={0x3c00, 0x480, 0x280, 0x40, 0x229, 0xfffffbef, 0x8, 0x0, {0x2, 0x7f}, {0x0, 0xffffffff, 0x1}, {0x1ff, 0x7}, {0x1, 0x7}, 0x1, 0x0, 0xfffffffe, 0xfffffffe, 0x0, 0x8000, 0xb, 0x2, 0x2, 0x5, 0x0, 0x5, 0x20, 0x100, 0x2})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="02c82014001000010009de0400000004000205040003000700df392fb697793f05b25cc6"], 0x19) (async, rerun: 32)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async, rerun: 32)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) (async)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) (async)
r6 = io_uring_setup(0x3eae, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1})
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) (async)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000340)=0x1, 0x4)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02}) (async)
socket$kcm(0x2, 0xa, 0x2) (async, rerun: 32)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6) (rerun: 32)
sendmsg$nl_xfrm(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB="700000001400010000000000fbdbdf25e00000010000000000000000000000000000000000000000000000000000000100000080000700"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\f\x00\b'], 0x70}}, 0x4004040)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000080)={0x0, 'syzkaller1\x00', {0x8004}, 0x1}) (async)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f00000001c0)={'veth1_to_bridge\x00', @local})

3.079933734s ago: executing program 0 (id=823):
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
prlimit64(r0, 0x9, &(0x7f0000000080)={0x8, 0x103}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
pipe2(&(0x7f0000001280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r3, 0x40b, 0xffffffff80000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$EVIOCGABS3F(r2, 0x8018457f, &(0x7f0000000040)=""/23)
r6 = socket$kcm(0x29, 0x2, 0x0)
setsockopt$kcm_KCM_RECV_DISABLE(r6, 0x119, 0x1, &(0x7f0000000200), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa300000000000007030000f1feffff720af0fff8ffffff71a4f0ff0000000071103b00000000001d400500000000004704000001ed00000f030000000000006f44000000000000730a00fe000000007203000000000006b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f18564a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccc99069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad24b89b6a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c87852730a3bd7ac923fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca4856ff03b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec860cde7c79f7b4d4e24c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b450100000001000000393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00400000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd599c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb80610eb37bd2d40ebdfed687f0b093e68f10b72146a0b749ee2105e2da94a288146abbbaf7c0b24fe0000000000000000f1a4f4de6a8d12dc9e71a20cbd412898586843b534d36e21379a8a06133c1babde9e5bd5b6afc5f684aada43ee560e800f58cb33b8483f6518abde7c86bd5d389c1b3c40fdd4bebe4adf87b1025ff57eb50984cc5bad9ea1c15484ea627c3c1501d612ed65939266e7332966f03e0376076e7c5dfe25f367dda7f69db89829b360dd2f59cbaad10f13e269eca792725bbacb96aa0a5c426ca76f84322661"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffa3}, 0x48)

1.924144664s ago: executing program 4 (id=833):
r0 = syz_open_dev$video(&(0x7f0000000040), 0x4, 0x2400)
ioctl$VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000011c0)=@userptr={0x4, 0xa, 0x4, 0x0, 0x1e3, {}, {0x4, 0x1, 0x4, 0x1, 0x2, 0x6d, "37b2aeaa"}, 0x7, 0x2, {0x0}})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="640000000206010800000000000000000000000014000780080012400000000008000840000000000500010006000000050005000a00000005000400000000000900020073797a310000000015000300686173683a69702c706f72742c6e6574"], 0x64}}, 0x0)
fchownat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xee01, 0x0, 0x1000)

1.83569416s ago: executing program 4 (id=835):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x80, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080))
ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa07, &(0x7f0000000280)={{&(0x7f0000ffc000/0x1000)=nil, 0x1000}})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
gettid()
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x34, 0x10, 0x403, 0xfffffff9, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x518ae, 0x55007}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'hsr0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x40080d6}, 0x6000010)
mmap$binder(&(0x7f0000000000/0x4000)=nil, 0x1fffff, 0x1, 0x11, r1, 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x94022, &(0x7f0000000200)={[{@nr_inodes={'nr_inodes', 0x3d, [0x36]}}, {@size={'size', 0x3d, [0x70]}}]})

1.747873197s ago: executing program 4 (id=839):
r0 = socket$packet(0x11, 0x3, 0x300) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) (async)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x3}, 0x8) (async)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c) (async)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x4}, 0x8) (async, rerun: 64)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1ff) (rerun: 64)
ioctl$EXT4_IOC_GETFSUUID(r3, 0x8008662c, &(0x7f0000000000)) (async)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000440)={{{@in6=@initdev, @in=@dev}}, {{@in6=@mcast1}, 0x0, @in6=@private2}}, &(0x7f00000005c0)=0xe8)
r4 = syz_open_dev$video4linux(&(0x7f0000000000), 0xfff, 0x109000)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r4, 0xc0305602, &(0x7f0000000580)={0x0, 0x0, 0x200c})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="b56e18ff2d4c18000000000000e2ff0000000000000018110000c7f771e23bd39806b946c1a005d749c80e3d7f93d71811c6f9276fbc7c1b7daa940aad6aca034d2babc0a243def7554e2ee201ea549f819f217f3c905b95478a9a44c7ba927b6d35eda31c89930000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x862e}, 0x94)
getpid() (async)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r5, 0x4) (async, rerun: 64)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50) (rerun: 64)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r7, 0x3e8, 0xf, 0x0, &(0x7f0000000000)="c1df07000000d30a298ee68888a887", 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

1.74348986s ago: executing program 3 (id=840):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000140)={[{}, {@oldalloc}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@user_xattr}]}, 0x3, 0x447, &(0x7f0000000380)="$eJzs28tvG0UYAPBv10lKX8SU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlW0IFSOqBJ3xIEDEn8BJ7gg4ITEFe6oUoV6aeFktPZuYjt2mocTF/z7SdvO7M5q5vPu2DM72QD61kj2TxKxKyJ+j4jhera5wEj9v1s3Lk7/fePidBLV6lt/JbVyN29cnC6KFuftzDOjaUT6aRIH2tQ7f/7C6alKZfZcnh9fOPP++Pz5C8+eOjN1cvbk7NnJY8eOHpl44fnJ57oSZ9amm/s/mju477V3rr4xffzquz9/mxTxt8TRJSMrHXyiWu1ydb21uyGdDPSwIaxJKSKyyzVY6//DUYqlizccr37S08YBm6parVZ3dj58uQr8jyXR6xYAvVH80Gfz32LboqHHHeH6S/UJUBb3rXyrHxmINC8z2DK/7aaRiDh++Z8vsy025zkEAECT77PxzzPtxn9p3N9Q7u58bagcEfdExJ6IuDci9kbEfRG1sg9ExINrrL91kWT5+Ce9tq7AVikb/72Yr201j/+K0V+US3ludy3+weTEqcrs4fwzGY3BbVl+YoU6fnjlt887HWsc/2VbVn8xFszbcW1gW/M5M1MLUxuJudH1jyP2D7SLP1lcCUgiYl9E7F9nHaee+uZgp2O3j38FXVhnqn4V8WT9+l+OlvgLycrrk+N3RWX28HhxVyz3y69X3uxU/4bi74Ls+u9oe/8vxl9OGtdr59dex5U/Pus4p1nd/V+91HhOdv8PJW/X0kP5vg+nFhbOTUQMJa/XG924f3Lp3CJflM/iHz3Uvv/viaVP4kBEZDfxQxHxcEQ8krf90Yh4LCIOrRD/Ty8//t76499cWfwza7r+S4mhaN3TPlE6/eN3TZWW1xJ/dv2P1lKj+Z7VfP+tpl3ru5sBAADgvyeNiF2RpGOL6TQdG6v/vfze2JFW5uYXnj4x98HZmfo7AuUYTIsnXcMNz0Mn8ml9kZ+M+LoxfyR/bvxFaXstPzY9V5npdfDQ53Z26P+ZP0u9bh2w6byvBf1L/4f+pf9D/9L/oX+16f/be9EOYOu1+/2/1IN2AFuvpf9b9oM+Yv4P/Uv/h/6l/0Nfmt8et39JXkJiWSLSO6IZEt1JpBHRtGf5d0W5F19QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG/RvAAAA//831udB")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000280)='system.posix_acl_default\x00', &(0x7f0000000300)={{}, {}, [], {0x4, 0x1}}, 0x24, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x80000, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000080)='./bus\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002840)={{}, {0x1, 0x0, 0xff8b}, [], {}, [{0x8, 0x4}]}, 0x2c, 0x0)

1.743139627s ago: executing program 5 (id=841):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001d00)=@mangle={'mangle\x00', 0x2, 0x6, 0x758, 0x0, 0x270, 0x450, 0x450, 0x270, 0x688, 0x688, 0x688, 0x688, 0x688, 0x6, 0x0, {[{{@ipv6={@mcast1, @empty, [], [], 'macvtap0\x00', 'vlan1\x00', {}, {0xff}, 0x21}, 0x0, 0x168, 0x190, 0x0, {0x7a00000010000000}, [@common=@srh1={{0x90}, {0x3c, 0x0, 0x0, 0x0, 0x0, @empty, @mcast2, @private2, [], [0x0, 0xffffffff], [0x0, 0x0, 0xffffffff, 0xffffffff], 0x2022, 0x50}}, @common=@inet=@dccp={{0x30}, {[0x4e24, 0x4e24], [0x4e23, 0x4e24], 0x8, 0x0, 0x4, 0x7}}]}, @HL={0x28}}, {{@ipv6={@mcast2, @dev={0xfe, 0x80, '\x00', 0x2}, [0xff], [0x0, 0x0, 0x8000007f], 'bridge0\x00', 'veth1_vlan\x00', {}, {}, 0x0, 0x3}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{}, {0xffffffffffffffff}, {0x0, 0xfd}, 0x300, 0x4}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @private=0xa010100}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0x0, 0x0, 0x0, 0xff], [], 'bridge0\x00', 'bond_slave_0\x00', {0xff}}, 0x0, 0xa8, 0xf0, 0x48000000}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@loopback, @ipv6=@loopback, 0x5, 0xc}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv4=@multicast2, @ipv4=@multicast2, 0x1f, 0x1, 0x4}}}, {{@uncond, 0x0, 0x210, 0x238, 0x0, {}, [@common=@ah={{0x30}, {[0x4d3, 0x4d3], 0x1, 0x4}}, @common=@rt={{0x138}, {0x0, [0x0, 0xc], 0x0, 0x0, 0x1, [@empty, @private2={0xfc, 0x2, '\x00', 0x1}, @private0, @empty, @private1, @empty, @mcast2, @mcast1, @private0, @empty, @loopback, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @remote, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1={0xfc, 0x1, '\x00', 0x1}]}}]}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x7b8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000700)=ANY=[@ANYBLOB="180200000300000000000000000000008500000022000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r1, 0x0, 0xfe, 0x0, &(0x7f0000000280)="e0400000000d85ff9782762f88ca", 0x0, 0xadca, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r1, 0x40049366, &(0x7f0000000000)=0xfe2e96e568b1e4d0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x8, [@enum64={0x1, 0x2, 0x0, 0x13, 0x1, 0x2, [{0x3, 0x1, 0x4}, {0x4, 0x1, 0x3b}]}]}, {0x0, [0x5f, 0x5f, 0x5f, 0x61, 0x30, 0x5f]}}, &(0x7f0000000680)=""/95, 0x44, 0x5f, 0x1, 0xfffffff1}, 0x28)

1.650225689s ago: executing program 4 (id=842):
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e1e, @dev={0xac, 0x14, 0x14, 0xf}}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000440)=[{{&(0x7f0000000140)={0x2, 0x4e24, @multicast1}, 0x10, 0x0}}], 0x1, 0x44008004) (async)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00', <r2=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000040)={r2, 0x1, 0x6, @multicast}, 0x10)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000340)={r2, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x10)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000300)={r2, 0x1, 0x6, @multicast}, 0x10) (async)
r3 = socket(0x11, 0x3, 0x0) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000005c0)={'gre0\x00'}) (async)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4)
sendmsg$netlink(r3, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="020114008cdc18000e3580009f000114600000060600ac141414e0000003808a8972bd0b72e4a139697dd2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0ab42e32a097dbd4be5ffca88faca"], 0xdd12}, {&(0x7f0000000440)=ANY=[], 0x10}], 0x2}, 0x20040051) (async, rerun: 32)
write$binfmt_misc(r0, &(0x7f0000000300), 0xfdef) (rerun: 32)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) (async)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0xd, 0x10, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r5, @ANYBLOB="0000000002000000b70500000800000085000000aa0000009511f185a41c813243a9e8f4185c1b8173300f546989e13e9e88e79f4177b8eea840588708a2884c57cdb1d075b48ba9a509339fdd38d02a325fd28c1aa5bc1e8b9b8e0c9f6670c52824ac4ad65f09420d0f9050e3d6ec96b7a6d70acb1485d5bb6ea4ec868f0f31222c79b1af72ca89e178ffeac38ee7c641acafef916f37e119c52f124108f6d8cbcb7596c85a9e6812c6a172bb1db79ed8008c3d7dbfc4f1d61d339e45ac978a0854f3b7a74d43f2557ba460bdde0a2060c5e58064517ae23e0932da4fd774f977b35217a7f1bfc65bf74c9d0bd8a2af790168dba2a27b1fd99f2bcd1adda1dcbe6ced766cd6b4c60923ea726b3eaee6938a6c86c76ee7962d21882e0ef79f70411c576895dae1b195efca0412c0398a8ece"], &(0x7f0000000300)='GPL\x00', 0x4, 0x1002, &(0x7f00000014c0)=""/4098}, 0x94)

1.63838657s ago: executing program 5 (id=843):
socket(0x10, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000001cf30000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000500000000002604fdffff02000015010000033800001d13f8ff000000007a0af8ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f0000000180)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000000c0)={0x0, 0x7, 0xb}, 0x10}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32, @ANYBLOB="c300"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="001f0000000000000000000000feff00"/28], 0x50)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
r1 = socket(0x1e, 0x4, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="2000009b39173404000000002100000007000006060012400000000004000280"], 0x20}, 0x1, 0x0, 0x0, 0x24000044}, 0x40)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xbebf8000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000141, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
getgid()
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)={0x24, r5, 0x201, 0x3ffffd, 0x800000, {{}, {}, {0x8, 0x11, 0x84e}}}, 0x24}, 0x1, 0x0, 0x0, 0x11}, 0x20040010)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r1, &(0x7f0000003240), 0x4000000000000e4, 0x101d0)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'lo\x00'})
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})

1.539979076s ago: executing program 3 (id=844):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'vlan0\x00'})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x24040084)

1.500705379s ago: executing program 3 (id=845):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000200)=@mangle={'mangle\x00', 0x1f, 0x6, 0x3b0, 0x0, 0x238, 0x170, 0xd8, 0x0, 0x410, 0x410, 0x410, 0x410, 0x410, 0x6, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, 0xffffff00, 0x0, 'veth0\x00', 'veth0_to_bridge\x00', {}, {0xff}, 0x62, 0x0, 0x50}, 0x0, 0x70, 0xb0}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0xb, 0x4, @ipv4=@loopback, 0x4e24}}}, {{@ip={@loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xff000000, 0xff, 'geneve0\x00', 'veth1_to_team\x00', {}, {}, 0x89, 0x6, 0x24}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0xff, 'ip6_vti0\x00', 'geneve0\x00', {}, {}, 0x0, 0x0, 0x1}, 0x0, 0x70, 0x98}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff, 0x6, 0x5}, {0x0, 0x6}}}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x31, 0x7, 0x1}}}, {{@ip={@loopback, @multicast1, 0xff, 0xff, 'veth0_to_batadv\x00', 'bridge_slave_0\x00', {0xff}, {0xff}, 0x44, 0x1, 0x15}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x55d, 0x3, @multicast1, 0x4e21}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0xcf8a)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c030000160001000000000000000000fc010000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000006c000000ac14140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007fffffff00000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000300000006"], 0x34c}}, 0x0)

1.49861036s ago: executing program 4 (id=846):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000200)={0xc})
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./bus\x00', 0x3000408, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000b80), 0x210c48, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './cgroup'}}, {@upperdir={'upperdir', 0x3d, './file0'}}], [{@smackfstransmute={'smackfstransmute', 0x3d, 'lowerdir'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
read$FUSE(r2, &(0x7f0000001940)={0x2020}, 0x2020)
ioctl$sock_inet6_udp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000000))

1.42395895s ago: executing program 0 (id=847):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x3f46137792f68265)
ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0xc0089364, &(0x7f00000001c0))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
syz_emit_vhci(&(0x7f0000000e40)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_complete={{0x3, 0xb}, {0x0, 0xc8, @none, 0x0, 0x56}}}, 0xe)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x181002, 0x0)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000080)={0x49db, 0x0, 0xfff9, 0xbfff, 0x18, "ec28a144f13d7607"})
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00000001c0)={0x0, 0xffffef7b, 0x40000000, 0xaf, 0x10, "1b09000800000000000000e678000000001000"})
r2 = syz_open_pts(r1, 0x20800)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000100)=0x44)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x1, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
r3 = syz_io_uring_setup(0x26b6, &(0x7f0000000200)={0x0, 0xf906, 0x8000, 0x0, 0x308}, &(0x7f0000000080), &(0x7f0000000280), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_FILES2(r3, 0xd, &(0x7f00000008c0)={0xa, 0x0, 0x0, &(0x7f0000000740), &(0x7f0000000800)=[0x2, 0x4]}, 0x20)

663.597442ms ago: executing program 1 (id=848):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x5, 0x4, 0x4, 0x8}, 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x14, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

596.268526ms ago: executing program 4 (id=849):
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = syz_open_dev$media(&(0x7f0000000000), 0x4, 0x62602)
ioctl$OCFS2_IOC_REFLINK(r0, 0x40186f04, 0x0)
vmsplice(r0, &(0x7f0000000840)=[{&(0x7f0000000280)="abe9e93cce41e355f14d73fd7bc56cf2a769bb4938240f68682ee62460b7bfa9f7805d3ca300b4afcd816fcc28eb37ef1859db4102bc868817d4869f9998eddd936c2c972c00567fa3a46e09a8ccaa4a1c2055794b1c7d7f28c931c3d537843f6d0cdac330533a646e24c2eacb98ec273e68542c17ab1ec1bc429bb91b3abf7e9e66459d825e7dec8c03c4cb796337dc0f0327a607bfb827d743501620a2784f7674d9", 0xa3}, {&(0x7f0000000380)="65ca6db5", 0x4}, {&(0x7f00000003c0)="2245c60d44855320b6f6e79b809a08db6c54b3d1678d170056b45d43b8911241095f44ce54d7fab05318e5bd037e1964069033245ca4eebaf0abab2f9fc61d3da8", 0x41}, {&(0x7f0000000480)="557e7f6b60456c61cabdb8c800232032912b017e9d3ddbc53f800b6379e7d6bf7b63d391f719eaf196640f95fbb973b3351f346c34650dc66c318154f460e46871d4d0195b869f4f45362b63e4927280a02a56c76d17297f49257d67e781cc30abb6ddf19af2", 0x66}, {&(0x7f0000000640)="879a80d85bfcdb5fd265abcc933d59147735bb52ab1bfc5b22b09a86dab2c6e8496798222e04e1439dbdb24f15d723148a6db7ce7c1f3dc97b3dadc2a715753e108d979c43abd14090ac0c20e979146ff6fbe93fce6913b5c5e7c4f6ccce25348c3fe5caa6104ddd3d5c675d3509ce089f0af185519c8d1dbc135317aa4f6fbe9341f1358f9a05b534fed48ed314ef5c1b490b200deb6ff242cdbb7b8cc989439104417e2a3eeb18ff9695f463b112780de9661c125dffa9ca303b2047b3fb95cb480186d00bfd6f2aaf55b9ac43", 0xce}, {&(0x7f00000007c0)="3a78cb28406890fa2cd32a5354f1c30aa668d0d26092b341a4ff86ffa9039c17640f7746d85796845d87e9ecd17a1d23db6cf98b2db519e7851fd5efe485e8cb025feccb036696a80b89ba34fc6b3f39d8ec7afba39c5997c5b04f36a7", 0x5d}], 0x6, 0xc)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000440)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000200)={&(0x7f0000708000/0x4000)=nil, &(0x7f000081f000/0x3000)=nil, 0x4000, 0x1})
r2 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x409c884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @local}, 0x1c)
sendto$inet6(r2, &(0x7f0000000780)='\r', 0x1, 0x6d91fb6102d8d9cc, 0x0, 0x0)
syz_emit_ethernet(0x46, 0x0, 0x0)
sendto$inet6(r2, &(0x7f0000000080)='D', 0x1, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r5, &(0x7f0000000100)=""/184, 0xb8)
openat$cgroup_int(r5, &(0x7f00000000c0)='cpuset.cpus\x00', 0x2, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000040)={{0x1, 0x1, 0x18, r2}, './file0\x00'})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x3, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0xfffffffd}, [@call={0x85, 0x0, 0x0, 0x94}]}, &(0x7f0000000340)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94)

540.038819ms ago: executing program 1 (id=850):
keyctl$chown(0x4, 0x0, 0xffffffffffffffff, 0xffffffffffffffff)
r0 = socket$netlink(0x10, 0x3, 0x1)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'veth0_to_team\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x839, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x1, 0x2}, {0xd, 0x10}, {0xfff3, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x0)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r5 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r5, &(0x7f0000000000)={&(0x7f0000000140)={0x2, 0x4001, @empty}, 0x10, 0x0}, 0x30006041)
close(r5)
keyctl$chown(0x4, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) (async)
socket$netlink(0x10, 0x3, 0x1) (async)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) (async)
socket$netlink(0x10, 0x3, 0x10) (async)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) (async)
socket$tipc(0x1e, 0x5, 0x0) (async)
bind$tipc(r2, 0x0, 0x0) (async)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, 0x0, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'veth0_to_team\x00'}) (async)
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x839, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x1, 0x2}, {0xd, 0x10}, {0xfff3, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x0) (async)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4) (async)
socket$kcm(0x2, 0x200000000000001, 0x106) (async)
sendmsg$inet(r5, &(0x7f0000000000)={&(0x7f0000000140)={0x2, 0x4001, @empty}, 0x10, 0x0}, 0x30006041) (async)
close(r5) (async)

539.825413ms ago: executing program 3 (id=851):
r0 = socket$inet6(0xa, 0x2, 0x3a)
connect$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3, 0x4}, 0x20)
sendmmsg$inet6(r0, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x40}, 0x6}, 0x1c, &(0x7f0000000b40)=[{&(0x7f0000000100)="8000102e7577d401", 0x8}], 0x1}}], 0x1, 0x4c0c0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_clone(0x40008000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x10})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000ff2000/0xe000)=nil, 0xe000}, 0x2})
ioctl$UFFDIO_POISON(r1, 0xc020aa08, &(0x7f0000000000)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}})
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ffa000/0x3000)=nil)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_pkts={{0x13, 0xd}, {0x3, [{0xc8, 0x72}, {0xc9}, {0x190, 0xe5aa}]}}}, 0x10)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x28a81, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

418.239388ms ago: executing program 5 (id=852):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000540)={0x0}, 0x1, 0x0, 0x0, 0x81}, 0x20000040)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[], 0x3c}}, 0x40000)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000100)={@ipv4={'\x00', '\xff\xff', @multicast2}, 0x56, r2})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0)
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r4, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000400)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="000225bd7000fedbdf254c0000000c009900010002803f0000000c00580068000000000000000c00580072000000000000000c00580031000000000000000c0058005a000000000000000c0058004d000000000000003c30c025e6fb5e38985322bb8e36a91766a777bc70393f74f774d2c439dca4a73e177ed5e6953b854e606391f0c47e4aca3442f929ded2e8d576a90cf102128d2c84704f888f36847d8f4597c3b0738781617e9333deb44bac5e9519c1093c000f47fdade7edaf02fafa0d375d39058b373f51f931dcad5da3c772ed98c042976abd5b3b31b4e0f47c6355a06c274a9c51023c68795a4a0c4e10e6818b280cdd968214f3708864d4e4de44e33e4b7229c5e5ae3329304df715d20e27edb53e27e37a7132db6c82bdb071"], 0x5c}, 0x1, 0x0, 0x0, 0x4090}, 0x20044040)
r6 = socket(0x200000000000011, 0x2, 0xd)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r7=>0x0})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x25)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r9, r7, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x8001, 0x0, 0x1}}, 0x40)
syz_emit_ethernet(0x32, &(0x7f0000000040)=ANY=[], 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c00000010000305000000000007000000000000", @ANYRES32=0x0, @ANYBLOB="0000000006100000140012800b00010062726964676500000400028008000a00", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x440b0)
r10 = dup3(r0, 0xffffffffffffffff, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$devlink(&(0x7f00000016c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r11, &(0x7f0000001840)={0x0, 0x0, &(0x7f0000001800)={&(0x7f0000001700)={0x54, r12, 0x1, 0x70bd27, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x2}, {0xc, 0x90, 0xfffffffffffeffff}}]}, 0x54}, 0x1, 0x0, 0x0, 0x404c0c1}, 0xc000)
r13 = syz_clone(0x400011, 0x0, 0x0, 0x0, 0x0, 0x0)
r14 = syz_open_procfs(r13, &(0x7f0000000300)='personality\x00')
pread64(r14, &(0x7f0000000500)=""/19, 0x13, 0x6677)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000380)=<r15=>0x0)
sendmsg$DEVLINK_CMD_RELOAD(r10, &(0x7f00000007c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000640)={0xfc, r12, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r14}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x3}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r15}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x1}}]}, 0xfc}, 0x1, 0x0, 0x0, 0x10000000}, 0x4000)

347.947191ms ago: executing program 1 (id=853):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.swap.current\x00', 0x275a, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(r0, 0x3b88, &(0x7f0000000040)={0xc, <r1=>0x0})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000080)={0x18, r1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x7f21a0eefdc10b51, r0, 0x222cd000)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
prctl$PR_SET_SECUREBITS(0x1c, 0x12)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000000)=[{{0x2, 0x1, 0x0, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}], 0x10)

232.022289ms ago: executing program 1 (id=854):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000140)={[{}, {@oldalloc}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@user_xattr}]}, 0x3, 0x447, &(0x7f0000000380)="$eJzs28tvG0UYAPBv10lKX8SU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlW0IFSOqBJ3xIEDEn8BJ7gg4ITEFe6oUoV6aeFktPZuYjt2mocTF/z7SdvO7M5q5vPu2DM72QD61kj2TxKxKyJ+j4jhera5wEj9v1s3Lk7/fePidBLV6lt/JbVyN29cnC6KFuftzDOjaUT6aRIH2tQ7f/7C6alKZfZcnh9fOPP++Pz5C8+eOjN1cvbk7NnJY8eOHpl44fnJ57oSZ9amm/s/mju477V3rr4xffzquz9/mxTxt8TRJSMrHXyiWu1ydb21uyGdDPSwIaxJKSKyyzVY6//DUYqlizccr37S08YBm6parVZ3dj58uQr8jyXR6xYAvVH80Gfz32LboqHHHeH6S/UJUBb3rXyrHxmINC8z2DK/7aaRiDh++Z8vsy025zkEAECT77PxzzPtxn9p3N9Q7u58bagcEfdExJ6IuDci9kbEfRG1sg9ExINrrL91kWT5+Ce9tq7AVikb/72Yr201j/+K0V+US3ludy3+weTEqcrs4fwzGY3BbVl+YoU6fnjlt887HWsc/2VbVn8xFszbcW1gW/M5M1MLUxuJudH1jyP2D7SLP1lcCUgiYl9E7F9nHaee+uZgp2O3j38FXVhnqn4V8WT9+l+OlvgLycrrk+N3RWX28HhxVyz3y69X3uxU/4bi74Ls+u9oe/8vxl9OGtdr59dex5U/Pus4p1nd/V+91HhOdv8PJW/X0kP5vg+nFhbOTUQMJa/XG924f3Lp3CJflM/iHz3Uvv/viaVP4kBEZDfxQxHxcEQ8krf90Yh4LCIOrRD/Ty8//t76499cWfwza7r+S4mhaN3TPlE6/eN3TZWW1xJ/dv2P1lKj+Z7VfP+tpl3ru5sBAADgvyeNiF2RpGOL6TQdG6v/vfze2JFW5uYXnj4x98HZmfo7AuUYTIsnXcMNz0Mn8ml9kZ+M+LoxfyR/bvxFaXstPzY9V5npdfDQ53Z26P+ZP0u9bh2w6byvBf1L/4f+pf9D/9L/oX+16f/be9EOYOu1+/2/1IN2AFuvpf9b9oM+Yv4P/Uv/h/6l/0Nfmt8et39JXkJiWSLSO6IZEt1JpBHRtGf5d0W5F19QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG/RvAAAA//831udB")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000280)='system.posix_acl_default\x00', &(0x7f0000000300)={{}, {}, [], {0x4, 0x1}}, 0x24, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x80000, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000080)='./bus\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002840)={{}, {0x1, 0x0, 0xff8c}, [], {}, [{0x8, 0x4}]}, 0x2c, 0x0)

231.734674ms ago: executing program 5 (id=855):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'vlan0\x00'})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x24040084)

213.591272ms ago: executing program 1 (id=856):
r0 = socket(0x2b, 0x80801, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8000000, 0x3, 0x2d0, 0x0, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x200, 0xffffffff, 0xffffffff, 0x200, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x3, 0x0}, @mcast1, [0x0, 0x0, 0x0, 0xffffff], [0x0, 0x0, 0x4c62d6309aaa1bde, 0xff000000], 'ip6tnl0\x00', 'nicvf0\x00', {}, {0xff}, 0x3a}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x4, '\x00', 'syz1\x00'}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [], [0x0, 0x0, 0xffffff00, 0xffffff00], 'veth1\x00', 'veth0_to_bridge\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', {0x1}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x330)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x200000, &(0x7f0000000200), 0x6, 0x5af, &(0x7f0000000dc0)="$eJzs3d9rFNceAPDvbDbGRL0qiNx7Hy4BH67FuvnVHxYK2sfSSoX23YZkDZKNK9mNmFRQHyqUvhQplFKh9A/oex+lf0D7VwitIEVC+9CXlNnM6prNZjdxdRf384FJzpmZ3XPOzDlnztnZYQMYWOPpn1zEfyLiqyTicMO2fGQbxzf3W398Yy5dktjY+PiPJJJsXX3/JPt/IIv8OyJ+/jziVK453crq2uJsqVRczuIT1aWrE5XVtdOXl2YXigvFK9MzM2fenJl+5+23ulbW1y789e1H998/8+WJ9W9+fHj0bhLn4mC2rbEcz+FWY2Q8xrNjMhzntuw41YXE+knS6wywJ0NZOx+OtA84HENZq0+N9jRnwIt2MyI2gAGVdNz+h/UU8EqpjwPqc/st8+BtZu6vlkfvbU6Amsuf3/xsJPbX5kZj60nDzGhzvnukC+mnafz0+7276RJtPoe4+UxsXxdSBwbZrdsRMZnPN/d/Sdb/7d1kB9ePrWl06XNYoAP30/HP6zGSRRvaf+7J+Ce2Gf90a/TRvv3nHnYpqW2l4793tx3/Pum6jgxlsUO1Md9wculyqTgZEf+KiJMxPJLGd7qfc2b9wUarbY3jv3RJ06+PBbN8PMyPPPua+dnq7POUudGj2xH/fTr+TaKp/99fG+uOjcYz5z89HhfSwC9ftE3jePHe/1pta1/+Rjd3Wbr2Nn6I+P+253/zjlYuC+1wf3KiVh8m6rWi2Z93jv/aKv3dlb/70vM/tkP50yqfNN6vrezu/dO50/f7/y622r7X+r8v+aQWrvdD12er1eWpiH3Jh83rp5++th6v75+W/+SJ7dt/vf6PbtP/pes+7fAY3Dl2p+Wu/XD+53d1/ncfePDBZ9+1Sr+z8/9GLXQyW9NJ/1cq1ivNzhnc63EDAAAAAACAfpTLnv8pZOGDkcsVCpvP8B6LsVypXKmeulReuTIftWdl63cFJ2PzWeH69yGmsu/D1uPTW+IzEXE0Ir4eGq3FC3Pl0nyPyw4AAAAAAAAAAAAAAAAAAAD94kDtmf8kt/X5/9RvQ73OHfDC5XudAaBn2rb/5/0lOKBvuf7D4NL+YXBtbf8jPcoH8FLlw/UfBlpj+x/uYT6Al8/1HwaX9g+DS/sHAAAAAAAAAAAAAAAAAAAAAAAAAACArrpw/ny6bKw/vjGXxuevra4slq+dni9WFgtLK3OFufLy1cJCubxQKhbmykvt3q9ULl+dmo6V6xPVYqU6UVldu7hUXrlSvXh5aXaheLHo50UAAAAAAAAAAAAAAAAAAACgWWV1bXG2VCouC7QMnI2+yMaeA0m7s3w2qwy7eufIAvneF7DfAoc6b1aj0Sd5bgr0uGMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAb/BAAA//9okSnn")
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x170bd26, 0x0, {0x7, r3}, [@MDBA_SET_ENTRY={0x20, 0x1, {r3, 0x0, 0x0, 0x2, {@in6_addr=@loopback, 0x800}}}]}, 0x38}}, 0x0)
r4 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2)
ioctl$FE_SET_PROPERTY(r4, 0x40106f52, &(0x7f00000000c0)={0x29, &(0x7f0000000200)=[{0x17, '\x00', @buffer={"bc503e211b4c1198cd98b5f801b21380f62579814aae62d886a21f20d7646202", 0x20}, 0x7}]})
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x191)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
chdir(0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x143041, 0x100)
pwritev2(r5, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r5, 0x40305829, &(0x7f0000000180)={0x17c04, 0xffffffffffffffff, 0x84, 0x75ea, 0x800004})

186.589929ms ago: executing program 0 (id=857):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x29) (async)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000005c0))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000980)='./file1\x00', 0x42, 0xc2)
pwrite64(r1, &(0x7f0000000080)="cc", 0x1, 0x200980) (async, rerun: 32)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) (rerun: 32)
write$FUSE_INIT(r2, &(0x7f00000000c0)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x2d, 0x6, 0x480502, 0x5, 0x9, 0xb, 0x9, 0x0, 0x0, 0x4, 0x7bfd}}, 0x50)
pwrite64(r2, &(0x7f0000000140)='2', 0xfdef, 0xe7c) (async, rerun: 64)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) (async, rerun: 64)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x16, 0x13, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000900000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000f28500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000020000008500000086000000bf91000000000000b7020000020000008500000084000000b70000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) (async)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)

131.981966ms ago: executing program 5 (id=858):
r0 = userfaultfd(0x80801)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x6, 0x8}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xc, 0xc, &(0x7f0000000180)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x14}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0857f9f582f0300000000000000", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0857f9f582f0300000000000000", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)) (async)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140))
r3 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000080)={'#! ', './file1/../file0', [{0x20, '#! '}, {0x20, '*'}], 0xa, "521299a432289bea0aa53f5db534de379d0418026c1f265a707f7b5008ab99f2c9a997ad"}, 0x3e)
write$UHID_INPUT(r4, &(0x7f00000007c0)={0x8, {"dc5d3b0169633d3eba3eabbc09167be55101d4af4b22a373236464d2dbfaa84399b77bd438a54364a7ebc5bdaab4f9decb7c044318cd59a0af8279bcab35dd7daf7a0ceb381df2c32eff45b13e2c8f40e1895355bf6f165200cb1ca41a155730ee2e9f83183f9fafe029d0401b0770618254a8b2dc87b630072b1e2de160d1afed51b74c14b71ec1b226a324482d14ad586b1a4ce80e458fe45244c01eddeddf3564af838d6d5324f8a77023d6eb7aa14397a0e1413ea1c3dfdf063a35b709e627f36fe403ee3117365be5017682f53595f28543062c740a94a794312f5cebc315044b8ea000a5d0f27812ab0ce149d11e6f6f7620c5f3e250bf67d13a1ca39dbb7b8b5a31e3d7ba7ebe5849a7a09b61fc9f2cfc54b89e9cd0105bca49483ce55e0187ce2ad692a18219d881057c838587b915337169ee054655f26a04df913a658fccbf4def6aad750ca4796b74d322c67e9d4ee6a530a22dcc35db850b424d6ec9f62495b9f9fd2b000feadd57d26dbd505798c208d91eb0aab0fd97537631b8bf81ce0e2241c4272be4ff69b390e4485d574146b76d1fdbf7fc5334906805534cdae1e47240af7761a18fc8bd0a694be47529da98bc0f98eb7db3fc4a74cbb6e486f4de90fbf2452e72c2e1dca44543ad9ad094b8bc861eef1e814662d0b350339e3a510d459c6f83aabd5fd3dcb38224056d761e7df9b482b9905f1e2135c1929be328ecdb69c007a3efd548502c83106f6df1ab1178fac499eda92ad4373155227ec2df150c919d322ecb3ea37e659285f18a3e2f79b59900ca438df3a1381380a12d3ad7678e0a8d3bdfb40651389b4ac8c66138d442d70eafdc2df8b080028006b124e4ebe0d9883ef100f1934e42794146382c1d628fd2ebe5859b6c243824903d056d800975675bb1913142adbc039a9c68c2f146a0e8903447313f5e5549905f397a9b1f21a93b80c4d04a8ea7a29a50fbc5407a9305bba420edf898ea678d6879489c39692c99bb6dacf61f5f97637b94c1031d635b5423b38b9196fafaaf87b2796eadc21466af5a10281e6a808748969d29efb444c99a4cb2111732a792dbca4376a125a68f7cdac065cc6173dc21caafba48c742d9a7df2f771ff2f5725b22c247d4e0c6106f9f5f6929b69929ab37e9a9b326ce618bb702b883b12026f1300f21f2c7440cac8c5f1210a78aa067211d2827f5dcc7578252c2ccc3f67bab9d1bb6939b21b550788ef550acfed4bf50c0b4fb3ca4d2872ee64f95d611a317d9daaf373a10d868680b2226396c95fa2b0ab4d6fce06c3b42cb97d17a7b5089061537fdeb1a53040869f7befca330358fdba86754fc2e46c2113e1484cb37534af8f0408a7ee313778dab49f08229964298f847ea66c4ec319f64b6a12da585bc59e82e0263c507b397d3efee3b4066f4d25566aa1549f6185f6375f84b65fa8945148b90430c86a5b6fdf58d5c812b98d9dc621fd9a3d9f1a577495356516d1cbcf5e8bb8923b54b247225b9c3892b18a9e137f3620c734052af9dc8f1ea36f0d4592d5ee32e35676a84dc891f97456f2ac3a4ab58a42bcdc221a4ac8bb28d428add2fcbe5b110a8afd5d23b31e827bd16167b2d88cae024afc04a722ac0b4d45c52512e6b6f102aac4be21bc89ce246539048370553665b0a4336a6db99d0d19399be6437bf21419304331b4342b2c1db580f0c9bf681fdb8e9fa3e025454197bbc82ef93ee2f385660818ec5127080675a8013766469afe3b1e36e81bf2f04c3a26eaf4517551e734d21ba3bc90e48aea0891792970c39f3f528397e9b7ae190f1760fe5960dc763ee0a17939c60bfcac0a8914be82c749e4fe85d1ac5fa733413468fb8941085e8c4d6e0b6d1e62e20da58440facd640ddbb6c1f694b3ca48757a34c5a11668368711a1d4f3a81d31ac30d71277d7ae77882b6841cfa6289e6cce84a3ad57eeb328f831888ac7d3cfcd3a472a48d903f20cec8c8ae8d0bea04ebf7413ef7693f8ed876e49bd5f89d7e1078208ff62712e330fc0341b9ccf26845578d44b1e0c66d1bebc14742baedfabb8e9a2c8f42730360c72997efe0ce786ff330c2eb6e0ff20896f813c2a515ce76f826c11a1c1588eb369231ddeb4a2f9f9591ecdecc74d20aeb50047beb3ab89a9e4e1b805a20b645c79d0bc5d0247fab8ba46a97a07630b1f1cb69b42b568af746733d2c581f057873d64fe6e659b00b4a26745f5fba1fe7406a86b007936c7cfdac53a4c5b0ea9f6604863c8e3f174eddbb09175f6e13cda9a860cf400ef9ed02b895502ac6e6de6a658249c3c6e8a653517eae2231e56e0f120547923c6549ebc1ed14c623637ce3d96af5c93a32e58e2d9659d8b5b145888b52d9a5b5cb3cdf594eb137bcef2ba068cfd2c6ccf7ab6e5b4ec55e9197bfb91c9b8729f7b50cf0b0326f7ea3e712c77674d48545ca2a86744c3c38f149d69cf811beacf7e5f49c7bfba20f1dcf3d7bc0b9c796016820a46495d244c9606a06fe2e14233eda78d69ae4523ad7b708b0c7ead44d7fd376fed60e3cc2ee25e9600adfbe87ac7c8fb8269aec9459602af0f420becda6120ce7d9626c65ae7f860639e8bf664eb4301ec18add0e436c0356c12ab6b4ca35da2b43c4a8c239fd0b59a2ce94843cdfa1667053165053633b062844dbb0d00070fde74fa3178eb5f1f5fd02e2088d8690379f39ab22c080cdcb29d700bac74fabd8a356fe99afe83a5d99aa5024e9158a299eda6c99b6701e64f1d68e7e2c0c6e88396bb535a02d0948f0a250a6e090041c96d9c9acd6134d44d516fd1010c39e572b86b05bb1326a2a4f23f11181186f9c2a01dc7b58c0129f4b851ca9b1e3dc35db7364e29ef646211796b1651511e041345abce427fa5d6e48b8fb078c8432061a4cc518a8f2a2caf709a5c1473a62112a6650afc64eec12f8f9c08cff1b6fbf7a1209fc8661f62303b7c5d49c1d0b32a9f37e81ed9ab6193816d40995ed49c10b9f5752e04d57535a3d16f06c65d32846c31ec9787ec4a965679eb804e86b45d007f38d8104550770dc6f313bc846e43a14a8c21d0628c744e3e83cb998d1b7acfe996541a8c03852dadf9326444c582b481cae844e4f3fe3d638903b38f24633b63adbad841ac6c4c1169d781a0e271e8a967b1c7e986fcb3a66168e86e3559a44fcfa92452260491da9397659af60453f4cd4be2d15439445ec2b4366a79d3283da912d9d499df1242bd174edc235848caa21d2c997aff0e95c7e5cc0803c90fab84e7be7b37909d0e2f3bc9974e3388acb6800baba183ecc8eea8c71c0d65d669e41f99ceae523b7a6b772f3b8ebba1d2127ccc3ddb7ddcb4ec73cbdc26fc87c3848e258a0b5484d3a13e40ec4e4a65dd92f09e9fe1e3e2f8b96c4e363aa3683860dee62dfcf8823ee4a3593a092e0bd9c4cedacf44a272faa164447b01f46a7795642a40c61b0034a37f0e9b792428a0ddcd144fe8263088eaac8016f8f1cd30b55ac90a8f10d785b7570dd9e639a4a068d3fe98a420b9f72e79de817f676c2a224300d749571ad43f49d1fbe838f4566bc7b5f104c384ad87189213152b644d9fcbdf98bafeee569d640ce9045779f1d90024c023a7480a358dee276fba139c14b4fdb12885240903d0e61dc161659a68f62c92b899007e0f2b65bf0a069e9e57c9b6ae50a3b30dd1003fb0eead73ae2f6010b3b356b4060579a4f29935e1f00c01d12e5f44e8e3163d81dfef7ca8560604240c7e96e4454c6971614df306c768121abb3f628e3f1d2d026f58d1087334c5bdb74d7c949b0ee66a4531ba4e9b922aee3d0f802ed034734507a5913c52966f1f8bd4577840de0253aabc23299dced2a299859c07af9fb0f9c29b6533b9d84d471390d59ab315f5ddb226f6b8dd7889295f0fb1f7bd1adafe4cc520a1e84bf2a59d5b9795aeafc8d6fd66a8228aba8653b98622617ddfeb5d6795c9bd2f35d4a0c386e862675a50e3314c3fbb17aca151c13c7fc8b1d1b72ed0a958537b5ddc9e74bddc2b9571ec3f2b7775b125338d4852a75a63941564c65bb36dfb6bea4aab1ae7a4f285c2177aa98406eb2cc10934aa92d5a9612d4455c84ad200841d289b5c2d5deab0d8e2459598ef183d3dc47f6bad0b9513710600cfa4d69fcd5763cdcc4f2c2b7cd7d4491fd52f4aec82ce846c0988f6f0123e21e900d39c61085e68c9badc350b44004f6c042d64b0d0cbf91ad0592b198f1eeea1e52200bc8e6d62848d6884b10bdde72466039da488be6b340c23148f666f2fe6e032c07dac43586df182aca9116f4600313fa8375c76337ba86bdc391dae6450218f58f047ced64befc6bb5c2a60024669630a6279fedf2fe45e7e19ce582ad96ae0d023eb9b39f5f1e666e73bb038ae38157275be5eb3e7cbc8b05adf53e817646bdc2cfce98e5d162bf7faaca787db8717ab8b27b9e35609c5fb9fe9def07f010df8b43cf5c96851eadfdeff0b7bc5826e7e15490ae9c3d14166ee81bef007070e7981235a673804ad89943ee6b51ac63364f7870e121e6ff23a0c7d179527cd58dd7a4ca37247c2bd9efc79b720bb1ee2d39862e98cb81e93cf5b48d5d02ee8ac737ab504c867a1c49e678300803c94fbe978dea918a1e71b9791ee1e4d30056e86c26a4675a8b090be2365c0b451a13ece52a89a7057fe2052e11c6666eb916d823ea66bf217c320acba3b714910734b2d27c2fa586bd7f7664b0d1422adabad2ce2afc10270057f11940fac1a51d023ce48bd04ea39b7f99381b239fd0ddeea0dce7863ec1f8f61775013b6414ecf86e686a340a3148f87a9d7d60a1f2da53436d16fc88d6a4e7c3d55e0dd004cbecc15a5558eb705d82aacb1862ddc251dd5d9cbf1d78f97900ce6e8dab0ea678cb823bd1e7bbd1e927841af08f5427878c19f4f322228f9b36287fc13e7c1293ea875ae73815e052d6c2ebc40df8f7b9d1f76e0b10e35aa160944983d8e6b790df0d9b13f3460657336d81f7d83c0350324b930ec9c7557ce12887f76372e126f504b0980fea27f31a780c05187b9b5353dafc6b101543b24332b96e15bc26b19062e52fa9f86d260ee3a3bc92a133e328407bb85357ee5c45cb87228f44888b14941b5911b050e9319fe88033f830a8490917a9c0572ebbc5492b4e1083a2e3d77215a34abef947b5b9a950e780662de18873e55899c92db3ad3d437e8407890afa6b0c04ef861b8bc85fbbe1bb67b3d9ef001409f84b8ec4f01d861cecc143a805b981ab5cf5b605057b63cb2c84ec358e510a69cd8c33a8a62fe4680d0c980145cc709157832bfaef261cb0466c237376ca2944ce9affffd4b1dc7cc9511da0b34bffb9ac216fb8cf7c6572d95627787720d1ba67c6512fcdb16f6329e9668681c404efebad559f81f05971b5efb6b4cca97ad0346753cc0a40a877242d8a808c602b03dc962cee38e646cb18abb079c70d357c30738a70f55cd3c5956a83a1bfcd6649dd765f16bfe968066345df7380bbc0c16b3b5af513d6458c791343952f33a051c5d711c1f35af1b47f3db9bbfb5c7c636b3a2b52805d606479879be0b404a28ade5649a3185e0f85a85fc15cd824671c2befdd0da509597c87d869f0bd7ad163ad93ca28fc0c4025eccaafe385ec3fc06c54ebcd7b07b6c7e0197c5b9ef886159a1585ae45248f865be760db6f5bc8f868fc6aefd04e34ecb51159e4cdcc2214b42b1ca9caec13ba3e1b2e7a3c736977b226213d265c2873195122a9b448088c8b50edd549be41c38ab176807b75e7267f86e4", 0x1000}}, 0x1006)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc5e3ed1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "9001001c551265406c7f306003d8a0f4bd0000000300"}})
ioctl$UFFDIO_ZEROPAGE(r0, 0x8010aa01, &(0x7f0000000200)={{&(0x7f0000ffe000/0x1000)=nil, 0x1000000000000}})

131.814111ms ago: executing program 3 (id=859):
r0 = socket(0xa, 0x3, 0xff)
keyctl$restrict_keyring(0xb, 0xfffffffffffffffc, 0x0, 0x0)
sendmsg$inet6(r0, &(0x7f0000000080)={&(0x7f00000000c0)={0xa, 0xa, 0x4, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="14"], 0x18}, 0x922bac8576b92dde)
socket$inet6(0xa, 0x80002, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{}]})
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x3, 0xb}, {0xfff3}}}, 0x24}}, 0x0)

92.57065ms ago: executing program 3 (id=860):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x5, 0x4, 0x4, 0x8}, 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x14, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

67.970285ms ago: executing program 1 (id=861):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000040)=@framed={{0x4e, 0xa, 0xa, 0x0, 0x0, 0x71, 0x10, 0x19}}, &(0x7f0000000480)='syzkaller\x00'}, 0x94)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f00000000c0)={0x1d, r4}, 0x18)
connect$can_j1939(r3, &(0x7f0000000080)={0x1d, r4, 0x0, {0x1, 0xf0, 0x4}, 0x2}, 0x18)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x32, 0x32, 0x3, [@datasec={0x5, 0x3, 0x0, 0xf, 0x2, [{0x2, 0x3ff, 0x9383}, {0x2, 0x2, 0x3}, {0x3, 0x1e34, 0x2}], ' F'}]}, {0x0, [0x0]}}, &(0x7f00000002c0)=""/202, 0x4f, 0xca, 0x0, 0x5, 0x10000}, 0x28)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000004c0)={0x7, <r6=>0x0}, 0x8)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000500)={0x1, <r7=>0xffffffffffffffff}, 0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000680)={&(0x7f0000000480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x5, [@type_tag={0x2, 0x0, 0x0, 0x12, 0x2}, @var={0x3, 0x0, 0x0, 0xe, 0x1, 0x1}]}, {0x0, [0x30, 0x2e, 0x5eeb634c041187d1]}}, 0x0, 0x39, 0x0, 0x1}, 0x28)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r8, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r10, @ANYRES32=r9, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r10, &(0x7f0000000080), &(0x7f0000000040)=@tcp6=r8}, 0x20)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000540)={{0x1, 0x1, 0x18, <r11=>r0, {0x3}}, './file0\x00'})
r12 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000400008500000061000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r12, @ANYBLOB="0000000000000000b705000008000000850000006a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r13 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000000602, 0x0)
r14 = dup(r13)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r14, 0x202000)
r15 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000580)={0x0, 0x6, 0x8}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x7, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xae0d}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}, @map_idx={0x18, 0x5, 0x5, 0x0, 0x8}, @alu={0x4, 0x1, 0xb, 0x6, 0xc, 0x80, 0x1}]}, &(0x7f0000000100)='syzkaller\x00', 0x85, 0x0, 0x0, 0x40f00, 0x0, '\x00', r4, @fallback=0x18, r5, 0x8, &(0x7f0000000400)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000440)={0x3, 0x3, 0xc4, 0x6}, 0x10, r6, r2, 0x7, &(0x7f00000005c0)=[r7, r10, r11, r12, r14, r15], &(0x7f00000006c0)=[{0x2, 0x3, 0xe, 0x8}, {0x4, 0x1, 0x10}, {0x0, 0x3, 0x6, 0x3}, {0x5, 0x4, 0x5, 0x8}, {0x0, 0x1, 0xe, 0x3}, {0x2, 0x2, 0xe, 0xa}, {0x0, 0x5, 0x9, 0x1}], 0x10, 0x5}, 0x94)
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000180)=@ipv4_getnetconf={0x54, 0x52, 0x100, 0x70bd28, 0x25dfdbfc, {}, [@NETCONFA_FORWARDING, @NETCONFA_FORWARDING={0x8, 0x2, 0x6a}, @NETCONFA_PROXY_NEIGH={0x8, 0x5, 0xfffffffd}, @NETCONFA_RP_FILTER={0x8}, @NETCONFA_FORWARDING={0x8, 0x2, 0x27167b5e}, @IGNORE_ROUTES_WITH_LINKDOWN={0x75, 0x6, 0x7ff}, @NETCONFA_PROXY_NEIGH={0x8, 0x5, 0x3}, @NETCONFA_PROXY_NEIGH={0x8, 0x5, 0x80000000}]}, 0x54}}, 0x0)

0s ago: executing program 5 (id=862):
socket(0x10, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000001cf30000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000500000000002604fdffff02000015010000033800001d13f8ff000000007a0af8ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f0000000180)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000000c0)={0x0, 0x7, 0xb}, 0x10}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32, @ANYBLOB="c300"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="001f0000000000000000000000feff00"/28], 0x50)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
r1 = socket(0x1e, 0x4, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="2000009b39173404000000002100000007000006060012400000000004000280"], 0x20}, 0x1, 0x0, 0x0, 0x24000044}, 0x40)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xbebf8000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000141, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
getgid()
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)={0x24, r5, 0x201, 0x3ffffd, 0x800000, {{}, {}, {0x8, 0x11, 0x84e}}}, 0x24}, 0x1, 0x0, 0x0, 0x11}, 0x20040010)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r1, &(0x7f0000003240), 0x4000000000000e4, 0x101d0)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'lo\x00'})
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})

kernel console output (not intermixed with test programs):

e_slave_1: entered promiscuous mode
[   64.673065][ T3495] tipc: Left network mode
[   64.696316][ T6045] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.711817][ T6102] set_capacity_and_notify: 6 callbacks suppressed
[   64.712457][ T6045] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.713250][ T6043] team0: Port device team_slave_0 added
[   64.713284][ T6102] loop4: detected capacity change from 0 to 512
[   64.713750][ T6102] EXT4-fs: Ignoring removed orlov option
[   64.715121][ T6102] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   64.715137][ T6102] EXT4-fs (loop4): Test dummy encryption mode enabled
[   64.715463][ T6102] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 1796)!
[   64.715474][ T6102] EXT4-fs (loop4): group descriptors corrupted!
[   64.730710][ T6099] loop2: detected capacity change from 0 to 512
[   64.748631][ T6043] team0: Port device team_slave_1 added
[   64.752006][ T6099] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #15: comm syz.2.343: corrupted inode contents
[   64.752354][ T6099] fserror_report: 6 callbacks suppressed
[   64.752374][ T6099] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[   64.755324][ T6099] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem
[   64.755348][ T6099] loop2: lost filesystem error report for type 5 error -117
[   64.758559][ T6099] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #15: comm syz.2.343: corrupted inode contents
[   64.758591][ T6099] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[   64.762454][    C1] EXT4-fs (loop2): error count since last fsck: 3
[   64.762471][    C1] EXT4-fs (loop2): initial error at time 64: ext4_do_update_inode:5690: inode 15
[   64.762486][    C1] EXT4-fs (loop2): last error at time 64: ext4_do_update_inode:5690: inode 15
[   64.770532][ T6099] EXT4-fs error (device loop2): ext4_evict_inode:315: inode #15: comm syz.2.343: mark_inode_dirty error
[   64.770556][ T6099] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[   64.772029][ T6099] EXT4-fs (loop2): 1 orphan inode deleted
[   64.772504][ T6099] EXT4-fs mount: 56 callbacks suppressed
[   64.772513][ T6099] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   64.793049][ T6027] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   64.795097][ T6027] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.868445][ T6045] team0: Port device team_slave_0 added
[   64.869422][ T6045] team0: Port device team_slave_1 added
[   64.873754][ T6043] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.878162][ T6043] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   64.882757][ T6043] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.888970][ T4668] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.895066][ T6123] vlan2: entered promiscuous mode
[   64.899306][ T6123] bridge0: entered promiscuous mode
[   64.900446][ T4358] 8021q: adding VLAN 0 to HW filter on device eth0
[   64.981672][ T6043] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.981700][ T6043] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   64.981727][ T6043] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.983123][ T6128] netlink: 'syz.2.346': attribute type 61 has an invalid length.
[   65.028191][ T6027] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   65.030296][ T6027] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.038452][ T6045] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.039854][ T6045] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   65.045545][ T6045] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.089155][ T6043] hsr_slave_0: entered promiscuous mode
[   65.089540][ T6043] hsr_slave_1: entered promiscuous mode
[   65.089796][ T6043] debugfs: 'hsr0' already exists in 'hsr'
[   65.089805][ T6043] Cannot create hsr debugfs directory
[   65.097743][ T6045] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.099399][ T6045] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   65.104390][ T6045] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.311233][   T50] Bluetooth: hci1: command tx timeout
[   65.408869][ T6027] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   65.408914][ T6027] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.419758][ T6045] hsr_slave_0: entered promiscuous mode
[   65.422012][ T6045] hsr_slave_1: entered promiscuous mode
[   65.423615][ T6045] debugfs: 'hsr0' already exists in 'hsr'
[   65.424880][ T6045] Cannot create hsr debugfs directory
[   65.430341][ T3495] hsr_slave_0: left promiscuous mode
[   65.431753][ T3495] hsr_slave_1: left promiscuous mode
[   65.432092][ T3495] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   65.432107][ T3495] batman_adv: batadv0: Removing interface: batadv_slave_0
[   65.434144][ T3495] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   65.434156][ T3495] batman_adv: batadv0: Removing interface: batadv_slave_1
[   65.443988][ T3495] veth1_macvtap: left promiscuous mode
[   65.444029][ T3495] veth0_macvtap: left promiscuous mode
[   65.444080][ T3495] veth1_vlan: left promiscuous mode
[   65.444113][ T3495] veth0_vlan: left promiscuous mode
[   65.530955][   T50] Bluetooth: hci3: command tx timeout
[   65.531049][ T4673] Bluetooth: hci2: command tx timeout
[   65.558178][ T3495] team0 (unregistering): Port device team_slave_1 removed
[   65.562948][ T3495] team0 (unregistering): Port device team_slave_0 removed
[   65.624517][ T4358] 8021q: adding VLAN 0 to HW filter on device eth1
[   65.664020][ T6027] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   65.664059][ T6027] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.796244][ T6027] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   65.804095][ T6027] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   65.810706][ T6027] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   65.813784][ T6027] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   65.829502][ T6027] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   65.838186][ T6027] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   65.838504][ T6027] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   65.840300][ T6027] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   65.887852][ T6027] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.892792][ T6027] 8021q: adding VLAN 0 to HW filter on device team0
[   65.905494][ T1044] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.905536][ T1044] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.922419][ T1273] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.922464][ T1273] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.928265][ T6027] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   65.930175][ T6027] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   66.010063][ T6182] netlink: 'syz.4.351': attribute type 15 has an invalid length.
[   66.109052][ T6027] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.118734][ T6027] veth0_vlan: entered promiscuous mode
[   66.128759][ T6027] veth1_vlan: entered promiscuous mode
[   66.153709][ T6027] veth0_macvtap: entered promiscuous mode
[   66.155080][ T6027] veth1_macvtap: entered promiscuous mode
[   66.178134][ T6027] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.182965][ T6027] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.414502][   T15] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.418229][   T15] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.420619][   T15] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.423096][   T15] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.517602][ T6045] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.570540][ T6045] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.615062][ T6045] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.685435][ T6045] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.942464][ T6255] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[   66.942499][ T6255] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[   66.980140][ T6257] loop4: detected capacity change from 0 to 512
[   66.994619][ T6257] EXT4-fs error (device loop4): ext4_do_update_inode:5690: inode #15: comm syz.4.356: corrupted inode contents
[   66.994651][ T6257] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[   66.995087][ T6257] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[   66.995101][ T6257] loop4: lost filesystem error report for type 5 error -117
[   66.995226][ T6257] EXT4-fs error (device loop4): ext4_do_update_inode:5690: inode #15: comm syz.4.356: corrupted inode contents
[   66.995238][ T6257] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[   66.995338][ T6257] EXT4-fs error (device loop4): ext4_evict_inode:315: inode #15: comm syz.4.356: mark_inode_dirty error
[   66.995349][ T6257] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[   66.995493][ T6257] EXT4-fs (loop4): 1 orphan inode deleted
[   66.995957][ T6257] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.018037][ T5706] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.370897][   T50] Bluetooth: hci1: command tx timeout
[   67.610882][ T4673] Bluetooth: hci2: command tx timeout
[   67.611474][   T50] Bluetooth: hci3: command tx timeout
[   69.040737][ T6201] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   69.044009][ T6045] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   69.048839][ T6045] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   69.051194][ T6045] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   69.055889][ T6045] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   69.059570][ T6045] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   69.061714][ T6045] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   69.062011][ T6045] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   69.063877][ T6045] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   69.095914][ T6043] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   69.097250][ T6043] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   69.099894][ T1190] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.100124][ T1190] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.103305][ T6043] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   69.106664][ T6043] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   69.107317][ T6043] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   69.108451][ T6043] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   69.112393][ T6043] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   69.115003][ T6043] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   69.154851][ T1273] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.154882][ T1273] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.184236][ T6045] 8021q: adding VLAN 0 to HW filter on device bond0
[   69.281226][ T6296] overlayfs: failed to resolve './bus': -2
[   69.445735][ T6045] 8021q: adding VLAN 0 to HW filter on device team0
[   69.447543][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.447569][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   69.450930][   T50] Bluetooth: hci1: command tx timeout
[   69.455899][ T6043] 8021q: adding VLAN 0 to HW filter on device bond0
[   69.458638][   T15] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.458683][   T15] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.464020][ T6299] netlink: 28 bytes leftover after parsing attributes in process `syz.2.362'.
[   69.467484][ T6043] 8021q: adding VLAN 0 to HW filter on device team0
[   69.474626][ T1273] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.474674][ T1273] bridge0: port 1(bridge_slave_0) entered forwarding state
[   69.492034][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.492077][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.501655][ T6301] loop1: detected capacity change from 0 to 1024
[   69.503791][ T6301] EXT4-fs: Ignoring removed bh option
[   69.535156][ T6301] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.556305][ T6308] autofs4:pid:6308:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[   69.691090][   T50] Bluetooth: hci2: command tx timeout
[   69.705773][   T50] Bluetooth: hci3: command tx timeout
[   69.748572][ T6045] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.776943][ T6045] veth0_vlan: entered promiscuous mode
[   69.782144][ T6045] veth1_vlan: entered promiscuous mode
[   69.800192][ T6045] veth0_macvtap: entered promiscuous mode
[   69.804642][ T6045] veth1_macvtap: entered promiscuous mode
[   69.819274][ T6045] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.823523][ T6045] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.826291][ T1190] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.826338][ T1190] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.826363][ T1190] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.826385][ T1190] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   70.193027][ T6043] 8021q: adding VLAN 0 to HW filter on device batadv0
[   70.196541][ T1190] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.196571][ T1190] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.228444][ T6043] veth0_vlan: entered promiscuous mode
[   70.268620][ T6043] veth1_vlan: entered promiscuous mode
[   70.285329][ T1044] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.285364][ T1044] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.339732][ T6043] veth0_macvtap: entered promiscuous mode
[   70.348351][ T6043] veth1_macvtap: entered promiscuous mode
[   70.360335][ T6342] loop4: detected capacity change from 0 to 512
[   70.361994][ T6043] batman_adv: batadv0: Interface activated: batadv_slave_0
[   70.368076][ T6043] batman_adv: batadv0: Interface activated: batadv_slave_1
[   70.379603][   T15] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   70.379660][   T15] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   70.379680][   T15] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   70.379699][   T15] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   70.390309][ T6342] EXT4-fs error (device loop4): ext4_do_update_inode:5690: inode #15: comm syz.4.367: corrupted inode contents
[   70.390337][ T6342] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[   70.392456][    C1] EXT4-fs (loop4): error count since last fsck: 1
[   70.392467][    C1] EXT4-fs (loop4): initial error at time 70: ext4_do_update_inode:5690: inode 15
[   70.392483][    C1] EXT4-fs (loop4): last error at time 70: ext4_do_update_inode:5690: inode 15
[   70.400537][ T6342] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[   70.400574][ T6342] loop4: lost filesystem error report for type 5 error -117
[   70.402424][ T6342] EXT4-fs error (device loop4): ext4_do_update_inode:5690: inode #15: comm syz.4.367: corrupted inode contents
[   70.402453][ T6342] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[   70.406014][ T6342] EXT4-fs error (device loop4): ext4_evict_inode:315: inode #15: comm syz.4.367: mark_inode_dirty error
[   70.406057][ T6342] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[   70.409797][ T6342] EXT4-fs (loop4): 1 orphan inode deleted
[   70.410282][ T6342] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.471477][ T5706] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.483411][ T6348] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[   70.485005][ T6348] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[   70.485413][ T1044] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.485427][ T1044] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.518442][ T6350] FAULT_INJECTION: forcing a failure.
[   70.518442][ T6350] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   70.518482][ T6350] CPU: 0 UID: 0 PID: 6350 Comm: syz.0.370 Tainted: G             L      syzkaller #0 PREEMPT 
[   70.518498][ T6350] Tainted: [L]=SOFTLOCKUP
[   70.518502][ T6350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[   70.518507][ T6350] Call trace:
[   70.518510][ T6350]  show_stack+0x2c/0x3c (C)
[   70.518527][ T6350]  __dump_stack+0x30/0x40
[   70.518536][ T6350]  dump_stack_lvl+0xd8/0x12c
[   70.518545][ T6350]  dump_stack+0x1c/0x28
[   70.518554][ T6350]  should_fail_ex+0x414/0x588
[   70.518564][ T6350]  should_fail+0x14/0x24
[   70.518572][ T6350]  should_fail_usercopy+0x20/0x30
[   70.518581][ T6350]  copy_from_sockptr_offset+0x88/0x1f4
[   70.518591][ T6350]  do_tcp_getsockopt+0x12dc/0x1cac
[   70.518599][ T6350]  tcp_getsockopt+0x6c/0xe8
[   70.518606][ T6350]  sock_common_getsockopt+0xa8/0xc4
[   70.518616][ T6350]  do_sock_getsockopt+0x354/0x790
[   70.518626][ T6350]  __sys_getsockopt+0xfc/0x168
[   70.518635][ T6350]  __arm64_sys_getsockopt+0xb8/0xd4
[   70.518650][ T6350]  invoke_syscall+0x98/0x244
[   70.518660][ T6350]  el0_svc_common+0xe8/0x23c
[   70.518669][ T6350]  do_el0_svc+0x48/0x58
[   70.518678][ T6350]  el0_svc+0x64/0x260
[   70.518689][ T6350]  el0t_64_sync_handler+0x48/0x148
[   70.518699][ T6350]  el0t_64_sync+0x198/0x19c
[   70.534440][ T1044] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.534453][ T1044] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.620134][ T6359] loop3: detected capacity change from 0 to 512
[   70.621818][ T6359] EXT4-fs: Ignoring removed oldalloc option
[   70.623259][ T6359] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   70.641194][ T6359] EXT4-fs (loop3): 1 truncate cleaned up
[   70.642708][ T6359] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.659168][ T6364] netlink: 28 bytes leftover after parsing attributes in process `syz.2.373'.
[   70.660745][ T6362] tipc: Started in network mode
[   70.660900][ T6362] tipc: Node identity aaaaaaaaaa34, cluster identity 4711
[   70.661749][ T6362] tipc: Enabled bearer <eth:macvlan0>, priority 10
[   70.666187][ T6362] netlink: 8 bytes leftover after parsing attributes in process `syz.0.372'.
[   70.666237][ T6362] netlink: 12 bytes leftover after parsing attributes in process `syz.0.372'.
[   70.704832][ T6043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.002581][ T6378] overlayfs: failed to resolve './bus': -2
[   71.153786][ T6382] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   71.169675][ T6384] netlink: 'syz.2.378': attribute type 29 has an invalid length.
[   71.173879][ T6384] netlink: 'syz.2.378': attribute type 29 has an invalid length.
[   71.174199][ T6384] netlink: 204 bytes leftover after parsing attributes in process `syz.2.378'.
[   71.290280][ T6389] loop4: detected capacity change from 0 to 2048
[   71.303553][ T6389] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.532881][   T50] Bluetooth: hci1: command tx timeout
[   71.628266][ T6394] FAULT_INJECTION: forcing a failure.
[   71.628266][ T6394] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   71.628303][ T6394] CPU: 1 UID: 0 PID: 6394 Comm: syz.0.382 Tainted: G             L      syzkaller #0 PREEMPT 
[   71.628319][ T6394] Tainted: [L]=SOFTLOCKUP
[   71.628323][ T6394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[   71.628330][ T6394] Call trace:
[   71.628333][ T6394]  show_stack+0x2c/0x3c (C)
[   71.628353][ T6394]  __dump_stack+0x30/0x40
[   71.628363][ T6394]  dump_stack_lvl+0xd8/0x12c
[   71.628372][ T6394]  dump_stack+0x1c/0x28
[   71.628381][ T6394]  should_fail_ex+0x414/0x588
[   71.628391][ T6394]  should_fail+0x14/0x24
[   71.628399][ T6394]  should_fail_usercopy+0x20/0x30
[   71.628409][ T6394]  copy_to_sockptr+0x80/0x1b4
[   71.628418][ T6394]  do_tcp_getsockopt+0x1678/0x1cac
[   71.628426][ T6394]  tcp_getsockopt+0x6c/0xe8
[   71.628433][ T6394]  sock_common_getsockopt+0xa8/0xc4
[   71.628443][ T6394]  do_sock_getsockopt+0x354/0x790
[   71.628453][ T6394]  __sys_getsockopt+0xfc/0x168
[   71.628463][ T6394]  __arm64_sys_getsockopt+0xb8/0xd4
[   71.628472][ T6394]  invoke_syscall+0x98/0x244
[   71.628482][ T6394]  el0_svc_common+0xe8/0x23c
[   71.628491][ T6394]  do_el0_svc+0x48/0x58
[   71.628499][ T6394]  el0_svc+0x64/0x260
[   71.628510][ T6394]  el0t_64_sync_handler+0x48/0x148
[   71.628520][ T6394]  el0t_64_sync+0x198/0x19c
[   71.771776][   T50] Bluetooth: hci3: command tx timeout
[   71.772008][   T50] Bluetooth: hci2: command tx timeout
[   71.781781][    T9] tipc: Node number set to 10398378
[   73.004232][ T6407] sock: sock_timestamping_bind_phc: sock not bind to device
[   73.059810][ T6410] netlink: 28 bytes leftover after parsing attributes in process `syz.3.387'.
[   73.083367][ T5706] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.087486][ T6411] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   73.093144][ T6411] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   73.255374][ T6418] netlink: 64 bytes leftover after parsing attributes in process `syz.3.390'.
[   73.260512][ T6414] autofs4:pid:6414:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[   73.272122][ T6027] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.288138][ T6414] siw: device registration error -23
[   73.309756][ T6425] netlink: 'syz.0.391': attribute type 29 has an invalid length.
[   73.312851][ T6425] netlink: 'syz.0.391': attribute type 29 has an invalid length.
[   73.313189][ T6425] netlink: 204 bytes leftover after parsing attributes in process `syz.0.391'.
[   73.320377][ T6423] loop3: detected capacity change from 0 to 128
[   73.342454][ T6423] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   73.366638][ T6423] netlink: 'syz.3.393': attribute type 10 has an invalid length.
[   73.366668][ T6423] netlink: 40 bytes leftover after parsing attributes in process `syz.3.393'.
[   73.369795][ T6432] loop0: detected capacity change from 0 to 512
[   73.370131][ T6432] EXT4-fs: Ignoring removed oldalloc option
[   73.370932][ T6432] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   73.371964][ T6432] EXT4-fs (loop0): 1 truncate cleaned up
[   73.372732][ T6432] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.414888][ T6423] team0: Port device geneve1 added
[   73.415760][ T6045] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.419863][ T6435] netlink: 12 bytes leftover after parsing attributes in process `syz.4.394'.
[   73.549652][ T6439] loop1: detected capacity change from 0 to 512
[   73.751070][ T6043] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   74.616401][ T6448] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   74.616474][ T6448] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   74.620442][ T6448] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   74.622277][ T6448] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[   74.622322][ T6448] Bluetooth: hci4: Opcode 0x0406 failed: -4
[   74.625073][ T6448] Bluetooth: hci4: Opcode 0x0406 failed: -4
[   74.854485][ T6448] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   74.854984][ T6448] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   74.856181][ T6460] __nla_validate_parse: 1 callbacks suppressed
[   74.856200][ T6460] netlink: 20 bytes leftover after parsing attributes in process `syz.4.404'.
[   74.859204][ T6448] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   74.872041][ T6448] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   74.872076][ T6448] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   74.875861][ T6448] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   74.878040][ T6448] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   74.878276][ T6448] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   74.883085][ T6448] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   74.916467][ T6464] autofs4:pid:6464:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[   74.932820][ T6464] siw: device registration error -23
[   74.952837][ T6470] loop2: detected capacity change from 0 to 512
[   74.954467][ T6470] EXT4-fs: Ignoring removed nobh option
[   74.990150][ T6472] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[   75.006637][ T6470] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[   75.007985][ T6470] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.407: attempt to clear invalid blocks 1 len 1
[   75.008020][ T6470] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[   75.008835][ T6470] EXT4-fs (loop2): Remounting filesystem read-only
[   75.009113][ T6470] EXT4-fs (loop2): 1 truncate cleaned up
[   75.009548][ T6470] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.015877][ T6468] sctp: [Deprecated]: syz.3.406 (pid 6468) Use of int in max_burst socket option.
[   75.015877][ T6468] Use struct sctp_assoc_value instead
[   75.416505][ T6476] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.623132][   T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   75.625393][   T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   75.627531][   T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   75.630236][   T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   75.632577][   T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   76.218154][ T6511] bridge_slave_0: left allmulticast mode
[   76.219310][ T6511] bridge_slave_0: left promiscuous mode
[   76.225106][ T6511] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.228158][ T6511] bridge_slave_1: left allmulticast mode
[   76.228186][ T6511] bridge_slave_1: left promiscuous mode
[   76.228261][ T6511] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.235364][ T6511] bond0: (slave bond_slave_0): Releasing backup interface
[   76.259441][ T6519] autofs4:pid:6519:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[   76.274578][ T6511] bond0: (slave bond_slave_1): Releasing backup interface
[   76.277048][ T6519] siw: device registration error -23
[   76.291444][ T6511] team0: Port device team_slave_0 removed
[   76.295994][ T6511] team0: Port device team_slave_1 removed
[   76.296409][ T6511] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   76.296421][ T6511] batman_adv: batadv0: Removing interface: batadv_slave_0
[   76.297848][ T6511] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   76.297857][ T6511] batman_adv: batadv0: Removing interface: batadv_slave_1
[   76.302508][ T6511] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   76.313666][ T6517] team0: Mode changed to "loadbalance"
[   76.650971][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   76.722173][   T50] Bluetooth: hci4: command 0x0c1a tx timeout
[   76.778130][ T6537] loop4: detected capacity change from 0 to 256
[   76.797218][ T6488] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.799205][ T6488] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.801341][ T6488] bridge_slave_0: entered allmulticast mode
[   76.801847][ T6488] bridge_slave_0: entered promiscuous mode
[   76.802550][ T6488] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.802574][ T6488] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.802636][ T6488] bridge_slave_1: entered allmulticast mode
[   76.803051][ T6488] bridge_slave_1: entered promiscuous mode
[   76.810337][ T6536] loop1: detected capacity change from 0 to 512
[   76.815170][ T6536] ext4: Unknown parameter 'test_'
[   76.832382][ T6536] tmpfs: Unknown parameter 'nr_Snodes'
[   76.837964][ T6488] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.845967][ T6488] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.866935][ T6488] team0: Port device team_slave_0 added
[   76.868930][ T6488] team0: Port device team_slave_1 added
[   76.890996][ T6488] batman_adv: batadv0: Adding interface: batadv_slave_0
[   76.893357][ T6488] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   76.898411][ T6488] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   76.901218][ T6488] batman_adv: batadv0: Adding interface: batadv_slave_1
[   76.901586][ T4673] Bluetooth: hci2: command 0x0c1a tx timeout
[   76.901623][ T4673] Bluetooth: hci1: command 0x0c1a tx timeout
[   76.901691][   T50] Bluetooth: hci3: command 0x0c1a tx timeout
[   76.908379][ T6488] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   76.914853][ T6488] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.231608][ T6488] hsr_slave_0: entered promiscuous mode
[   77.236779][ T6488] hsr_slave_1: entered promiscuous mode
[   77.240317][ T6488] debugfs: 'hsr0' already exists in 'hsr'
[   77.240352][ T6488] Cannot create hsr debugfs directory
[   77.399796][ T6488] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   77.410668][ T6488] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   77.412871][ T6488] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   77.424021][ T6488] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   77.424334][ T6488] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   77.429275][ T6488] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   77.433167][ T6488] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   77.440421][ T6488] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   77.538078][ T6569] netdevsim netdevsim1: Firmware load for '..' refused, path contains '..' component
[   77.542988][ T6488] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.553587][ T6488] 8021q: adding VLAN 0 to HW filter on device team0
[   77.557191][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.557234][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.563495][ T6404] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.563528][ T6404] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.721553][ T4683] Bluetooth: hci0: command tx timeout
[   78.077546][ T6583] netlink: 20 bytes leftover after parsing attributes in process `syz.0.434'.
[   78.616163][ T6488] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.661014][ T6617] Bluetooth: MGMT ver 1.23
[   78.731000][   T50] Bluetooth: hci4: command 0x0c1a tx timeout
[   78.810245][ T6488] veth0_vlan: entered promiscuous mode
[   78.824555][ T6488] veth1_vlan: entered promiscuous mode
[   78.840077][ T6488] veth0_macvtap: entered promiscuous mode
[   78.846462][ T6488] veth1_macvtap: entered promiscuous mode
[   78.857027][ T6488] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.863555][ T6488] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.879601][ T3495] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.879680][ T3495] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.879704][ T3495] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.879721][ T3495] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.925626][ T6404] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.925654][ T6404] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.944876][ T6404] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.944907][ T6404] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.971740][ T4679] Bluetooth: hci2: command 0x0c1a tx timeout
[   78.972910][ T4673] Bluetooth: hci1: command 0x0c1a tx timeout
[   78.974018][   T50] Bluetooth: hci3: command 0x0c1a tx timeout
[   78.988599][ T6647] loop1: detected capacity change from 0 to 1024
[   78.989009][ T6647] EXT4-fs: Ignoring removed bh option
[   79.032864][ T6649] misc userio: The device must be registered before sending interrupts
[   79.035577][ T6649] misc userio: The device must be registered before sending interrupts
[   79.041568][ T6647] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.046357][ T6649] loop0: detected capacity change from 0 to 512
[   79.055686][ T6649] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   79.115651][ T6649] EXT4-fs (loop0): orphan cleanup on readonly fs
[   79.119026][ T6649] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4222: comm syz.0.443: Allocating blocks 41-42 which overlap fs metadata
[   79.124306][ T6656] loop5: detected capacity change from 0 to 512
[   79.124354][ T6649] loop0: lost filesystem error report for type 5 error -117
[   79.126771][ T6656] EXT4-fs: Ignoring removed bh option
[   79.126971][ T6649] Quota error (device loop0): write_blk: dquota write failed
[   79.127021][ T6649] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[   79.127036][ T6649] EXT4-fs error (device loop0): ext4_acquire_dquot:7034: comm syz.0.443: Failed to acquire dquot type 0
[   79.127047][ T6649] loop0: lost filesystem error report for type 5 error -117
[   79.127203][ T6649] EXT4-fs error (device loop0): mb_free_blocks:2049: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   79.127401][ T6649] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #12: comm syz.0.443: corrupted inode contents
[   79.127412][ T6649] loop0: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[   79.127540][ T6649] EXT4-fs error (device loop0): ext4_dirty_inode:6587: inode #12: comm syz.0.443: mark_inode_dirty error
[   79.127551][ T6649] loop0: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[   79.127665][ T6649] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #12: comm syz.0.443: corrupted inode contents
[   79.127678][ T6649] loop0: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[   79.129856][ T6649] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #12: comm syz.0.443: mark_inode_dirty error
[   79.129897][ T6649] loop0: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[   79.130030][ T6649] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #12: comm syz.0.443: corrupted inode contents
[   79.130042][ T6649] loop0: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[   79.132076][    C0] EXT4-fs (loop0): error count since last fsck: 8
[   79.132090][    C0] EXT4-fs (loop0): initial error at time 79: ext4_mb_mark_diskspace_used:4222
[   79.132103][    C0] EXT4-fs (loop0): last error at time 79: ext4_do_update_inode:5690: inode 12
[   79.134450][ T6649] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem
[   79.134472][ T6649] loop0: lost filesystem error report for type 5 error -117
[   79.134581][ T6649] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #12: comm syz.0.443: corrupted inode contents
[   79.134593][ T6649] loop0: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[   79.134682][ T6649] EXT4-fs error (device loop0): ext4_truncate:4690: inode #12: comm syz.0.443: mark_inode_dirty error
[   79.134696][ T6649] loop0: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[   79.134771][ T6649] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem
[   79.134779][ T6649] loop0: lost filesystem error report for type 5 error -117
[   79.141290][ T6656] EXT4-fs: Ignoring removed mblk_io_submit option
[   79.141521][ T6649] EXT4-fs (loop0): 1 truncate cleaned up
[   79.163013][ T6656] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   79.163026][ T6656] EXT4-fs (loop5): group descriptors corrupted!
[   79.362688][ T6649] EXT4-fs (loop0): pa 000000009f69422d: logic 1, phys. 41, len 23
[   79.362727][ T6649] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5459: group 0, free 22, pa_free 23
[   79.771005][   T50] Bluetooth: hci0: command tx timeout
[   79.959682][ T6649] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   79.996370][ T6661] loop4: detected capacity change from 0 to 512
[   80.002088][ T6045] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.107514][ T6661] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   80.107709][ T6661] EXT4-fs (loop4): orphan cleanup on readonly fs
[   80.114825][ T6661] Quota error (device loop4): dq_insert_tree: Quota tree root isn't allocated!
[   80.114850][ T6661] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota
[   80.114875][ T6661] EXT4-fs error (device loop4): ext4_acquire_dquot:7034: comm syz.4.446: Failed to acquire dquot type 1
[   80.114893][ T6661] loop4: lost filesystem error report for type 5 error -5
[   80.120797][    C0] EXT4-fs (loop4): error count since last fsck: 1
[   80.120812][    C0] EXT4-fs (loop4): initial error at time 80: ext4_acquire_dquot:7034
[   80.120825][    C0] EXT4-fs (loop4): last error at time 80: ext4_acquire_dquot:7034
[   80.126060][ T6661] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.446: bg 0: block 40: padding at end of block bitmap is not set
[   80.126081][ T6661] loop4: lost filesystem error report for type 5 error -117
[   80.126230][ T6661] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6679: Corrupt filesystem
[   80.126240][ T6661] loop4: lost filesystem error report for type 5 error -117
[   80.126400][ T6661] EXT4-fs warning (device loop4): ext4_evict_inode:195: inode #16: comm syz.4.446: data will be lost
[   80.126469][ T6661] EXT4-fs (loop4): 1 truncate cleaned up
[   80.151419][ T6661] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   80.165918][ T6661] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #16: comm syz.4.446: corrupted xattr block 31: invalid header
[   80.248902][ T6661] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #16: comm syz.4.446: corrupted xattr block 31: invalid header
[   80.420720][ T6661] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #16: comm syz.4.446: corrupted xattr block 31: invalid header
[   80.425501][ T6027] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.435005][ T6661] EXT4-fs error (device loop4): ext4_get_link:106: inode #16: comm syz.4.446: bad symlink.
[   80.448578][ T6661] EXT4-fs error (device loop4): ext4_lookup:1785: inode #15: comm syz.4.446: iget: bad i_size value: 360287970189639690
[   80.455212][ T6661] EXT4-fs error (device loop4): ext4_lookup:1785: inode #15: comm syz.4.446: iget: bad i_size value: 360287970189639690
[   80.539934][ T6681] netlink: 7 bytes leftover after parsing attributes in process `syz.5.453'.
[   80.550588][ T5706] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.610936][ T6683] netlink: 'syz.1.454': attribute type 29 has an invalid length.
[   80.611503][ T6683] netlink: 'syz.1.454': attribute type 29 has an invalid length.
[   80.611788][ T6683] netlink: 204 bytes leftover after parsing attributes in process `syz.1.454'.
[   80.810879][   T50] Bluetooth: hci4: command 0x0c1a tx timeout
[   80.943328][ T6690] loop1: detected capacity change from 0 to 512
[   80.956601][ T6690] EXT4-fs (loop1): orphan cleanup on readonly fs
[   80.956625][ T6690] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -13
[   80.962954][ T6690] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[   80.970860][    C0] EXT4-fs (loop1): error count since last fsck: 1
[   80.970884][    C0] EXT4-fs (loop1): initial error at time 80: ext4_mb_generate_buddy:1317
[   80.970913][    C0] EXT4-fs (loop1): last error at time 80: ext4_mb_generate_buddy:1317
[   80.981054][ T6690] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.455: attempt to clear invalid blocks 2 len 1
[   80.981086][ T6690] loop1: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[   80.985128][ T6690] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.455: invalid indirect mapped block 1819239214 (level 0)
[   80.985157][ T6690] loop1: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[   80.989592][ T6690] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.455: invalid indirect mapped block 1819239214 (level 1)
[   80.989624][ T6690] loop1: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[   80.994613][ T6690] EXT4-fs (loop1): 1 truncate cleaned up
[   80.998846][ T6690] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   81.019031][ T6690] pim6reg: entered allmulticast mode
[   81.044775][ T6690] EXT4-fs error (device loop1): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.1.455: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[   81.050946][ T4679] Bluetooth: hci2: command 0x0c1a tx timeout
[   81.052132][ T4673] Bluetooth: hci1: command 0x0c1a tx timeout
[   81.053344][   T50] Bluetooth: hci3: command 0x0c1a tx timeout
[   81.075575][ T6696] loop4: detected capacity change from 0 to 1024
[   81.078243][ T6027] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.124651][ T6704] netlink: 20 bytes leftover after parsing attributes in process `syz.1.461'.
[   81.125115][ T6696] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.201537][ T5706] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.343759][   T50] Bluetooth: hci1: ACL packet for unknown connection handle 173
[   81.351934][   T50] Bluetooth: hci1: ACL packet for unknown connection handle 173
[   82.006299][   T50] Bluetooth: hci0: command 0x040f tx timeout
[   82.178861][ T6747] loop3: detected capacity change from 0 to 512
[   82.179843][ T6747] FAT-fs (loop3): IO charset utf�Ѿ¹Éh$Û‚‰œ#wî•w9Á‹C=Yæ’³�t¤•áÁEÅ’&y3‹_òÀ©„@¥rRh¢BÀ&5dùˆÓÁxpOêø¤ß�‚upˆ‚êš@HÆäX¡ð[ƒòæ›–[ò²â°î7VGø†¥1‰˜ yª{´îþvŽìX±œõªñ)P1uô&-÷@=õ6 not found
[   82.306788][ T6758] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[   82.903107][ T6775] FAULT_INJECTION: forcing a failure.
[   82.903107][ T6775] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   82.905520][ T6775] CPU: 0 UID: 0 PID: 6775 Comm: syz.0.481 Tainted: G             L      syzkaller #0 PREEMPT 
[   82.905538][ T6775] Tainted: [L]=SOFTLOCKUP
[   82.905542][ T6775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[   82.905547][ T6775] Call trace:
[   82.905551][ T6775]  show_stack+0x2c/0x3c (C)
[   82.905571][ T6775]  __dump_stack+0x30/0x40
[   82.905581][ T6775]  dump_stack_lvl+0xd8/0x12c
[   82.905590][ T6775]  dump_stack+0x1c/0x28
[   82.905599][ T6775]  should_fail_ex+0x414/0x588
[   82.905609][ T6775]  should_fail+0x14/0x24
[   82.905617][ T6775]  should_fail_usercopy+0x20/0x30
[   82.905626][ T6775]  strncpy_from_user+0x48/0x38c
[   82.905634][ T6775]  do_getname+0x84/0x230
[   82.905647][ T6775]  getname_flags+0x2c/0x3c
[   82.905656][ T6775]  do_sys_openat2+0xd0/0x1e8
[   82.905665][ T6775]  do_sys_open+0xac/0xdc
[   82.905674][ T6775]  __arm64_sys_openat+0x9c/0xb8
[   82.905682][ T6775]  invoke_syscall+0x98/0x244
[   82.905691][ T6775]  el0_svc_common+0xe8/0x23c
[   82.905700][ T6775]  do_el0_svc+0x48/0x58
[   82.905709][ T6775]  el0_svc+0x64/0x260
[   82.905720][ T6775]  el0t_64_sync_handler+0x48/0x148
[   82.905729][ T6775]  el0t_64_sync+0x198/0x19c
[   83.142392][ T6779] bridge0: port 3(wlan1) entered blocking state
[   83.142742][ T6779] bridge0: port 3(wlan1) entered disabled state
[   83.144549][ T6779] mac80211_hwsim hwsim19 wlan1: entered allmulticast mode
[   83.149338][ T6779] mac80211_hwsim hwsim19 wlan1: entered promiscuous mode
[   83.150285][ T6779] bridge0: port 3(wlan1) entered blocking state
[   83.150329][ T6779] bridge0: port 3(wlan1) entered forwarding state
[   83.311019][   T40] bridge0: port 3(wlan1) entered disabled state
[   83.543523][ T6781] loop1: detected capacity change from 0 to 512
[   83.559637][ T6781] EXT4-fs: Ignoring removed oldalloc option
[   83.561551][ T6781] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   83.582963][ T6781] EXT4-fs (loop1): 1 truncate cleaned up
[   83.583428][ T6781] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.608306][ T6783] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.610022][ T6783] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.612545][ T6786] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.612721][ T6786] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.616094][ T6783] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.623919][ T6783] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.652074][ T6027] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.726611][ T6797] netlink: 'syz.0.486': attribute type 29 has an invalid length.
[   83.735021][ T6797] netlink: 'syz.0.486': attribute type 29 has an invalid length.
[   83.736960][ T6797] netlink: 204 bytes leftover after parsing attributes in process `syz.0.486'.
[   83.934433][ T6809] netlink: 12 bytes leftover after parsing attributes in process `syz.3.490'.
[   83.989700][ T6814] loop3: detected capacity change from 0 to 512
[   83.997007][ T6814] ext4: Unknown parameter 'euid>00000000000000000000'
[   84.019345][ T6815] loop4: detected capacity change from 0 to 512
[   84.022617][ T6815] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   84.346764][ T6815] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082]
[   84.354810][ T6815] System zones: 1-12
[   84.360583][ T6815] EXT4-fs (loop4): 1 truncate cleaned up
[   84.366023][   T50] Bluetooth: hci1: unexpected event for opcode 0x0c25
[   84.369730][ T6815] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.775732][ T6827] FAULT_INJECTION: forcing a failure.
[   84.775732][ T6827] name failslab, interval 1, probability 0, space 0, times 1
[   84.778256][ T6827] CPU: 0 UID: 0 PID: 6827 Comm: syz.1.495 Tainted: G             L      syzkaller #0 PREEMPT 
[   84.778276][ T6827] Tainted: [L]=SOFTLOCKUP
[   84.778280][ T6827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[   84.778285][ T6827] Call trace:
[   84.778289][ T6827]  show_stack+0x2c/0x3c (C)
[   84.778309][ T6827]  __dump_stack+0x30/0x40
[   84.778320][ T6827]  dump_stack_lvl+0xd8/0x12c
[   84.778329][ T6827]  dump_stack+0x1c/0x28
[   84.778337][ T6827]  should_fail_ex+0x414/0x588
[   84.778347][ T6827]  should_failslab+0xc4/0x124
[   84.778358][ T6827]  kmem_cache_alloc_noprof+0x8c/0x610
[   84.778367][ T6827]  alloc_empty_file+0x6c/0x1cc
[   84.778377][ T6827]  path_openat+0xd4/0x2a6c
[   84.778384][ T6827]  do_file_open+0x1c4/0x2e4
[   84.778391][ T6827]  do_sys_openat2+0x114/0x1e8
[   84.778400][ T6827]  do_sys_open+0xac/0xdc
[   84.778408][ T6827]  __arm64_sys_openat+0x9c/0xb8
[   84.778416][ T6827]  invoke_syscall+0x98/0x244
[   84.778426][ T6827]  el0_svc_common+0xe8/0x23c
[   84.778434][ T6827]  do_el0_svc+0x48/0x58
[   84.778443][ T6827]  el0_svc+0x64/0x260
[   84.778454][ T6827]  el0t_64_sync_handler+0x48/0x148
[   84.778464][ T6827]  el0t_64_sync+0x198/0x19c
[   84.841486][ T6829] loop0: detected capacity change from 0 to 512
[   84.841873][ T6829] EXT4-fs: Ignoring removed oldalloc option
[   84.877611][ T6829] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   84.883773][ T5706] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.885759][ T6829] EXT4-fs (loop0): 1 truncate cleaned up
[   84.887372][ T6829] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.935632][ T6834] netlink: 'syz.1.497': attribute type 29 has an invalid length.
[   84.942109][ T6834] netlink: 'syz.1.497': attribute type 29 has an invalid length.
[   84.942442][ T6834] netlink: 204 bytes leftover after parsing attributes in process `syz.1.497'.
[   84.965210][ T6045] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.017920][ T6845] loop0: detected capacity change from 0 to 256
[   85.027557][ T6847] netlink: 12 bytes leftover after parsing attributes in process `syz.1.502'.
[   85.064118][ T6847] 8021q: adding VLAN 0 to HW filter on device bond1
[   85.071434][ T6847] netlink: 20 bytes leftover after parsing attributes in process `syz.1.502'.
[   85.103685][ T6847] bond1: (slave dummy0): Enslaving as an active interface with an up link
[   85.173635][ T6855] loop4: detected capacity change from 0 to 1024
[   85.175292][ T6855] EXT4-fs: Ignoring removed orlov option
[   85.187309][ T6855] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   85.194135][ T6855] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.315957][ T6865] netlink: 64 bytes leftover after parsing attributes in process `syz.0.508'.
[   85.323424][ T6868] loop1: detected capacity change from 0 to 2048
[   85.419295][ T6870] EXT4-fs error (device loop4): ext4_find_dest_de:2050: inode #12: block 7: comm syz.4.507: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0
[   85.453732][ T6870] EXT4-fs (loop4): Remounting filesystem read-only
[   85.609625][ T6404] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.650619][ T6865] syzkaller1: entered promiscuous mode
[   85.650668][ T6865] syzkaller1: entered allmulticast mode
[   85.665604][ T6873] loop0: detected capacity change from 0 to 512
[   85.670867][ T6873] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   85.683762][ T6873] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ec01c, mo2=0003]
[   85.683816][ T6873] System zones: 1-2, 4-12, 8-8
[   85.684062][ T6873] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #15: comm syz.0.508: iget: bad i_size value: 38620345925642
[   85.684076][ T6873] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[   85.684250][ T6873] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.508: couldn't read orphan inode 15 (err -117)
[   85.684263][ T6873] loop0: lost filesystem error report for type 5 error -117
[   85.690834][    C1] EXT4-fs (loop0): error count since last fsck: 2
[   85.690849][    C1] EXT4-fs (loop0): initial error at time 85: ext4_orphan_get:1397: inode 15
[   85.690868][    C1] EXT4-fs (loop0): last error at time 85: ext4_orphan_get:1402
[   85.691555][ T6873] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.705424][ T6865] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.508: bg 0: block 5: invalid block bitmap
[   85.712953][ T6865] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[   85.717466][ T6865] EXT4-fs (loop0): This should not happen!! Data will be lost
[   85.717466][ T6865] 
[   85.718008][ T6865] EXT4-fs (loop0): Total free blocks count 0
[   85.718034][ T6865] EXT4-fs (loop0): Free/Dirty block details
[   85.718058][ T6865] EXT4-fs (loop0): free_blocks=0
[   85.718075][ T6865] EXT4-fs (loop0): dirty_blocks=2
[   85.718087][ T6865] EXT4-fs (loop0): Block reservation details
[   85.718100][ T6865] EXT4-fs (loop0): i_reserved_data_blocks=2
[   85.727417][ T6879] loop3: detected capacity change from 0 to 512
[   85.732051][ T6879] EXT4-fs: Ignoring removed oldalloc option
[   85.734986][ T4683] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   85.736760][ T4683] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   85.738404][ T4683] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   85.742351][ T6404] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.744196][ T6879] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   85.744510][ T4683] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   85.746759][ T4683] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   85.749780][ T6879] EXT4-fs (loop3): 1 truncate cleaned up
[   85.756434][ T6879] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.806598][ T6043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.862469][ T6045] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.882012][ T6404] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.923737][ T6893] netlink: 'syz.0.514': attribute type 29 has an invalid length.
[   85.937860][ T6901] netlink: 24 bytes leftover after parsing attributes in process `syz.1.516'.
[   85.949219][ T6893] netlink: 'syz.0.514': attribute type 29 has an invalid length.
[   85.949682][ T6893] netlink: 204 bytes leftover after parsing attributes in process `syz.0.514'.
[   86.025490][ T6912] EXT4-fs: Ignoring removed bh option
[   86.034248][ T5706] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.046816][ T6404] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.064692][ T6912] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.149753][ T6920] EXT4-fs: Ignoring removed oldalloc option
[   86.157164][ T6908] syzkaller0: entered promiscuous mode
[   86.157196][ T6908] syzkaller0: entered allmulticast mode
[   86.160927][ T6920] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   86.168907][ T6923] EXT4-fs: Ignoring removed oldalloc option
[   86.172156][ T6923] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   86.174678][ T6920] EXT4-fs (loop4): 1 truncate cleaned up
[   86.176356][ T6920] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.185432][ T6923] EXT4-fs (loop1): 1 truncate cleaned up
[   86.189805][ T6923] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.330593][ T6927] EXT4-fs (loop3): resizing filesystem from 512 to 0 blocks
[   86.330628][ T6927] EXT4-fs warning (device loop3): ext4_resize_fs:2041: can't shrink FS - resize aborted
[   86.457271][ T5706] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.463630][ T6027] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.505341][ T6931] EXT4-fs: Ignoring removed oldalloc option
[   86.510863][ T6931] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   86.515880][ T6931] EXT4-fs (loop1): 1 truncate cleaned up
[   86.516389][ T6931] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.526712][ T6932] 9p: Bad value for 'wfdno'
[   86.532861][ T6931] FAULT_INJECTION: forcing a failure.
[   86.532861][ T6931] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   86.535461][ T6931] CPU: 1 UID: 0 PID: 6931 Comm: syz.1.525 Tainted: G             L      syzkaller #0 PREEMPT 
[   86.535481][ T6931] Tainted: [L]=SOFTLOCKUP
[   86.535485][ T6931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[   86.535490][ T6931] Call trace:
[   86.535494][ T6931]  show_stack+0x2c/0x3c (C)
[   86.535517][ T6931]  __dump_stack+0x30/0x40
[   86.535528][ T6931]  dump_stack_lvl+0xd8/0x12c
[   86.535538][ T6931]  dump_stack+0x1c/0x28
[   86.535546][ T6931]  should_fail_ex+0x414/0x588
[   86.535557][ T6931]  should_fail+0x14/0x24
[   86.535565][ T6931]  should_fail_usercopy+0x20/0x30
[   86.535575][ T6931]  strncpy_from_user+0x48/0x38c
[   86.535583][ T6931]  setxattr_copy+0x88/0x1c0
[   86.535594][ T6931]  path_setxattrat+0x130/0x2a8
[   86.535604][ T6931]  __arm64_sys_setxattr+0xc0/0xdc
[   86.535614][ T6931]  invoke_syscall+0x98/0x244
[   86.535624][ T6931]  el0_svc_common+0xe8/0x23c
[   86.535632][ T6931]  do_el0_svc+0x48/0x58
[   86.535641][ T6931]  el0_svc+0x64/0x260
[   86.535653][ T6931]  el0t_64_sync_handler+0x48/0x148
[   86.535668][ T6931]  el0t_64_sync+0x198/0x19c
[   86.608382][ T6027] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.922420][ T6404] bridge_slave_1: left allmulticast mode
[   86.922658][ T6404] bridge_slave_1: left promiscuous mode
[   86.923584][ T6404] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.975717][ T6043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.977823][ T6404] bridge_slave_0: left allmulticast mode
[   86.979209][ T6404] bridge_slave_0: left promiscuous mode
[   86.982004][ T6404] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.053794][ T6947] netlink: 4 bytes leftover after parsing attributes in process `syz.1.528'.
[   87.083373][ T6948] netlink: 36 bytes leftover after parsing attributes in process `syz.3.529'.
[   87.225938][ T6404] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   87.252518][ T6404] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   87.292509][ T6404] bond0 (unregistering): Released all slaves
[   87.351359][ T6949] netlink: 8 bytes leftover after parsing attributes in process `syz.1.528'.
[   87.351394][ T6949] netlink: 20 bytes leftover after parsing attributes in process `syz.1.528'.
[   87.360044][ T6949] netlink: 8 bytes leftover after parsing attributes in process `syz.1.528'.
[   87.360075][ T6949] netlink: 20 bytes leftover after parsing attributes in process `syz.1.528'.
[   87.375490][ T1190] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   87.375543][ T1190] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   87.375575][ T1190] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   87.375596][ T1190] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   87.558505][ T6965] netlink: 'syz.0.530': attribute type 29 has an invalid length.
[   87.558695][ T6972] netlink: 'syz.0.530': attribute type 29 has an invalid length.
[   87.559305][ T6965] netlink: 204 bytes leftover after parsing attributes in process `syz.0.530'.
[   87.573950][ T4358] 8021q: adding VLAN 0 to HW filter on device eth0
[   87.610449][ T6966] set_capacity_and_notify: 4 callbacks suppressed
[   87.623095][ T6966] loop3: detected capacity change from 0 to 512
[   87.627780][ T6966] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.531: corrupted inode contents
[   87.627812][ T6966] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[   87.627954][ T6966] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[   87.627971][ T6966] loop3: lost filesystem error report for type 5 error -117
[   87.629094][ T6966] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.531: corrupted inode contents
[   87.629119][ T6966] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[   87.630207][ T6966] EXT4-fs error (device loop3): ext4_evict_inode:315: inode #15: comm syz.3.531: mark_inode_dirty error
[   87.630251][ T6966] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[   87.630460][ T6966] EXT4-fs (loop3): 1 orphan inode deleted
[   87.633745][ T6966] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.635933][ T6880] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.635974][ T6880] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.636157][ T6880] bridge_slave_0: entered allmulticast mode
[   87.653653][ T6880] bridge_slave_0: entered promiscuous mode
[   87.654435][ T6880] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.654458][ T6880] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.654526][ T6880] bridge_slave_1: entered allmulticast mode
[   87.654958][ T6880] bridge_slave_1: entered promiscuous mode
[   87.682344][ T6880] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.685479][ T6880] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.717975][ T6880] team0: Port device team_slave_0 added
[   87.719292][ T6880] team0: Port device team_slave_1 added
[   87.769422][ T6043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.771161][ T4683] Bluetooth: hci0: command tx timeout
[   88.054510][ T6991] loop1: detected capacity change from 0 to 512
[   88.057591][ T6991] EXT4-fs: Ignoring removed oldalloc option
[   88.059097][ T6991] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   88.064632][ T6991] EXT4-fs (loop1): 1 truncate cleaned up
[   88.069238][ T6993] loop3: detected capacity change from 0 to 512
[   88.069609][ T6993] EXT4-fs: Ignoring removed oldalloc option
[   88.072859][ T6991] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.077202][ T6993] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   88.078322][ T6880] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.078335][ T6880] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   88.078353][ T6880] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.080387][ T6880] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.080396][ T6880] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   88.080410][ T6880] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.098216][ T6993] EXT4-fs (loop3): 1 truncate cleaned up
[   88.107518][ T6880] hsr_slave_0: entered promiscuous mode
[   88.107904][ T6880] hsr_slave_1: entered promiscuous mode
[   88.108117][ T6880] debugfs: 'hsr0' already exists in 'hsr'
[   88.108127][ T6880] Cannot create hsr debugfs directory
[   88.116003][ T6993] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.123053][ T6027] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.192979][ T6043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.216363][ T6404] hsr_slave_0: left promiscuous mode
[   88.217816][ T6404] hsr_slave_1: left promiscuous mode
[   88.219372][ T6404] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   88.222827][ T6404] batman_adv: batadv0: Removing interface: batadv_slave_0
[   88.227817][ T6404] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   88.231350][ T6404] batman_adv: batadv0: Removing interface: batadv_slave_1
[   88.245399][ T6404] veth1_macvtap: left promiscuous mode
[   88.247478][ T7012] loop3: detected capacity change from 0 to 512
[   88.247810][ T7012] EXT4-fs: Ignoring removed oldalloc option
[   88.249690][ T6404] veth0_macvtap: left promiscuous mode
[   88.250032][ T7012] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   88.252623][ T6404] veth1_vlan: left promiscuous mode
[   88.253674][ T6404] veth0_vlan: left promiscuous mode
[   88.258170][ T7012] EXT4-fs (loop3): 1 truncate cleaned up
[   88.258599][ T7012] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.268092][ T7012] FAULT_INJECTION: forcing a failure.
[   88.268092][ T7012] name failslab, interval 1, probability 0, space 0, times 0
[   88.268128][ T7012] CPU: 0 UID: 0 PID: 7012 Comm: syz.3.537 Tainted: G             L      syzkaller #0 PREEMPT 
[   88.268143][ T7012] Tainted: [L]=SOFTLOCKUP
[   88.268148][ T7012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[   88.268154][ T7012] Call trace:
[   88.268158][ T7012]  show_stack+0x2c/0x3c (C)
[   88.268176][ T7012]  __dump_stack+0x30/0x40
[   88.268187][ T7012]  dump_stack_lvl+0xd8/0x12c
[   88.268196][ T7012]  dump_stack+0x1c/0x28
[   88.268204][ T7012]  should_fail_ex+0x414/0x588
[   88.268215][ T7012]  should_failslab+0xc4/0x124
[   88.268225][ T7012]  __kvmalloc_node_noprof+0x160/0x880
[   88.268234][ T7012]  vmemdup_user+0x38/0xe0
[   88.268243][ T7012]  setxattr_copy+0x168/0x1c0
[   88.268253][ T7012]  path_setxattrat+0x130/0x2a8
[   88.268263][ T7012]  __arm64_sys_setxattr+0xc0/0xdc
[   88.268273][ T7012]  invoke_syscall+0x98/0x244
[   88.268283][ T7012]  el0_svc_common+0xe8/0x23c
[   88.268291][ T7012]  do_el0_svc+0x48/0x58
[   88.268300][ T7012]  el0_svc+0x64/0x260
[   88.268311][ T7012]  el0t_64_sync_handler+0x48/0x148
[   88.268321][ T7012]  el0t_64_sync+0x198/0x19c
[   88.287111][ T6043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.298015][ T7014] overlayfs: failed lookup in lower (newroot/43, name='file0', err=-40): overlapping layers
[   88.983157][ T6404] team0 (unregistering): Port device team_slave_1 removed
[   88.998168][ T6404] team0 (unregistering): Port device team_slave_0 removed
[   89.074749][ T7033] netlink: 484 bytes leftover after parsing attributes in process `syz.0.542'.
[   89.130293][ T4358] 8021q: adding VLAN 0 to HW filter on device eth1
[   89.132118][ T7031] netlink: 'syz.0.542': attribute type 29 has an invalid length.
[   89.148942][ T7032] netlink: 'syz.0.542': attribute type 29 has an invalid length.
[   89.291041][ T7040] netlink: 'syz.1.543': attribute type 21 has an invalid length.
[   89.295482][ T7042] loop0: detected capacity change from 0 to 512
[   89.297026][ T7042] EXT4-fs: Ignoring removed oldalloc option
[   89.298778][ T7042] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   89.312075][ T7042] EXT4-fs (loop0): 1 truncate cleaned up
[   89.312655][ T7042] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.330904][ T7040] netlink: 'syz.1.543': attribute type 4 has an invalid length.
[   89.362009][ T6045] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.537767][ T7059] loop1: detected capacity change from 0 to 512
[   89.538228][ T7059] EXT4-fs: Ignoring removed oldalloc option
[   89.541841][ T7059] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   89.548446][ T7059] EXT4-fs (loop1): 1 truncate cleaned up
[   89.548997][ T7059] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.840044][ T7064] loop4: detected capacity change from 0 to 512
[   89.844640][ T7064] EXT4-fs: Ignoring removed oldalloc option
[   89.852409][ T7064] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   89.857900][ T7064] EXT4-fs (loop4): 1 truncate cleaned up
[   89.860676][ T6027] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.862404][ T4683] Bluetooth: hci0: command tx timeout
[   89.879183][ T7064] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.889103][ T7064] FAULT_INJECTION: forcing a failure.
[   89.889103][ T7064] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   89.902111][ T7064] CPU: 0 UID: 0 PID: 7064 Comm: syz.4.551 Tainted: G             L      syzkaller #0 PREEMPT 
[   89.902128][ T7064] Tainted: [L]=SOFTLOCKUP
[   89.902132][ T7064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[   89.902137][ T7064] Call trace:
[   89.902141][ T7064]  show_stack+0x2c/0x3c (C)
[   89.902164][ T7064]  __dump_stack+0x30/0x40
[   89.902176][ T7064]  dump_stack_lvl+0xd8/0x12c
[   89.902185][ T7064]  dump_stack+0x1c/0x28
[   89.902194][ T7064]  should_fail_ex+0x414/0x588
[   89.902204][ T7064]  should_fail+0x14/0x24
[   89.902212][ T7064]  should_fail_usercopy+0x20/0x30
[   89.902222][ T7064]  _inline_copy_from_user+0x3c/0x194
[   89.902232][ T7064]  vmemdup_user+0x6c/0xe0
[   89.902240][ T7064]  setxattr_copy+0x168/0x1c0
[   89.902251][ T7064]  path_setxattrat+0x130/0x2a8
[   89.902261][ T7064]  __arm64_sys_setxattr+0xc0/0xdc
[   89.902271][ T7064]  invoke_syscall+0x98/0x244
[   89.902280][ T7064]  el0_svc_common+0xe8/0x23c
[   89.902289][ T7064]  do_el0_svc+0x48/0x58
[   89.902297][ T7064]  el0_svc+0x64/0x260
[   89.902308][ T7064]  el0t_64_sync_handler+0x48/0x148
[   89.902318][ T7064]  el0t_64_sync+0x198/0x19c
[   89.962823][ T5706] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.289021][ T7098] loop3: detected capacity change from 0 to 512
[   90.294935][ T7098] EXT4-fs: Ignoring removed oldalloc option
[   90.296318][ T7098] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   90.302270][ T7098] EXT4-fs (loop3): 1 truncate cleaned up
[   90.315546][ T7098] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.322383][ T7103] Bluetooth: MGMT ver 1.23
[   90.388135][ T6043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.426986][ T7114] loop4: detected capacity change from 0 to 512
[   90.429892][ T7114] EXT4-fs: Ignoring removed oldalloc option
[   90.432801][ T7114] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   90.442729][ T7114] EXT4-fs (loop4): 1 truncate cleaned up
[   90.543171][ T6880] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   90.553905][ T6880] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   90.557905][ T6880] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   90.566189][ T6880] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   90.568849][ T6880] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   90.592818][ T6880] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   90.594584][ T6880] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   90.641814][ T6880] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   90.845097][ T7127] loop4: detected capacity change from 0 to 512
[   90.854805][ T7127] EXT4-fs: Ignoring removed oldalloc option
[   90.856520][ T7127] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   90.868183][ T7127] EXT4-fs (loop4): 1 truncate cleaned up
[   90.895507][ T7127] FAULT_INJECTION: forcing a failure.
[   90.895507][ T7127] name failslab, interval 1, probability 0, space 0, times 0
[   90.897913][ T7127] CPU: 1 UID: 0 PID: 7127 Comm: syz.4.565 Tainted: G             L      syzkaller #0 PREEMPT 
[   90.897939][ T7127] Tainted: [L]=SOFTLOCKUP
[   90.897943][ T7127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[   90.897947][ T7127] Call trace:
[   90.897950][ T7127]  show_stack+0x2c/0x3c (C)
[   90.897969][ T7127]  __dump_stack+0x30/0x40
[   90.897978][ T7127]  dump_stack_lvl+0xd8/0x12c
[   90.897987][ T7127]  dump_stack+0x1c/0x28
[   90.897996][ T7127]  should_fail_ex+0x414/0x588
[   90.898006][ T7127]  should_failslab+0xc4/0x124
[   90.898017][ T7127]  kmem_cache_alloc_noprof+0x8c/0x610
[   90.898026][ T7127]  do_getname+0x48/0x230
[   90.898036][ T7127]  getname_flags+0x2c/0x3c
[   90.898045][ T7127]  path_setxattrat+0x170/0x2a8
[   90.898056][ T7127]  __arm64_sys_setxattr+0xc0/0xdc
[   90.898066][ T7127]  invoke_syscall+0x98/0x244
[   90.898075][ T7127]  el0_svc_common+0xe8/0x23c
[   90.898086][ T7127]  do_el0_svc+0x48/0x58
[   90.898095][ T7127]  el0_svc+0x64/0x260
[   90.898107][ T7127]  el0t_64_sync_handler+0x48/0x148
[   90.898116][ T7127]  el0t_64_sync+0x198/0x19c
[   90.987445][ T6880] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.000016][ T6880] 8021q: adding VLAN 0 to HW filter on device team0
[   91.005959][ T6404] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.005997][ T6404] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.024967][ T6405] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.025012][ T6405] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.425342][ T7169] EXT4-fs: Ignoring removed oldalloc option
[   91.426901][ T7169] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   91.447393][ T7169] EXT4-fs (loop1): 1 truncate cleaned up
[   91.818257][ T7188] tipc: Started in network mode
[   91.818360][ T7188] tipc: Node identity 84e, cluster identity 4711
[   91.818401][ T7188] tipc: Node number set to 2126
[   91.931929][ T4683] Bluetooth: hci0: command tx timeout
[   92.520450][ T7199] EXT4-fs: Ignoring removed bh option
[   92.537327][ T7202] __nla_validate_parse: 5 callbacks suppressed
[   92.537356][ T7202] netlink: 12 bytes leftover after parsing attributes in process `syz.3.577'.
[   92.691763][ T7212] Injecting memory failure for pfn 0x122bc2 at process virtual address 0x2010e000
[   92.698450][ T7211] set_capacity_and_notify: 2 callbacks suppressed
[   92.698493][ T7211] loop3: detected capacity change from 0 to 1024
[   92.701746][ T7211] EXT4-fs: Ignoring removed orlov option
[   92.707385][ T7211] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   92.711892][ T7212] Memory failure: 0x122bc2: recovery action for clean LRU page: Recovered
[   94.005517][ T7232] EXT4-fs error (device loop3): ext4_find_dest_de:2050: inode #12: block 7: comm syz.3.578: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0
[   94.015375][ T4683] Bluetooth: hci0: command tx timeout
[   94.024432][ T7232] EXT4-fs (loop3): Remounting filesystem read-only
[   94.125788][ T6880] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.274678][ T7246] overlayfs: failed lookup in lower (newroot/52, name='file0', err=-40): overlapping layers
[   94.274962][ T7246] overlayfs: failed lookup in lower (newroot/52, name='bus', err=-40): overlapping layers
[   94.275296][ T7246] overlayfs: failed lookup in lower (newroot/52, name='file0', err=-40): overlapping layers
[   94.279103][ T7246] loop1: detected capacity change from 0 to 512
[   94.283927][ T7246] overlayfs: failed lookup in lower (newroot/52, name='file0', err=-40): overlapping layers
[   94.288710][ T7246] overlayfs: failed lookup in lower (newroot/52, name='file0', err=-40): overlapping layers
[   94.297797][ T7246] overlayfs: failed lookup in lower (newroot/52, name='file0', err=-40): overlapping layers
[   94.320886][ T7254] loop3: detected capacity change from 0 to 512
[   94.330854][ T7254] EXT4-fs: Ignoring removed oldalloc option
[   94.340845][ T7254] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   94.352985][ T7254] EXT4-fs (loop3): 1 truncate cleaned up
[   94.796484][ T6880] veth0_vlan: entered promiscuous mode
[   94.805466][ T6880] veth1_vlan: entered promiscuous mode
[   94.840559][ T7278] netlink: 12 bytes leftover after parsing attributes in process `syz.3.588'.
[   94.863221][ T6880] veth0_macvtap: entered promiscuous mode
[   94.872417][ T6880] veth1_macvtap: entered promiscuous mode
[   94.922822][ T6880] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.928274][ T6880] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.943313][   T39] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.943888][   T39] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.943912][   T39] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.943929][   T39] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.014177][ T7290] loop3: detected capacity change from 0 to 1024
[   95.023391][   T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.023419][   T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.026451][ T7290] EXT4-fs: Ignoring removed orlov option
[   95.030928][ T7290] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (24670!=35945)
[   95.031011][ T7290] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   95.036047][ T7290] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   95.036247][ T7290] EXT4-fs (loop3): Can't support bigalloc feature without extents feature
[   95.036247][ T7290] 
[   95.036256][ T7290] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features
[   95.036712][ T7290] EXT4-fs mount: 12 callbacks suppressed
[   95.036721][ T7290] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   95.048580][ T7290] EXT4-fs error (device loop3): ext4_search_dir:1474: inode #2: block 16: comm syz.3.591: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   95.054095][ T7290] EXT4-fs (loop3): Remounting filesystem read-only
[   95.082677][ T7295] loop0: detected capacity change from 0 to 512
[   95.084512][   T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.084536][   T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.092693][ T7295] EXT4-fs: Ignoring removed nomblk_io_submit option
[   95.098160][ T7295] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043e01c, mo2=0002]
[   95.099594][ T7295] System zones: 1-12
[   95.101443][ T7295] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.595: invalid indirect mapped block 8 (level 2)
[   95.104481][ T7295] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[   95.105752][ T7295] EXT4-fs (loop0): 1 truncate cleaned up
[   95.110627][ T7295] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.157145][ T6045] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.201681][ T7302] team0: Port device vxlan0 added
[   95.204307][ T3524] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   95.204357][ T3524] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   95.204384][ T3524] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   95.204404][ T3524] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   95.286897][ T7313] netlink: 12 bytes leftover after parsing attributes in process `syz.1.600'.
[   95.378305][ T7312] loop5: detected capacity change from 0 to 8192
[   95.414261][ T7312] bond1: (slave gretap0): Device is not bonding slave
[   95.415652][ T7312] bond1: option active_slave: invalid value (gretap0)
[   95.437890][ T7312] bond1 (unregistering): Released all slaves
[   95.516868][   T30] audit: type=1326 audit(95.500:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7331 comm="syz.4.607" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff80377a28 code=0x0
[   95.571761][ T7336] loop5: detected capacity change from 0 to 1024
[   95.572151][ T7336] EXT4-fs: Ignoring removed nomblk_io_submit option
[   95.575141][ T7336] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   95.589158][ T7336] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.645953][ T7334] netlink: 'syz.0.606': attribute type 1 has an invalid length.
[   95.685444][ T6880] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.708017][ T7334] binder: 7327:7334 ioctl c0306201 200003c0 returned -14
[   95.778954][ T7350] netlink: 28 bytes leftover after parsing attributes in process `syz.1.610'.
[   95.793474][ T6043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.084426][ T7350] netlink: 4 bytes leftover after parsing attributes in process `syz.1.610'.
[   96.222946][ T7360] netlink: 12 bytes leftover after parsing attributes in process `syz.3.613'.
[   96.264211][ T7362] loop3: detected capacity change from 0 to 1024
[   96.285466][ T7362] /dev/loop3: Can't open blockdev
[   96.289917][ T7363] bridge_slave_0: left allmulticast mode
[   96.300840][ T7363] bridge_slave_0: left promiscuous mode
[   96.300940][ T7363] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.305870][ T7363] bridge_slave_1: left allmulticast mode
[   96.305884][ T7363] bridge_slave_1: left promiscuous mode
[   96.305934][ T7363] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.313215][ T7363] bond0: (slave bond_slave_0): Releasing backup interface
[   96.353352][ T7363] bond0: (slave bond_slave_1): Releasing backup interface
[   96.393906][ T7363] team0: Port device team_slave_0 removed
[   96.396686][ T7363] team0: Port device team_slave_1 removed
[   96.398755][ T7363] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   96.398961][ T7363] batman_adv: batadv0: Removing interface: batadv_slave_0
[   96.403322][ T7363] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   96.403350][ T7363] batman_adv: batadv0: Removing interface: batadv_slave_1
[   96.409541][ T7363] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   96.512962][ T7374] devtmpfs: Too few inodes for current use
[   96.635754][ T7380] binder: 7369:7380 ioctl 4018620d 0 returned -22
[   96.636217][ T7380] binder: tried to use weak ref as strong ref
[   96.636251][ T7380] binder: 7369:7380 Acquire 1 refcount change on invalid ref 0 ret -22
[   96.636653][ T7380] binder: 7369:7380 got transaction to invalid handle, 1
[   96.636687][ T7380] binder: 7369:7380 cannot find target node
[   96.636779][ T7380] binder: 7369:7380 transaction call to 0:0 failed 10/29201/-22, code 0 size 96-24 line 3236
[   96.874439][ T7379] lo speed is unknown, defaulting to 1000
[   96.947735][ T7379] lo speed is unknown, defaulting to 1000
[   96.951697][ T7379] lo speed is unknown, defaulting to 1000
[   96.954377][ T7381] netlink: 8 bytes leftover after parsing attributes in process `syz.0.620'.
[   96.956941][ T7381] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   97.001367][ T7388] netlink: 12 bytes leftover after parsing attributes in process `syz.4.624'.
[   97.347184][ T4764] binder: undelivered TRANSACTION_ERROR: 29201
[   97.356326][ T4778] lo speed is unknown, defaulting to 1000
[   97.356472][ T7379] infiniband s
z1: set active
[   97.356483][ T7379] infiniband s
z1: added lo
[   97.365022][ T7379] RDS/IB: s
z1: added
[   97.365134][ T7379] smc: adding ib device s
z1 with port count 1
[   97.365164][ T7379] smc:    ib device s
z1 port 1 has no pnetid
[   97.365925][ T4778] lo speed is unknown, defaulting to 1000
[   97.366406][ T7379] lo speed is unknown, defaulting to 1000
[   97.513734][ T7401] overlayfs: failed to resolve './bus': -2
[   97.693881][ T7379] lo speed is unknown, defaulting to 1000
[   97.824052][ T7410] loop1: detected capacity change from 0 to 128
[   97.881530][ T7379] lo speed is unknown, defaulting to 1000
[   97.917037][ T7412] loop5: detected capacity change from 0 to 512
[   97.917429][ T7412] EXT4-fs: Ignoring removed bh option
[   97.923590][ T7412] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[   97.949442][ T7412] EXT4-fs (loop5): 1 truncate cleaned up
[   97.966738][ T7412] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.060493][ T7379] lo speed is unknown, defaulting to 1000
[   98.215821][ T6880] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.221105][ T7379] lo speed is unknown, defaulting to 1000
[   98.583767][ T7430] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input3
[   98.607632][ T7430] loop5: detected capacity change from 0 to 128
[   98.698381][ T7379] lo speed is unknown, defaulting to 1000
[   98.790385][ T7443] input: syz1 as /devices/virtual/input/input4
[   98.838320][ T7443] netlink: 'syz.3.637': attribute type 29 has an invalid length.
[   98.840695][ T7443] netlink: 'syz.3.637': attribute type 29 has an invalid length.
[   98.879976][ T7379] lo speed is unknown, defaulting to 1000
[   98.956076][ T7449] loop3: detected capacity change from 0 to 512
[   98.981570][ T7449] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.092003][ T7379] lo speed is unknown, defaulting to 1000
[   99.416615][ T6043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.418212][ T7466] evm: overlay not supported
[   99.454257][ T7466] overlayfs: failed to verify upper root origin
[   99.652129][ T7474] netlink: 4 bytes leftover after parsing attributes in process `syz.3.645'.
[   99.667127][ T7474] mac80211_hwsim hwsim19 wlan1: left allmulticast mode
[   99.667259][ T7474] mac80211_hwsim hwsim19 wlan1: left promiscuous mode
[   99.667508][ T7474] bridge0: port 3(wlan1) entered disabled state
[   99.915725][ T7379] lo speed is unknown, defaulting to 1000
[   99.989384][ T7478] loop1: detected capacity change from 0 to 4096
[  100.001729][ T7478] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  100.011433][ T7478] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.648'.
[  100.255305][ T7491] loop0: detected capacity change from 0 to 8192
[  100.994661][   T30] audit: type=1326 audit(100.980:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7510 comm="syz.0.656" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff96f77a28 code=0x7ffc0000
[  100.994703][   T30] audit: type=1326 audit(100.980:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7510 comm="syz.0.656" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff96f77a28 code=0x7ffc0000
[  101.007436][   T30] audit: type=1326 audit(100.990:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7510 comm="syz.0.656" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=25 compat=0 ip=0xffff96f77a28 code=0x7ffc0000
[  101.007470][   T30] audit: type=1326 audit(100.990:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7510 comm="syz.0.656" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff96f77a28 code=0x7ffc0000
[  101.018185][   T30] audit: type=1326 audit(101.000:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7510 comm="syz.0.656" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff96f77a28 code=0x7ffc0000
[  101.018205][   T30] audit: type=1326 audit(101.000:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7510 comm="syz.0.656" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=167 compat=0 ip=0xffff96f77a28 code=0x7ffc0000
[  101.018224][   T30] audit: type=1326 audit(101.000:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7510 comm="syz.0.656" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff96f77a28 code=0x7ffc0000
[  101.018240][   T30] audit: type=1326 audit(101.000:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7510 comm="syz.0.656" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff96f77a28 code=0x7ffc0000
[  101.018255][   T30] audit: type=1326 audit(101.000:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7510 comm="syz.0.656" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff96f77a28 code=0x7ffc0000
[  101.018270][   T30] audit: type=1326 audit(101.000:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7510 comm="syz.0.656" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=208 compat=0 ip=0xffff96f77a28 code=0x7ffc0000
[  101.252402][ T7520] binder: BINDER_SET_CONTEXT_MGR already set
[  101.254177][ T7520] binder: 7519:7520 ioctl 4018620d 20000040 returned -16
[  101.254422][ T7520] binder: 7519:7520 IncRefs 0 refcount change on invalid ref 1 ret -22
[  101.604297][ T7535] FAT-fs (loop11): unable to read boot sector
[  101.605930][ T7530] netlink: 60 bytes leftover after parsing attributes in process `syz.1.662'.
[  101.776617][ T7548] loop4: detected capacity change from 0 to 2048
[  101.786580][ T7552] loop1: detected capacity change from 0 to 512
[  101.810879][ T7548]  loop4: p1 p4
[  101.810879][ T7548]  p1: <minix: p5 >
[  101.811768][ T7548] loop4: p4 size 722688 extends beyond EOD, truncated
[  101.819356][ T7552] EXT4-fs error (device loop1): ext4_acquire_dquot:7034: comm syz.1.668: Failed to acquire dquot type 1
[  101.819468][ T7552] loop1: lost filesystem error report for type 5 error -117
[  101.820790][    C1] EXT4-fs (loop1): error count since last fsck: 1
[  101.820805][    C1] EXT4-fs (loop1): last error at time 101: ext4_acquire_dquot:7034
[  101.826767][ T7552] EXT4-fs (loop1): 1 truncate cleaned up
[  101.833197][ T7552] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.932453][ T7552] EXT4-fs error (device loop1): ext4_acquire_dquot:7034: comm syz.1.668: Failed to acquire dquot type 1
[  101.946780][ T7560] netlink: 64 bytes leftover after parsing attributes in process `syz.5.670'.
[  101.973020][ T7560] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[  101.973046][ T7560] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  101.973107][ T7560] vhci_hcd vhci_hcd.0: Device attached
[  101.975919][ T7561] usbip_core: unknown command
[  101.975926][ T7561] vhci_hcd: unknown pdu 0
[  101.975932][ T7561] usbip_core: unknown command
[  101.976190][   T40] vhci_hcd vhci_hcd.5: stop threads
[  101.976201][   T40] vhci_hcd vhci_hcd.5: release socket
[  101.976218][   T40] vhci_hcd vhci_hcd.5: disconnect device
[  101.990041][ T6027] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.166026][ T7575] loop3: detected capacity change from 0 to 1024
[  102.247519][ T7578] loop3: detected capacity change from 0 to 1024
[  102.247918][ T7578] EXT4-fs: Ignoring removed orlov option
[  102.264128][ T7579] EXT4-fs: Ignoring removed oldalloc option
[  102.275255][ T7579] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  102.278576][ T7578] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.284326][ T7579] EXT4-fs (loop0): 1 truncate cleaned up
[  102.284790][ T7579] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.294626][ T7578] syzkaller1: entered promiscuous mode
[  102.294660][ T7578] syzkaller1: entered allmulticast mode
[  102.320606][ T6045] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.424356][ T6043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.840602][ T7596] set_capacity_and_notify: 1 callbacks suppressed
[  102.843389][ T7598] loop3: detected capacity change from 0 to 512
[  102.847003][ T7596] loop5: detected capacity change from 0 to 512
[  102.849211][ T7596] EXT4-fs error (device loop5): ext4_do_update_inode:5690: inode #15: comm syz.5.680: corrupted inode contents
[  102.849251][ T7596] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  102.850787][    C1] EXT4-fs (loop5): error count since last fsck: 1
[  102.850799][    C1] EXT4-fs (loop5): initial error at time 102: ext4_do_update_inode:5690: inode 15
[  102.850815][    C1] EXT4-fs (loop5): last error at time 102: ext4_do_update_inode:5690: inode 15
[  102.851400][ T7596] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem
[  102.851423][ T7596] loop5: lost filesystem error report for type 5 error -117
[  102.851622][ T7596] EXT4-fs error (device loop5): ext4_do_update_inode:5690: inode #15: comm syz.5.680: corrupted inode contents
[  102.851636][ T7596] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  102.851770][ T7596] EXT4-fs error (device loop5): ext4_evict_inode:315: inode #15: comm syz.5.680: mark_inode_dirty error
[  102.851782][ T7596] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  102.851937][ T7596] EXT4-fs (loop5): 1 orphan inode deleted
[  102.852536][ T7596] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.883157][ T7598] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #11: comm syz.3.681: iget: bad extra_isize 90 (inode size 256)
[  102.883203][ T7598] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  102.884869][ T7598] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.681: error while reading EA inode 11 err=-117
[  102.884886][ T7598] loop3: lost filesystem error report for type 5 error -117
[  102.885184][ T7598] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #11: comm syz.3.681: iget: bad extra_isize 90 (inode size 256)
[  102.885198][ T7598] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  102.886441][ T7598] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.681: error while reading EA inode 11 err=-117
[  102.886460][ T7598] loop3: lost filesystem error report for type 5 error -117
[  102.887107][ T7598] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #18: comm syz.3.681: iget: bad extra_isize 90 (inode size 256)
[  102.887133][ T7598] loop3: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117
[  102.887872][ T7598] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.681: error while reading EA inode 18 err=-117
[  102.887890][ T7598] loop3: lost filesystem error report for type 5 error -117
[  102.888058][ T7598] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #18: comm syz.3.681: iget: bad extra_isize 90 (inode size 256)
[  102.888072][ T7598] loop3: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117
[  102.888206][ T7598] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.681: error while reading EA inode 18 err=-117
[  102.888218][ T7598] loop3: lost filesystem error report for type 5 error -117
[  102.888487][ T7598] EXT4-fs (loop3): 1 orphan inode deleted
[  102.888956][ T7598] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.942212][ T6043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.960603][ T6880] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.984891][ T7609] autofs4:pid:7609:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  103.009755][ T7609] siw: device registration error -23
[  103.047734][ T7614] netlink: 'syz.5.684': attribute type 29 has an invalid length.
[  103.048253][ T7614] netlink: 'syz.5.684': attribute type 29 has an invalid length.
[  103.048533][ T7614] netlink: 204 bytes leftover after parsing attributes in process `syz.5.684'.
[  103.699339][ T7623] loop3: detected capacity change from 0 to 2048
[  103.790530][ T7637] loop4: detected capacity change from 0 to 128
[  103.914633][ T7639] netlink: 56 bytes leftover after parsing attributes in process `syz.0.691'.
[  104.292227][ T7643] loop3: detected capacity change from 0 to 512
[  104.307832][ T7643] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.694: corrupted inode contents
[  104.310133][ T7643] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  104.310798][    C1] EXT4-fs (loop3): error count since last fsck: 1
[  104.310822][    C1] EXT4-fs (loop3): initial error at time 104: ext4_do_update_inode:5690: inode 15
[  104.310863][    C1] EXT4-fs (loop3): last error at time 104: ext4_do_update_inode:5690: inode 15
[  104.311803][ T7654] autofs4:pid:7654:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  104.320367][ T7643] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[  104.320404][ T7643] loop3: lost filesystem error report for type 5 error -117
[  104.322588][ T7643] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.694: corrupted inode contents
[  104.322627][ T7643] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  104.325884][ T7643] EXT4-fs error (device loop3): ext4_evict_inode:315: inode #15: comm syz.3.694: mark_inode_dirty error
[  104.325906][ T7643] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  104.330555][ T7643] EXT4-fs (loop3): 1 orphan inode deleted
[  104.335994][ T7643] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.580988][ T7654] siw: device registration error -23
[  104.620535][ T7659] syzkaller0: entered promiscuous mode
[  104.620572][ T7659] syzkaller0: entered allmulticast mode
[  104.640638][   T40] bio_check_eod: 6 callbacks suppressed
[  104.640683][   T40] kworker/u8:3: attempt to access beyond end of device
[  104.640683][   T40] loop4: rw=1, sector=129, nr_sectors = 8 limit=128
[  104.641057][   T40] kworker/u8:3: attempt to access beyond end of device
[  104.641057][   T40] loop4: rw=1, sector=145, nr_sectors = 8 limit=128
[  104.641110][   T40] kworker/u8:3: attempt to access beyond end of device
[  104.641110][   T40] loop4: rw=1, sector=161, nr_sectors = 8 limit=128
[  104.641146][   T40] kworker/u8:3: attempt to access beyond end of device
[  104.641146][   T40] loop4: rw=1, sector=177, nr_sectors = 8 limit=128
[  104.641178][   T40] kworker/u8:3: attempt to access beyond end of device
[  104.641178][   T40] loop4: rw=1, sector=193, nr_sectors = 8 limit=128
[  104.641210][   T40] kworker/u8:3: attempt to access beyond end of device
[  104.641210][   T40] loop4: rw=1, sector=209, nr_sectors = 8 limit=128
[  104.641242][   T40] kworker/u8:3: attempt to access beyond end of device
[  104.641242][   T40] loop4: rw=1, sector=225, nr_sectors = 8 limit=128
[  104.641273][   T40] kworker/u8:3: attempt to access beyond end of device
[  104.641273][   T40] loop4: rw=1, sector=241, nr_sectors = 8 limit=128
[  104.641303][   T40] kworker/u8:3: attempt to access beyond end of device
[  104.641303][   T40] loop4: rw=1, sector=257, nr_sectors = 8 limit=128
[  104.641333][   T40] kworker/u8:3: attempt to access beyond end of device
[  104.641333][   T40] loop4: rw=1, sector=273, nr_sectors = 8 limit=128
[  104.684835][ T6043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.686415][ T7663] netlink: 64 bytes leftover after parsing attributes in process `syz.5.699'.
[  104.730671][ T7665] overlay: Unknown parameter 'subj_type'
[  105.191077][ T7683] loop1: detected capacity change from 0 to 128
[  105.465494][ T7683] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x61ff7272 (sector = 1)
[  105.499784][   T40] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x61ff7272 (sector = 1)
[  105.635561][ T7695] netlink: 'syz.1.708': attribute type 4 has an invalid length.
[  105.635594][ T7695] netlink: 152 bytes leftover after parsing attributes in process `syz.1.708'.
[  105.657080][ T7695] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  105.727786][ T7697] autofs4:pid:7697:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  105.816340][ T7703] loop3: detected capacity change from 0 to 512
[  105.816764][ T7697] siw: device registration error -23
[  105.823488][ T7706] loop0: detected capacity change from 0 to 512
[  105.824367][ T7706] EXT4-fs: Ignoring removed orlov option
[  105.824653][ T7706] EXT4-fs (loop0): Test dummy encryption mode enabled
[  105.824672][ T7706] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  105.832420][ T7706] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.707: bg 0: block 384: padding at end of block bitmap is not set
[  105.832452][ T7706] loop0: lost filesystem error report for type 5 error -117
[  105.835088][ T7706] EXT4-fs (loop0): Remounting filesystem read-only
[  105.835197][ T7706] EXT4-fs (loop0): 1 truncate cleaned up
[  105.835668][ T7706] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.871409][ T7703] EXT4-fs: Ignoring removed bh option
[  105.872097][ T7703] EXT4-fs: Ignoring removed oldalloc option
[  105.924482][ T7712] loop1: detected capacity change from 0 to 512
[  105.933628][ T7703] EXT4-fs (loop3): 1 truncate cleaned up
[  105.935316][ T7703] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.945551][ T7712] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #15: comm syz.1.710: corrupted inode contents
[  105.947894][ T7712] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[  105.949754][ T7712] loop1: lost filesystem error report for type 5 error -117
[  105.950790][    C0] EXT4-fs (loop1): error count since last fsck: 1
[  105.950815][    C0] EXT4-fs (loop1): initial error at time 105: ext4_do_update_inode:5690: inode 15
[  105.950847][    C0] EXT4-fs (loop1): last error at time 105: ext4_do_update_inode:5690: inode 15
[  105.960006][ T7712] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #15: comm syz.1.710: corrupted inode contents
[  105.967272][ T7712] EXT4-fs error (device loop1): ext4_evict_inode:315: inode #15: comm syz.1.710: mark_inode_dirty error
[  105.969564][ T7712] EXT4-fs (loop1): 1 orphan inode deleted
[  105.996998][ T7712] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.062870][ T6043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.087391][ T6027] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.164047][ T7722] loop3: detected capacity change from 0 to 512
[  106.164528][ T7722] EXT4-fs: Ignoring removed oldalloc option
[  106.165962][ T7722] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  106.221355][ T7722] EXT4-fs (loop3): 1 truncate cleaned up
[  106.221852][ T7722] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.554663][ T6043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.597225][ T7735] EXT4-fs: Ignoring removed nobh option
[  106.665296][ T7735] EXT4-fs error (device loop5): __ext4_iget:5481: inode #11: block 1: comm syz.5.718: invalid block
[  106.667428][ T7735] EXT4-fs error (device loop5): ext4_orphan_get:1402: comm syz.5.718: couldn't read orphan inode 11 (err -117)
[  106.667462][ T7735] loop5: lost filesystem error report for type 5 error -117
[  106.670135][ T7735] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.952765][ T6880] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.995407][ T7746] input: syz0 as /devices/virtual/input/input6
[  107.032300][ T7746] ieee802154 phy0 wpan0: encryption failed: -22
[  107.067450][ T7744] gretap1: entered promiscuous mode
[  107.130520][ T7751] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  107.176235][ T7754] EXT4-fs error (device loop4): ext4_do_update_inode:5690: inode #15: comm syz.4.725: corrupted inode contents
[  107.178526][ T7754] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[  107.178572][ T7754] loop4: lost filesystem error report for type 5 error -117
[  107.180441][ T7754] EXT4-fs error (device loop4): ext4_do_update_inode:5690: inode #15: comm syz.4.725: corrupted inode contents
[  107.181818][    C1] EXT4-fs (loop4): error count since last fsck: 3
[  107.181831][    C1] EXT4-fs (loop4): initial error at time 107: ext4_do_update_inode:5690: inode 15
[  107.181848][    C1] EXT4-fs (loop4): last error at time 107: ext4_do_update_inode:5690: inode 15
[  107.188754][ T7754] EXT4-fs error (device loop4): ext4_evict_inode:315: inode #15: comm syz.4.725: mark_inode_dirty error
[  107.191731][ T7754] EXT4-fs (loop4): 1 orphan inode deleted
[  107.192199][ T7754] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.329304][ T5706] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.695874][ T7770] netlink: 8 bytes leftover after parsing attributes in process `syz.1.730'.
[  107.705748][ T7773] /dev/loop3: Can't open blockdev
[  107.811911][ T7782] netlink: 8 bytes leftover after parsing attributes in process `syz.4.732'.
[  107.846976][ T7784] netlink: 8 bytes leftover after parsing attributes in process `syz.3.734'.
[  107.847026][ T7784] netlink: 'syz.3.734': attribute type 15 has an invalid length.
[  107.847035][ T7784] netlink: 4 bytes leftover after parsing attributes in process `syz.3.734'.
[  107.876375][ T6404] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  107.876526][ T6404] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  107.876560][ T6404] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  107.876575][ T6404] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  107.885344][ T7786] netlink: 65047 bytes leftover after parsing attributes in process `syz.1.735'.
[  107.927471][ T7789] netlink: 8 bytes leftover after parsing attributes in process `syz.4.736'.
[  107.956638][ T7793] set_capacity_and_notify: 6 callbacks suppressed
[  107.956880][ T7793] loop3: detected capacity change from 0 to 256
[  107.988562][ T7793] FAT-fs (loop3): Directory bread(block 64) failed
[  107.988612][ T7793] FAT-fs (loop3): Directory bread(block 65) failed
[  107.988639][ T7793] FAT-fs (loop3): Directory bread(block 66) failed
[  107.988656][ T7793] FAT-fs (loop3): Directory bread(block 67) failed
[  107.988681][ T7793] FAT-fs (loop3): Directory bread(block 68) failed
[  107.988692][ T7793] FAT-fs (loop3): Directory bread(block 69) failed
[  107.988716][ T7793] FAT-fs (loop3): Directory bread(block 70) failed
[  107.988727][ T7793] FAT-fs (loop3): Directory bread(block 71) failed
[  107.988884][ T7793] FAT-fs (loop3): Directory bread(block 72) failed
[  107.988897][ T7793] FAT-fs (loop3): Directory bread(block 73) failed
[  108.273000][ T7813] loop5: detected capacity change from 0 to 512
[  108.287905][ T7813] EXT4-fs error (device loop5): ext4_do_update_inode:5690: inode #15: comm syz.5.739: corrupted inode contents
[  108.290333][ T7813] fserror_report: 7 callbacks suppressed
[  108.292065][ T7813] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  108.300796][    C1] EXT4-fs (loop5): error count since last fsck: 1
[  108.300827][    C1] EXT4-fs (loop5): initial error at time 108: ext4_do_update_inode:5690: inode 15
[  108.300862][    C1] EXT4-fs (loop5): last error at time 108: ext4_do_update_inode:5690: inode 15
[  108.524909][ T7813] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem
[  108.524955][ T7813] loop5: lost filesystem error report for type 5 error -117
[  108.530869][ T7813] EXT4-fs error (device loop5): ext4_do_update_inode:5690: inode #15: comm syz.5.739: corrupted inode contents
[  108.530902][ T7813] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  108.532429][ T7813] EXT4-fs error (device loop5): ext4_evict_inode:315: inode #15: comm syz.5.739: mark_inode_dirty error
[  108.532461][ T7813] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  108.534868][ T7813] EXT4-fs (loop5): 1 orphan inode deleted
[  108.535351][ T7813] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.584215][ T7821] netlink: 8 bytes leftover after parsing attributes in process `syz.3.743'.
[  108.675620][ T6880] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.842581][ T7839] netlink: 16 bytes leftover after parsing attributes in process `syz.3.745'.
[  108.946424][ T7848] loop3: detected capacity change from 0 to 2048
[  108.952297][ T7848] EXT4-fs: Ignoring removed i_version option
[  108.952324][ T7848] ext4: Unknown parameter 'fowner<00000000000980643439'
[  108.975125][ T7848] .¿: renamed from veth1_to_bridge (while UP)
[  109.031650][ T6045] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.166408][ T7863] loop5: detected capacity change from 0 to 512
[  109.192081][ T7863] EXT4-fs error (device loop5): ext4_do_update_inode:5690: inode #15: comm syz.5.754: corrupted inode contents
[  109.192120][ T7863] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  109.192256][ T7863] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem
[  109.192267][ T7863] loop5: lost filesystem error report for type 5 error -117
[  109.193946][ T7863] EXT4-fs error (device loop5): ext4_do_update_inode:5690: inode #15: comm syz.5.754: corrupted inode contents
[  109.193967][ T7863] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  109.194123][ T7863] EXT4-fs error (device loop5): ext4_evict_inode:315: inode #15: comm syz.5.754: mark_inode_dirty error
[  109.194135][ T7863] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  109.194464][ T7863] EXT4-fs (loop5): 1 orphan inode deleted
[  109.194945][ T7863] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.195630][ T7859] syzkaller0: entered promiscuous mode
[  109.195649][ T7859] syzkaller0: entered allmulticast mode
[  109.196364][ T7866] netlink: 'syz.3.756': attribute type 29 has an invalid length.
[  109.196892][ T7866] netlink: 'syz.3.756': attribute type 29 has an invalid length.
[  109.202892][ T7870] vivid-000: disconnect
[  109.243097][ T7868] vivid-000: reconnect
[  109.290207][ T7877] loop3: detected capacity change from 0 to 512
[  109.290510][ T7877] EXT4-fs: Ignoring removed nobh option
[  109.298842][ T6880] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.334287][ T7877] EXT4-fs: old and new quota format mixing
[  109.408292][ T7874] tipc: Enabled bearer <udp:syz2>, priority 10
[  109.764450][ T7895] __nla_validate_parse: 4 callbacks suppressed
[  109.764489][ T7895] netlink: 4 bytes leftover after parsing attributes in process `syz.1.762'.
[  109.896425][ T7895] bridge_slave_1: left allmulticast mode
[  109.896463][ T7895] bridge_slave_1: left promiscuous mode
[  109.896654][ T7895] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.918598][ T7895] bridge_slave_0: left allmulticast mode
[  109.918630][ T7895] bridge_slave_0: left promiscuous mode
[  109.919225][ T7895] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.641726][ T7924] netlink: 484 bytes leftover after parsing attributes in process `syz.1.769'.
[  110.697140][ T7925] loop5: detected capacity change from 0 to 512
[  110.702562][ T7925] ext4: Unknown parameter 'obj_type'
[  110.998048][ T7927] loop0: detected capacity change from 0 to 2048
[  111.014417][ T7927] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.047720][ T6045] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.166156][ T4683] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  111.503788][ T7918] netlink: 'syz.1.769': attribute type 29 has an invalid length.
[  111.526639][ T7947] bridge0: port 1(gretap0) entered blocking state
[  111.526808][ T7947] bridge0: port 1(gretap0) entered disabled state
[  111.527828][ T7947] gretap0: entered allmulticast mode
[  111.536223][ T7947] gretap0: entered promiscuous mode
[  111.537377][ T7947] bridge0: port 1(gretap0) entered blocking state
[  111.537406][ T7947] bridge0: port 1(gretap0) entered forwarding state
[  111.600987][ T7947] gretap0: left allmulticast mode
[  111.601062][ T7947] gretap0: left promiscuous mode
[  111.601602][ T7947] bridge0: port 1(gretap0) entered disabled state
[  112.387387][ T7951] loop4: detected capacity change from 0 to 512
[  112.393198][ T7949] loop3: detected capacity change from 0 to 256
[  112.393264][ T7951] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  112.402817][ T7951] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.777: invalid indirect mapped block 4294967295 (level 0)
[  112.402850][ T7951] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  112.405533][ T7951] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.777: invalid indirect mapped block 4294967295 (level 1)
[  112.405563][ T7951] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  112.410800][    C1] EXT4-fs (loop4): error count since last fsck: 2
[  112.410814][    C1] EXT4-fs (loop4): initial error at time 112: ext4_free_branches:1023: inode 16
[  112.410833][    C1] EXT4-fs (loop4): last error at time 112: ext4_free_branches:1023: inode 16
[  112.759417][ T7951] EXT4-fs (loop4): 1 orphan inode deleted
[  112.759450][ T7951] EXT4-fs (loop4): 1 truncate cleaned up
[  112.760043][ T7951] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  112.974904][ T7965] netlink: 'syz.3.776': attribute type 64 has an invalid length.
[  112.997864][ T7965] sch_tbf: burst 9 is lower than device lo mtu (65550) !
[  113.655315][ T5706] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.771135][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  114.809061][ T7991] binder: 7990:7991 ioctl c034564b 200006c0 returned -22
[  114.811361][ T7991] binder: BINDER_SET_CONTEXT_MGR already set
[  114.859326][ T7991] binder: 7990:7991 ioctl 4018620d 20000040 returned -16
[  114.864468][ T7991] binder: tried to use weak ref as strong ref
[  114.865767][ T7991] binder: 7990:7991 Acquire 1 refcount change on invalid ref 0 ret -22
[  115.396195][ T7988] tipc: Started in network mode
[  115.396229][ T7988] tipc: Node identity 84e, cluster identity 4711
[  115.396238][ T7988] tipc: Node number set to 2126
[  115.435272][ T7991] binder: 7990:7991 got transaction to invalid handle, 1
[  115.435289][ T7991] binder: 7990:7991 cannot find target node
[  115.435305][ T7991] binder: 7990:7991 transaction call to 0:0 failed 15/29201/-22, code 0 size 0-0 line 3236
[  115.435453][ T7991] binder: 7990:7991 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  115.435464][ T7991] binder: 7991 RLIMIT_NICE not set
[  115.435470][ T7991] binder: 7990:7991 ioctl c0306201 20000240 returned -11
[  115.435597][ T7991] binder: 7990:7991 got reply transaction with no transaction stack
[  115.435610][ T7991] binder: 7990:7991 transaction reply to 0:0 failed 16/29201/-71, code 0 size 0-0 line 3139
[  115.479970][ T7991] loop0: detected capacity change from 0 to 2048
[  115.496007][ T7997] ip6_vti0: entered promiscuous mode
[  115.497133][ T7999] netlink: 'syz.5.789': attribute type 29 has an invalid length.
[  115.497653][ T7999] netlink: 'syz.5.789': attribute type 29 has an invalid length.
[  115.497941][ T7999] netlink: 204 bytes leftover after parsing attributes in process `syz.5.789'.
[  115.508846][ T7991]  loop0: p1 < >
[  115.536425][ T1077] binder: undelivered TRANSACTION_ERROR: 29201
[  115.597023][ T8014] loop0: detected capacity change from 0 to 512
[  115.622101][ T8006] autofs4:pid:8006:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  115.636910][ T8014] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  115.637054][ T8014] EXT4-fs (loop0): orphan cleanup on readonly fs
[  115.640054][ T8014] __quota_error: 23 callbacks suppressed
[  115.640080][ T8014] Quota error (device loop0): dq_insert_tree: Quota tree root isn't allocated!
[  115.640096][ T8014] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota
[  115.640116][ T8014] EXT4-fs error (device loop0): ext4_acquire_dquot:7034: comm syz.0.795: Failed to acquire dquot type 1
[  115.640133][ T8014] loop0: lost filesystem error report for type 5 error -5
[  115.641273][    C0] EXT4-fs (loop0): error count since last fsck: 1
[  115.641288][    C0] EXT4-fs (loop0): initial error at time 115: ext4_acquire_dquot:7034
[  115.641301][    C0] EXT4-fs (loop0): last error at time 115: ext4_acquire_dquot:7034
[  115.654781][ T8014] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.795: bg 0: block 40: padding at end of block bitmap is not set
[  115.654822][ T8014] loop0: lost filesystem error report for type 5 error -117
[  115.657764][ T8014] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6679: Corrupt filesystem
[  115.661511][ T8014] loop0: lost filesystem error report for type 5 error -117
[  115.664693][ T8006] siw: device registration error -23
[  115.667075][ T8014] EXT4-fs warning (device loop0): ext4_evict_inode:195: inode #16: comm syz.0.795: data will be lost
[  115.669021][ T8014] EXT4-fs (loop0): 1 truncate cleaned up
[  115.670508][ T8014] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  116.013285][ T8029] loop5: detected capacity change from 0 to 1024
[  116.014177][ T8029] EXT4-fs: Ignoring removed bh option
[  116.026467][ T6045] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.043333][ T8029] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.118532][ T8036] netlink: 'syz.4.802': attribute type 29 has an invalid length.
[  116.123340][ T8036] netlink: 'syz.4.802': attribute type 29 has an invalid length.
[  116.125231][ T8036] netlink: 204 bytes leftover after parsing attributes in process `syz.4.802'.
[  117.149476][ T8045] netlink: 48 bytes leftover after parsing attributes in process `syz.1.803'.
[  117.822813][ T8051] netlink: 8 bytes leftover after parsing attributes in process `syz.3.804'.
[  117.898508][ T8062] loop4: detected capacity change from 0 to 512
[  117.905822][ T8062] ext4: Unknown parameter '-:#[:.-'
[  117.950668][ T8062] bpf: Bad value for 'uid'
[  118.843218][ T6880] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.416569][ T8094] autofs4:pid:8094:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  119.455219][ T8094] siw: device registration error -23
[  119.484022][ T8101] loop4: detected capacity change from 0 to 1024
[  119.485533][ T8101] EXT4-fs: Ignoring removed bh option
[  119.507522][ T8101] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.552747][ T8108] loop3: detected capacity change from 0 to 2048
[  119.593928][ T8108] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  119.599923][ T8108] EXT4-fs (loop3): shut down requested (1)
[  119.609507][ T8115] Soft offlining pfn 0x21d0b2 at process virtual address 0x20164000
[  119.611185][ T8115] Soft offline: 0x21d0b2: page already poisoned
[  119.612397][ T8115] Soft offlining pfn 0x21d0b2 at process virtual address 0x20165000
[  119.613890][ T8115] Soft offline: 0x21d0b2: page already poisoned
[  119.615336][ T8115] Soft offlining pfn 0x21d0b2 at process virtual address 0x20166000
[  119.616719][ T8115] Soft offline: 0x21d0b2: page already poisoned
[  119.619004][ T8115] Soft offlining pfn 0x21d0b2 at process virtual address 0x20167000
[  119.619032][ T8115] Soft offline: 0x21d0b2: page already poisoned
[  120.404367][ T6043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  121.293072][ T5706] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.379295][ T8134] loop3: detected capacity change from 0 to 512
[  121.386405][ T8134] EXT4-fs: Ignoring removed oldalloc option
[  121.387994][ T8134] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  121.442694][ T8137] autofs4:pid:8137:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  121.470834][ T8137] siw: device registration error -23
[  121.473111][ T8134] EXT4-fs (loop3): 1 truncate cleaned up
[  121.473586][ T8134] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.500346][ T6043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.552226][ T8142] netlink: 'syz.1.830': attribute type 29 has an invalid length.
[  121.556756][ T8142] netlink: 'syz.1.830': attribute type 29 has an invalid length.
[  121.558481][ T8142] netlink: 204 bytes leftover after parsing attributes in process `syz.1.830'.
[  121.751486][ T8158] netlink: 'syz.5.834': attribute type 8 has an invalid length.
[  121.813850][ T8173] SET target dimension over the limit!
[  121.866026][ T8175] loop3: detected capacity change from 0 to 512
[  121.868000][ T8175] EXT4-fs: Ignoring removed oldalloc option
[  121.879516][ T8175] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  121.890644][ T8175] EXT4-fs (loop3): 1 truncate cleaned up
[  121.908993][ T8175] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.915571][ T8174] bridge0: entered promiscuous mode
[  121.915603][ T8174] bridge0: entered allmulticast mode
[  121.945485][ T8179] batadv_slave_1: entered promiscuous mode
[  121.967217][ T6043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.974367][ T8177] batadv_slave_1: left promiscuous mode
[  122.935993][ T8192] netlink: 'syz.3.845': attribute type 29 has an invalid length.
[  122.936575][ T8192] netlink: 'syz.3.845': attribute type 29 has an invalid length.
[  122.936903][ T8192] netlink: 204 bytes leftover after parsing attributes in process `syz.3.845'.
[  123.057310][ T8203] netlink: 4 bytes leftover after parsing attributes in process `syz.1.850'.
[  123.090322][ T8203] team0: Port device team_slave_0 removed
[  123.101405][ T8200] lo speed is unknown, defaulting to 1000
[  123.310010][ T8215] loop1: detected capacity change from 0 to 512
[  123.310387][ T8215] EXT4-fs: Ignoring removed oldalloc option
[  123.317186][ T8215] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  123.320729][ T8215] EXT4-fs (loop1): 1 truncate cleaned up
[  123.321416][ T8215] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.344568][ T6027] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.419315][ T8227] netlink: 4 bytes leftover after parsing attributes in process `syz.3.859'.
[  123.420287][ T8228] loop0: detected capacity change from 0 to 128
[  123.441145][ T8228] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  123.555410][ T8237] 
[  123.555779][ T8237] ======================================================
[  123.556957][ T8237] WARNING: possible circular locking dependency detected
[  123.558192][ T8237] syzkaller #0 Tainted: G             L     
[  123.559311][ T8237] ------------------------------------------------------
[  123.560545][ T8237] syz.0.857/8237 is trying to acquire lock:
[  123.561585][ T8237] ffff0000f3dc9380 (&ei->xattr_sem){++++}-{4:4}, at: ext4_xattr_set_handle+0x138/0xe00
[  123.563253][ T8237] 
[  123.563253][ T8237] but task is already holding lock:
[  123.564494][ T8237] ffff0000d0782c18 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_ext_migrate+0x280/0xc58
[  123.566220][ T8237] 
[  123.566220][ T8237] which lock already depends on the new lock.
[  123.566220][ T8237] 
[  123.568091][ T8237] 
[  123.568091][ T8237] the existing dependency chain (in reverse order) is:
[  123.569632][ T8237] 
[  123.569632][ T8237] -> #1 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[  123.571116][ T8237]        percpu_down_read_internal+0x5c/0x294
[  123.572196][ T8237]        ext4_writepages+0x16c/0x2d8
[  123.573118][ T8237]        do_writepages+0x270/0x468
[  123.574014][ T8237]        __writeback_single_inode+0x144/0x1808
[  123.575117][ T8237]        writeback_single_inode+0x3b8/0xaa0
[  123.576185][ T8237]        write_inode_now+0x170/0x208
[  123.577116][ T8237]        iput+0x6bc/0xb90
[  123.577804][ T8237]        ext4_xattr_block_set+0x12dc/0x2188
[  123.578791][ T8237]        ext4_expand_extra_isize_ea+0xb18/0x13a0
[  123.579896][ T8237]        __ext4_expand_extra_isize+0x29c/0x370
[  123.581017][ T8237]        __ext4_mark_inode_dirty+0x3a4/0x810
[  123.582075][ T8237]        ext4_evict_inode+0x7a0/0xfc4
[  123.583001][ T8237]        evict+0x4b8/0x740
[  123.583757][ T8237]        iput+0x858/0xb90
[  123.584547][ T8237]        ext4_process_orphan+0x240/0x2b4
[  123.585543][ T8237]        ext4_orphan_cleanup+0x7b8/0xd30
[  123.586545][ T8237]        ext4_fill_super+0x45a4/0x4d60
[  123.587524][ T8237]        get_tree_bdev_flags+0x380/0x434
[  123.588497][ T8237]        get_tree_bdev+0x2c/0x3c
[  123.589394][ T8237]        ext4_get_tree+0x28/0x38
[  123.590300][ T8237]        vfs_get_tree+0x90/0x28c
[  123.591145][ T8237]        fc_mount+0x24/0xac
[  123.591947][ T8237]        do_new_mount+0x2a4/0x540
[  123.592888][ T8237]        path_mount+0x5d0/0xa68
[  123.593714][ T8237]        do_mount+0xe8/0x148
[  123.594571][ T8237]        __arm64_sys_mount+0x334/0x380
[  123.595537][ T8237]        invoke_syscall+0x98/0x244
[  123.596500][ T8237]        el0_svc_common+0xe8/0x23c
[  123.597370][ T8237]        do_el0_svc+0x48/0x58
[  123.598202][ T8237]        el0_svc+0x64/0x260
[  123.598978][ T8237]        el0t_64_sync_handler+0x48/0x148
[  123.599917][ T8237]        el0t_64_sync+0x198/0x19c
[  123.600755][ T8237] 
[  123.600755][ T8237] -> #0 (&ei->xattr_sem){++++}-{4:4}:
[  123.602009][ T8237]        __lock_acquire+0x1780/0x2f44
[  123.602958][ T8237]        lock_acquire+0x140/0x368
[  123.603800][ T8237]        down_write+0x50/0xc0
[  123.604615][ T8237]        ext4_xattr_set_handle+0x138/0xe00
[  123.605597][ T8237]        ext4_initxattrs+0xa4/0x118
[  123.606476][ T8237]        security_inode_init_security+0x24c/0x378
[  123.607586][ T8237]        ext4_init_security+0x44/0x58
[  123.608538][ T8237]        __ext4_new_inode+0x28dc/0x3390
[  123.609510][ T8237]        ext4_ext_migrate+0x56c/0xc58
[  123.610490][ T8237]        ext4_ioctl+0x1cd4/0x4234
[  123.611355][ T8237]        __arm64_sys_ioctl+0x14c/0x1c4
[  123.612254][ T8237]        invoke_syscall+0x98/0x244
[  123.613089][ T8237]        el0_svc_common+0xe8/0x23c
[  123.614031][ T8237]        do_el0_svc+0x48/0x58
[  123.614897][ T8237]        el0_svc+0x64/0x260
[  123.615700][ T8237]        el0t_64_sync_handler+0x48/0x148
[  123.616705][ T8237]        el0t_64_sync+0x198/0x19c
[  123.617563][ T8237] 
[  123.617563][ T8237] other info that might help us debug this:
[  123.617563][ T8237] 
[  123.619295][ T8237]  Possible unsafe locking scenario:
[  123.619295][ T8237] 
[  123.620652][ T8237]        CPU0                    CPU1
[  123.621533][ T8237]        ----                    ----
[  123.622459][ T8237]   lock(&sbi->s_writepages_rwsem);
[  123.623431][ T8237]                                lock(&ei->xattr_sem);
[  123.624612][ T8237]                                lock(&sbi->s_writepages_rwsem);
[  123.625974][ T8237]   lock(&ei->xattr_sem);
[  123.626779][ T8237] 
[  123.626779][ T8237]  *** DEADLOCK ***
[  123.626779][ T8237] 
[  123.628202][ T8237] 3 locks held by syz.0.857/8237:
[  123.629118][ T8237]  #0: ffff0000d0afa410 (sb_writers#3){.+.+}-{0:0}, at: mnt_want_write_file+0x64/0xdc
[  123.630843][ T8237]  #1: ffff0000f3dcd7d8 (&sb->s_type->i_mutex_key#10){++++}-{4:4}, at: ext4_ioctl+0x1ccc/0x4234
[  123.632764][ T8237]  #2: ffff0000d0782c18 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_ext_migrate+0x280/0xc58
[  123.634593][ T8237] 
[  123.634593][ T8237] stack backtrace:
[  123.635655][ T8237] CPU: 0 UID: 0 PID: 8237 Comm: syz.0.857 Tainted: G             L      syzkaller #0 PREEMPT 
[  123.637499][ T8237] Tainted: [L]=SOFTLOCKUP
[  123.638249][ T8237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  123.640009][ T8237] Call trace:
[  123.640591][ T8237]  show_stack+0x2c/0x3c (C)
[  123.641421][ T8237]  __dump_stack+0x30/0x40
[  123.642168][ T8237]  dump_stack_lvl+0xd8/0x12c
[  123.642933][ T8237]  dump_stack+0x1c/0x28
[  123.643572][ T8237]  print_circular_bug+0x328/0x330
[  123.644394][ T8237]  check_noncircular+0x158/0x174
[  123.645161][ T8237]  __lock_acquire+0x1780/0x2f44
[  123.646050][ T8237]  lock_acquire+0x140/0x368
[  123.646789][ T8237]  down_write+0x50/0xc0
[  123.647509][ T8237]  ext4_xattr_set_handle+0x138/0xe00
[  123.648442][ T8237]  ext4_initxattrs+0xa4/0x118
[  123.649270][ T8237]  security_inode_init_security+0x24c/0x378
[  123.650321][ T8237]  ext4_init_security+0x44/0x58
[  123.651201][ T8237]  __ext4_new_inode+0x28dc/0x3390
[  123.652032][ T8237]  ext4_ext_migrate+0x56c/0xc58
[  123.652888][ T8237]  ext4_ioctl+0x1cd4/0x4234
[  123.653712][ T8237]  __arm64_sys_ioctl+0x14c/0x1c4
[  123.654543][ T8237]  invoke_syscall+0x98/0x244
[  123.655377][ T8237]  el0_svc_common+0xe8/0x23c
[  123.656236][ T8237]  do_el0_svc+0x48/0x58
[  123.656987][ T8237]  el0_svc+0x64/0x260
[  123.657666][ T8237]  el0t_64_sync_handler+0x48/0x148
[  123.658506][ T8237]  el0t_64_sync+0x198/0x19c
[  123.719426][ T6045] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  125.931735][ T1575] ieee802154 phy0 wpan0: encryption failed: -22
[  125.932940][ T1575] ieee802154 phy1 wpan1: encryption failed: -22