last executing test programs:

3m18.968890564s ago: executing program 1 (id=123):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha224\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000080)="682ebf", 0x3}], 0x1, 0x0, 0x0, 0x8015}, 0x40000)

3m18.224752138s ago: executing program 1 (id=127):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x50, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x20, 0x2, {{0x20000000, 0x200000, 0x0, 0x4000000, 0xffffffff, 0x8004}, [@TCA_NETEM_LOSS={0x4}]}}}]}, 0x50}}, 0x0)
sendto$packet(r0, 0x0, 0x0, 0x84, &(0x7f0000000140)={0x11, 0x17, r2, 0x1, 0x2, 0x6, @local}, 0x14)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$inet6(r3, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f00000005c0)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)

3m17.279136259s ago: executing program 1 (id=131):
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2f, &(0x7f0000000400)=0x9, 0x4)
bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x10}}, 0x6}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x4c}, 0x1c)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000100)='vlan0\x00', 0x10)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_route(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000006c0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0xc5}, 0x10)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000000)={0x0, 0x56, &(0x7f0000000280)={&(0x7f0000001840)=ANY=[], 0x1208}, 0x1, 0x0, 0x0, 0x8000}, 0x400c005)

3m16.84559401s ago: executing program 0 (id=132):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x2, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080)

3m16.584588435s ago: executing program 1 (id=133):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./bus\x00')

3m15.615036062s ago: executing program 1 (id=138):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x3)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f00000002c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0xf, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r1, 0x0, 0x40040)
syz_emit_ethernet(0x4c, &(0x7f00000001c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3e, 0x0, 0x0, 0x81, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xca, 0x0, 0x1000}, {"2b5e902362a9d26c759cc36d0f3d1f25f79f4f001912"}}}}}}, 0x0)

3m15.123557805s ago: executing program 2 (id=139):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x7)
openat2$dir(0xffffffffffffff9c, 0x0, 0xfffffffffffffffe, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0xd5)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000240)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x202, 0x0, 0x0, 0x2}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101081, 0x0)

3m15.095344859s ago: executing program 0 (id=140):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r2, 0xc040aed5, &(0x7f0000000040)={0x6000, 0x4000})

3m14.557950652s ago: executing program 1 (id=142):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
poll(&(0x7f0000001140)=[{r0, 0x80}], 0x1, 0x7198)

3m13.135870752s ago: executing program 32 (id=142):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
poll(&(0x7f0000001140)=[{r0, 0x80}], 0x1, 0x7198)

3m13.117644699s ago: executing program 0 (id=145):
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
pwrite64(0xffffffffffffffff, &(0x7f00000002c0)="e6", 0x1, 0x2)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x6)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0, 0x96}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x0, 0x0, &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1f00}, 0x10}, 0x94)
r1 = ioctl$UDMABUF_CREATE_LIST(r0, 0x40087543, 0x0)
ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086203, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000540)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x3, 0x3c, 0x64, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0xc2, 0x6071, 0x0, 0xe7, {[@exp_fastopen={0xfe, 0x12, 0xf989, "91e0718826cb6baa0a2f1a3b7543"}]}}}}}}}, 0x0)

3m12.760106483s ago: executing program 0 (id=148):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x22000b0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
r1 = open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}})
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x800700, &(0x7f0000000580)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x3}}, {@norecovery}, {@noinit_itable}, {@init_itable_val={'init_itable', 0x3d, 0x1}}, {@minixdf}, {@usrjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@errors_continue}, {@dioread_lock}, {@noblock_validity}, {@noquota}]}, 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1")

3m11.932666006s ago: executing program 0 (id=149):
r0 = socket$inet(0x2, 0x801, 0x0)
sendto$inet(r0, 0x0, 0xffffffffffffffb5, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
shutdown(r0, 0x1)
sendmsg$AUDIT_DEL_RULE(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x20000114)

3m11.536426002s ago: executing program 2 (id=150):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000040)='./file1\x00', 0x5028808, &(0x7f0000000180)=ANY=[@ANYRES64, @ANYBLOB="70b5bd3d8382995ebdc0f1e3f449fdcb42b02b6709f29418cec87eb4f1d07fbcd86c81f4a5b9d4f8fc8e62365c", @ANYRESDEC=r0], 0x0, 0x590, &(0x7f00000005c0)="$eJzs2j9rE3EYB/DHtE1qEdtZOgRcnEp1cjRIC8WAUMmgLj1oXXJFuFuunfpWnCrOviy3gnSRSnJn/2hbG9p4iXw+EO7JfX8hzy9ckhuereXdVnzMPzz/dhjzx+1oRMSnHxFLw6p0rzo2hnUzzjsIAGDabG4mnZuu/f5wvL0wHlnWSQb3cK0/kt6XWhoCAAAAAAAAAADg1raWd/vbv+b/X5Tz/41j8/8A8D8bZf6f6ZRlnaRZ3b9dZP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqM/xycniyTWPuvsDAO7eDf//vx5GxIOaewUA7sabt+9edbrdtc12ez7i6KDoFb3yWObrG9211fbQ0tmrjoqiN3OaPy3z9sV8Lhaq/NmleTOePC7zQfbydfe3vHV/e/zbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM5ZaZ9aOjt7VBS9mfg8yFeuystqfaO7tlotuJjPxqPZ8lnnX20GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuJV8b7+fpOlO9teiERE3XjwsYpTF01XMXBrNVR9qli9ExIS0OnFFc+QLaYKL94tXRK3qWhiemRvvlgfvdd2a+RG+5qdFjT9KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABArfK9/X6SpjtZXncnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCkyPf2+0ma7mRjLOreIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB372cAAAD//9ZaU9k=")
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x5, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000005700)=[@text32={0x20, 0x0}], 0x1, 0xc, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

3m10.580377136s ago: executing program 0 (id=154):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000340)=ANY=[], 0x1, 0x158, &(0x7f00000001c0)="$eJzs2z+r02AUB+BTG7Xq0lkcAi5ORZ0cFakgBhSlg04K1aWVgl2iUz+KX1CQTt1eaaNWQ4t/LrnpvX2epQd+DZwzJC8nkNc33k/Gs/m72bNl9DqdyO5HHqtO9ONCdKOyCADgPFmlFF9TSunyIq58jpRS2x0BAE1z/gPA8fnj+X+vpcYAgMbY/wHg+Lx4+erJg6IYPs/zXsSXRTkqR9VvlT96XAxv5xv97VXLshx1f+Z3qjz/Pb8YV7/nd3fml+LWzSpfZw+fFrX8WoybHx8AAACOwmCzma93+d37/WCQ/1DLq+qX9wO1/T2L69mpjQEA/IP5x0+TN9Pp2w+Ks1Bkh9GGYn+RHUYbJy7afjIBTdve9G13AgAAAAAAAAAAAAAA7PO/XwhF/P2f254RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6r4FAAD//3szUDQ=")
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(0xffffffffffffffff, 0xc040aed5, &(0x7f0000000040)={0x6000, 0x4000})

3m10.321119961s ago: executing program 2 (id=155):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x38, 0x2, {{0x20000000, 0x200000, 0x0, 0x4000000, 0xffffffff, 0x8004}, [@TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x7fffffff, 0x0, 0xfffffffd, 0x100000}}]}]}}}]}, 0x68}}, 0x0)
sendto$packet(r0, 0x0, 0x0, 0x84, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$inet6(r3, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f00000005c0)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)

3m7.668788644s ago: executing program 33 (id=154):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000340)=ANY=[], 0x1, 0x158, &(0x7f00000001c0)="$eJzs2z+r02AUB+BTG7Xq0lkcAi5ORZ0cFakgBhSlg04K1aWVgl2iUz+KX1CQTt1eaaNWQ4t/LrnpvX2epQd+DZwzJC8nkNc33k/Gs/m72bNl9DqdyO5HHqtO9ONCdKOyCADgPFmlFF9TSunyIq58jpRS2x0BAE1z/gPA8fnj+X+vpcYAgMbY/wHg+Lx4+erJg6IYPs/zXsSXRTkqR9VvlT96XAxv5xv97VXLshx1f+Z3qjz/Pb8YV7/nd3fml+LWzSpfZw+fFrX8WoybHx8AAACOwmCzma93+d37/WCQ/1DLq+qX9wO1/T2L69mpjQEA/IP5x0+TN9Pp2w+Ks1Bkh9GGYn+RHUYbJy7afjIBTdve9G13AgAAAAAAAAAAAAAA7PO/XwhF/P2f254RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6r4FAAD//3szUDQ=")
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(0xffffffffffffffff, 0xc040aed5, &(0x7f0000000040)={0x6000, 0x4000})

3m7.608946116s ago: executing program 2 (id=158):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x22000b0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
r1 = open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}})
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x800700, &(0x7f0000000580)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x3}}, {@norecovery}, {@noinit_itable}, {@init_itable_val={'init_itable', 0x3d, 0x1}}, {@minixdf}, {@usrjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@errors_continue}, {@dioread_lock}, {@noblock_validity}, {@noquota}]}, 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1")

3m5.668163456s ago: executing program 2 (id=162):
ioperm(0x2, 0xe, 0xfffffffffffffffc)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
getresgid(0x0, 0x0, 0x0)

3m5.482312282s ago: executing program 4 (id=163):
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000080)=0x7, 0x4)
syz_emit_ethernet(0x2e, &(0x7f00000000c0)={@local, @random="fad1e048716e", @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@timestamp_addr={0x44, 0x4, 0xa, 0x1, 0x8}]}}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
recvmmsg(r0, &(0x7f0000001980)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000003680)=""/27, 0x1b}}], 0x39, 0x2, 0x0)

3m4.558249882s ago: executing program 2 (id=164):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000040)='./file1\x00', 0x5028808, &(0x7f0000000180)=ANY=[@ANYRES64, @ANYBLOB="70b5bd3d8382995ebdc0f1e3f449fdcb42b02b6709f29418cec87eb4f1d07fbcd86c81f4a5b9d4f8fc8e62365c", @ANYRESDEC=r1], 0x0, 0x590, &(0x7f00000005c0)="$eJzs2j9rE3EYB/DHtE1qEdtZOgRcnEp1cjRIC8WAUMmgLj1oXXJFuFuunfpWnCrOviy3gnSRSnJn/2hbG9p4iXw+EO7JfX8hzy9ckhuereXdVnzMPzz/dhjzx+1oRMSnHxFLw6p0rzo2hnUzzjsIAGDabG4mnZuu/f5wvL0wHlnWSQb3cK0/kt6XWhoCAAAAAAAAAADg1raWd/vbv+b/X5Tz/41j8/8A8D8bZf6f6ZRlnaRZ3b9dZP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqM/xycniyTWPuvsDAO7eDf//vx5GxIOaewUA7sabt+9edbrdtc12ez7i6KDoFb3yWObrG9211fbQ0tmrjoqiN3OaPy3z9sV8Lhaq/NmleTOePC7zQfbydfe3vHV/e/zbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM5ZaZ9aOjt7VBS9mfg8yFeuystqfaO7tlotuJjPxqPZ8lnnX20GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuJV8b7+fpOlO9teiERE3XjwsYpTF01XMXBrNVR9qli9ExIS0OnFFc+QLaYKL94tXRK3qWhiemRvvlgfvdd2a+RG+5qdFjT9KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABArfK9/X6SpjtZXncnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCkyPf2+0ma7mRjLOreIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB372cAAAD//9ZaU9k=")
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x5, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000005700)=[@text32={0x20, 0x0}], 0x1, 0xc, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m2.088482212s ago: executing program 34 (id=164):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000040)='./file1\x00', 0x5028808, &(0x7f0000000180)=ANY=[@ANYRES64, @ANYBLOB="70b5bd3d8382995ebdc0f1e3f449fdcb42b02b6709f29418cec87eb4f1d07fbcd86c81f4a5b9d4f8fc8e62365c", @ANYRESDEC=r1], 0x0, 0x590, &(0x7f00000005c0)="$eJzs2j9rE3EYB/DHtE1qEdtZOgRcnEp1cjRIC8WAUMmgLj1oXXJFuFuunfpWnCrOviy3gnSRSnJn/2hbG9p4iXw+EO7JfX8hzy9ckhuereXdVnzMPzz/dhjzx+1oRMSnHxFLw6p0rzo2hnUzzjsIAGDabG4mnZuu/f5wvL0wHlnWSQb3cK0/kt6XWhoCAAAAAAAAAADg1raWd/vbv+b/X5Tz/41j8/8A8D8bZf6f6ZRlnaRZ3b9dZP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqM/xycniyTWPuvsDAO7eDf//vx5GxIOaewUA7sabt+9edbrdtc12ez7i6KDoFb3yWObrG9211fbQ0tmrjoqiN3OaPy3z9sV8Lhaq/NmleTOePC7zQfbydfe3vHV/e/zbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM5ZaZ9aOjt7VBS9mfg8yFeuystqfaO7tlotuJjPxqPZ8lnnX20GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuJV8b7+fpOlO9teiERE3XjwsYpTF01XMXBrNVR9qli9ExIS0OnFFc+QLaYKL94tXRK3qWhiemRvvlgfvdd2a+RG+5qdFjT9KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABArfK9/X6SpjtZXncnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCkyPf2+0ma7mRjLOreIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB372cAAAD//9ZaU9k=")
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x5, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000005700)=[@text32={0x20, 0x0}], 0x1, 0xc, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m1.97426887s ago: executing program 4 (id=167):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
readv(r1, &(0x7f0000000440)=[{&(0x7f0000000240)=""/74, 0x4a}], 0x1)

3m1.44039802s ago: executing program 4 (id=169):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x48e02, 0x0)
close(r0)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="14"], 0x14}, 0x1, 0x0, 0x0, 0x4810}, 0x8000)
io_submit(0x0, 0x1, &(0x7f0000000440)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x8, 0x1, r0, &(0x7f0000000100)="653de841f0", 0x5, 0x8000}])

3m0.711190816s ago: executing program 4 (id=170):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x22000b0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
r1 = open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}})
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x800700, &(0x7f0000000580)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x3}}, {@norecovery}, {@noinit_itable}, {@init_itable_val={'init_itable', 0x3d, 0x1}}, {@minixdf}, {@usrjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@errors_continue}, {@dioread_lock}, {@noblock_validity}, {@noquota}]}, 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1")

2m59.234597801s ago: executing program 4 (id=172):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f00000009c0)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000e40)={0x1, 0x0, [{0x0, 0xe3, &(0x7f00000008c0)=""/227}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000680)=0x41)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9a}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)

2m57.936959224s ago: executing program 4 (id=174):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x4a, &(0x7f0000000380)={@broadcast, @multicast, @val={@void, {0x8100, 0x0, 0x0, 0x2}}, {@ipv6={0x86dd, @icmpv6={0x7, 0x6, "d172f5", 0x10, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @mcast2, {[], @ni={0xc46ee13d8e75c188, 0x0, 0x0, 0xc2, 0x2, 0x9}}}}}}, 0x0)
setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f0000000200)=0x7b, 0x4)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x20)

2m54.314314832s ago: executing program 35 (id=174):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x4a, &(0x7f0000000380)={@broadcast, @multicast, @val={@void, {0x8100, 0x0, 0x0, 0x2}}, {@ipv6={0x86dd, @icmpv6={0x7, 0x6, "d172f5", 0x10, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @mcast2, {[], @ni={0xc46ee13d8e75c188, 0x0, 0x0, 0xc2, 0x2, 0x9}}}}}}, 0x0)
setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f0000000200)=0x7b, 0x4)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x20)

8.106152501s ago: executing program 5 (id=756):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x1, 0x7}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f00000021c0)={'ip6gre0\x00', r1, 0x4, 0xc, 0x81, 0x9e1f, 0x61, @private2, @loopback, 0x8015, 0x80, 0x81, 0x7fffffff}})
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
close(r2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x1e, &(0x7f0000000480)=0x400000001, 0x4)
setsockopt$inet6_tcp_int(r3, 0x6, 0x22, &(0x7f0000356000)=0x1, 0x4)
connect$inet6(r3, &(0x7f0000000340)={0xa, 0x0, 0x100000, @loopback}, 0x1c)
sendmsg$key(0xffffffffffffffff, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020d00051400000000000000000000000800120000000200c06b6e000000000006000000000000000000000000000000e00000020000000000000000000000000000000000000000000000000000000105000500008000000a00000000000000000000000000000000000000000000010000000000000000050006"], 0xa0}}, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x2000c000, 0x0, 0x0)

7.67505035s ago: executing program 3 (id=759):
syz_emit_ethernet(0x3e, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6c4000000000000000010000000000000000000000000000fe8000000000000000000000000000aaff"], 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4a, &(0x7f0000000000)=0x9, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f00000049c0)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x40010022, 0x0)

7.237239836s ago: executing program 6 (id=761):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe4000/0x18000)=nil, 0x0, 0x0, 0x40, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000140)=@arm64={0x3, 0xf, 0x6, '\x00', 0x99})

6.970649352s ago: executing program 3 (id=763):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
setsockopt$sock_int(r0, 0x1, 0xa, &(0x7f0000000040)=0x4, 0x4)
writev(r0, &(0x7f0000000740)=[{&(0x7f0000000280)='X', 0x1}], 0x1)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
readv(r0, &(0x7f0000000e40)=[{&(0x7f0000000f40)=""/250, 0xff1}], 0x1)

6.608545289s ago: executing program 5 (id=764):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x20, 0x0, 0x0, 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000002c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f000000c400)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, 0x0, 0x0, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="600100000000000001000000000000000200000000000000020000000000000007000000000000006a0900000000000001000080000000000500000000000000010000000000000001000000000000007d000000000000000900000000000000ef26000000000000001000000c0000000000001800d0000009000000", @ANYRES32=r2, @ANYRES32=0x0, @ANYBLOB="1900000080000000000000000100000000000000c40a00000000000002000000020000002e2e000000000000040000000000000000000000000000001c00000000000000060000000000000005000000b50b000003000000000000000400000000000000010400000000000009000000000000000e00000000000000010000000000000004000000060000000200000000600000c70b0000", @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="0200020005000000000001000000000000000000060000000000000013"], 0x0, 0x0, 0x0})
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
getdents64(r4, &(0x7f0000000000)=""/39, 0x27)

6.380047598s ago: executing program 6 (id=766):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x8, 0x0, &(0x7f00000009c0)=[@acquire], 0x0, 0x0, 0x0})

5.290259693s ago: executing program 8 (id=768):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000600)={0x4c, 0x0, &(0x7f0000000500)=[@reply_sg={0x40486312, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000440)={@flat=@binder={0x73622a85, 0x1000, 0x51c2}, @fd={0x66642a85, 0x0, r1}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0x30}}, &(0x7f00000002c0)={0x0, 0x18, 0x30}}, 0x400}], 0x0, 0x0, 0x0})

5.287248006s ago: executing program 6 (id=769):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322020, 0x0, 0x1, 0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

4.941500579s ago: executing program 3 (id=770):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
syz_usbip_server_init(0xaa7f3cec63cbb9d)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000340)={<r1=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000180)={r1, 0x0, 0x7f})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x2, 0x84)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000340)={0x1d, r4, 0x1, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x4048081)
listen(r2, 0xfffffffc)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r7, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r8, 0x0, 0x2000000)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ff9}]})
close_range(r9, 0xffffffffffffffff, 0x0)

4.828301056s ago: executing program 7 (id=771):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f00000000c0)='pids.max\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000380)=ANY=[@ANYBLOB='-', @ANYRESOCT, @ANYRESDEC], 0x27)

4.805727005s ago: executing program 5 (id=772):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180200000004000000000000000000008500000036000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r2, r1, 0x25, 0x0, @val=@tracing}, 0x40)
syz_emit_ethernet(0xbce, &(0x7f0000001780)={@multicast, @empty, @void, {@ipv6={0x86dd, @dccp_packet={0x6, 0x6, "f9720c", 0xb98, 0x21, 0xff, @remote, @remote, {[], {{0x4e20, 0x4e23, 0x4, 0x1, 0x9, 0x0, 0x0, 0x0, 0x1, "304f97", 0xce, "458db3"}, "c74fbd84f4907aa79cba7beb24c85ead9f842e77bfead1d6f16bb0096370ba967039b817eb1a79c9788da7a5332fed3d5d02fbb7ea98b20c8fad711985d003abd4972cb24eb128c5e3d02ecba1052da73e445304409ede6258497e7effd910543df067de3cbacc11ae483bae33db3f8d029af5982f4e36c6cad65b8a31ce565fbf51dc5e7756d13eccb8718860feb29188f516d2e9953869d440d0dcdb6440c43babaebf94807893479a555a56afd2cc2add215bc87da12dfbd2fc64895c81985de3d0185c938be2198466304a246e63b8f41f56199d9eaad727d743d5f4ab216a3ca7fa9d56ff56963b26b1e5a6ce1cbbf916d0c2e79c1cee646fedd8ad19879d4f6f4fec6493d61e9cf71980d6061063ac06437c68e50791bef8282cb3f3741994ffa4caa71c54d1d60c36e1456f3f18aea4bf074884093ff9c815efed322d53f2b06edd0bd1a498e3b5996facc5c65691db241c21b11a4d0614b654c1fd4d9c45e5dfdf4617eff3855620eee29e47d58db988e5fa99c624b2ef28fb8b44d5de59478417500f1b05c3f0f8dd09c90ae73b5169b0495ebdbc7d33aefa3110cb2462092a5c914a643fd33b2cb9076def37d1c7b5b7b04450502adc96fad6f8066e6d02128c3786d61ab6a56f49d6add81015f166dd989fdce1f40cb2ffdd97c3b3658cfad4a108a748e9513b129e7788bf5cd902f6f7a0fa498be0e809ac0c70a0f8bcc0face8ff158ec82212d212ffb9e1a65e4fbf451e6c8cf48719ba797930ba7f5dad28ef330a8e188275e78fdf1196e55bf7d0bda883f0d51323a54d624207976756def5f49bf3cf87df7333dc982945fe167de9bbc58cd28434d85ba8d151416d0b497c84ed4c8f1387eb26f9dd2cabca5c9b11d085aa48fb990a8780e808da4a5a35fc31153cb582358e9c8a2d7d910321dc95c9ec877dd75c9e1b59da214eea01bd90e428dea49d5b428d94e1078674ac83af4a2aebe513b06ca5caadf9faf046f83c2f3998bd80f713a63faa163063160c2fd50ad7640d73d9f366c2aed7469bdafd66c95527d6cb1b16f20b9c93775900d0bdde719c52da05362b3346e1b6e826e8be7959fe53798db79374dc253853d9cfc8ac454500b7dafb98cdf6f32c27786d76a6a2fff93950a0b4f872afd0f787039cb577f255e1b0a9a672ec068f2167c6270c365be37d80971921d364a385c090b4dae2f29d12b11bbda19f2e34b45fab5b9594fe6a81953961e391c5793389a9f590cccf11dec72268832d16e874ce505efdf67da71ff00e791bd244cacee2869030b1be148118b171c948747ee3dee6ef4817d104d228ea70b2f7d390ac1ccf35c48a2a09d97b1767594f6574690e02ae72805df3f1da5113138992895fe0849e6a588b4d49bb50f4154e8e71d816fdd03139d6f1ee106aa1da77c5724b21c6c92e9c901779ec17d9382c3f49407da714bb123467f340d429a84fb23d21fc7bfdb117135e00d90e2e7a54fd4dfbcc37216416ac49ae22a88caa2d0d5105a1763b85f76e1ff712dcdbeb51425d2b0801781b4a9ba37fc939259c408c25fe9b677abfca34ec8e4e579128adaf74407ebfa633a305057f25a0d59f57ed6de4096e07e89a2c18250b1e6a1c52ef62a222cca473b94f44f96ea6340f78791ec92276d45fc319915c5d625080a3399b99b4e72283f0399d97c4e5499b0f468aecdd9abc7c2a9c05ed3dd1bbd20464eeda2891ac7243ada1f50064f483f519b20f7aee8858bb7be70e896b491bedc3fccf4c11a9db2feac0dbd6357e71b651a05e7de0da67af11338ff96a44c32951c72fdc15efa7d339fb6a0780f8e0ce90dbccffb7d2009025e4c4990b7223934009356e1ba5867ea81a61a718b834bab8135a2b9141f8d8141013a1896b2b7163a93bf3084f90bdce392b0e04d8688ec89b6dfbc5eff9b79d65a8a5e46c6c8e07645cd749d0d4ae2dae6a35d1cc6d4de5f35e10376bfb88b3bcd06abe7ecc827414d6517014bad8935568d5b016eccc23d6f9a5bf722c660f2105a315291005f79a769f59830aabb68721e3768433f546bf5c3a79c205769d5c5ea37296e8b933faea982920416a952dab169fb54d978d9868842e326941658c791778f8119aed8e805fd9dc8ed6629bd71d02771b50b882ef45ec526b99347be98d57fec6e625358f355d38f248b3e36c7a6a2d4ca6ba0dd3ef01da79c1ed0366816eda48464309e9df9e3a525e9427cf15ac2efbb62c9ff9b9fc760e11bbe1c5c29b2df6c33c902a57fbc27bdfd9f2208e4363e2e0e3aecaf2cc36dc20d5482542e74cf497c80919151070f22e2f90b67cdf9cbc2ebb3960d8d50af7e7fc2e8768645c216a8be1bf95319b7297c261ef78e7689bd9e379b65c8d060c28f88a7835a1ab682f295eef0b2ddabcb8198efa3ec8b169ac3be625de0a094d4f9834c579749f31d369972e1bd0bd650a7c1c720f7901eed6172804589011ba7d82ba38c980bc083d0a2fbb253891ebb8966efb1f5b78608aa9a6b0f734399fa877cee9396d832a44fc5247c6786042a536cc30ced6e30e0d71120319f1c9538e4e91213e363c21a1859436759b842e2773d213cb75e2cf52084284c867e6f5de45a2b12a5eb80ccfb2ebec1b63d7a5f8e297c80b410ce448738b0e0b3263719d0369eb9ad3168d44a8138ad0d2640a162c3f4fa64bc80b956394f8c0e711112812e429b1fef32ffc37e0977c7e6b799ff26dc590209906e97de60d40d73a7386a7e60368e412d9ff731f7cce9c2db3da5213887d1e1a2a30ca874aa4eb27825a2dc234eeab353f710088cd7fbedeb76afdf26aa745e1dd27c6c7a76587dc3628c74c77307e459452eafd79746d5aea4dd2fb9ff8d07d783c03f3c56aa75507eae99c0200487b8e681520360a7a4ee5462f99a25fcd91886104588cb1887de6eff1857fa355bfac32085baa3c4a4333e8bbf9b7b0e373c3af39ee1854a7f4d583b3ecf98cc3878dbcd088a26ea4e6cd686a1cbfb3a17a18c5529231c86dcf60da64cc15100a07f3198df2c06b4424ac25706fd455b81fbd47528bf28cbb5c35e71982b0be70841e4eaf5d6496fb497fa55fd209d5d0faa95c9c21aa93f28c8d2581c82060ce176c3379a83e0913530a4d88d86456dcc6f3cdae4e0238f5784e991287667fba02b1e249e39c6b15ed55a1ead43f047b6753eaaa7151a27ab6c6b399756adef3774c6909865ce900fa63f88aa6c56e990a1f77dc914a067a7973d2d84b31319448ac918ae2fef335541d2179d3cacab1a217ba5e4afe4003c78e7d7af51326feff74f20832646d6efd7852fc6384e8b53485c35a0cb44a4e04b0b6a2e4c3386cfba0ddcee51340f693bd6be2aefc54f524023763818fd698448f352753561d46cbbf1517aa58aa38b07497a6a59afbf30815642b810cb22497a2fac6a1ae0a81d9b142db88f19e10d973a9c92d5e26a14fd626913415cc8df127b548010c689dedca6c38883d1e6b98757fbd49c3617da26fdfce87a3607c84e01da77463377d5a1b9be1292ed4ad0f8e7ac8623da247c5a8258742b4837c3705689614963df7ab638bdb31fdd01de446c9115f058b780a50ca4f16d7241374811bde9e1fa98163099297496fd6243e43d5f660b84f5bbe797728d597ea1ac7be4ae3aec2760fe12328332bcabd2ecb328c7fe59c5908cc174bb9af97fc39a5163faf7393f33e599760b0d3811195385283a232dda3a5e537b4c1944fbaa60e8e96f7f4bf44c0838c2757998c0a257d9abecec9b323becf3cc36d945be1181f90662d1658e0ab9f3a2dcfd5cd56f568706ee47e52818e5578eb20e3eda982e66d2786c2ba21be2f0ca6af3392cab34b5991d207b4bdd2b6b31cfe7a509aeddc72ea4bd259cd7960bbedc28ee2e79518aa607d8bca1b572aa16e27d3b5da20d2f6980d8910be2656144772ebd9afccfbec554aafea7728a0f7ffad75c5e05c9b19c88141cfc3a2d44dda628d2fea772dc219e442e4ec707530b7d09972555e72c7665d5cd072520da0c35ac530bdc76069a91f22b33ddd53dbcd9994ce4563f57ecbf1eac49fc0553520c2069898e69d9d90e674e23d0d4dd164020ada0b9b191b2adee36461ec4286c2a7c087751ec32ff86ac2cf70e6e83dea6255e99fc1b3fb05a3d1e0a21323b134f5d1f1cade907"}}}}}}, 0x0)

4.270051728s ago: executing program 6 (id=773):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x10001}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @empty}], 0x10)
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000040)={0x0, 0x5}, 0x8)
sendmsg$inet_sctp(r0, &(0x7f0000000140)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000000)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x4000891)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000020c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="0600"], 0xfe0d)

4.207534652s ago: executing program 8 (id=774):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x1, 0x7}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f00000021c0)={'ip6gre0\x00', r1, 0x4, 0xc, 0x81, 0x9e1f, 0x61, @private2, @loopback, 0x8015, 0x80, 0x81, 0x7fffffff}})
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
close(r2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x1e, &(0x7f0000000480)=0x400000001, 0x4)
setsockopt$inet6_tcp_int(r3, 0x6, 0x22, &(0x7f0000356000)=0x1, 0x4)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020d00051400000000000000000000000800120000000200c06b6e000000000006000000000000000000000000000000e00000020000000000000000000000000000000000000000000000000000000105000500008000000a00000000000000000000000000000000000000000000010000000000000000050006"], 0xa0}}, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x2000c000, 0x0, 0x0)

4.005943061s ago: executing program 7 (id=775):
r0 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x22020600)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040))
ioctl$AUTOFS_IOC_CATATONIC(0xffffffffffffffff, 0x9362, 0x0)
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/mnt\x00')
setns(r1, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

3.940486213s ago: executing program 5 (id=776):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe4000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x40, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000140)=@arm64={0x3, 0xf, 0x6, '\x00', 0x99})

3.271460866s ago: executing program 8 (id=777):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80400, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x15)
close_range(r1, 0xffffffffffffffff, 0x0)

2.978257614s ago: executing program 7 (id=778):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x8, 0x4)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

2.609260233s ago: executing program 6 (id=779):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r1, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0)
ppoll(&(0x7f0000000200)=[{r1, 0x116}], 0x1, 0x0, 0x0, 0x0)
recvfrom$unix(r1, 0x0, 0x0, 0x2022, 0x0, 0x0)
readv(r0, &(0x7f0000000000)=[{0x0}], 0x1)

2.502514737s ago: executing program 3 (id=780):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x40000000, 0x0, 0x0}, 0x0)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="b0"], 0xb0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000c40)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x600000000000000, 0x7, 0x0, 0x20000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x80000, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000005, 0x7ff, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x1, 0x3, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x80, 0x8, 0x2000000, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x2, 0x8b1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x100000000, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, 0xfffffffc, 0x7, 0x4]})

2.359153785s ago: executing program 8 (id=781):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000300)={r1, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r2, 0x0, 0x0, 0x1f5, 0x0, 0x0, {0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, "b4bc323ef77d1f000071849800000000dfff00"}})

2.200994937s ago: executing program 5 (id=782):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x20, 0x0, 0x0, 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000002c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f000000c400)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, 0x0, 0x0, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="600100000000000001000000000000000200000000000000020000000000000007000000000000006a0900000000000001000080000000000500000000000000010000000000000001000000000000007d000000000000000900000000000000ef26000000000000001000000c0000000000001800d0000009000000", @ANYRES32=r2, @ANYRES32=0x0, @ANYBLOB="1900000080000000000000000100000000000000c40a00000000000002000000020000002e2e000000000000040000000000000000000000000000001c00000000000000060000000000000005000000b50b000003000000000000000400000000000000010400000000000009000000000000000e00000000000000010000000000000004000000060000000200000000600000c70b0000", @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="0200020005000000000001000000000000000000060000000000000013"], 0x0, 0x0, 0x0})
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
getdents64(r4, &(0x7f0000000000)=""/39, 0x27)

2.062198259s ago: executing program 7 (id=783):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322020, 0x0, 0x1, 0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

1.546223212s ago: executing program 8 (id=784):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000600)={0x4c, 0x0, &(0x7f0000000500)=[@reply_sg={0x40486312, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000440)={@flat=@binder={0x73622a85, 0x1000, 0x51c2}, @fd={0x66642a85, 0x0, r1}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0x30}}, &(0x7f00000002c0)={0x0, 0x18, 0x30}}, 0x400}], 0x0, 0x0, 0x0})

1.439512786s ago: executing program 7 (id=785):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f00000000c0)='pids.max\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000380)=ANY=[@ANYBLOB='-', @ANYRESOCT, @ANYRESDEC], 0x27)

1.390437071s ago: executing program 3 (id=786):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180200000004000000000000000000008500000036000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r2, r1, 0x25, 0x0, @val=@tracing}, 0x40)
syz_emit_ethernet(0xbce, &(0x7f0000001780)={@multicast, @empty, @void, {@ipv6={0x86dd, @dccp_packet={0x6, 0x6, "f9720c", 0xb98, 0x21, 0xff, @remote, @remote, {[], {{0x4e20, 0x4e23, 0x4, 0x1, 0x9, 0x0, 0x0, 0x0, 0x1, "304f97", 0xce, "458db3"}, "c74fbd84f4907aa79cba7beb24c85ead9f842e77bfead1d6f16bb0096370ba967039b817eb1a79c9788da7a5332fed3d5d02fbb7ea98b20c8fad711985d003abd4972cb24eb128c5e3d02ecba1052da73e445304409ede6258497e7effd910543df067de3cbacc11ae483bae33db3f8d029af5982f4e36c6cad65b8a31ce565fbf51dc5e7756d13eccb8718860feb29188f516d2e9953869d440d0dcdb6440c43babaebf94807893479a555a56afd2cc2add215bc87da12dfbd2fc64895c81985de3d0185c938be2198466304a246e63b8f41f56199d9eaad727d743d5f4ab216a3ca7fa9d56ff56963b26b1e5a6ce1cbbf916d0c2e79c1cee646fedd8ad19879d4f6f4fec6493d61e9cf71980d6061063ac06437c68e50791bef8282cb3f3741994ffa4caa71c54d1d60c36e1456f3f18aea4bf074884093ff9c815efed322d53f2b06edd0bd1a498e3b5996facc5c65691db241c21b11a4d0614b654c1fd4d9c45e5dfdf4617eff3855620eee29e47d58db988e5fa99c624b2ef28fb8b44d5de59478417500f1b05c3f0f8dd09c90ae73b5169b0495ebdbc7d33aefa3110cb2462092a5c914a643fd33b2cb9076def37d1c7b5b7b04450502adc96fad6f8066e6d02128c3786d61ab6a56f49d6add81015f166dd989fdce1f40cb2ffdd97c3b3658cfad4a108a748e9513b129e7788bf5cd902f6f7a0fa498be0e809ac0c70a0f8bcc0face8ff158ec82212d212ffb9e1a65e4fbf451e6c8cf48719ba797930ba7f5dad28ef330a8e188275e78fdf1196e55bf7d0bda883f0d51323a54d624207976756def5f49bf3cf87df7333dc982945fe167de9bbc58cd28434d85ba8d151416d0b497c84ed4c8f1387eb26f9dd2cabca5c9b11d085aa48fb990a8780e808da4a5a35fc31153cb582358e9c8a2d7d910321dc95c9ec877dd75c9e1b59da214eea01bd90e428dea49d5b428d94e1078674ac83af4a2aebe513b06ca5caadf9faf046f83c2f3998bd80f713a63faa163063160c2fd50ad7640d73d9f366c2aed7469bdafd66c95527d6cb1b16f20b9c93775900d0bdde719c52da05362b3346e1b6e826e8be7959fe53798db79374dc253853d9cfc8ac454500b7dafb98cdf6f32c27786d76a6a2fff93950a0b4f872afd0f787039cb577f255e1b0a9a672ec068f2167c6270c365be37d80971921d364a385c090b4dae2f29d12b11bbda19f2e34b45fab5b9594fe6a81953961e391c5793389a9f590cccf11dec72268832d16e874ce505efdf67da71ff00e791bd244cacee2869030b1be148118b171c948747ee3dee6ef4817d104d228ea70b2f7d390ac1ccf35c48a2a09d97b1767594f6574690e02ae72805df3f1da5113138992895fe0849e6a588b4d49bb50f4154e8e71d816fdd03139d6f1ee106aa1da77c5724b21c6c92e9c901779ec17d9382c3f49407da714bb123467f340d429a84fb23d21fc7bfdb117135e00d90e2e7a54fd4dfbcc37216416ac49ae22a88caa2d0d5105a1763b85f76e1ff712dcdbeb51425d2b0801781b4a9ba37fc939259c408c25fe9b677abfca34ec8e4e579128adaf74407ebfa633a305057f25a0d59f57ed6de4096e07e89a2c18250b1e6a1c52ef62a222cca473b94f44f96ea6340f78791ec92276d45fc319915c5d625080a3399b99b4e72283f0399d97c4e5499b0f468aecdd9abc7c2a9c05ed3dd1bbd20464eeda2891ac7243ada1f50064f483f519b20f7aee8858bb7be70e896b491bedc3fccf4c11a9db2feac0dbd6357e71b651a05e7de0da67af11338ff96a44c32951c72fdc15efa7d339fb6a0780f8e0ce90dbccffb7d2009025e4c4990b7223934009356e1ba5867ea81a61a718b834bab8135a2b9141f8d8141013a1896b2b7163a93bf3084f90bdce392b0e04d8688ec89b6dfbc5eff9b79d65a8a5e46c6c8e07645cd749d0d4ae2dae6a35d1cc6d4de5f35e10376bfb88b3bcd06abe7ecc827414d6517014bad8935568d5b016eccc23d6f9a5bf722c660f2105a315291005f79a769f59830aabb68721e3768433f546bf5c3a79c205769d5c5ea37296e8b933faea982920416a952dab169fb54d978d9868842e326941658c791778f8119aed8e805fd9dc8ed6629bd71d02771b50b882ef45ec526b99347be98d57fec6e625358f355d38f248b3e36c7a6a2d4ca6ba0dd3ef01da79c1ed0366816eda48464309e9df9e3a525e9427cf15ac2efbb62c9ff9b9fc760e11bbe1c5c29b2df6c33c902a57fbc27bdfd9f2208e4363e2e0e3aecaf2cc36dc20d5482542e74cf497c80919151070f22e2f90b67cdf9cbc2ebb3960d8d50af7e7fc2e8768645c216a8be1bf95319b7297c261ef78e7689bd9e379b65c8d060c28f88a7835a1ab682f295eef0b2ddabcb8198efa3ec8b169ac3be625de0a094d4f9834c579749f31d369972e1bd0bd650a7c1c720f7901eed6172804589011ba7d82ba38c980bc083d0a2fbb253891ebb8966efb1f5b78608aa9a6b0f734399fa877cee9396d832a44fc5247c6786042a536cc30ced6e30e0d71120319f1c9538e4e91213e363c21a1859436759b842e2773d213cb75e2cf52084284c867e6f5de45a2b12a5eb80ccfb2ebec1b63d7a5f8e297c80b410ce448738b0e0b3263719d0369eb9ad3168d44a8138ad0d2640a162c3f4fa64bc80b956394f8c0e711112812e429b1fef32ffc37e0977c7e6b799ff26dc590209906e97de60d40d73a7386a7e60368e412d9ff731f7cce9c2db3da5213887d1e1a2a30ca874aa4eb27825a2dc234eeab353f710088cd7fbedeb76afdf26aa745e1dd27c6c7a76587dc3628c74c77307e459452eafd79746d5aea4dd2fb9ff8d07d783c03f3c56aa75507eae99c0200487b8e681520360a7a4ee5462f99a25fcd91886104588cb1887de6eff1857fa355bfac32085baa3c4a4333e8bbf9b7b0e373c3af39ee1854a7f4d583b3ecf98cc3878dbcd088a26ea4e6cd686a1cbfb3a17a18c5529231c86dcf60da64cc15100a07f3198df2c06b4424ac25706fd455b81fbd47528bf28cbb5c35e71982b0be70841e4eaf5d6496fb497fa55fd209d5d0faa95c9c21aa93f28c8d2581c82060ce176c3379a83e0913530a4d88d86456dcc6f3cdae4e0238f5784e991287667fba02b1e249e39c6b15ed55a1ead43f047b6753eaaa7151a27ab6c6b399756adef3774c6909865ce900fa63f88aa6c56e990a1f77dc914a067a7973d2d84b31319448ac918ae2fef335541d2179d3cacab1a217ba5e4afe4003c78e7d7af51326feff74f20832646d6efd7852fc6384e8b53485c35a0cb44a4e04b0b6a2e4c3386cfba0ddcee51340f693bd6be2aefc54f524023763818fd698448f352753561d46cbbf1517aa58aa38b07497a6a59afbf30815642b810cb22497a2fac6a1ae0a81d9b142db88f19e10d973a9c92d5e26a14fd626913415cc8df127b548010c689dedca6c38883d1e6b98757fbd49c3617da26fdfce87a3607c84e01da77463377d5a1b9be1292ed4ad0f8e7ac8623da247c5a8258742b4837c3705689614963df7ab638bdb31fdd01de446c9115f058b780a50ca4f16d7241374811bde9e1fa98163099297496fd6243e43d5f660b84f5bbe797728d597ea1ac7be4ae3aec2760fe12328332bcabd2ecb328c7fe59c5908cc174bb9af97fc39a5163faf7393f33e599760b0d3811195385283a232dda3a5e537b4c1944fbaa60e8e96f7f4bf44c0838c2757998c0a257d9abecec9b323becf3cc36d945be1181f90662d1658e0ab9f3a2dcfd5cd56f568706ee47e52818e5578eb20e3eda982e66d2786c2ba21be2f0ca6af3392cab34b5991d207b4bdd2b6b31cfe7a509aeddc72ea4bd259cd7960bbedc28ee2e79518aa607d8bca1b572aa16e27d3b5da20d2f6980d8910be2656144772ebd9afccfbec554aafea7728a0f7ffad75c5e05c9b19c88141cfc3a2d44dda628d2fea772dc219e442e4ec707530b7d09972555e72c7665d5cd072520da0c35ac530bdc76069a91f22b33ddd53dbcd9994ce4563f57ecbf1eac49fc0553520c2069898e69d9d90e674e23d0d4dd164020ada0b9b191b2adee36461ec4286c2a7c087751ec32ff86ac2cf70e6e83dea6255e99fc1b3fb05a3d1e0a21323b134f5d1f1cade907"}}}}}}, 0x0)

955.613777ms ago: executing program 6 (id=787):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008081}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})

841.830836ms ago: executing program 5 (id=788):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000000)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="61030604f50180f26a2f01"], 0xb)

704.805596ms ago: executing program 3 (id=789):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x10001}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @empty}], 0x10)
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000040)={0x0, 0x5}, 0x8)
sendmsg$inet_sctp(r0, &(0x7f0000000140)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000000)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x4000891)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000020c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="0600"], 0xfe0d)

453.591248ms ago: executing program 7 (id=790):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ff9}]})
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 8 (id=791):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80400, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x15)
close_range(r1, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.45' (ED25519) to the list of known hosts.
[  193.919853][ T5785] cgroup: Unknown subsys name 'net'
[  194.056466][ T5785] cgroup: Unknown subsys name 'cpuset'
[  194.072526][ T5785] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  200.477148][ T5785] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  204.668904][   T49] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  204.678058][   T49] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  204.687443][   T49] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  204.699653][   T49] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  204.710239][   T49] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  204.887904][ T5099] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  204.984838][ T5099] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  204.994613][ T5099] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  205.008899][ T5099] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  205.020800][ T5099] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  205.265843][ T5099] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  205.273823][ T5099] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  205.286409][ T5099] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  205.297476][ T5099] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  205.307348][ T5099] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  205.332286][ T5817] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  205.351678][ T5815] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  205.354426][ T5817] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  205.368430][ T5815] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  205.371238][ T5817] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  205.384770][ T5815] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  205.426244][ T5817] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  205.439620][ T5817] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  205.476507][ T5817] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  205.490083][ T5817] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  206.094171][ T5801] chnl_net:caif_netlink_parms(): no params data found
[  206.745038][ T5817] Bluetooth: hci0: command tx timeout
[  206.990324][ T5805] chnl_net:caif_netlink_parms(): no params data found
[  207.096084][ T5813] chnl_net:caif_netlink_parms(): no params data found
[  207.216403][ T5817] Bluetooth: hci1: command tx timeout
[  207.460401][ T5817] Bluetooth: hci2: command tx timeout
[  207.460971][ T5099] Bluetooth: hci3: command tx timeout
[  207.469584][ T5801] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.480775][ T5801] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.488574][ T5801] bridge_slave_0: entered allmulticast mode
[  207.498617][ T5801] bridge_slave_0: entered promiscuous mode
[  207.512989][ T5818] chnl_net:caif_netlink_parms(): no params data found
[  207.535163][ T5099] Bluetooth: hci4: command tx timeout
[  207.626740][ T5811] chnl_net:caif_netlink_parms(): no params data found
[  207.649681][ T5801] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.657362][ T5801] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.665290][ T5801] bridge_slave_1: entered allmulticast mode
[  207.675187][ T5801] bridge_slave_1: entered promiscuous mode
[  208.005777][ T5801] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  208.209067][ T5801] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  208.221862][ T5805] bridge0: port 1(bridge_slave_0) entered blocking state
[  208.230122][ T5805] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.238181][ T5805] bridge_slave_0: entered allmulticast mode
[  208.247931][ T5805] bridge_slave_0: entered promiscuous mode
[  208.470792][ T5805] bridge0: port 2(bridge_slave_1) entered blocking state
[  208.479174][ T5805] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.487077][ T5805] bridge_slave_1: entered allmulticast mode
[  208.496820][ T5805] bridge_slave_1: entered promiscuous mode
[  208.592690][ T5801] team0: Port device team_slave_0 added
[  208.709190][ T5801] team0: Port device team_slave_1 added
[  208.777068][ T5805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  208.817229][ T5813] bridge0: port 1(bridge_slave_0) entered blocking state
[  208.824850][ T5099] Bluetooth: hci0: command tx timeout
[  208.831125][ T5813] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.839222][ T5813] bridge_slave_0: entered allmulticast mode
[  208.849240][ T5813] bridge_slave_0: entered promiscuous mode
[  208.948436][ T5805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  209.005580][ T5813] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.013191][ T5813] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.023901][ T5813] bridge_slave_1: entered allmulticast mode
[  209.034610][ T5813] bridge_slave_1: entered promiscuous mode
[  209.238859][ T5801] batman_adv: batadv0: Adding interface: batadv_slave_0
[  209.246246][ T5801] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  209.273452][ T5801] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  209.294671][ T5099] Bluetooth: hci1: command tx timeout
[  209.323668][ T5811] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.332149][ T5811] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.340005][ T5811] bridge_slave_0: entered allmulticast mode
[  209.349537][ T5811] bridge_slave_0: entered promiscuous mode
[  209.436060][ T5801] batman_adv: batadv0: Adding interface: batadv_slave_1
[  209.443304][ T5801] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  209.470870][ T5801] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  209.491495][ T5805] team0: Port device team_slave_0 added
[  209.520618][ T5811] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.528427][ T5811] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.535421][ T5099] Bluetooth: hci3: command tx timeout
[  209.536987][ T5811] bridge_slave_1: entered allmulticast mode
[  209.541566][ T5099] Bluetooth: hci2: command tx timeout
[  209.551706][ T5811] bridge_slave_1: entered promiscuous mode
[  209.563901][ T5818] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.572062][ T5818] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.579877][ T5818] bridge_slave_0: entered allmulticast mode
[  209.588697][ T5818] bridge_slave_0: entered promiscuous mode
[  209.611375][ T5813] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  209.614846][ T5817] Bluetooth: hci4: command tx timeout
[  209.630345][ T5805] team0: Port device team_slave_1 added
[  209.648136][ T5813] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  209.741378][ T5818] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.749136][ T5818] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.757292][ T5818] bridge_slave_1: entered allmulticast mode
[  209.766635][ T5818] bridge_slave_1: entered promiscuous mode
[  210.098266][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.105952][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.133370][ T5805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  210.157508][ T5811] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  210.224065][ T5813] team0: Port device team_slave_0 added
[  210.273573][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_1
[  210.280988][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.307796][ T5805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  210.329589][ T5811] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  210.352212][ T5818] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  210.370303][ T5813] team0: Port device team_slave_1 added
[  210.403206][ T5801] hsr_slave_0: entered promiscuous mode
[  210.413690][ T5801] hsr_slave_1: entered promiscuous mode
[  210.483610][ T5818] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  210.613535][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.621146][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.647669][ T5813] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  210.705799][ T5811] team0: Port device team_slave_0 added
[  210.726562][ T5811] team0: Port device team_slave_1 added
[  210.776598][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_1
[  210.783751][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.810577][ T5813] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  210.904934][ T5817] Bluetooth: hci0: command tx timeout
[  211.008448][ T5818] team0: Port device team_slave_0 added
[  211.028085][ T5818] team0: Port device team_slave_1 added
[  211.129806][ T5805] hsr_slave_0: entered promiscuous mode
[  211.140206][ T5805] hsr_slave_1: entered promiscuous mode
[  211.149938][ T5805] debugfs: 'hsr0' already exists in 'hsr'
[  211.156865][ T5805] Cannot create hsr debugfs directory
[  211.226643][ T5811] batman_adv: batadv0: Adding interface: batadv_slave_0
[  211.233785][ T5811] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.261242][ T5811] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  211.279035][ T5811] batman_adv: batadv0: Adding interface: batadv_slave_1
[  211.286322][ T5811] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.313394][ T5811] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  211.375093][ T5817] Bluetooth: hci1: command tx timeout
[  211.560930][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_0
[  211.569008][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.595540][ T5818] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  211.616851][ T5817] Bluetooth: hci2: command tx timeout
[  211.617414][ T5099] Bluetooth: hci3: command tx timeout
[  211.685498][ T5813] hsr_slave_0: entered promiscuous mode
[  211.694536][ T5099] Bluetooth: hci4: command tx timeout
[  211.696006][ T5813] hsr_slave_1: entered promiscuous mode
[  211.709058][ T5813] debugfs: 'hsr0' already exists in 'hsr'
[  211.715229][ T5813] Cannot create hsr debugfs directory
[  211.759488][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_1
[  211.766837][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.793436][ T5818] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  211.928835][ T5811] hsr_slave_0: entered promiscuous mode
[  211.939959][ T5811] hsr_slave_1: entered promiscuous mode
[  211.948715][ T5811] debugfs: 'hsr0' already exists in 'hsr'
[  211.954910][ T5811] Cannot create hsr debugfs directory
[  212.455373][ T5818] hsr_slave_0: entered promiscuous mode
[  212.466117][ T5818] hsr_slave_1: entered promiscuous mode
[  212.475751][ T5818] debugfs: 'hsr0' already exists in 'hsr'
[  212.481991][ T5818] Cannot create hsr debugfs directory
[  212.995726][ T5099] Bluetooth: hci0: command tx timeout
[  213.432856][ T5801] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  213.454691][ T5099] Bluetooth: hci1: command tx timeout
[  213.479465][ T5801] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  213.542450][ T5801] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  213.622194][ T5801] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  213.721896][ T5099] Bluetooth: hci2: command tx timeout
[  213.728137][ T5099] Bluetooth: hci3: command tx timeout
[  213.774777][ T5099] Bluetooth: hci4: command tx timeout
[  213.837291][ T5805] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  214.016301][ T5805] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  214.047614][ T5811] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  214.091370][ T5805] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  214.133186][ T5811] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  214.177031][ T5813] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  214.201216][ T5805] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  214.332839][ T5811] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  214.360744][ T5813] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  214.386137][ T5811] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  214.424068][ T5818] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  214.497770][ T5813] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  214.540971][ T5818] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  214.580997][ T5813] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  214.629040][ T5818] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  214.698758][ T5818] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  215.206203][ T5801] 8021q: adding VLAN 0 to HW filter on device bond0
[  215.513260][ T5811] 8021q: adding VLAN 0 to HW filter on device bond0
[  215.618750][ T5801] 8021q: adding VLAN 0 to HW filter on device team0
[  215.703066][ T4392] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.710864][ T4392] bridge0: port 1(bridge_slave_0) entered forwarding state
[  215.760443][ T5805] 8021q: adding VLAN 0 to HW filter on device bond0
[  215.832138][ T1130] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.839978][ T1130] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.907063][ T5811] 8021q: adding VLAN 0 to HW filter on device team0
[  215.936705][ T5805] 8021q: adding VLAN 0 to HW filter on device team0
[  216.016280][ T1130] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.023899][ T1130] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.154065][ T1130] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.161764][ T1130] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.178995][ T1130] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.186685][ T1130] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.213759][ T1130] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.221391][ T1130] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.386192][ T5818] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.613191][ T5813] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.638686][ T5818] 8021q: adding VLAN 0 to HW filter on device team0
[  216.797705][ T3926] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.805683][ T3926] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.895309][ T5805] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  216.941450][ T3926] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.949524][ T3926] bridge0: port 2(bridge_slave_1) entered forwarding state
[  217.013366][ T5813] 8021q: adding VLAN 0 to HW filter on device team0
[  217.176713][ T3926] bridge0: port 1(bridge_slave_0) entered blocking state
[  217.184494][ T3926] bridge0: port 1(bridge_slave_0) entered forwarding state
[  217.397274][ T5818] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  217.408208][ T5818] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  217.491530][ T3926] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.499390][ T3926] bridge0: port 2(bridge_slave_1) entered forwarding state
[  218.982080][ T5801] 8021q: adding VLAN 0 to HW filter on device batadv0
[  219.138769][ T5811] 8021q: adding VLAN 0 to HW filter on device batadv0
[  219.211770][ T5805] 8021q: adding VLAN 0 to HW filter on device batadv0
[  219.572727][ T5801] veth0_vlan: entered promiscuous mode
[  219.645829][ T5818] 8021q: adding VLAN 0 to HW filter on device batadv0
[  219.793820][ T5801] veth1_vlan: entered promiscuous mode
[  219.828764][ T5811] veth0_vlan: entered promiscuous mode
[  219.927977][ T5813] 8021q: adding VLAN 0 to HW filter on device batadv0
[  219.952797][ T5805] veth0_vlan: entered promiscuous mode
[  220.009245][ T5811] veth1_vlan: entered promiscuous mode
[  220.195392][ T5801] veth0_macvtap: entered promiscuous mode
[  220.235363][ T5805] veth1_vlan: entered promiscuous mode
[  220.263995][ T5801] veth1_macvtap: entered promiscuous mode
[  220.468130][ T5818] veth0_vlan: entered promiscuous mode
[  220.492618][ T5811] veth0_macvtap: entered promiscuous mode
[  220.548132][ T5801] batman_adv: batadv0: Interface activated: batadv_slave_0
[  220.584013][ T5811] veth1_macvtap: entered promiscuous mode
[  220.625460][ T5801] batman_adv: batadv0: Interface activated: batadv_slave_1
[  220.659191][ T5818] veth1_vlan: entered promiscuous mode
[  220.785065][ T4056] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  220.830925][ T4056] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  220.898542][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_0
[  220.912131][ T5805] veth0_macvtap: entered promiscuous mode
[  220.927844][ T4056] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  220.980637][ T4056] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  221.000538][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_1
[  221.051249][ T5805] veth1_macvtap: entered promiscuous mode
[  221.159465][ T4392] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  221.177441][ T5818] veth0_macvtap: entered promiscuous mode
[  221.214933][ T4392] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  221.258506][ T4056] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  221.283365][ T5818] veth1_macvtap: entered promiscuous mode
[  221.310762][ T4056] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  221.357871][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_0
[  221.439065][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_1
[  221.565553][ T4392] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  221.605713][ T4392] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  221.632847][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_0
[  221.677320][   T35] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  221.725579][   T35] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  221.750101][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_1
[  221.858398][   T35] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  221.907036][   T35] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  221.965600][   T35] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  221.998194][   T35] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  223.413086][ T5813] veth0_vlan: entered promiscuous mode
[  223.598866][ T5813] veth1_vlan: entered promiscuous mode
[  224.013482][ T5813] veth0_macvtap: entered promiscuous mode
[  224.116708][ T5813] veth1_macvtap: entered promiscuous mode
[  224.380259][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_0
[  224.478561][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_1
[  224.660223][ T1130] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  224.729064][ T1130] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  224.804893][ T1130] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  224.836912][ T1130] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  228.448809][ T4797] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.457124][ T4797] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  228.622993][ T4002] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.631515][ T4002] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  228.702415][ T4797] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.710812][ T4797] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  228.960934][ T4002] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.970149][ T4002] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  229.147589][ T5801] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  229.402015][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  229.410385][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  229.619458][ T4797] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  229.627983][ T4797] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  229.698229][ T5985] loop0: detected capacity change from 0 to 1024
[  229.800916][ T5985] EXT4-fs: Ignoring removed bh option
[  229.866718][ T5985] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  229.978896][ T4002] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  229.988134][ T4002] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  230.055243][ T5985] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.226128][   T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  230.234537][   T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  230.657307][ T5801] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.987501][ T6000] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  231.094977][ T6001] loop1: detected capacity change from 0 to 1024
[  231.126908][ T6001] =======================================================
[  231.126908][ T6001] WARNING: The mand mount option has been deprecated and
[  231.126908][ T6001]          and is ignored by this kernel. Remove the mand
[  231.126908][ T6001]          option from the mount to silence this warning.
[  231.126908][ T6001] =======================================================
[  231.332957][ T6001] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.351996][ T6001] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  232.029720][ T1130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  232.038203][ T1130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  232.081267][ T5805] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.228997][ T4002] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  232.238075][ T4002] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  232.853827][ T6028] loop1: detected capacity change from 0 to 128
[  233.125524][ T6033] loop3: detected capacity change from 0 to 128
[  233.879940][ T6038] loop4: detected capacity change from 0 to 1024
[  233.880756][ T6033] syz.3.14: attempt to access beyond end of device
[  233.880756][ T6033] loop3: rw=2049, sector=129, nr_sectors = 8 limit=128
[  233.901241][ T6033] syz.3.14: attempt to access beyond end of device
[  233.901241][ T6033] loop3: rw=2049, sector=145, nr_sectors = 8 limit=128
[  233.919239][ T6033] syz.3.14: attempt to access beyond end of device
[  233.919239][ T6033] loop3: rw=2049, sector=161, nr_sectors = 8 limit=128
[  233.934200][ T6033] syz.3.14: attempt to access beyond end of device
[  233.934200][ T6033] loop3: rw=2049, sector=177, nr_sectors = 8 limit=128
[  233.941295][ T6038] EXT4-fs: Ignoring removed bh option
[  233.949345][ T6033] syz.3.14: attempt to access beyond end of device
[  233.949345][ T6033] loop3: rw=2049, sector=193, nr_sectors = 8 limit=128
[  233.968894][ T6033] syz.3.14: attempt to access beyond end of device
[  233.968894][ T6033] loop3: rw=2049, sector=209, nr_sectors = 8 limit=128
[  233.982913][ T6033] syz.3.14: attempt to access beyond end of device
[  233.982913][ T6033] loop3: rw=2049, sector=225, nr_sectors = 8 limit=128
[  233.997187][ T6033] syz.3.14: attempt to access beyond end of device
[  233.997187][ T6033] loop3: rw=2049, sector=241, nr_sectors = 8 limit=128
[  234.050856][ T6038] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  234.076886][ T6033] syz.3.14: attempt to access beyond end of device
[  234.076886][ T6033] loop3: rw=2049, sector=257, nr_sectors = 8 limit=128
[  234.177555][ T6038] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.397284][ T5813] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.935350][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  234.942035][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  235.269960][ T6058] loop4: detected capacity change from 0 to 1024
[  235.502550][ T6058] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.516010][ T6058] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.473800][ T5813] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.627578][ T6095] loop1: detected capacity change from 0 to 512
[  238.780125][ T6095] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.37: corrupted in-inode xattr: invalid ea_ino
[  238.896673][ T6095] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.37: couldn't read orphan inode 15 (err -117)
[  238.952876][ T6105] loop3: detected capacity change from 0 to 1024
[  238.965229][ T6095] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.089617][ T6105] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.102684][ T6105] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.278691][ T5805] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.487064][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.599140][ T6111] capability: warning: `syz.1.42' uses deprecated v2 capabilities in a way that may be insecure
[  243.071182][ T6154] loop3: detected capacity change from 0 to 512
[  243.270284][ T6153] loop2: detected capacity change from 0 to 1024
[  243.307442][ T6153] EXT4-fs: Ignoring removed bh option
[  243.339874][ T6154] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  243.353165][ T6154] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.381257][ T6153] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  243.578100][ T6153] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.688681][ T6164] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.60: iget: bad i_size value: 2533274857506816
[  243.767476][ T6163] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.60: iget: bad i_size value: 2533274857506816
[  244.296483][ T6167] loop4: detected capacity change from 0 to 1024
[  244.365352][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.399577][ T5811] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.507580][ T6167] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  244.520828][ T6167] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  244.875517][ T6049] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  245.048684][ T5813] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  245.941570][ T6180] loop4: detected capacity change from 0 to 1024
[  246.018649][ T6180] EXT4-fs: Ignoring removed bh option
[  246.162910][ T6180] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  246.652790][   T30] audit: type=1800 audit(1754622909.663:2): pid=6180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.67" name="bus" dev="loop4" ino=19 res=0 errno=0
[  247.252557][ T5813] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 16: block 81:freeing already freed block (bit 5); block bitmap corrupt.
[  247.274979][ T5813] EXT4-fs (loop4): Remounting filesystem read-only
[  247.308653][ T5813] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.497752][ T6197] loop3: detected capacity change from 0 to 1024
[  247.557796][ T6197] EXT4-fs: Ignoring removed orlov option
[  247.640540][ T6199] loop2: detected capacity change from 0 to 1024
[  247.758376][ T6197] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  247.875423][ T6199] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  247.876120][ T6199] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.995425][   T30] audit: type=1800 audit(1754622911.013:3): pid=6197 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.75" name="file1" dev="loop3" ino=15 res=0 errno=0
[  248.475498][ T5811] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  248.773352][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.830277][ T6214] loop4: detected capacity change from 0 to 128
[  249.593220][ T6220] loop3: detected capacity change from 0 to 1024
[  249.668059][ T6214] syz.4.80: attempt to access beyond end of device
[  249.668059][ T6214] loop4: rw=2049, sector=137, nr_sectors = 8 limit=128
[  249.689149][ T6214] syz.4.80: attempt to access beyond end of device
[  249.689149][ T6214] loop4: rw=2049, sector=153, nr_sectors = 8 limit=128
[  249.705624][ T6214] syz.4.80: attempt to access beyond end of device
[  249.705624][ T6214] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128
[  249.725543][ T6214] syz.4.80: attempt to access beyond end of device
[  249.725543][ T6214] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128
[  249.740328][ T6214] syz.4.80: attempt to access beyond end of device
[  249.740328][ T6214] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128
[  249.754431][ T6214] syz.4.80: attempt to access beyond end of device
[  249.754431][ T6214] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128
[  249.768749][ T6214] syz.4.80: attempt to access beyond end of device
[  249.768749][ T6214] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128
[  249.789724][ T6214] syz.4.80: attempt to access beyond end of device
[  249.789724][ T6214] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128
[  249.806195][ T6214] syz.4.80: attempt to access beyond end of device
[  249.806195][ T6214] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128
[  249.820286][ T6214] syz.4.80: attempt to access beyond end of device
[  249.820286][ T6214] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128
[  249.910347][ T6220] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.924553][ T6220] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.334881][ T6186] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  250.617521][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.473744][ T6235] loop1: detected capacity change from 0 to 1024
[  251.841577][ T6235] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  251.855089][ T6235] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.043709][ T6238] loop4: detected capacity change from 0 to 2048
[  252.452236][ T5805] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  252.880047][ T6251] loop3: detected capacity change from 0 to 128
[  253.176613][ T6254] loop0: detected capacity change from 0 to 1024
[  253.337758][ T6254] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.351763][ T6254] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  253.776740][ T5801] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.798301][ T6264] loop1: detected capacity change from 0 to 128
[  253.862865][ T6264] FAT-fs (loop1): Directory bread(block 11554) failed
[  253.874661][ T6264] FAT-fs (loop1): Directory bread(block 11555) failed
[  253.881717][ T6264] FAT-fs (loop1): Directory bread(block 11556) failed
[  253.895219][ T6264] FAT-fs (loop1): Directory bread(block 11557) failed
[  253.902277][ T6264] FAT-fs (loop1): Directory bread(block 11558) failed
[  253.909683][ T6264] FAT-fs (loop1): Directory bread(block 11559) failed
[  253.917014][ T6264] FAT-fs (loop1): Directory bread(block 11560) failed
[  253.924120][ T6264] FAT-fs (loop1): Directory bread(block 11561) failed
[  253.931841][ T6264] FAT-fs (loop1): Directory bread(block 11562) failed
[  253.939326][ T6264] FAT-fs (loop1): Directory bread(block 11563) failed
[  253.945636][ T6265] Zero length message leads to an empty skb
[  254.446198][ T6269] loop0: detected capacity change from 0 to 128
[  254.522602][ T6269] EXT4-fs: Ignoring removed nobh option
[  254.585185][ T6271] loop3: detected capacity change from 0 to 1024
[  254.666646][ T6269] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  254.795352][ T6269] ext4 filesystem being mounted at /11/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  254.818857][ T6271] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  254.833326][ T6271] ext4 filesystem being mounted at /19/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  255.470287][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  255.538871][ T6281] loop2: detected capacity change from 0 to 2048
[  255.741997][ T6284] loop1: detected capacity change from 0 to 2048
[  255.789481][ T5801] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  255.879415][ T6284]  loop1: p1 < > p3
[  255.905034][ T6284] loop1: p3 size 134217728 extends beyond EOD, truncated
[  256.885000][ T6297] loop4: detected capacity change from 0 to 1024
[  256.957861][ T6298] loop3: detected capacity change from 0 to 128
[  256.988382][ T5984] udevd[5984]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  257.027659][ T6015] udevd[6015]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  257.078585][ T6297] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.091767][ T6297] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.135091][ T6300] loop1: detected capacity change from 0 to 1024
[  257.282642][ T6300] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  257.297130][ T6300] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.565702][ T6298] bio_check_eod: 12 callbacks suppressed
[  257.565785][ T6298] syz.3.114: attempt to access beyond end of device
[  257.565785][ T6298] loop3: rw=2049, sector=137, nr_sectors = 8 limit=128
[  257.628314][ T6298] syz.3.114: attempt to access beyond end of device
[  257.628314][ T6298] loop3: rw=2049, sector=153, nr_sectors = 8 limit=128
[  257.849666][ T5813] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.021589][ T5974] udevd[5974]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  258.042914][ T6059] udevd[6059]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  258.057693][ T5805] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  259.101145][ T6319] loop0: detected capacity change from 0 to 2048
[  259.187476][ T6322] loop2: detected capacity change from 0 to 2048
[  259.405003][ T6322] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.997931][ T5811] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.694035][ T6342] loop2: detected capacity change from 0 to 1024
[  260.762603][ T6345] loop0: detected capacity change from 0 to 128
[  260.853664][ T6339] loop4: detected capacity change from 0 to 2048
[  260.905991][ T6342] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  260.919619][ T6342] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  261.009296][ T6339]  loop4: p1 < > p3
[  261.062663][ T6339] loop4: p3 size 134217728 extends beyond EOD, truncated
[  261.628236][ T5811] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  262.591870][ T6364] loop2: detected capacity change from 0 to 2048
[  262.756066][ T6367] loop4: detected capacity change from 0 to 1024
[  262.945344][ T6367] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  262.959658][ T6367] ext4 filesystem being mounted at /26/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  263.789033][ T5813] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  265.716206][ T6393] loop0: detected capacity change from 0 to 512
[  265.753679][ T6390] loop3: detected capacity change from 0 to 4096
[  265.842460][ T6393] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.148: corrupted in-inode xattr: invalid ea_ino
[  265.870003][ T5817] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  265.881482][ T5817] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  265.897673][ T6393] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.148: couldn't read orphan inode 15 (err -117)
[  265.911815][ T5817] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  265.962303][ T5817] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  265.985176][ T5817] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  265.999427][ T6390] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.006927][ T6393] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.455764][ T5801] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.880848][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.195153][ T6406] loop2: detected capacity change from 0 to 2048
[  267.603086][ T4797] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.820190][ T4797] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.955662][ T6395] chnl_net:caif_netlink_parms(): no params data found
[  268.081360][ T4797] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.099658][ T5817] Bluetooth: hci1: command tx timeout
[  268.306448][ T4797] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.875677][ T4797] bridge_slave_1: left allmulticast mode
[  268.881842][ T4797] bridge_slave_1: left promiscuous mode
[  268.889355][ T4797] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.940326][ T4797] bridge_slave_0: left allmulticast mode
[  268.946453][ T4797] bridge_slave_0: left promiscuous mode
[  268.953179][ T4797] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.627335][ T4797] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  269.668014][ T4797] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  269.685118][ T4797] bond0 (unregistering): Released all slaves
[  270.186652][ T5817] Bluetooth: hci1: command tx timeout
[  270.373512][ T4797] hsr_slave_0: left promiscuous mode
[  270.397515][ T4797] hsr_slave_1: left promiscuous mode
[  270.409024][ T4797] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  270.417095][ T4797] batman_adv: batadv0: Removing interface: batadv_slave_0
[  270.436312][ T4797] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  270.444067][ T4797] batman_adv: batadv0: Removing interface: batadv_slave_1
[  270.510643][ T4797] veth1_macvtap: left promiscuous mode
[  270.518940][ T4797] veth0_macvtap: left promiscuous mode
[  270.525313][ T4797] veth1_vlan: left promiscuous mode
[  270.531003][ T4797] veth0_vlan: left promiscuous mode
[  271.401238][ T6430] loop2: detected capacity change from 0 to 512
[  271.632029][ T6430] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.158: corrupted in-inode xattr: invalid ea_ino
[  271.795275][ T6430] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.158: couldn't read orphan inode 15 (err -117)
[  271.826386][ T6430] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  271.885743][ T5099] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  271.898374][ T5099] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  271.911442][ T5099] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  271.948674][ T5099] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  271.970993][ T5099] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  272.004664][ T4797] team0 (unregistering): Port device team_slave_1 removed
[  272.076954][ T4797] team0 (unregistering): Port device team_slave_0 removed
[  272.296442][ T5099] Bluetooth: hci1: command tx timeout
[  272.612196][ T5811] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.643403][ T6395] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.653516][ T6395] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.661533][ T6395] bridge_slave_0: entered allmulticast mode
[  272.671288][ T6395] bridge_slave_0: entered promiscuous mode
[  272.945685][ T6395] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.953541][ T6395] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.961918][ T6395] bridge_slave_1: entered allmulticast mode
[  272.972675][ T6395] bridge_slave_1: entered promiscuous mode
[  273.293446][ T6395] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  273.478246][ T6395] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  273.864809][ T6395] team0: Port device team_slave_0 added
[  273.926081][ T6395] team0: Port device team_slave_1 added
[  274.126636][ T5099] Bluetooth: hci0: command tx timeout
[  274.320132][ T6395] batman_adv: batadv0: Adding interface: batadv_slave_0
[  274.327642][ T6395] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  274.361443][ T6395] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  274.377225][ T5099] Bluetooth: hci1: command tx timeout
[  274.390912][ T6395] batman_adv: batadv0: Adding interface: batadv_slave_1
[  274.398542][ T6395] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  274.425445][ T6395] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  274.885413][ T6395] hsr_slave_0: entered promiscuous mode
[  274.896401][ T6395] hsr_slave_1: entered promiscuous mode
[  274.987092][ T6439] chnl_net:caif_netlink_parms(): no params data found
[  276.127439][ T6395] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  276.175283][ T5099] Bluetooth: hci0: command tx timeout
[  276.226433][ T6395] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  276.366519][ T6395] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  276.609536][ T6395] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  276.860728][ T6439] bridge0: port 1(bridge_slave_0) entered blocking state
[  276.870391][ T6439] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.878524][ T6439] bridge_slave_0: entered allmulticast mode
[  276.888993][ T6439] bridge_slave_0: entered promiscuous mode
[  277.053186][ T6439] bridge0: port 2(bridge_slave_1) entered blocking state
[  277.061534][ T6439] bridge0: port 2(bridge_slave_1) entered disabled state
[  277.069599][ T6439] bridge_slave_1: entered allmulticast mode
[  277.079577][ T6439] bridge_slave_1: entered promiscuous mode
[  277.396060][ T5817] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  277.416353][ T5817] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  277.472778][ T5817] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  277.501172][ T5817] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  277.532013][ T5817] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  277.670266][ T6439] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  277.713898][ T6439] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  277.806776][ T6482] loop4: detected capacity change from 0 to 512
[  278.236088][ T6482] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.170: corrupted in-inode xattr: invalid ea_ino
[  278.276353][ T5099] Bluetooth: hci0: command tx timeout
[  278.322476][ T6482] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.170: couldn't read orphan inode 15 (err -117)
[  278.375582][ T6439] team0: Port device team_slave_0 added
[  278.407221][ T6482] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  278.523532][ T6439] team0: Port device team_slave_1 added
[  278.883549][ T6439] batman_adv: batadv0: Adding interface: batadv_slave_0
[  278.891444][ T6439] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.932734][ T6439] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  278.988895][ T6439] batman_adv: batadv0: Adding interface: batadv_slave_1
[  278.996877][ T6439] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.998236][ T5813] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.024650][ T6439] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  279.615647][ T5099] Bluetooth: hci2: command tx timeout
[  279.623572][   T30] audit: type=1326 audit(1754622942.643:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6495 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67298ebe9 code=0x7ffc0000
[  279.651700][ T6439] hsr_slave_0: entered promiscuous mode
[  279.665701][ T6439] hsr_slave_1: entered promiscuous mode
[  279.679124][ T6439] debugfs: 'hsr0' already exists in 'hsr'
[  279.686782][ T6439] Cannot create hsr debugfs directory
[  279.748123][   T30] audit: type=1326 audit(1754622942.733:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6495 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67298ebe9 code=0x7ffc0000
[  279.765580][ T6476] chnl_net:caif_netlink_parms(): no params data found
[  279.771161][   T30] audit: type=1326 audit(1754622942.743:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6495 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67298ebe9 code=0x7ffc0000
[  279.806868][   T30] audit: type=1326 audit(1754622942.763:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6495 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67298ebe9 code=0x7ffc0000
[  279.829784][   T30] audit: type=1326 audit(1754622942.773:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6495 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67298ebe9 code=0x7ffc0000
[  279.905964][ T6395] 8021q: adding VLAN 0 to HW filter on device bond0
[  280.017445][   T30] audit: type=1326 audit(1754622942.893:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6495 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67298ebe9 code=0x7ffc0000
[  280.041460][   T30] audit: type=1326 audit(1754622942.893:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6495 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd67298ec23 code=0x7ffc0000
[  280.069859][   T30] audit: type=1326 audit(1754622942.903:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6495 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fd67298ebe9 code=0x7ffc0000
[  280.094784][   T30] audit: type=1326 audit(1754622942.903:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6495 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67298ebe9 code=0x7ffc0000
[  280.118387][   T30] audit: type=1326 audit(1754622942.903:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6495 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67298ebe9 code=0x7ffc0000
[  280.357139][ T5099] Bluetooth: hci0: command tx timeout
[  280.561082][ T6395] 8021q: adding VLAN 0 to HW filter on device team0
[  280.890960][ T4797] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.899149][ T4797] bridge0: port 1(bridge_slave_0) entered forwarding state
[  281.080468][ T4797] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.088228][ T4797] bridge0: port 2(bridge_slave_1) entered forwarding state
[  281.695847][ T5099] Bluetooth: hci2: command tx timeout
[  282.044700][ T6476] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.052608][ T6476] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.061065][ T6476] bridge_slave_0: entered allmulticast mode
[  282.071937][ T6476] bridge_slave_0: entered promiscuous mode
[  282.242833][ T6476] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.251029][ T6476] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.262950][ T6476] bridge_slave_1: entered allmulticast mode
[  282.274002][ T6476] bridge_slave_1: entered promiscuous mode
[  282.361467][ T6439] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  282.493731][ T6476] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  282.535446][ T6439] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  282.616612][ T6476] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  282.627151][ T6439] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  282.983199][ T6476] team0: Port device team_slave_0 added
[  283.013842][ T6439] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  283.073490][ T6476] team0: Port device team_slave_1 added
[  283.519753][ T6476] batman_adv: batadv0: Adding interface: batadv_slave_0
[  283.528141][ T6476] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  283.566796][ T6476] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  283.785062][ T5099] Bluetooth: hci2: command tx timeout
[  283.810069][ T6476] batman_adv: batadv0: Adding interface: batadv_slave_1
[  283.818718][ T6476] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  283.848559][ T6476] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  284.352483][ T6395] 8021q: adding VLAN 0 to HW filter on device batadv0
[  284.480063][ T6476] hsr_slave_0: entered promiscuous mode
[  284.499643][ T6476] hsr_slave_1: entered promiscuous mode
[  284.509073][ T6476] debugfs: 'hsr0' already exists in 'hsr'
[  284.515229][ T6476] Cannot create hsr debugfs directory
[  284.526805][ T6521] loop3: detected capacity change from 0 to 2364
[  284.808137][ T6439] 8021q: adding VLAN 0 to HW filter on device bond0
[  285.341935][ T5817] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  285.358735][ T5817] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  285.379309][ T5817] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  285.431304][ T6439] 8021q: adding VLAN 0 to HW filter on device team0
[  285.469037][ T5817] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  285.517814][ T5815] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  285.582584][ T4002] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.590514][ T4002] bridge0: port 1(bridge_slave_0) entered forwarding state
[  285.608221][ T4002] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.616279][ T4002] bridge0: port 2(bridge_slave_1) entered forwarding state
[  285.877777][ T5815] Bluetooth: hci2: command tx timeout
[  287.241328][ T6476] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  287.321138][ T6476] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  287.478168][ T6476] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  287.608077][ T6476] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  287.695247][ T5815] Bluetooth: hci3: command tx timeout
[  288.002387][ T6528] chnl_net:caif_netlink_parms(): no params data found
[  288.799695][ T6395] veth0_vlan: entered promiscuous mode
[  288.912590][ T6439] 8021q: adding VLAN 0 to HW filter on device batadv0
[  289.002839][ T6395] veth1_vlan: entered promiscuous mode
[  289.531121][ T6476] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.546840][ T6395] veth0_macvtap: entered promiscuous mode
[  289.645243][ T6395] veth1_macvtap: entered promiscuous mode
[  289.786824][ T5815] Bluetooth: hci3: command tx timeout
[  289.789856][ T6476] 8021q: adding VLAN 0 to HW filter on device team0
[  289.877378][ T6395] batman_adv: batadv0: Interface activated: batadv_slave_0
[  289.961452][ T6395] batman_adv: batadv0: Interface activated: batadv_slave_1
[  290.281453][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.289143][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  290.342409][ T4797] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  290.357218][ T6528] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.366711][ T6528] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.375014][ T6528] bridge_slave_0: entered allmulticast mode
[  290.385023][ T6528] bridge_slave_0: entered promiscuous mode
[  290.419093][   T58] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  290.475542][   T35] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  290.491682][ T4002] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.499880][ T4002] bridge0: port 2(bridge_slave_1) entered forwarding state
[  290.547043][ T4392] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  290.568843][ T6528] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.577120][ T6528] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.585739][ T6528] bridge_slave_1: entered allmulticast mode
[  290.596455][ T6528] bridge_slave_1: entered promiscuous mode
[  291.159372][ T6528] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  291.269090][ T6528] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  291.823266][ T6528] team0: Port device team_slave_0 added
[  291.865162][ T5815] Bluetooth: hci3: command tx timeout
[  291.928111][ T6528] team0: Port device team_slave_1 added
[  292.386189][ T6528] batman_adv: batadv0: Adding interface: batadv_slave_0
[  292.393501][ T6528] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  292.422431][ T6528] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  292.547093][ T6528] batman_adv: batadv0: Adding interface: batadv_slave_1
[  292.555787][ T6528] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  292.588714][ T6528] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  293.418639][ T6528] hsr_slave_0: entered promiscuous mode
[  293.430121][ T6528] hsr_slave_1: entered promiscuous mode
[  293.439649][ T6528] debugfs: 'hsr0' already exists in 'hsr'
[  293.446044][ T6528] Cannot create hsr debugfs directory
[  293.935614][ T5815] Bluetooth: hci3: command tx timeout
[  293.961329][ T6439] veth0_vlan: entered promiscuous mode
[  294.005230][ T6439] veth1_vlan: entered promiscuous mode
[  294.385279][ T6476] 8021q: adding VLAN 0 to HW filter on device batadv0
[  294.846289][ T6595] loop3: detected capacity change from 0 to 512
[  294.865845][ T4392] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.889623][ T6595] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  295.068129][ T6595] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.082717][ T6595] ext4 filesystem being mounted at /42/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  295.082874][ T6439] veth0_macvtap: entered promiscuous mode
[  295.217940][ T4392] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.466903][ T4392] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.708876][ T6439] veth1_macvtap: entered promiscuous mode
[  295.791275][ T4392] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.143433][ T6528] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  296.237442][ T6528] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  296.268789][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.392049][ T6439] batman_adv: batadv0: Interface activated: batadv_slave_0
[  296.421538][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  296.429298][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  296.555582][ T6528] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  296.712929][ T6528] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  296.799110][ T4392] bridge_slave_1: left allmulticast mode
[  296.805581][ T4392] bridge_slave_1: left promiscuous mode
[  296.812565][ T4392] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.008604][ T4392] bridge_slave_0: left allmulticast mode
[  297.015412][ T4392] bridge_slave_0: left promiscuous mode
[  297.022221][ T4392] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.675683][ T4392] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  297.725712][ T4392] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  297.751230][ T4392] bond0 (unregistering): Released all slaves
[  297.852422][ T6439] batman_adv: batadv0: Interface activated: batadv_slave_1
[  298.025615][ T4025] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  298.085713][ T4025] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  298.179943][ T4489] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  298.306207][ T4489] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  298.698690][ T6623] loop3: detected capacity change from 0 to 1024
[  298.998417][ T4392] hsr_slave_0: left promiscuous mode
[  299.020919][ T6623] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  299.036190][ T6623] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  299.064851][ T4392] hsr_slave_1: left promiscuous mode
[  299.073519][ T4392] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  299.081969][ T4392] batman_adv: batadv0: Removing interface: batadv_slave_0
[  299.145823][ T4392] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  299.153737][ T4392] batman_adv: batadv0: Removing interface: batadv_slave_1
[  299.260757][ T4392] veth1_macvtap: left promiscuous mode
[  299.269169][ T4392] veth0_macvtap: left promiscuous mode
[  299.275700][ T4392] veth1_vlan: left promiscuous mode
[  299.281308][ T4392] veth0_vlan: left promiscuous mode
[  299.405422][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  300.211856][ T4392] team0 (unregistering): Port device team_slave_1 removed
[  300.300426][ T4392] team0 (unregistering): Port device team_slave_0 removed
[  301.501597][ T6528] 8021q: adding VLAN 0 to HW filter on device bond0
[  301.615942][ T6476] veth0_vlan: entered promiscuous mode
[  301.807874][ T6528] 8021q: adding VLAN 0 to HW filter on device team0
[  301.825511][ T6476] veth1_vlan: entered promiscuous mode
[  301.953030][ T4002] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.960852][ T4002] bridge0: port 1(bridge_slave_0) entered forwarding state
[  302.088068][ T4002] bridge0: port 2(bridge_slave_1) entered blocking state
[  302.095752][ T4002] bridge0: port 2(bridge_slave_1) entered forwarding state
[  302.267902][ T6476] veth0_macvtap: entered promiscuous mode
[  302.355101][ T6476] veth1_macvtap: entered promiscuous mode
[  302.434097][ T6528] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  302.445581][ T6528] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  302.734025][ T4797] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.931225][ T6476] batman_adv: batadv0: Interface activated: batadv_slave_0
[  303.013648][ T4797] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.265598][ T4797] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.322350][ T6476] batman_adv: batadv0: Interface activated: batadv_slave_1
[  303.451935][ T4797] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.656723][ T3926] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  303.746251][ T1117] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  303.813303][ T1117] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  304.168784][ T1117] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  304.188036][ T4797] bridge_slave_1: left allmulticast mode
[  304.194010][ T4797] bridge_slave_1: left promiscuous mode
[  304.201408][ T4797] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.216691][ T3926] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.225438][ T3926] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.298117][ T4797] bridge_slave_0: left allmulticast mode
[  304.306383][ T4797] bridge_slave_0: left promiscuous mode
[  304.313624][ T4797] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.233916][ T4797] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  305.279278][ T4797] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  305.304168][ T4797] bond0 (unregistering): Released all slaves
[  305.835089][ T1130] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  305.843410][ T1130] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  306.003882][ T6528] 8021q: adding VLAN 0 to HW filter on device batadv0
[  306.588358][ T4797] hsr_slave_0: left promiscuous mode
[  306.635748][ T4797] hsr_slave_1: left promiscuous mode
[  306.646754][ T4797] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  306.654715][ T4797] batman_adv: batadv0: Removing interface: batadv_slave_0
[  306.757459][ T4797] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  306.765879][ T4797] batman_adv: batadv0: Removing interface: batadv_slave_1
[  306.909953][ T4797] veth1_macvtap: left promiscuous mode
[  306.920007][ T4797] veth0_macvtap: left promiscuous mode
[  306.926285][ T4797] veth1_vlan: left promiscuous mode
[  306.932145][ T4797] veth0_vlan: left promiscuous mode
[  306.958205][ T6682] loop5: detected capacity change from 0 to 1024
[  307.409286][ T6682] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  307.427443][ T6682] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  307.812852][ T6395] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  308.121898][ T4797] team0 (unregistering): Port device team_slave_1 removed
[  308.196331][ T4797] team0 (unregistering): Port device team_slave_0 removed
[  308.310816][ T6692] loop5: detected capacity change from 0 to 1024
[  308.662436][ T6692] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  308.675557][ T6692] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  309.498891][ T6395] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  309.746555][ T4797] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.959865][ T4797] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.228654][ T4797] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.508339][ T4797] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.265979][ T4797] bridge_slave_1: left allmulticast mode
[  311.272215][ T4797] bridge_slave_1: left promiscuous mode
[  311.281783][ T4797] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.436051][ T4797] bridge_slave_0: left allmulticast mode
[  311.442115][ T4797] bridge_slave_0: left promiscuous mode
[  311.450405][ T4797] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.720691][ T6719] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  311.730709][ T6719] overlayfs: failed to set xattr on upper
[  311.737524][ T6719] overlayfs: ...falling back to redirect_dir=nofollow.
[  311.744905][ T6719] overlayfs: ...falling back to index=off.
[  311.751177][ T6719] overlayfs: ...falling back to uuid=null.
[  312.160836][ T6720] loop3: detected capacity change from 0 to 512
[  312.255808][ T6720] overlayfs: failed lookup in lower (/, name='file0', err=-40): overlapping layers
[  312.313693][ T6720] overlayfs: failed lookup in lower (/, name='file0', err=-40): overlapping layers
[  312.472980][ T4797] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  312.589908][ T4797] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  312.657474][ T4797] bond0 (unregistering): Released all slaves
[  313.915138][ T6528] veth0_vlan: entered promiscuous mode
[  314.102108][ T4797] hsr_slave_0: left promiscuous mode
[  314.136856][ T4797] hsr_slave_1: left promiscuous mode
[  314.145344][ T4797] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  314.153291][ T4797] batman_adv: batadv0: Removing interface: batadv_slave_0
[  314.249390][ T4797] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  314.261960][ T4797] batman_adv: batadv0: Removing interface: batadv_slave_1
[  314.375541][ T4797] veth1_macvtap: left promiscuous mode
[  314.381602][ T4797] veth0_macvtap: left promiscuous mode
[  314.389294][ T4797] veth1_vlan: left promiscuous mode
[  314.395023][ T4797] veth0_vlan: left promiscuous mode
[  314.482788][ T6747] loop3: detected capacity change from 0 to 1024
[  314.936953][ T6747] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  314.951436][ T6747] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  315.342239][ T6754] loop5: detected capacity change from 0 to 1024
[  315.552912][ T6754] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  315.566388][ T6754] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  315.567059][ T4797] team0 (unregistering): Port device team_slave_1 removed
[  315.618881][ T4797] team0 (unregistering): Port device team_slave_0 removed
[  315.772281][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  316.185512][ T6395] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  316.402819][ T6528] veth1_vlan: entered promiscuous mode
[  316.749415][ T6528] veth0_macvtap: entered promiscuous mode
[  316.831587][ T6528] veth1_macvtap: entered promiscuous mode
[  317.120914][ T6528] batman_adv: batadv0: Interface activated: batadv_slave_0
[  317.222468][ T6528] batman_adv: batadv0: Interface activated: batadv_slave_1
[  317.368911][ T4489] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  317.531934][ T4489] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  317.589563][ T4489] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  317.674130][ T4489] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  317.845723][ T4002] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  317.854059][ T4002] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  318.217645][ T4489] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  318.226197][ T4489] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  319.831579][ T4056] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  319.840808][ T4056] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  319.859589][ T6798] loop6: detected capacity change from 0 to 1024
[  320.190825][ T4025] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  320.199819][ T4025] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  320.248876][ T6798] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  320.263008][ T6798] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  320.437730][ T6804] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  320.862522][ T6439] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  322.418894][ T6826] evm: overlay not supported
[  323.507325][ T6842] loop3: detected capacity change from 0 to 1024
[  323.683466][ T6842] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  323.697620][ T6842] ext4 filesystem being mounted at /63/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  324.356066][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  324.710806][ T6856] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  324.718750][ T6856] overlayfs: failed to set xattr on upper
[  324.725595][ T6856] overlayfs: ...falling back to redirect_dir=nofollow.
[  324.739423][ T6856] overlayfs: ...falling back to index=off.
[  324.747933][ T6856] overlayfs: ...falling back to uuid=null.
[  325.065339][ T6865] loop7: detected capacity change from 0 to 512
[  325.115504][ T6865] overlayfs: failed lookup in lower (/, name='file0', err=-40): overlapping layers
[  325.200409][ T6865] overlayfs: failed lookup in lower (/, name='file0', err=-40): overlapping layers
[  327.100499][ T3975] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  327.108764][ T3975] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  327.612331][ T4392] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  327.620789][ T4392] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  329.137596][ T5099] Bluetooth: hci4: command 0x0406 tx timeout
[  331.481995][ T6958] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  332.669165][ T6972] loop8: detected capacity change from 0 to 128
[  332.833190][ T6976] fuse: Bad value for 'fd'
[  333.439260][ T6972] syz.8.256: attempt to access beyond end of device
[  333.439260][ T6972] loop8: rw=2049, sector=145, nr_sectors = 8 limit=128
[  333.453981][ T6972] syz.8.256: attempt to access beyond end of device
[  333.453981][ T6972] loop8: rw=2049, sector=161, nr_sectors = 8 limit=128
[  333.470211][ T6972] syz.8.256: attempt to access beyond end of device
[  333.470211][ T6972] loop8: rw=2049, sector=177, nr_sectors = 8 limit=128
[  333.484573][ T6972] syz.8.256: attempt to access beyond end of device
[  333.484573][ T6972] loop8: rw=2049, sector=193, nr_sectors = 8 limit=128
[  333.499292][ T6972] syz.8.256: attempt to access beyond end of device
[  333.499292][ T6972] loop8: rw=2049, sector=209, nr_sectors = 8 limit=128
[  333.513525][ T6972] syz.8.256: attempt to access beyond end of device
[  333.513525][ T6972] loop8: rw=2049, sector=225, nr_sectors = 8 limit=128
[  333.528388][ T6972] syz.8.256: attempt to access beyond end of device
[  333.528388][ T6972] loop8: rw=2049, sector=241, nr_sectors = 8 limit=128
[  333.630154][ T6972] syz.8.256: attempt to access beyond end of device
[  333.630154][ T6972] loop8: rw=2049, sector=257, nr_sectors = 8 limit=128
[  335.373906][ T7016] fuse: Bad value for 'fd'
[  336.192645][ T7028] fuse: Bad value for 'fd'
[  338.408522][ T7056] fuse: Bad value for 'fd'
[  341.293253][ T7100] fuse: Bad value for 'fd'
[  341.591955][ T7104] overlayfs: failed to resolve './bus': -2
[  344.824860][ T7150] overlayfs: failed to resolve './bus': -2
[  344.843928][ T7148] loop7: detected capacity change from 0 to 1024
[  344.956397][ T7148] EXT4-fs: Ignoring removed orlov option
[  344.963037][ T7148] EXT4-fs: Ignoring removed nomblk_io_submit option
[  345.171826][ T7148] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  346.117982][ T6476] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.534480][ T7205] loop5: detected capacity change from 0 to 1024
[  348.677560][ T7205] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  348.699005][ T7205] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  349.475215][ T6395] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  350.116318][ T7226] fuse: Bad value for 'fd'
[  351.814802][ T7249] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  351.822429][ T7249] overlayfs: failed to set xattr on upper
[  351.828849][ T7249] overlayfs: ...falling back to redirect_dir=nofollow.
[  351.836148][ T7249] overlayfs: ...falling back to index=off.
[  351.842145][ T7249] overlayfs: ...falling back to uuid=null.
[  352.057958][ T7255] loop3: detected capacity change from 0 to 1024
[  352.282887][ T7255] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  352.296313][ T7255] ext4 filesystem being mounted at /90/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  352.618501][ T7255] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.343: lblock 3 mapped to illegal pblock 3 (length 3)
[  352.732576][ T7255] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  352.745728][ T7255] EXT4-fs (loop3): This should not happen!! Data will be lost
[  352.745728][ T7255] 
[  353.219901][ T4002] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  353.287176][ T4002] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 36 with error 28
[  353.308939][ T4002] EXT4-fs (loop3): This should not happen!! Data will be lost
[  353.308939][ T4002] 
[  353.322702][ T4002] EXT4-fs (loop3): Total free blocks count 0
[  353.329241][ T4002] EXT4-fs (loop3): Free/Dirty block details
[  353.335660][ T4002] EXT4-fs (loop3): free_blocks=4293918720
[  353.341957][ T4002] EXT4-fs (loop3): dirty_blocks=48
[  353.347751][ T4002] EXT4-fs (loop3): Block reservation details
[  353.668204][ T7277] fuse: Bad value for 'fd'
[  356.955857][ T7322] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  357.838685][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  357.846200][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  361.017726][ T7380] loop7: detected capacity change from 0 to 1024
[  361.261941][ T7380] EXT4-fs (loop7): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  361.275232][ T7380] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  361.544696][ T7380] EXT4-fs error (device loop7): ext4_map_blocks:814: inode #15: block 3: comm syz.7.382: lblock 3 mapped to illegal pblock 3 (length 3)
[  361.572182][ T7380] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  361.585534][ T7380] EXT4-fs (loop7): This should not happen!! Data will be lost
[  361.585534][ T7380] 
[  361.693434][ T7390] netlink: 'syz.5.385': attribute type 1 has an invalid length.
[  362.049848][ T4797] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  362.147255][ T4797] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 36 with error 28
[  362.161583][ T4797] EXT4-fs (loop7): This should not happen!! Data will be lost
[  362.161583][ T4797] 
[  362.172381][ T4797] EXT4-fs (loop7): Total free blocks count 0
[  362.179612][ T4797] EXT4-fs (loop7): Free/Dirty block details
[  362.186114][ T4797] EXT4-fs (loop7): free_blocks=4293918720
[  362.192435][ T4797] EXT4-fs (loop7): dirty_blocks=48
[  362.198079][ T4797] EXT4-fs (loop7): Block reservation details
[  363.036311][ T7415] fuse: Bad value for 'fd'
[  364.624807][ T7432] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  364.632419][ T7432] overlayfs: failed to set xattr on upper
[  364.638893][ T7432] overlayfs: ...falling back to redirect_dir=nofollow.
[  364.646229][ T7432] overlayfs: ...falling back to index=off.
[  364.652648][ T7432] overlayfs: ...falling back to uuid=null.
[  365.711667][ T7448] fuse: Bad value for 'fd'
[  367.263164][ T7473] fuse: Bad value for 'group_id'
[  367.270863][ T7473] fuse: Bad value for 'group_id'
[  367.406284][ T7474] loop6: detected capacity change from 0 to 1024
[  367.482605][ T7474] EXT4-fs: Ignoring removed orlov option
[  367.489100][ T7474] EXT4-fs: Ignoring removed nomblk_io_submit option
[  367.775999][ T7474] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  367.890045][ T7481] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  367.897736][ T7481] overlayfs: failed to set xattr on upper
[  367.903795][ T7481] overlayfs: ...falling back to redirect_dir=nofollow.
[  367.912125][ T7481] overlayfs: ...falling back to index=off.
[  367.918403][ T7481] overlayfs: ...falling back to uuid=null.
[  368.070827][ T7486] overlayfs: missing 'lowerdir'
[  368.818724][ T6439] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.838688][ T7524] fuse: Bad value for 'group_id'
[  370.843960][ T7524] fuse: Bad value for 'group_id'
[  371.209521][ T7528] loop5: detected capacity change from 0 to 1024
[  371.303177][ T7528] EXT4-fs: Ignoring removed orlov option
[  371.309585][ T7528] EXT4-fs: Ignoring removed nomblk_io_submit option
[  371.593848][ T7530] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  371.601472][ T7530] overlayfs: failed to set xattr on upper
[  371.607860][ T7530] overlayfs: ...falling back to redirect_dir=nofollow.
[  371.611861][ T7528] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  371.615383][ T7530] overlayfs: ...falling back to index=off.
[  371.615447][ T7530] overlayfs: ...falling back to uuid=null.
[  371.976348][ T7543] overlayfs: missing 'lowerdir'
[  372.052096][    C1] hrtimer: interrupt took 326447 ns
[  372.626269][ T6395] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.183956][ T7568] overlayfs: failed to resolve './file1': -2
[  374.539269][ T7568] loop8: detected capacity change from 0 to 512
[  374.607422][ T7568] msdos: Unknown parameter 'fuse'
[  375.530571][ T7582] loop3: detected capacity change from 0 to 1024
[  375.617804][ T7582] EXT4-fs: Ignoring removed orlov option
[  375.626481][ T7582] EXT4-fs: Ignoring removed nomblk_io_submit option
[  375.914553][ T7582] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  376.200479][ T7582] overlayfs: missing 'lowerdir'
[  376.910934][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.812459][ T7624] loop7: detected capacity change from 0 to 2364
[  378.958023][ T7630] overlayfs: failed to resolve './file1': -2
[  379.984789][ T7639] loop3: detected capacity change from 0 to 1024
[  380.088854][ T7639] EXT4-fs: Ignoring removed orlov option
[  380.095968][ T7639] EXT4-fs: Ignoring removed nomblk_io_submit option
[  380.273713][ T7639] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  380.597172][ T7651] overlayfs: missing 'lowerdir'
[  381.261227][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.616467][ T7678] overlayfs: failed to resolve './file1': -2
[  383.247715][ T7689] 9pnet_fd: Insufficient options for proto=fd
[  384.061704][ T7696] loop6: detected capacity change from 0 to 1024
[  384.129204][ T7696] EXT4-fs: Ignoring removed orlov option
[  384.135438][ T7696] EXT4-fs: Ignoring removed nomblk_io_submit option
[  384.331273][ T7696] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  384.648606][ T7707] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  384.659207][ T7707] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  385.228547][ T7716] overlayfs: failed to resolve './file1': -2
[  385.415726][ T6439] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.969011][ T7724] overlayfs: failed to resolve './file1': -2
[  387.698322][ T7748] loop6: detected capacity change from 0 to 1024
[  387.787224][ T7748] EXT4-fs: Ignoring removed orlov option
[  387.793510][ T7748] EXT4-fs: Ignoring removed nomblk_io_submit option
[  387.868511][ T7752] overlayfs: failed to resolve './file1': -2
[  388.024550][ T7748] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  388.308304][ T7748] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  388.318885][ T7748] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  389.030162][ T6439] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.626836][ T7775] overlayfs: failed to resolve './file0': -2
[  390.580487][ T5099] Bluetooth: hci1: command 0x0406 tx timeout
[  390.979639][   T30] kauditd_printk_skb: 45 callbacks suppressed
[  390.979718][   T30] audit: type=1800 audit(1754623054.013:59): pid=7789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.510" name="bus" dev="tmpfs" ino=734 res=0 errno=0
[  391.391149][ T7800] overlayfs: failed to resolve './file1': -2
[  392.050863][ T7811] loop5: detected capacity change from 0 to 1024
[  392.097930][ T7811] EXT4-fs: Ignoring removed orlov option
[  392.103954][ T7811] EXT4-fs: Ignoring removed nomblk_io_submit option
[  392.346872][ T7811] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  392.532698][ T7811] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  392.542732][ T7811] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  393.359052][ T7827] loop3: detected capacity change from 0 to 1024
[  393.457733][ T6395] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  393.597752][ T7827] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  393.610624][ T7827] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  393.878212][ T7827] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.520: lblock 3 mapped to illegal pblock 3 (length 3)
[  393.985198][ T7827] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  393.999420][ T7827] EXT4-fs (loop3): This should not happen!! Data will be lost
[  393.999420][ T7827] 
[  394.035624][ T7837] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 4: comm syz.3.520: lblock 4 mapped to illegal pblock 4 (length 1)
[  394.152293][ T7837] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.520: Freeing blocks not in datazone - block = 3, count = 1
[  394.807093][ T4025] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  394.914024][ T4025] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 36 with error 28
[  394.927586][ T4025] EXT4-fs (loop3): This should not happen!! Data will be lost
[  394.927586][ T4025] 
[  394.937764][ T4025] EXT4-fs (loop3): Total free blocks count 0
[  394.943962][ T4025] EXT4-fs (loop3): Free/Dirty block details
[  394.950312][ T4025] EXT4-fs (loop3): free_blocks=4293918720
[  394.956595][ T4025] EXT4-fs (loop3): dirty_blocks=48
[  394.961914][ T4025] EXT4-fs (loop3): Block reservation details
[  395.696608][ T5099] Bluetooth: hci0: command 0x0406 tx timeout
[  396.019526][ T7863] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  396.027574][ T7863] overlayfs: failed to set xattr on upper
[  396.033743][ T7863] overlayfs: ...falling back to redirect_dir=nofollow.
[  396.041487][ T7863] overlayfs: ...falling back to index=off.
[  396.048286][ T7863] overlayfs: ...falling back to uuid=null.
[  397.989308][ T7888] loop5: detected capacity change from 0 to 1024
[  398.283659][ T7888] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  398.296792][ T7888] ext4 filesystem being mounted at /78/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  400.816261][ T5099] Bluetooth: hci2: command 0x0406 tx timeout
[  401.885035][ T7834] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  402.051231][ T7888] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: block 3: comm syz.5.537: lblock 3 mapped to illegal pblock 3 (length 3)
[  402.085459][ T7888] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  402.098813][ T7888] EXT4-fs (loop5): This should not happen!! Data will be lost
[  402.098813][ T7888] 
[  402.211025][ T7903] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 4: comm syz.5.537: lblock 4 mapped to illegal pblock 4 (length 1)
[  402.252606][ T7903] EXT4-fs error (device loop5): ext4_free_blocks:6696: comm syz.5.537: Freeing blocks not in datazone - block = 3, count = 1
[  402.797476][ T3975] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 36 with error 28
[  402.810974][ T3975] EXT4-fs (loop5): This should not happen!! Data will be lost
[  402.810974][ T3975] 
[  402.822614][ T3975] EXT4-fs (loop5): Total free blocks count 0
[  402.829142][ T3975] EXT4-fs (loop5): Free/Dirty block details
[  402.835772][ T3975] EXT4-fs (loop5): free_blocks=4293918720
[  402.842328][ T3975] EXT4-fs (loop5): dirty_blocks=48
[  402.848423][ T3975] EXT4-fs (loop5): Block reservation details
[  403.160248][ T7914] overlayfs: failed to resolve './file0': -2
[  403.838376][ T7924] syzkaller0: entered promiscuous mode
[  403.844098][ T7924] syzkaller0: entered allmulticast mode
[  405.581421][ T7948] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  407.627352][ T7974] overlayfs: failed to resolve './file1': -2
[  408.525698][ T7988] netlink: 'syz.6.568': attribute type 1 has an invalid length.
[  408.707181][ T7995] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  408.761981][ T5815] Bluetooth: hci4: unexpected event for opcode 0x0809
[  409.240065][ T8002] netlink: 60 bytes leftover after parsing attributes in process `syz.8.570'.
[  411.056990][ T5099] Bluetooth: hci3: command 0x0406 tx timeout
[  412.198816][ T8035] sctp: failed to load transform for md5: -2
[  412.786391][ T8052] fuse: Bad value for 'fd'
[  414.220256][ T8074] warning: `syz.5.593' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  415.039754][ T8083] bridge_slave_0: left allmulticast mode
[  415.057080][ T8083] bridge_slave_0: left promiscuous mode
[  415.064115][ T8083] bridge0: port 1(bridge_slave_0) entered disabled state
[  415.218231][ T8083] bridge_slave_1: left allmulticast mode
[  415.224833][ T8083] bridge_slave_1: left promiscuous mode
[  415.231757][ T8083] bridge0: port 2(bridge_slave_1) entered disabled state
[  415.612447][ T8083] bond0: (slave bond_slave_0): Releasing backup interface
[  415.817753][ T8083] bond0: (slave bond_slave_1): Releasing backup interface
[  416.037557][ T8083] team0: Port device team_slave_0 removed
[  416.206007][ T8083] team0: Port device team_slave_1 removed
[  416.218472][ T8083] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  416.228925][ T8083] batman_adv: batadv0: Removing interface: batadv_slave_0
[  416.373937][ T8083] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  416.391499][ T8083] batman_adv: batadv0: Removing interface: batadv_slave_1
[  416.711713][ T8090] team0: Mode changed to "activebackup"
[  416.862344][ T8092] vlan0: entered promiscuous mode
[  416.906965][ T8092] team0: Port device vlan0 added
[  416.975720][ T8097] tipc: Started in network mode
[  416.981131][ T8097] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  416.989755][ T8097] tipc: Enabled bearer <eth:team0>, priority 0
[  418.126508][ T5863] tipc: Node number set to 11578026
[  418.185151][   T24] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  418.428303][   T24] usb 6-1: Using ep0 maxpacket: 16
[  418.496650][   T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  418.507746][   T24] usb 6-1: config 0 has no interfaces?
[  418.597662][   T24] usb 6-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[  418.609745][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  418.620860][   T24] usb 6-1: Product: syz
[  418.625555][   T24] usb 6-1: Manufacturer: syz
[  418.632240][   T24] usb 6-1: SerialNumber: syz
[  418.787972][   T24] usb 6-1: config 0 descriptor??
[  419.279779][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  419.287198][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  419.544747][   T24] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  419.875060][   T24] usb 4-1: config index 0 descriptor too short (expected 23569, got 27)
[  419.884579][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  419.911754][   T24] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  419.922805][   T24] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  419.932065][   T24] usb 4-1: Manufacturer: syz
[  420.027772][   T24] usb 4-1: config 0 descriptor??
[  420.747104][   T24] rc_core: IR keymap rc-hauppauge not found
[  420.753765][   T24] Registered IR keymap rc-empty
[  420.761989][   T24] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  420.777656][   T24] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input5
[  420.818668][ T5863] usb 6-1: USB disconnect, device number 2
[  421.222956][   T24] usb 4-1: USB disconnect, device number 2
[  425.844997][ T5863] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  426.135813][ T5863] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  426.147839][ T5863] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  426.159377][ T5863] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  426.170324][ T5863] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  426.369988][ T5863] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  426.380104][ T5863] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  426.389141][ T5863] usb 8-1: Manufacturer: syz
[  426.551106][ T5863] usb 8-1: config 0 descriptor??
[  427.097809][ T5863] appleir 0003:05AC:8243.0001: unknown main item tag 0x0
[  427.197704][ T5863] appleir 0003:05AC:8243.0001: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.7-1/input0
[  427.271664][ T8235] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  427.445981][ T5863] usb 8-1: USB disconnect, device number 2
[  429.512820][ T8243] fido_id[8243]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory
[  429.649298][ T8256] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 660c, magic 66 != 6b]
[  433.063892][   T35] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  435.784531][ T8342] netlink: 8 bytes leftover after parsing attributes in process `syz.6.688'.
[  442.228572][ T8430] netlink: 12 bytes leftover after parsing attributes in process `syz.6.719'.
[  442.345912][ T8437] fuse: Bad value for 'fd'
[  445.062451][ T8469] netlink: 12 bytes leftover after parsing attributes in process `syz.6.733'.
[  448.351005][ T8512] netlink: 12 bytes leftover after parsing attributes in process `syz.3.746'.
[  449.839250][ T8535] binder_alloc: 8534: binder_alloc_buf, no vma
[  453.425832][ T8586] binder_alloc: 8584: binder_alloc_buf, no vma
[  453.795719][ T8596] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  458.156188][ T4797] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  458.168317][ T4797] =====================================================
[  458.176862][ T4797] BUG: KMSAN: uninit-value in nci_ntf_packet+0x2b0b/0x42b0
[  458.184654][ T4797]  nci_ntf_packet+0x2b0b/0x42b0
[  458.189834][ T4797]  nci_rx_work+0x403/0x750
[  458.194649][ T4797]  process_scheduled_works+0xb91/0x1d80
[  458.200526][ T4797]  worker_thread+0xedf/0x1590
[  458.205769][ T4797]  kthread+0xd59/0xf00
[  458.211709][ T4797]  ret_from_fork+0x1e3/0x310
[  458.216940][ T4797]  ret_from_fork_asm+0x1a/0x30
[  458.222046][ T4797] 
[  458.224862][ T4797] Uninit was stored to memory at:
[  458.230385][ T4797]  nci_ntf_packet+0x1f6e/0x42b0
[  458.235750][ T4797]  nci_rx_work+0x403/0x750
[  458.240648][ T4797]  process_scheduled_works+0xb91/0x1d80
[  458.246848][ T4797]  worker_thread+0xedf/0x1590
[  458.252129][ T4797]  kthread+0xd59/0xf00
[  458.258643][ T4797]  ret_from_fork+0x1e3/0x310
[  458.268423][ T4797]  ret_from_fork_asm+0x1a/0x30
[  458.273470][ T4797] 
[  458.276026][ T4797] Uninit was created at:
[  458.280751][ T4797]  kmem_cache_alloc_node_noprof+0x818/0xf00
[  458.287361][ T4797]  kmalloc_reserve+0x13c/0x4b0
[  458.292391][ T4797]  __alloc_skb+0x347/0x7d0
[  458.297409][ T4797]  virtual_ncidev_write+0x6b/0x430
[  458.302966][ T4797]  vfs_write+0x463/0x1580
[  458.309860][ T4797]  __x64_sys_write+0x1fb/0x4d0
[  458.315745][ T4797]  x64_sys_call+0x3014/0x3e20
[  458.320845][ T4797]  do_syscall_64+0xd9/0x210
[  458.326021][ T4797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  458.332205][ T4797] 
[  458.335125][ T4797] CPU: 1 UID: 0 PID: 4797 Comm: kworker/u8:19 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(none) 
[  458.348629][ T4797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  458.359126][ T4797] Workqueue: nfc2_nci_rx_wq nci_rx_work
[  458.366875][ T4797] =====================================================
[  458.375734][ T4797] Disabling lock debugging due to kernel taint
[  458.382307][ T4797] Kernel panic - not syncing: kmsan.panic set ...
[  458.389190][ T4797] CPU: 1 UID: 0 PID: 4797 Comm: kworker/u8:19 Tainted: G    B               6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(none) 
[  458.403240][ T4797] Tainted: [B]=BAD_PAGE
[  458.407636][ T4797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  458.418134][ T4797] Workqueue: nfc2_nci_rx_wq nci_rx_work
[  458.423987][ T4797] Call Trace:
[  458.427576][ T4797]  <TASK>
[  458.430643][ T4797]  __dump_stack+0x26/0x30
[  458.435393][ T4797]  dump_stack_lvl+0x53/0x270
[  458.440323][ T4797]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  458.446617][ T4797]  dump_stack+0x1e/0x25
[  458.451352][ T4797]  vpanic+0x361/0xc50
[  458.455770][ T4797]  panic+0x15d/0x160
[  458.460309][ T4797]  kmsan_report+0x31c/0x320
[  458.465400][ T4797]  ? __msan_warning+0x1b/0x30
[  458.470564][ T4797]  ? nci_ntf_packet+0x2b0b/0x42b0
[  458.476372][ T4797]  ? nci_rx_work+0x403/0x750
[  458.481182][ T4797]  ? process_scheduled_works+0xb91/0x1d80
[  458.487512][ T4797]  ? worker_thread+0xedf/0x1590
[  458.492892][ T4797]  ? kthread+0xd59/0xf00
[  458.497437][ T4797]  ? ret_from_fork+0x1e3/0x310
[  458.502565][ T4797]  ? ret_from_fork_asm+0x1a/0x30
[  458.507860][ T4797]  ? vprintk_default+0x3f/0x50
[  458.512967][ T4797]  ? vprintk+0x36/0x50
[  458.517364][ T4797]  ? _printk+0x17e/0x1b0
[  458.522116][ T4797]  ? kmsan_get_metadata+0xfb/0x160
[  458.527508][ T4797]  __msan_warning+0x1b/0x30
[  458.532402][ T4797]  nci_ntf_packet+0x2b0b/0x42b0
[  458.537510][ T4797]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  458.543871][ T4797]  ? hiddev_ioctl_usage+0x170/0x2860
[  458.549420][ T4797]  nci_rx_work+0x403/0x750
[  458.554075][ T4797]  ? __pfx_nci_rx_work+0x10/0x10
[  458.559475][ T4797]  process_scheduled_works+0xb91/0x1d80
[  458.565569][ T4797]  worker_thread+0xedf/0x1590
[  458.570736][ T4797]  kthread+0xd59/0xf00
[  458.575000][ T4797]  ? __pfx_worker_thread+0x10/0x10
[  458.580403][ T4797]  ? __pfx_kthread+0x10/0x10
[  458.585224][ T4797]  ret_from_fork+0x1e3/0x310
[  458.590192][ T4797]  ? __pfx_kthread+0x10/0x10
[  458.594999][ T4797]  ret_from_fork_asm+0x1a/0x30
[  458.600300][ T4797]  </TASK>
[  458.603721][ T4797] Kernel Offset: disabled
[  458.608231][ T4797] Rebooting in 86400 seconds..