last executing test programs:

5m9.270130727s ago: executing program 32 (id=67):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)

5m8.436952443s ago: executing program 33 (id=71):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
listxattr(&(0x7f0000001e80)='./file0\x00', 0x0, 0x2)

4m43.090266796s ago: executing program 34 (id=184):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000380)={[{@test_dummy_encryption}, {@dioread_lock}, {@test_dummy_encryption}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5e9, &(0x7f0000001340)="$eJzs3c1vVFUbAPDnTj9oKe/bQoyKC2liDCRKSwsYYkyErSENfsSNGystiBRoaI0WTSgJbkyMG2NMXLkQ/wslsmWlKxduXBkSooaliWPu9N7Sae/0u72V+/slQ889Zy7nTKfPnDNnzrkTQGX1p//UIvZHxGQS0ZvMzpe1R1bYP3e/B399fDa9JVGvv/5HEkmWl98/yX72ZCd3RcRPPyaxr21pvVMz1y6OTkyMX82OB6cvTQ5OzVw7fOHS6Pnx8+OXh18YPnH82PETQ0dW8zC6F2dcL7jT6ZvvfdD76chb3379dzL03a8jSZyMV7I7Lnwcm6U/+hu/k2RpUc+Jza6sJG3Z38nCpzhpL7FBrEn+/HVExBPRG23x8MnrjU9eLbVxwJaqJxF1oKIS8Q8VlY8D8vf2i98H10oZlQDb4f6puQmApfHfPjc3GF2NuYHdD5JYOK2TRMSqZuZWsCci7t4ZuXnuzsjN2KJ5OKDY7I2IeLIo/pNG/PdFV/Q14r/WFP/puOBM9jPNf22d9S+eKhb/sH3m4r9r2fiPFvH/9oL4f2ed9fc/TL7b3RT/Sz7SAwAAAAAAAFZw+1REPF/0+X9tfv1PFKz/6YmIk5tQf/+i46Wf/9fubUI1QIH7pyJeKlz/W8tX//a1Zan/NdYDdCTnLkyMH4mI/0fEoejYlR4PLVPH4c/2fdWqrD9b/5ff0vrvZmsBs3bca9/VfM7Y6PToRh83EHH/RsRThet/k/n+Pyno/9PXg8lV1rHv2VtnWpWtHP/AVql/E3GwsP9/eNWKZPnrcww2xgOD+ahgqac/+vz7VvWvN/5dYgI2Lu3/dy8f/33Jwuv1TK29jqMz7fVWZesd/3cmbzQuOdOZ5X04Oj19dSiiMzndluY25Q+vvc3wKMrjIY+XNP4PPbP8/F/R+L87ImYX/d/Jn817inOP/9PzW6v2GP9DedL4H1tT/7/2xPCtvh9a1b+6/v9Yo68/lOWY/4M5X+Zh2tmcXxCO7UVF291eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgU1CJiTyS1gfl0rTYwENETEY/F7trElanp585def/yWFrW+P7/Wv5Nv71zx0n+/f99C46HFx0fjYi9EfFFW3fjeODslYmxsh88AAAAAAAAAAAAAAAAAAAA7BA9Lfb/p35vK7t1wJZrL7sBQGkK4v/nMtoBbD/9P1SX+IfqEv9QXeIfqkv8Q3WJf6gu8Q/VJf4BAAAAAOCRsvfA7V+SiJh9sbtxS3VmZR2ltgzYarWyGwCUxiV+oLos/YHq8h4fSFYo72p50kpnLmfy7AZOBgAAAAAAAAAAAIDKObjf/n+oKvv/obrs/4fqyvf/Hyi5HcD2W+N7/PpGdvsCO9dysV24/3/FswAAAAAAAAAAAACAzTQ1c+3i6MTE+NXKJV6OiKacN3dIw7YxUa/Xr6d/BTulPf/xRL4Ufqe0Z1Ei3+u3urPKe00CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACa/RsAAP//EH0kSg==")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x1, 0x0, &(0x7f0000000cc0))
chdir(&(0x7f0000000140)='./bus\x00')
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')

4m36.96508873s ago: executing program 35 (id=226):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@updsa={0x138, 0x1a, 0xffffffffffffffff, 0x0, 0x0, {{@in6=@private0, @in6=@loopback}, {@in=@local, 0x0, 0x3c}, @in6=@private1, {0x100000000, 0x0, 0x0, 0x0, 0x970}, {}, {}, 0x0, 0x3503, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}}, 0x0)

4m30.102857929s ago: executing program 36 (id=269):
unshare(0x64000600)
syz_open_dev$usbfs(0x0, 0x0, 0x240000)
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = epoll_create1(0x0)
r2 = epoll_create1(0x0)
fcntl$dupfd(r2, 0x0, r1)
getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x16, 0x0, 0x3, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000000)={r3, 0x0, 0x0}, 0x20)

4m19.65466942s ago: executing program 37 (id=336):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x21081e, &(0x7f0000000240)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@nodiscard}]}, 0x1, 0x501, &(0x7f0000000ac0)="$eJzs3c9vI1cdAPCvnThxsmmTlh4AQbu0QEGrdRJvG1U9QDkhhCohegRpGxJvFMWOo9gpTViJ9MwViUqc4MgfwLkn7lwQ3LiUAxI/ItAGicNUM55kvYm9a+0mdhR/PtJo3syb+Pt9m533dp7XfgGMrZsRcRgRUxHxfkTM5+cL+RbvdLb0ugdH99eOj+6vFSJJ3vtXIatPz0XXz6Ru5K9ZjogffjfiJ4XzcVv7B1ur9XptNz9ebDd2Flv7B7c3G6sbtY3adrW6sryy9NadN6sX1tZXGlN56cuf/vHwmz9L05rLz3S34yJ1ml46jZOajIjvX0awEZjI2zM16kR4KsWIeDEiXs3u//mYyH6bAMB1liTzkcx3HwMA110xmwMrFCv5XMBcFIuVSmcO76WYLdabrfate8297fXOXNlClIr3Nuu1pXyucCFKhfR4OSs/PK6eOb4TES9ExC+nZ7Ljylqzvj7Kf/gAwBi7cWb8/+90Z/wHAK658qgTAACGzvgPAOOn3/ifJMnPh5wKADAknv8BYPx0xv+ZUacBAAyR538AGD/GfwAYKz949910S47z779e/2B/b6v5we31Wmur0thbq6w1d3cqG83mRvadPY0nvV692dxZfiP2Plz41k6rvdjaP7jbaO5tt+9m3+t9t1bKrjocQssAgH5eeOWTvxTSEfntmWyLrrUcSiPNDLhsxVEnAIzMxKgTAEbGal8wvp7hGd/0AFwTPZbofUS51weEkiRJLi8l4JK9/gXz/zCuuub//S9gGDPm/2F8mf+H8ZUkhUHX/I9BLwQArjZz/ECf9/9fzPe/y98c+PH62Ss+vsysAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Go7Wf+3kq8FPhfFYqUS8VxELESpcG+zXluKiOcj4s/Tpen0eHnEOQMAz6r490Jn/a/pc1Uv3zgtTkXET3/93q8+XG23d/8UMVX49/TJ+fbH+fnqcDMHAAZzMk5n+64H+QdH99dOtvM/NXlp+fzjOxFR7sQ/PirF8Wn8yTxqOUoRMfufwiNZFLrmLp7F4UcR8fle7S/EXDYH0ln59Gz8NPZzQ41ffCR+Mavr7NM/i89dQC4wbj5J+593et1/xbiZ7Xvf/+UL6hXz/i99qbXjrA98GP+k/5vo0//dHDTGG3/4Xqc0c77uo4gvTkacxD7u6n9O4hf6xP/qgPH/+qWXX+1Xl/wm4vXoHb871mK7sbPY2j+4vdlY3aht1Lar1ZXllaW37rxZXczmqBf7jwb/fPvW8/3q0vbP9olffkL7vzZg+3/7//d/9JXHxP/Ga73iF+Olx8RPx8SvDxh/dfb35X51afz1Pu1/0u//1oDxP/3bwbllwwGA0WntH2yt1uu1XQWFq19I/8pegTR6Fr49rFhT0bvqF6917ukzVUnyVLH69RgXMesGXAWnN31E/G/UyQAAAAAAAAAAAAAAAD0N4xNLo24jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA19dnAQAA//9Ye9JD")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001800)={&(0x7f0000000580)='kfree\x00', r2}, 0x9)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000006c0))
write$binfmt_script(r0, &(0x7f0000000380), 0x208e24b)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)

4m10.993235386s ago: executing program 38 (id=378):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1018a18, &(0x7f0000000240)={[{@noblock_validity}, {@grpjquota_path={'grpjquota', 0x3d, './file1'}}, {@nodioread_nolock}, {@dioread_nolock}, {@dioread_lock}, {@bh}, {@grpquota}, {@sb={'sb', 0x3d, 0x6}}]}, 0x1, 0x649, &(0x7f0000000700)="$eJzs3c1rHG8dAPDvzCZp3mxaEbFBMeChBWlearHqxbYe7KFgwR5EPDQ0SQ3dtCFJwdaCCXhQUBDxWqQX/wHv0rs3EdSbZ6GKVCxo6f6Y3dl2s9nNbpLubpP5fGCzzzzzJM/z3dkn88zsPjMBFNZM9iONOBfx9k4SMdWwbjJqK2fycq/+/fRu9kiiUvnuv5JI8rx6+SR/nsgXRiPiT9cjPl3aW+/m4yf3F8uVmp9EzG2trc9tPn5ycXVt8d7yveUHC5e+dvnK/NcXLi80NPTwJvLnGze/8/lf/vSHX135c/liElfj9vCPl6Ipjg9lJmbibR5iY/5QRFzJEi1el+PmBIRQaKX8/TgcEZ+NqShVl2qmYvUXA20c0FOVUkRlf0mnAsBxpXtDUdXHAfVj++6Og2/3eFTSPy+v1Q6A9sY/lJ9yGK0eG42/ShqOjGrnNs58gPqzOt48HX325un0s9h1HuL1u60z9AHqaWd7JyI+1yr+pNq2M9VIs/jTXcf6SUTMR8RI3r5vHaENSUO6F+dh9nOQ+Bu3QxoRV/PnLP/6IetvPq3V7/gBKKYX1/Id+Xa29H7/l4096uOfaDH+mTz6RzJVg97/tR//1ff3o9VxT9o0DsvGLLda/8nh5oy///zGr9vVXxv/TT+rP7L662PBfni5EzHdFP/PsmDz8U8Wf9Ji+2dF7lztro5v/+WfN9qtG3T8lecR51se/7wflWapua219Ylo+fnk3MpqeXm+9rNlHX/44w9+167+1vGf6kGkrWXbf7xN/A3bP23+vew1WW/9J3eaM35/6/lau/onO27/9B8jSe14cyTP+dHO1tbGQsRIcjMvkucvbm1tXNo/3lqZ15Xq80It/gtfat3/d73/m6Iaq//L7ML69+6/arfuMO//hg+T31a6bEM7WfxLnbf/nv6f5f2qyzr++/1HX2i3br/4x44SGAAAAAAAABRQWv0MNkln36XTdHa2Nl/2MzGelh9ubn155eGjB0sRF6rfhxxOI02qXxmZqi0nK6vl5YX8+7D15UtNy1+JiLMR8ZvSWHV59u7D8tKggwcAAAAAAAAAAAAAAAAAAICPxEQ+/79+n+r/lGrz/4GC6HyDuT33fwBOiF7eYBL4uFX7/367+NP9awvQX/b/UFz6PxSX/g/Fpf9Dcen/UFz6PxSX/g/Fpf8DAAAAwIl09osv/pZExPY3xqqPzEi+Lhloy4BeGz5Q6VLP2gH0nx4NxfXuo39X+IHC6Wr8/7/84oC9bw4wAC3P9VUHB5X9O/+LDmcJd47eNgAAAAAAAAAAAACg5vy59vP/DzY3GDhuTPuD4jrC/H+XDoBjzqX/obgc4wOdrvU52m5Fp/n/h6wPAAAAAAAAAAAAANhrsvpI0tl8LvBkpOnsbMSnIuJMDCcrq+Xl+Yg4HRF/LQ2fypYXBt1oAAAAAAAAAAAAAAAAAAAAOGE2Hz+5v1guL280Jv6/J+dkJ+p3Qe1cuNJFmX0T34wD/lYk/X9ZxiJi4BulZ4mhhpwkYjvb8h9FwzY2ozGnbffsT2Kw/5cAAAAAAAAAAAAAAAAAAKCIGuYetzb92z63CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD67/39/zsklsZrv9BV4d2JQccIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABxPnwQAAP//li058A==")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x80001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000140)="f26f3e0f01c54466b97c08000066b8aedbdae666baae93d3330f3066350d000000440f22c0f30f209a98ba2100b8dab0efb82d010f00d00f070f01c32ef20f35", 0x40}], 0x1, 0x2, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3m41.395964568s ago: executing program 9 (id=537):
prctl$PR_SET_SECUREBITS(0x1c, 0x25)
setresuid(0xee01, 0xee01, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
syz_open_procfs$userns(r0, &(0x7f00000003c0))

3m41.228771298s ago: executing program 9 (id=539):
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getdents64(r0, 0x0, 0x0)
r1 = syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000ffd26f10cb060600eb9a0102030109022400010000000009040001020a16d100090507000000000000090589"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x4c81, 0xfffffffffffffffc)
syz_usb_control_io$printer(r1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)

3m38.285061066s ago: executing program 9 (id=550):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000440)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x800)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
sendmsg$NFT_MSG_GETCHAIN(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x14, 0x4, 0xa, 0x5, 0x0, 0x0, {0x0, 0x0, 0x1}}, 0x14}}, 0x10)

3m38.148675961s ago: executing program 9 (id=552):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x4082172, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000f80)='./file0\x00', 0x4000, &(0x7f0000002480)=ANY=[], 0x2, 0xc47, &(0x7f0000000fc0)="$eJzs3UFsHNd9B+D/Gy3FlYxWTJwoThoXm7ZIZcZyZUkxFatwVzXNNoAsE6GYWwCuSEpdmCIJkmpkI22ZXnroIUBR9JATgdYokKKB0RRBj0zrAsnFhyKnnogWNoKiB7YIkFPAYGbfUkuatBlRlCjp+2zqtzv73sx789YzsqA3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiN9/5dKZ59ODbgUAcD9dGfvKmbPu/wDwWLnq//8BAAAAAAAAAAAAAOCwS1HEk5Fi/sp6mqjed9Qvt/tu3R4fHtm52rFU1TxSlS9/6s+fPXf+iy8MXejm5fbsh9S/1z4Tr41dvdR4ee7m/ML04uL0VGN8tj05NzW95z3st/52g9UJaNx8/dbU9euLjbPPndvy8e2B9/ufODlwceiZ0093y44Pj4yM3SlS7y1fu+uGdOw2w+NoFHE6Ujz73Z+kVkQUsf9zUb+/Y7/dsaoTg1UnxodHqo7MtFuzS+WHo90TUUQ0eio1u+do57GIWt997cPumhHLZfPLBg+W3Rubby20rs1MN0ZbC0vtpfbc7GjqtLbsTyOKuJAiViJirf+Du+uLImqR4tsn1tO1iDjSPQ9fqCYG796O4gD7uAdlOxt9ESvFQzBmh1h/FPFqpPjpO6diMl9nqmvN5yNeLfP7EW+V+VJEKr8Y5yPe2+F7xMOpFkX8ZTn+F9fTVHU96F5XLn+18eXZ63M9ZbvXlV/y/vCBK8UDuj8c25b3xyG/NtWjiFZ1xV9Pd/+bHQAAAAAAAAAAAAAAAADutWNRxKcjxSv/8cfVvOKo5qWfuDj0BwO/0jtn/KmP2E9Z9rmIWC72Nif3aJ4YOJpGU3rAc4kfZ/Uo4k/y/L9vPujGAAAAAAAAAAAAAAAAAAAAPNaK+HGkePHdU2kletcUb8/eaFxtXZvprArbXfu3u2b6xsbGRiN1splzIudyzpWcqznXOlnN+6/qF7l+zomcyzlXcq7mXMsZR3L9nM2cEzmXc67kXM25ljNquX7OZs6JnMs5V3Ku5lzLGYdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEdJEUX8PFJ86+vrKVJENCMmopOr/Q+6dQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAqT8V8b1I0fjD5ua2WkSk6t+OU+Uv56N5tMyPR3OozJeieSlnq8pa85sPoP3sT18q4keRor/+9uaA5/Hv67zb/BrEW9+48+4ztU4e6X448H7/EydPXBwa+fWndnuddmrA4OX27K3bjfHhkZGxns21fPSP92wbyMct7k3XiYjFN958vTUzM71w9y/Kr8AuH21sbPxZeZT9HuKQvEi1XXv6WL4oh/YQNOMAO1g7FM14YIPLo668/78XKX7n3f/s3vCr+39ts8TmHT5+9qd37v8vbt/RHu//te318v2/vKfvdP9/smfbi/l3I321iPrSzfm+kxH1xTfePN2+2boxfWN69vyZM18aGvrSuTN9RyPq19sz0z2v9n+uAAAAAAAAAAAAAAAAAO6rVMTvRYrWj9ZTIyJuV/O1Bi4OPXP66SNxpJpvtWXe9mtjVy81Xp67Ob8wvbg4PdUYn21Pzk1N7/Vw9Wq61/jwyIF05iMdO+D2H6u/PDf/xkL7xh8t7fj58fqla4tLC63JnT+OY1FENHu3DFYNHh8eqRo9027NVlVHd5xM/8vrS0X8V6SYPN9In8vb8vz/7TP8t8z/X96+owOa//+xnm3lMVMq4meR4rf/6qn4XNXO4/GBc5bL/V2kGLzw2Vwujpblum3oPFegMzOwLPt/keKffr61bHc+5JN3yj6/5xP7kCjH/0Sk+N5ffCd+I2/b+vyHncf/+PYdHdD4f6Jn2/EtzyvYd9fJ4386Urz05Nvxm3nbhz3/o/vsjVO58ObzOQ5o/D/Zs20gH/e37k3XAQAAAAAAAAAAHmp9qYi/jxQ/GKmlF/K2vfz9v6ntOzqgv//1qZ5tU/dmvaKPfLHvkwoAAAAAh0RfKuLHkeLG0tubc6i3zv/umf/5u3fmfw6nbZ9Wf873q9VzA+7ln//1GsjHndh/twEAAAAAAAAAAAAAAAAAAOBQSamIF/J66hPVfP6pXddTX40Ur/zPs7lcOlmW664DP1D9Wr8yN3v60szM3GRrqXVtZroxNt+anC7rfiJSrP/tZ3PdolpfvbvefGeN93otIqq12Bcixcg/dMt21mLvrk3eWQ+8sxZ7WfZjkeK//3Fr2e461p+8U/ZsWfZvIsXX/mXnsifvlD1Xlv1OpPjh1xrdssfLst3no37qTtnnJueKAxgVAAAAAAAAAAAAAAAAAAAAHjd9qYg/jxT/e3Nlcy5/Xv+/r+dt5a1v9Kz3v83tap3/gWr9/91e3836/9VzBZZ3OyoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyaUhTxZqSYv7KeVvvL9x31y+3ZW7fHh0d2rnYsVTWPVOXLn/rzZ8+d/+ILQxe6+eH177VPx2tjVy81Xp67Ob8wvbg4PdUYn21Pzk1N73kPu9ev31WLBqsT0Lj5+q2p69cXG2efO7fl49sD7/c/cXLg4tAzp5/ulh0fHhkZ6ylT67urI+8o7bL9aBTx15Hi2e/+JP2gP6KIDz0Xe/IR352DdqzqxGDVifHhkaojM+3W7FL54Wj3RBQRjZ5Kze45ug9jsS/NiOWy+WWDB8vujc23FlrXZqYbo62FpfZSe252NHVaW/anEUVcSBErEbHW/8Hd9UURr0eKb59YT//aH3Gkex6+cGXsK2fO7t6O4gD7uAdlOxt9ESvFQzBmh1h/FPHPkeKn75yKf+uPqEXnJz4f8WqZ3494KzrjncovxvmI93b4HvFwqkUR/1+O/8X19E5/eT3oXlcuf7Xx5dnrcz1lu9eVh/7+cD8d8mtTPYr4YXXFX0//7r9rAAAAAAAAAAAAAAAAgEOkiF+LFC++eypV84M35xS3Z280rrauzXSm9XXn/nXnTG9sbGw0UiebOSdyLudcybmacy1nFLl+zmaZ9Y2Nifx+OedKztWcaznjSK6fs5lzIudyzpWcqznXckYt18/ZzDmRcznnSs7VnGs545DM3QMAAAAAAAAAAAAAAAAAAB4tRfVPim99fT1t9HfWl56ITq5aD/SR94sAAAD//8or9Fc=")
syz_clone3(&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mmap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

3m37.03659784s ago: executing program 9 (id=558):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/fscaps', 0x0, 0xa7)
lseek(r0, 0x7, 0x4)

3m36.466427105s ago: executing program 9 (id=566):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000500)={[{@jqfmt_vfsv1}, {}, {@dioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100), &(0x7f0000000880)=ANY=[], 0x386, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)

3m36.300578814s ago: executing program 39 (id=566):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000500)={[{@jqfmt_vfsv1}, {}, {@dioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100), &(0x7f0000000880)=ANY=[], 0x386, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)

3m19.410715436s ago: executing program 8 (id=635):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000001280)={0x1c, 0x2, 0x3, 0x801, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10044011}, 0x800)

3m19.187132721s ago: executing program 8 (id=636):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r4 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000500)=@chain)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000700)={{r0}, 0x0, &(0x7f00000006c0)='%+9llu \x00'}, 0x20)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000100)=@ethtool_link_settings={0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20}})

3m18.004232627s ago: executing program 8 (id=637):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x1b7a, 0x4)
sendto$inet(r0, &(0x7f0000000080)='m', 0x1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000005880)=[{{0x0, 0x0, 0x0}, 0xb4a}], 0x1, 0x3160, 0x0)

3m17.728615879s ago: executing program 8 (id=641):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x0, &(0x7f0000000100)={[{@noload}, {@quota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@jqfmt_vfsold}]}, 0x2, 0x476, &(0x7f0000001340)="$eJzs3M9vFFUcAPDvzLZFQWhFFEFUFI2NP1paUDl40WjiQRMTPeCxtoUACzW0JkKIVmPwaEi8G48m/gWe9GLUk4lXvBsSolxAT2tmd6Zsl+12F5Zd6H4+yZL3Zt70zXdm3sybeTMEMLD2Zv8kEfdFxMWIGK1lV1TyQlm5a1fOzf575dxsEpXKu38n1XJXr5ybLcoWy23JM+NpRPpFkley2uKZsydmyuX503l+cunkh5OLZ86+cOzkzNH5o/Onpg8dOnhg6uWXpl/sSpxZfFd3f7KwZ9eb7194e/bwhQ9+/T7Jp0dDHO0YbqPM3izwfypVjfOe7qSyu8DWunQy1McVoSOliBjKj+eLMRqluL7zRuONz/u6csBtlV2bNq09e7kCbGBJ9HsNgP4oLvTZ/W/x61HX445w+dXaDVAW97X8V5szFGleZrjh/rab9kbE4eX/vsl+cRPPIQAAOvVj1v95vln/L436PuK2fGxoLCLuj4jtEfFAROyIiAcj4qGI2BkRD7dX7fEi0Tg0dGP/J710qzG2kvX/XsnHtlb3/4reX4yV8tzWavzDyZFj5fn9+TYZj+FNWX6qRR0/vf7HV2vNq+//Zb+s/sOrBpfSS0MND+jmZpZm2hqAasPlzyJ2DzWLP1kZCUgiYldE7O7sT28rEsee/W7PWoWaxp/3hdfVhXGmyrcRz9T2/3I0xF9IWo9PTt4T5fn9k8VRcaPffj//zlr131L8XZDt/82rj//GImNJ/XjtYud1nP/zyzXvadaPv/nxP5K8Vz0fjeTTPp5ZWjo9FTGSvFVbqn769PVli3xRPot/fF/z9r89XyaL/5GIyA7iRyPisYh4PF/3JyLiyYjY1yL+X1576niH8Sct/lxXZfHPNT3/JcU2bNj/nSdKJ37+ocP4G/b/wWpqPJ9SPf+to90VvLWtBwAAAHeHtPoOfJJOrKTTdGKi9g7/jticlhcWl547svDRqbnau/JjMZwWT7pG656HTiXL+dvEUb37ns6fFRfzD+TPjb8u3VvNT8wulOf6HDsMui117X/7zuvtP/NXaXXZlRER33fAxqE9w+BqbP9pn9YD6D3Xfxhc2j8MLu0fBlez9v9pQ77Uo3UBesv1HwbXeu2/Z18jAT3n+g+Dq779d+n/FQDufK2+jU9u/pN/iRMz5VJE9Kn2WL79VaR3yna+LYmRNhrIhk7ceK4Ycp8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADchf4PAAD//9Pg7Zc=")
chdir(&(0x7f0000000000)='./file0\x00')
creat(0x0, 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r0, &(0x7f0000000080), 0x208e24b)
unlink(&(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

3m16.427221038s ago: executing program 8 (id=644):
r0 = fanotify_init(0x0, 0x0)
r1 = epoll_create1(0x0)
r2 = fcntl$dupfd(r0, 0x0, r1)
fanotify_mark(r0, 0x21, 0x8000038, r2, 0x0)
fanotify_mark(r2, 0x22, 0x40000038, r2, 0x0)

3m14.120716764s ago: executing program 8 (id=652):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000f40)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000c00000020000180080003000300000014000200776730000000000000000000000000001800038014000380100001800800010007000000040003"], 0x4c}}, 0x0)

3m13.670852335s ago: executing program 40 (id=652):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000f40)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000c00000020000180080003000300000014000200776730000000000000000000000000001800038014000380100001800800010007000000040003"], 0x4c}}, 0x0)

2m49.499229994s ago: executing program 4 (id=773):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(r0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000010000e1250000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$unix(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

2m49.291300738s ago: executing program 4 (id=775):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0xb0000004})
epoll_pwait(r1, &(0x7f0000000100)=[{}], 0x1, 0xfffeffff, 0x0, 0x443c000000000000)

2m49.076522182s ago: executing program 4 (id=778):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000240)=0x21, 0x4)

2m48.971410574s ago: executing program 4 (id=779):
syz_mount_image$udf(&(0x7f0000000a40), &(0x7f0000000000)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4400, &(0x7f0000000100)=ANY=[@ANYBLOB="73686f72746164000000006d653d3030303030303030303030303030303030b030342c6e6f6164696e6963622c7569643d00", @ANYRESHEX, @ANYRES64=0x0], 0x1, 0xa1b, &(0x7f0000001540)="$eJzs209sm+d9B/Dfw1eyaadrFbd1kzbLWLQIPKUN5P9KvAH2rApt5iZGZWXzZTBlyQ4R/askF043tB42oAjQg1FgPWzAkMsOA3bwDrvsFOwwDBg2GDsMxYp2Wrpm6Y3BBuS0aXhfPpQoWY7VOLZk+/Mx7C/58veSzx+afMmHbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEb/1lVNDB9N2twIAuJ9eGvvG0GHv/wDwSDnn8z8AAAAAAAAAAAAAAOx0KYr4s0jx6k/a6UJ1vaN+pjV75er4yOjmu+1JkaIWRVVf/q0fPHT4yNFjx4e7+cH7f9SejJfHzp1qnJ6bmV+YWlycmmyMz7Yuzk1Obfke7nb/jQarAWjMvHZl8tKlxcah5w6vu/nqwDu7H9s/cOL4i+f3dWvHR0ZHx3pq+vo/9KPf4nZneOyKIn4WKerfezc1I6IWdz8Wd3ju3Gt7qk4MVp0YHxmtOjLdas4ulTemWq6qRQz07HSyO0b3YS7uSiPiWtn8ssGDZffG5psLzYnpqcbZ5sJSa6k1N5tqndaW/RmIWgyniPmIaBe33l1/FPHvkeL777fTREQU3XF4tjox+M7tqd2DPm5BX9m3IuJmPABztoPtjiLeiBQ/OD8UF/O4VsP2TMTXy3w64ptlLkdcz9dT+QR5KuK9TZ5PPFj6ooh/ihRzqZ0mu3Nfva6ceaXxtdlLcz213deVB/794X7a4a9N9ShionrFb6cPf7ADAAAAAMDOU8TfRoobMwfSfPSuKbZmLzfONSemO98Kd7/7b+S9VlZWVgZSJxs5h3KezHk254Wc8zmv5bye882cN3K+lfNmzuWc7ZxRy4+fs5FzKOfJnGdzXsg5n/Nazus538x5I+dbOW/mXM7ZzhnWvQAAAAAAAADYYfZEET+OFF/4m29V5xVHdV76J04MH/jqF3vPGf/MHe6nrH0uIm7E1s7J7c+nDqda+eej7xdbU48ivpPP//vD7W4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwrWpRxGcixQ/faKdIEdGIuBCdXC62u3UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAh1FPRZyOFL/4Sr26fjMiPhsR/7dS/omI5ZUNtrvFAAAAAAAAAMAtUhFDkeLxJ9tpICKuDryz+7H9AyeOv3h+XxFFpLKkt/7lsXOnGqfnZuYXphYXpyYb47Oti3OTU1t9uPqZ1uyVq+Mjo/ekM3e05x63f0/99Nz86wuty68ubXr73vqpicWlhebFzW+OPVGLGOrdMlg1eHxktGr0dKs5W+2aardpYC2isdXOAAAAAAAAAPDQ2JuKOBopXm0dSd11477Omv+vdK4Vq7V/8QdrvwWY3pBdvb8f2MrltNWGDlYL743xkdHRsZ7Nff23lpZtSqmIv44Un/vdJ6r18BR7N10bL+t2RYpj3zqS6wY+V9adXFdVHxwfGW28NDf75VPT03MXm0vNiempxth88+KWfzgAAAAAAAAAAPfQ3lTEn0eK3xu6mbrnnef1/77OtZ71/9+oltAr9bQ+V1Vr+x+v1vY7lz9xYrgx+mu3234v1v/LNqVUxL9Fisd//4nqfPru+v/Qhtqy7r8jxb/+41O5rrarrDvY7U7nHi+1pqeGUh6rzz/brY2q9niu/eRa7cGy9vOR4i+fWV87nGs/tVZ7qKz940jxv0c3r/30Wu3hsvaPIsVvv93o1u4ta8/k2v1rtc9dnJuevNOwlvP/d5Hi7C++mrp9vu389/z+49qGXHXLnH/w5Y9q/gd6tl3L8/rjPP8H7zD/fx8p/uSnT+W6ztgfyrc/Xv27Nv+/Eyn+61fX1x7LtfvWag9utVvbrZz/L0WKEz/60Wqf8/znkV2bod75/2zf+lx9lmzT/D/es20gt+vwLzkWj6LF17/9WnN6emrBBRdccGH1wna/MnE/lO///xwpXjhTS93jmPz+/7HOtbXjv/e/s/b+/8KGXLVN7//7era9kI9a+vsi6ksz8/37I+qLr3/7y62Z5uWpy1Ozw8eOHnl++Nix5/t3dY/t1i5teegeCuX8n4kUr/z0X1Y/x6w//tv8+H/vhly1TfP/yd4+rTuu2fJQPJLK+b8eKb779rurnzc/6Pi/+/n/wBfW5+r/v22a/0/1bKt+4//xiOd7th34dMSprT4WAAAAPGT25nXyP/31f1g953395//4Yre29/uf29kJ5/8DAAAAAMCjbm8q4q8ixf8MfSl1zyHbyu8/Jzfkqm36/d/+nm2T9+m8li0PMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADpSiiKcjxas/aaflorzeUT/Tmr1ydXxkdPPd9qRIUYuiqi//1g8eOnzk6LHjw9384P0/ak/Gy2PnTjVOz83ML0wtLk5NNsZnWxfnJqe2fA93u/9Gg9UANGZeuzJ56dJi49Bzh9fdfHXgnd2P7R84cfzF8/u6teMjo6NjPTV9/R/60W+RbrN9VxRxKVLUv/du+o8iohZ3PxZ3eO7ca3uqTgxWnRgfGa06Mt1qzi6VN6ZarqpFDPTsdLI7RvdhLu5KI+Ja2fyywYNl98bmmwvNiempxtnmwlJrqTU3m2qd1pb9GYhaDKeI+YhoF7feXX8UMREpvv9+O71dRBTdcXj2pbFvDB2+c3tq96CPvVa+u+nmvrJvRcTNeADmbAfbHUV8LFL84PxQ/KzojGs1bM9EfL3MpyO+WeZyxPV8PZVPkKci3tvk+cSDpS+KOBsp5lI7/WeR5756XTnzSuNrs5fmemq7rysP/PvD/bTDX5vqUcTPq1f8dvq5/88AAAAAAA+RIn4zUtyYOZCq9cHVNcXW7OXGuebEdOdr/e53/42818rKyspA6mQj51DOkznP5ryQcz7ntZzXc76Z80bOt3LezLmcs50zavnxczZyDuU8mfNszgs553Ney3k955s5b+R8K+fNnMs52znD9+QAAAAAAADADlSLIp6IFD98o51Wis4C74Xo5LJ1zofe/wcAAP//Vsw/Lg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000001800)='./file2\x00', 0x1c7042, 0x0)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f00000001c0)="ff", 0x1}], 0x1, 0x4005405, 0x0, 0x0)

2m48.591249148s ago: executing program 4 (id=781):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x21081e, &(0x7f0000000300)={[{@grpquota}, {@nouid32}, {@sysvgroups}, {@noblock_validity}, {@user_xattr}, {@errors_remount}, {@barrier_val={'barrier', 0x3d, 0xa0f}}]}, 0x1, 0x50b, &(0x7f00000007c0)="$eJzs3c9vI1cdAPDvOHHiZNMmLT0AgnZpCwtarZN426jqgZYTQqgSokcQ25B4oyh2HMVOacIe0jNXJCpxgiN/AOc9ceeC4MZlOSDxIwJtkDgYzXiS9WbtTUQSO4o/H2k0780bz/e99c57O89rvwBG1s2I2I+IiYj4KCJm8+NJvsX7nS097/HBg5XDgwcrSbTbH/4jycrTY9H1mtSN/JqliPj+tyN+nDwbt7m7t7Fcq1W38/x8q74139zdu7NeX16rrlU3K5WlxaWFd+6+Xbmwtr5Wn8hTX370+/1v/DSt1kx+pLsdF6nT9OJxnNR4RHz3MoINwVjenolhV4T/SyEiXo6I17P7fzbGsncTALjO2u3ZaM925wGA666QzYElhXI+FzAThUK53JnDeyWmC7VGs3X7fmNnc7UzVzYXxcL99Vp1IZ8rnItikuYXs/STfOVE/m5EvBQRP5+cyvLllUZtdZj/8AGAEXbjxPj/78nO+A8AXHOlYVcAABg44z8AjB7jPwCMHuM/AIyezvg/NexqAAAD5PkfAEaP8R8ARsr3Pvgg3dqH+e9fr368u7PR+PjOarW5Ua7vrJRXGttb5bVGYy37zZ76aderNRpbi2/Fzidz39xqtuabu3v36o2dzda97He971WL2Vn7A2gZANDPS689/FOSjsjvTmVbdK3lUBxqzYDLVhh2BYChGetKJx7MYaRY7QtG1zme8U0PwDXRY4nep5R6fUGo3W63L69KwCW79QXz/zCquub//S9gGDFjw64AMDTm/2F0tdvJWdf8j7OeCABcbeb4gT6f/7+c73+Tfzjww9WTZ3zW83X7efdycRUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAK+ho/d9yvhb4TBQK5XLECxExF8Xk/nqtuhARL0bEHyeLk2l+cch1BgDOq/DXJF//69bsmzNPFb164zg5ERE/+eWHv/hkudXa/kPERPLPyaPjrc/y45XB1x4AON3ROJ3tux7kHx88WDnaBlmfv30rIkqd+IcHE3F4HH88xrN9KYoRMf2vJM93JF1zF+ex/2lEfL5X+5OYyeZAOiufnoyfxn5hoPELT8UvZGWdffpn8bkLqAuMmodp//N+r/uvEDezfe/7v5T1UOeX93/ppVYOsz7wSfyj/m+sT/9386wx3vrddzqpqWfLPo344njEUezDrv7nKH7SJ/6bZ4z/5y+9+nq/svavIm5F7/jdseZb9a355u7enfX68lp1rbpZqSwtLi28c/ftynw2Rz3ffzT4+7u3X+xXlrZ/uk/80int/+oZ2//r/370g688J/7X3+gVvxCvPCd+OiZ+7Yzxl6d/W+pXlsZf7dP+097/22eM/+gve88sGw4ADE9zd29juVarbktIXP1E+lf2ClSjZ+K9QcWaiN5FP3ujc0+fKGq3n3/B904e+VGW6NdjXMSsG3AVHN/0EfGfYVcGAAAAAAAAAAAAAADoaRDfWBp2GwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALi+/hcAAP//LeXWzg==")
lsetxattr(&(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=@known='trusted.overlay.metacopy\x00', 0x0, 0x0, 0x0)

2m47.43870864s ago: executing program 4 (id=788):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
sync()
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
unlink(&(0x7f0000000f40)='./file0/file0\x00')

2m37.767017052s ago: executing program 3 (id=834):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000180)=[{0x0, 0x80}]}, 0x10)
write$binfmt_misc(r0, &(0x7f0000000100), 0x6)

2m37.739839745s ago: executing program 3 (id=838):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, 0x0)
io_setup(0x7, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFBRDADDR(r3, 0x891a, 0x0)
r4 = shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)
shmat(r4, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
shmctl$IPC_RMID(0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f00000003c0))
r5 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000340)={{{@in=@private=0x1, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e20, 0x0, 0x0, 0x0, 0xa}, {0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x1}, {{@in6=@mcast2, 0x0, 0x33}, 0x0, @in=@multicast2, 0x0, 0x0, 0x0, 0x7}}, 0xe8)
getsockopt$IP_VS_SO_GET_SERVICES(r3, 0x0, 0x482, 0x0, 0x0)
sendmmsg(r5, &(0x7f0000000480), 0x2e9, 0xffd8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000080)})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)

2m36.361788664s ago: executing program 3 (id=843):
syz_usb_connect$cdc_ecm(0x2, 0x5c, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x4a, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x17, 0x2, 0x2, 0x0, 0x0, {{0x5}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x6, 0x0, 0x20}, [@country_functional={0x6, 0x24, 0x7, 0x4, 0x7}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x40}}], {{0x9, 0x5, 0x82, 0x2, 0x10}}, {{0x9, 0x5, 0x3, 0x2, 0x240}}}}}]}}]}}, 0x0)

2m31.967941908s ago: executing program 3 (id=860):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000080)={[{@grpquota}, {@grpid}], [{@appraise_type}, {@uid_gt}]}, 0x4, 0x4fe, &(0x7f0000001080)="$eJzs3c9vU8kdAPDvc2ISgiHQcmgrtVBKSyuE8wOIED0ULq0qhFQV9dQDpImJotg4ihNKUqSGY+9Vi9RT+yf01kMlTj301lv7B9DDSuwu2hVZaQ9evWfnB4mDs0sSg/35SC/vzYzj74ydmbEncSaAnnU2IlYj4khE3IuI4WZ+0jziRuNIb/fq5eOptZePp5Ko1+98lGTlaV5s+Z7UseZ9DkbEL38W8ZtkZ9za8srcZLlcWmimR+qV+ZHa8sql2VwzZ3xibGL02uWr4/vW1jOVv7/46eytX/3zH99+/p/VH/0urVbhD8ezsq3t2E+NpuejsCWvPyJuHUSwDulv/vzw/kl729ci4lzW/4ejL3s2AYBuVq8PR314axoA6Hbp+/9CJLlicy2gELlcsdhYwzsdQ7lytbZ4cbi69GA6sjWsk5HP3Z8tl0aba4UnI5+k6bHsejM9vi19OSJORcQfB45m6eJUtTzdyRc+ANDDjm2b/z8daMz/AECXG+x0BQCAQ2f+B4DeY/4HgN7zJeZ/nw4EgC7h/T8A9B7zPwD0nrbz/5PDqQcAcCh+cft2etTXmv//evrh8tKPCw8vTZdqc8XK0lRxqrowX5ypVmfKpeJUvd7u/srV6vzYlY1kbXnlbqW69GDx7mxlcqZ0t5Q/4PYAAO2dOvPsf0lErF4/mh2R7eXwp+xsrobulut0BYCO6et0BYCO8Xke6F17eI9vGQC6XIstel+z658IPbX5K7yvLnyz1fp/g4kfupv1f+hdX239/yf7Xg/g8Fn/h95Vryf2/AeAHmONH3ir3/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAjypkR5IrZnuBr6Zfc8VixPGIOBn55P5suTQaESci4r8D+YE0PdbpSgMAbyn3QdLc/+vC8PnC9tIjyWcD2TkifvuXO39+NLm4uDCW5n+8kb/4tJk/fqQTDQAAtrqxM2t9n8/1eXzdq5ePp9aPQ6tfRLy42dhcNI271jwaJf3Rn50HIx8RQ58kzXRD2o6+fYi/+iQivrHZ/kdbIhSyNZDGzqfb46exjx9A/M3Hf3v83Gvxc1lZes5nj8XX96Eu0Gue3WyMk82+l3axZv/Lxdns3Lr/D2Yj1NtbH//Wdox/uY3xr29H/CTr82c30m+uyYsr//r5jsz6cKPsScS3+lvFTzbiJ7uMv+f32MYkvnNut7L6XyMuxO9bxm+oZMPsyGJlfqS2vHJptjI5U5opPRgfnxibGL12+er4SLZGPXI/WS2N/rtVjA+vXzyxW/y0/UPRuv2Dbdr//T22/2+f3/v1d98Q/4ffa/38n35D/HRO/MEe408O3dh1++40/vQu7W/3/F9sH7o+EBHP/78yvceqAgCHoLa8MjdZLpcW2lykrzXb3cbFe3FxdHtOrEa8CxVz8S5ddHpkAg7aZqfvdE0AAAAAAAAAAAAAAIDd1JZX5gbiYD9O1Ok2AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0L2+CAAA//+JH82O")
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
fchdir(r0)
close(r0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x80000, 0x0)
umount2(&(0x7f0000000100)='./file0/file0\x00', 0xb)

2m31.515437871s ago: executing program 3 (id=864):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x2200054, &(0x7f0000000180), 0x4, 0x244, &(0x7f0000000480)="$eJzs3TFoE3scB/DfJU372oZH33vLgwfvPRARLRTdBAfrolCQIg6CChURJ2mF2uLWOrk46KzSyUXEzeooLsVFEZyqdKiLoMXB0kGHSHJpbW3F0sSc9D4fuCR397/73ZH7/i8E7i6A3OqJiP6IKEZEb0SUIiJZ3eD/dOipj051zgxFVCrHPyS1dul4anm57oiYjIj90b6ymvHpU/NLs0d2XRsr7bwzfbKzRbu3xsL83NHF24NXHwzsG3/+8t1gEv1Rrs9bvR/NlGwwrS2J+PNnFPtFJG1ZbwGbcezy/VfV3P8VETtq+S9FIdIv7/po+5NS7Ln1vWVvvH/xTyu3FWi+SqVUPQdOVoDcKUREOZJCX0SknwuFvr70N/zrYlfhwsjopd7zI2PD57LuqYBmKUfMHX7U8bD7m/y/Lab5B7avcvpXX81iMdttAVqrev7vPTOxO+Qfckf+Ybtp33RL+Yf8kn/IL/mH/JJ/yC/5h/ySf8gv+Yf8kn/Ir9X5BwDypdKxteuGl29s0+zrkYHWybr/AQAAAAAAAAAAAAAAAAAA1pvqnBlaHlpV8+nNiIVDEdG2Uf1i7XnEEb/VXrs+JtVmK5J0sYac/q/BFTToXsZXX//+Jtv6z/7Ntv7EcMTklYhYqk9Yc/wl9eNv6/74wfzS2QYLNOjAiWzrf76bbf2B2YjH1f5n70b9TyH+rr2v738OpvdP+/oA5S26+KnBFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAyXwIAAP//VeRflA==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
unshare(0x8000000)
semget$private(0x0, 0x4000, 0x0)
semctl$GETALL(0x0, 0x0, 0xd, &(0x7f0000000780)=""/143)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)

2m30.720426112s ago: executing program 41 (id=788):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
sync()
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
unlink(&(0x7f0000000f40)='./file0/file0\x00')

2m30.256624995s ago: executing program 3 (id=869):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000004c0)='./file1\x00', 0x82, &(0x7f0000000fc0)=ANY=[], 0x1, 0x1f6, &(0x7f0000000d00)="$eJzslU1rE0EYx3+zmTSN5tCzp4LF9qJttiB+A/sBvHkxpGstbnzpBjSlkNVLr+KXKPgpPAj6DUQEL/WgoIeKp0qJzM4z0w2JbJV6CMwfludl/vM8z+zMPHMve5w1gJOjvS4LFFC0+KgUGlhW1nc8Z+UPkSPBF23ttvhfifwsMhsIccju/U6aJjvZoEJRCqo46QirSHrGSXpKMsesDP3u+bhHMZUcAVXraZx1zZWKyTYx1K/ZJU3OejFexjSOzOW8KvwHZShn48+cRTjzubErtcrP1viR+Hrexdf53/8HvOdXq3qbPry02zmN43e5OXFTZk2J/mpWhrSv7OaziO+F8f5or2uUO9LFjG/Tfu5KFBxjvClxLmnIQdVORj6OLrolLAOr/d6j1Wywe3W719lKtpIHcbx+fe3tRbmioyFsp8maKpVhLjWuLwHmnjZL43Xg0+l4zu15b6hSaQYXQEnP9SFdc165fJqDJkSlueUYNu5rn78hvho9bnEFk/1JrhYhxv6tJUw0zV2ztA0UNTHaulQnHBMxXwxc6z5MN/dRKDftAO1jtA+peyMWwyRK1m/krsR9kUsiN0QeiDwU6d4u9ybpIsI3sVZymONpp9/fKR4vq3lf7H3xgs8cSVb3GipXSYOAgICAgICAgBnB7wAAAP//BwlLrA==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x10012, r3, 0x5c142000)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000100)=ANY=[])

2m28.324779878s ago: executing program 42 (id=869):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000004c0)='./file1\x00', 0x82, &(0x7f0000000fc0)=ANY=[], 0x1, 0x1f6, &(0x7f0000000d00)="$eJzslU1rE0EYx3+zmTSN5tCzp4LF9qJttiB+A/sBvHkxpGstbnzpBjSlkNVLr+KXKPgpPAj6DUQEL/WgoIeKp0qJzM4z0w2JbJV6CMwfludl/vM8z+zMPHMve5w1gJOjvS4LFFC0+KgUGlhW1nc8Z+UPkSPBF23ttvhfifwsMhsIccju/U6aJjvZoEJRCqo46QirSHrGSXpKMsesDP3u+bhHMZUcAVXraZx1zZWKyTYx1K/ZJU3OejFexjSOzOW8KvwHZShn48+cRTjzubErtcrP1viR+Hrexdf53/8HvOdXq3qbPry02zmN43e5OXFTZk2J/mpWhrSv7OaziO+F8f5or2uUO9LFjG/Tfu5KFBxjvClxLmnIQdVORj6OLrolLAOr/d6j1Wywe3W719lKtpIHcbx+fe3tRbmioyFsp8maKpVhLjWuLwHmnjZL43Xg0+l4zu15b6hSaQYXQEnP9SFdc165fJqDJkSlueUYNu5rn78hvho9bnEFk/1JrhYhxv6tJUw0zV2ztA0UNTHaulQnHBMxXwxc6z5MN/dRKDftAO1jtA+peyMWwyRK1m/krsR9kUsiN0QeiDwU6d4u9ybpIsI3sVZymONpp9/fKR4vq3lf7H3xgs8cSVb3GipXSYOAgICAgICAgBnB7wAAAP//BwlLrA==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x10012, r3, 0x5c142000)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000100)=ANY=[])

2m25.482212994s ago: executing program 2 (id=889):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@barrier}, {@debug}, {@noload}, {@mblk_io_submit}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400}}]}, 0xfe, 0x46d, &(0x7f0000000f00)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapoJL60tLzIwYtGEw6amOgB46m2hVQKNbQmQohWD3g0JN6N/4XxpBejXjTxqndDQgwXUC9rZmemLMtu2aXbLnQ/n2S6zzPzdJ/nOzPP7jPz7G4APWsk+5NE/C8ifo+IoTx7a4GR/OHGtYtTf1+7OJVEpfLWX0m13PVrF6fKouX/bcszlUqR39Sg3kvvRkzOzc2cK/Jji2c+GFs4f+GF2TOTp2ZOzZydOHbs8KG9g0cnjnQkziyu67s/nt+z6/g7l9+YOnH5vZ+S/sjjjro4OmUk37sNPd3pyrpse026umOX7fvlZrrRmUA39UVEdrgGqv1/KPpiy/K2oXjts642DlhTlUqlssKr8lIF2MCS6HYLgO4o3+iz699yWaehxz3h6sv5BVAW941iybf0R5on9g3UXd920khEnFj656tsiTW6DwEAUOu7bPzzfKPxXxoP54nB7M//izmU4Yh4ICJ2RMSDEbEzIh6KqJZ9JCIebbP++hmS28c/6ZW7Dq4F2fjvpWJu69bxX1oWGe4rctur8Q8kJ2fnZg4W++RADGw6OZvMjK9Qx/ev/vZFs221479syeovx4JFO670192gm55cnFxNzLWufhqxu79R/EmU0zhJROyKiN13Wcfss/1Nt905/hU0f9qWVb6OeCY//ktRF38paTo/Of7i0YkjY5tjbubgWHlW3O7nXy+92az+VcXfAdnx39rw/F+OfzjZHLFw/sLp6nztQvt1XPrj86bXNG2e/8e3F+f/YPJ2dcVgseGjycXFc+MRg8nrt6+fuPlsZb4sn8V/YH/j/r8jbu6JxyJiT0TsjYjHs4vCou1PRMSTEbF/hfh/fOWp99uPf33mSrP4p+90/KP2+Lef6Dv9w7d3jn9zRDQ7/oerqQPFmlZe/1pt4Gr2HQAAANwv0upn4JN0dDmdpqOj+Wf4d8bWdG5+YfG5k/Mfnp3OPys/HANpeadrqOZ+6Hhxb7jMT9TlDxX3jb/s21LNj07Nz013O3jocdua9P/Mn33dbh2w5jowjwbcp/R/6F36P/SmRP+Hnqb/Q+9q1P8/aVp69Js1bQywrrz/Q+9qof8v5Q/NRwXA/cn7P/Qu/R96UtPvxqer+sr/uif+LX7P8F5pz8ZPRHpPNGPjJ/pb/jGLNhKVobz/Z2s2NSzT7VcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzvgvAAD//w3J5b0=")
socket$unix(0x1, 0x2, 0x0)
syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="00bc7811e943bbb3bc31a70c81525069e4320000000000"], 0x1, 0x1a2, &(0x7f0000000440)="$eJzs0L9r1GAcx/H390nul1DlVBwq2AOLMUe1yVUdnA6nEy7g4CJ46HGNvWKqXHODLS10kYJU+y/oIHVUQScRBefiIDhoXLpJbygO4iAnyT0V/Bt8XpB88v1Aki9PN+7FBeD33kqHOhmLg3xEsIEJGXVKjfK1nr/r3BwFl/S8ofOZzvF4afl2O4rCxcrFCuV/CuBH1v2t4hccU5SEOvJ5b6XTlpsBwzoLajag3KT6EKtFz33EuD3G0RtYDJ0NLit64jTh0HS/yHS8tHxmfqE9F86Fd2q1mQveOc87n+4fhd4rxH0gises4gYUAkruKrkW97ftA0wJ4nZVYkl1QL7F5rZ1+uTUAOXuMkR45wwofLW7FXWVUxSvp8s3OCI8wQqYbFJS2Nyaj0KvgVxRL8W3P9k/c4rimmWd7dyNZtevKfmV36rLblH8HXKOT63qM5MeDYd5z3rCZEIjYSth5xsT8ib9y/652mvp/bmejnOCp3nutfv9RT8PH8QJqKVXGcayz6lsrzK81e/o4Mv+g2EYhmEYhmEYhvEf+BMAAP//l8hh1g==")
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b04, &(0x7f0000000000)={'wlan1\x00'})
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r4, 0x4b66, &(0x7f0000000040)={0x3e, 0x0})

2m22.2938977s ago: executing program 2 (id=905):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file1\x00', 0x210008, &(0x7f0000000140)=ANY=[@ANYBLOB='uid=', @ANYRESDEC=0x0, @ANYRESDEC=0x0], 0xff, 0xc45, &(0x7f0000001bc0)="$eJzs3U9sHNd9B/DfGy3FpdxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcjIYzOxbcUmRNiOKEmV9Pjb13Z19b+a9easZW9CbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cvHU6fSwWwEAPEiXR7966oz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7yWxqv3HfVL7b5bt8eGR7avNpCqmoeq8uVP/fSZs+e+9MLQ+W5eas98SP377bPx2ujVi42XZ2/OzU8tLExNNsZm2hOzk1O73sNe6291ojoBjZuv35q8fn2hceb5s5s+vj34fv8TxwYvDD178plu2bHhkZHRjSL13vK1e25Ix04zPA5HEScjxXPf+2lqRUQRez8X9Qc79lsNVJ04UXVibHik6sh0uzWzWH54pXsiiohGT6Vm9xxtPxZR63ugfdhZM2KpbH7Z4BNl90bnWvOta9NTjSut+cX2Ynt25krqtLbsTyOKOJ8iliNitf/u3fVFEbVI8Z2ja+laRBzqnocvVhODd25HsY993IWynY2+iOXiERizA6w/ing1UvzsneMxka8z1bXmCxGvlvmDiLfKfCkilV+McxHvbfM94tFUiyL+shz/C2tpsroedK8rl77W+MrM9dmest3ryi95f7jrSvGQ7g8DW/LB6FybBg7qtakeRbSqK/5auvf/2AEAAAAAAAAAAAAAAADgfhuIIj4TKV75jz+p5hVHNS/96IWhPxz81d45409/xH7Kss9HxFKxuzm5h/PEwCvpSkoPeS7x46weRfxpnv/3rYfdGAAAAAAAAAAAAAAAAAAAgMdaET+JFC++ezwtR++a4u2ZG42rrWvTnVVhu2v/dtdMX19fX2+kTjZzjudcyrmccyXnas4ocv2czZzjOZdyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNq9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfJ0UU8UGk+PY31lKkiGhGjEcnV/ofdusAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFJ/KuL7kaLxR80722oRkap/O46Xv5yL5uEyPxnNoTIPR/NimS9Fs1Vlrfmth9B+9qYvFfHjSNFff/vOgOfx7+u8u/M1iLe+ufHus7VOHup+OPh+/xPHjl4YGvmNp3d6nbZrwIlL7ZlbtxtjwyMjoz2ba/non+zZNpiPW9yfrhMRC2+8+Xprenpq/t5flF+Be6jeHcU9Hv1Bvki1e+rpw34R+XfxQWnPo/MiageiGQ+n7zwGyvv/e5Hid9/9z+4Nv3P/r8evdN7ducPHz/9s4/7/4tYd7eL+/8H6+npta718/y/vBtvd/5/s2fZivo711SLqizfn+o5F1BfeePNk+2brxtSNqZlzp059eWjoy2dP9R2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vwwtCzJ585FIeq+Vab5m2/Nnr1YuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDY/sS2c+0sA+t3+g/vLs3Bvz7Rt/vLjt50fqF68tLM63Jrb/OAaiiGj2bjlRNXhseKRq9HS7NVNVvbLtZPpfXl8q4r8ixcS5Rvp83pbn/2+d4b9p/v/S1h3t0/z/T/RsK4+ZUhE/jxS/81dPx+erdh6Ju85ZLvd3keLE+c/lcnG4LNdtQ+e5Ap2ZgWXZ/4sU//TB5rLd+ZBPbpQ9vesT+4gox/9opPj+X3w3fjNv2/z8h+3H/8jWHe3T+D/Vs+3IpucV7Lnr5PE/GSleevLt+K287cOe/9F9asPxXPjO8zn2afw/1bNtMB/3t+9P1wEAAAAAAAAAAB5pfamIv48UPxyppRfytt38/b/JrTvap7//9emebZP3Z72ij3yx55MKAAAAAAdEXyriJ5HixuLbd+ZQb57/3TP/8/c25n8Opy2fVn/O92vVcwPu55//9RrMxx3fe7cBAAAAAAAAAAAAAAAAAADgQEmpiBfyeurj1Xz+yR3XU1+JFK/8z3O5XDpWluuuAz9Y/Vq/PDtz8uL09OxEa7F1bXqqMTrXmpgq6z4VKdb+9nO5blGtr95db76zxvvGWuzzkWLkH7plO2uxd9cmf2qj7Omy7CcixX//4+ay3XWsP7VR9kxZ9m8ixdf/ZfuyxzbKni3LfjdS/OjrjW7ZI2XZ7vNRP71R9vmJ2WIfRgUAAAAAAAAAAAAAAAAAAIDHTV8q4s8jxf/eXL4zlz+v/9/X87by1jd71vvf4na1zv9gtf7/Tq/vZf3/6rkCSzsdFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPp5SFPFmpJi7vJZW+sv3HfVL7Zlbt8eGR7avNpCqmoeq8uVP/fSZs+e+9MLQ+W5+eP377TPx2ujVi42XZ2/OzU8tLExNNsZm2hOzk1O73sNe6291ojoBjZuv35q8fn2hceb5s5s+vj34fv8TxwYvDD178plu2bHhkZHRnjK1vns++l3SDtsPRxF/HSme+95P0w/7I4rY+7n4iO/OfhuoOnGi6sTY8EjVkel2a2ax/PBK90QUEY2eSs3uOXoAY7EnzYilsvllg0+U3Ruda823rk1PNa605hfbi+3ZmSup09qyP40o4nyKWI6I1f67d9cXRbweKb5zdC39a3/Eoe55+OLl0a+eOrNzO4p97OMulO1s9EUsF4/AmB1g/VHEP0eKn71zPP6tP6IWnZ/4QsSrZf4g4q3ojHcqvxjnIt7b5nvEo6kWRfx/Of4X1tI7/eX1oHtdufS1xldmrs/2lO1eVx75+8ODdMCvTfUo4kfVFX8t/bvf1wAAAAAAAAAAAAAAAAAHSBG/HilefPd4quYH35lT3J650bjaujbdmdbXnfvXnTO9vr6+3kidbOYcz7mUcznnSs7VnFHk+jmbZdbX18fz+6WcyzlXcq7mjEO5fs5mzvGcSzmXc67kXM0ZtVw/ZzPneM6lnMs5V3Ku5owDMncPAAAAAAAAAAAAAAAAAAD4eCmqf1J8+xtrab2/s770eHRyxXqgH3u/CAAA//8CwvVj")

2m21.320531513s ago: executing program 2 (id=908):
fsopen(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x800, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000000), 0x1, 0x5d4, &(0x7f0000000b40)="$eJzs3c9vVNUeAPDvvZ0WSt977SMvT3FhGg2BRGlpAYM/FrAnBH/s3FhpIcjwI7RGiyaWBDcmxo0LElcuxP9CiW5dmbhw4caVIUFj2GiMjrkzd4ahnWmH0umtvZ9PMsz5MTPnTOm359xzz50JoLTGs3/SiD0RcTmJGG2rq0ReOd543N1f3z2d3ZKo1V7+JYkkL2s+PsnvR/In/zka8e1XSeweWNnu/OLV8zPV6tyVPD+5cOHy5Pzi1QPnLsycnTs7d3H6memjRw4fOTp18KHeX9qWPnH9jbdGPzj56mef/JFMff7DySSOxc9nGnXt72OjjMd4/Farvbe8PPu5Ht3oxgoy0Po9uSdZXsCWVcljZDAiHonRGGj73xyN918stHNAX9WSiBpQUon4h5JqzgOax/a9HQenfZ6VAJvhzvGoH/2vjP9KY20wxuprA3uXPa/Dkt66ZG188/XJ69ktuq7D7dyg1oB2S9d25Knl8Z/UY3Msj71dd9P71nmzGcCp/D4rf2md7Y8vy/djHR7obOlaRDzaaf6/dvy/1hb/r6+zffEPAAAAAAAAG+fW8Yh4utP5vzQ/N7cznqif/0sa5/++u3eF4LENaH/t83/p7Q1oBujgzvGIFzru/23t8R0byHP/buwGTM6cq84djIj/RMT+GNyR5adWaePAh7tvdKtr3/+X3bL2m3sB837cruy4/zmzMwszD/OegYY71yIeq3Tf/5ON/0n7+J/L/h5c7rGN3XtvnupWt3b8A/1S+zRiX8fxP2k9Jln98zkm6/OByeasYKXH3/noi27ti38oTjb+71o9/seS9s/rmX+w1x+KiEOLlVq3+vXO/4eSVwaar595e2Zh4cpUxFByYmX59IP1GbarZjw04yWL//1Prr7+15r/t8XhcEQs9djm//8a+bFb3XhELX9Z4z9ssiz+ZzuM/8Ndx/8HT0zfHPuyW/u9jf+H62P6/rzE+h+srtcALbqfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBPlEbEvyJJJ1rpNJ2YiBiJiP/FrrR6aX7hqTOX3rw4m9XVv/8/bX7T72gjnzS//3+sLT+9LH8oIv4bER8PDNfzE6cvVWeLfvMAAAAAAAAAAAAAAAAAAACwRYx0uf4/89NA0b0D+q6S34t3KJ9K0R0ACiP+obzEP5SX+IfyEv9QXuuMf6cLYBsw/kNZDfb2sJ397gdQBOM/AAAAAABsK7eef/ZGEhFLzw3Xb5mhvK51YnC4qN4B/ZQW3QGgMPbwQnnZ+gPl1ePmX2AbS1qp32ud6rvv/k/60yEAAAAAAAAAAAAAYIV9e259v+b1/8C2lEYcK7oPQDFc/w/l5fp/KK8ux/iOCaBE1rqK3/X/AAAAAAAAAAAAAFC8+cWr52eaXwI+U63OXamXSEg0ErVacb8bgxGxJX4Im54Yag/PzWg0IpZWlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFvC3wEAAP//COEcHw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_UIE_ON(r4, 0x7003)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r5, &(0x7f00000003c0)={0xa, 0x0, 0x1000002, @mcast2, 0x5}, 0x1c)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
read$FUSE(r6, &(0x7f0000003280)={0x2020}, 0x2020)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)

2m19.493704553s ago: executing program 2 (id=915):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000003c0)={[{@jqfmt_vfsold}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {}, {@dioread_lock}]}, 0x10, 0x4ee, &(0x7f0000000cc0)="$eJzs3dFrHFsZAPBvJtmbpM01uerD9YL3XrxX0ot2N2lsG3yoFcQ+Faz1vcZkE0I22ZDdtE0okuK7gogKPvnki+AfIEj/BBEK+i5VFNFWH3xQV3Z2trZxtxvpdseb/H4wnTNzJvm+07Bn5swcdgI4td6NiKsRMRYRH0TETL4/zZdr7fobneOePL630l6SaLVu/jmJJN/X/V1Jvj4bEYcRMRkRX70W8Y3kv+M29g82l2u16m6+XWlu7VQa+wfnN7aW16vr1e3FxYVLS5eXLi7ND6WdsxFx5Uu///53fvLlK7/47J3f3vrjuW+205rO659txzB1ml7K/i+6xiNi91UEK8BYvi71qf/22AiTAQBgoPY1/kcj4lPZ9f9MjGVXpwAAAMBJ0vrCdPwjiWgBAAAAJ1aazYFN0nI+F2A60rRc7szh/XicSWv1RvMza/W97dXOXNnZKKVrG7XqfD5XeDZKSXt7IZ9j292+cGR7MSLeiIjvzUxl2+WVem216JsfAAAAcEqcPTL+/9tMNv6fKDovAAAAYMhmi04AAAAAeOWM/wEAAODkM/4HAACAE+0r16+3l1b3/dert/f3Nuu3z69WG5vlrb2V8kp9d6e8Xq+vZ9/ZtzXo99Xq9Z3Pxfbe3Uqz2mhWGvsHt7bqe9vNWxvPvQIbAAAAGKE33nnwmyQiDj8/lS1trxWdFDASyYD67CUhj/KN340gIWBkxopOACjMeNEJAIUpFZ0AULhB9wH6Tt755fBzAQAAXo25T/R//u/eAJxsadEJAAAj5/k/nF6l52cAXiwuE6AoHxlQ//LP/1ut/ykhAABg6KazJUnL+bPA6UjTcjni9ey1AKVkbaNWnc/HB7+eKU20txeyn0wGzhkGAAAAAAAAAAAAAAAAAAAAAAAAADparSRaAAAAwIkWkf4hyb7NP2Ju5v3po/cHXkv+PpOtI+LOj27+4O5ys7m70N7/l6f7mz/M918o4g4GAAAAcFR3nN4dxwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAMD15fG+lu4wy7p++GBGzPeO/M5mtJqMUEWf+msT4Mz+XRMTYEOIf3o+IN3vFT9ppxWx0sugVf6rA+GlEnB1CfDjNHrT7n6u9Pn9pvJute3/+xvPlZfXv/9Lo9n9jffqf148Z462HP6v0jX8/4q3x3v1PN37SJ/57x4z/9a8dTPara/04Yq7n+Sd5LlalubVTaewfnN/YWl6vrle3FxcXLi1dXrq4NF9Z26hV8397xvjuJ3/+rxe1/0yf+LMD2v/+Mdv/z4d3H3+sUyz1in/uvd7n3zf7xE/zc9+n83K7fq5bPuyUn/X2T3/19ovav9qn/U///j1OtO2Y547Z/g9ufOvRMQ8FAEagsX+wuVyrVXf7FdoXmYOOKaqQxv9FGgpDKUwc/+D7RWRYOu5H5sNcOHy6p0dnMTHizgkAABiq/1z9F50JAAAAAAAAAAAAAAAAAAAAnF5D+/KwqehbdTTmYTFNBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4oX8HAAD//8c30y8=")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
r1 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x90e976db910956fe, 0x4002011, r1, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r2, &(0x7f0000000080), 0x208e24b)
futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, 0x0, 0x5000000)

2m18.863794775s ago: executing program 2 (id=916):
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r1 = syz_open_dev$sndctrl(0x0, 0xffffffff, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r1, 0xc1105518, &(0x7f0000000580)={{0x7, 0x2, 0x299, 0x6, 'syz0\x00', 0xffffffff}, 0x5, 0x20, 0x9, 0x0, 0x0, 0x2, 'syz0\x00', &(0x7f0000000300)})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0xffd8)

2m17.132626614s ago: executing program 2 (id=919):
syz_usb_connect(0x0, 0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000affe984035cc3f690fe7010203010902400001000000000904330000020203000624010004080201"], 0x0)

2m16.966405293s ago: executing program 43 (id=919):
syz_usb_connect(0x0, 0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000affe984035cc3f690fe7010203010902400001000000000904330000020203000624010004080201"], 0x0)

6.167742315s ago: executing program 1 (id=2115):
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r0, 0x0, 0x1, &(0x7f0000000040), &(0x7f0000000240)=0x1)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = socket(0x8000000010, 0x2, 0x0)
write(r1, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000400), 0x0, 0x2)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'caif0\x00'}]}, 0x34}}, 0xc4)
ioctl$sock_inet_SIOCSARP(r4, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {0x0, @dev}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})

5.85492975s ago: executing program 7 (id=2120):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x5, &(0x7f0000000580)=ANY=[@ANYBLOB="180500000000000000000000000000001800000000020000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000a40), 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$TUNSETFILTEREBPF(r2, 0x800454e1, &(0x7f0000000200)=r0)
write$cgroup_devices(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1e0306003c5c980128846360864666702c1ffe80"], 0xffdd)

4.736589498s ago: executing program 1 (id=2124):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFBRDADDR(r3, 0x891a, 0x0)
shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)

4.475242788s ago: executing program 6 (id=2126):
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0x4)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002b00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000003c0)="90", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000240)='\a', 0x1}], 0x1}}], 0x2, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0x62, 0x0)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000180))
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB="a8000000020101010000000000000000000000000a280e057f12b564295e62c67508001a40000000167c00068008010114000500fc0100"/65], 0xa8}, 0x1, 0x0, 0x0, 0x40001c4}, 0x20008080)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='westwood\x00', 0x9)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
shutdown(r0, 0x2)

4.116469969s ago: executing program 7 (id=2128):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
shutdown(r0, 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000140)=0x5)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000d00), 0x4)

3.702740556s ago: executing program 1 (id=2132):
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(0xffffffffffffffff, 0x8983, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = syz_open_dev$evdev(&(0x7f0000001180), 0x3, 0x80)
ioctl$EVIOCGRAB(r3, 0x40044590, &(0x7f00000011c0)=0x3)

3.642617113s ago: executing program 5 (id=2133):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, &(0x7f0000000440))
setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000240)={0x0, 0xd7, 0xffffffff}, 0x10)

3.617937336s ago: executing program 0 (id=2134):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xe4, r1, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xfffffff5}, @IPVS_CMD_ATTR_DAEMON={0x2c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast1}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x68}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x0, 0x8, 0xb}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0x64010101}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x1a}, @IPVS_SVC_ATTR_SCHED_NAME={0xa, 0x6, 'lblcr\x00'}, @IPVS_SVC_ATTR_SCHED_NAME={0xa, 0x6, 'lblcr\x00'}]}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'fo\x00'}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wlc\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_SERVICE={0x44, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xff}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x1000}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x3f}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x8}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x89}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x6}]}]}, 0xe4}, 0x1, 0x0, 0x0, 0xc040}, 0x20004010)

3.568648632s ago: executing program 6 (id=2135):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x2000480, &(0x7f00000002c0), 0x1, 0x78e, &(0x7f0000001480)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0QQQVDxIOilZ1/qzasvV/0vPEhL1bRY8SCR2eym22Y33bTZ3WA+H5js88zM5nm++8w888zOsBPAnjWW/slEHIqID5OIkdr8JCIGqqn+iBPr691eXcmnUxJra6//nlTXubW6ko+G96QO1DKPR8QP70Yczmwut7y0PJsrFgsLtfxEZe78RHlp+ci5udxMYaYwf2xyauro8eeOH9u5WP/8efng9Y9eefrrE3+/89jVD35M4kQcrC1rjGOnjMVY7TMZSD/Cu7y804X1WNLrCvBA0l2zb30vj0MxEn3VVAtD3awZANApb0fEGgCwxySO/wCwx9S/B7i1upKvT739RqK7brwUEfvX469f31xf0l+7Zre/eh10+FZy15WRJCJGd6D8sYj4/Ns3v0yn6NB1SIBmLl2OiDOjY5v7/2TTPQvb9cxWC9cGqy9j98y+b//3/kNWCtjwXTr+eb7Z+C+zMf6JJuOfwSb77oO4//6fubYDxbSUjv9ebLi37XZD/DWjfbXc/6pjvoHk7LliIe3b/h8R4zEwmOYnq6s2vwtq/OY/N1uV3zj+++Pjt75Iy09f76yRudY/ePd7pnOV3MPGXXfjcsQT/c3iTzbaP2kx/j3VZhmvvvDeZ62WpfGn8danzfF31tqViKeatv+dtky2vD9xoro5TNQ3iia++eXT4VblN7Z/OqXl188FuiFt/+Gt4x9NGu/XLG+/jJ+ujHzfatn942++/e9L3qim99XmXcxVKguTEfuS1zbPP3rnvfV8ff00/vEnm+//W23/6TnhmTbj77/+21cPHn9npfFPb6v9t5+4enu2r1X57bX/VDU1XpvTTv/XbgUf5rMDAAAAAAAAAAAAAAAAAAAAAAAAgHZlIuJgJJnsRjqTyWbXn+H9aAxniqVy5fDZ0uL8dFSflT0aA5n6T12ONPwe6mTt9/Dr+aP35J+NiEci4pPBoWo+my8Vp3sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHGjx/P/Ur4O9rh0A0DH7W8zv63I9AIDuaXX8BwD+u7Z3/B/qWD0AgO5x/g8Ae0/bx/8zna0HANA9zv8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADosFMnT6bT2l+rK/k0P31haXG2dOHIdKE8m51bzGfzpYXz2ZlSaaZYyOZLcy3/0aX1l2KpdH4q5hcvTlQK5cpEeWn59Fxpcb5y+txcbqZwujDQtcgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoH3lpeXZXLFYWJDYMjG0O6qxaxL9sSuqIdGxRGMvMdS7DgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgl/s3AAD//4fPK2Y=")
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x400, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100))
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0xc8)
pwrite64(r4, &(0x7f0000000140)='2', 0xfdef, 0xfecc)

3.49824269s ago: executing program 5 (id=2136):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @mcast2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000005c0)="25001e72408214b2ef3f6125ead6895195a81589edef835870b83f95b09b", 0x1e}], 0x1}}], 0x1, 0x400c404)

3.425984898s ago: executing program 0 (id=2137):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000240)={0x1f, 0x4, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r2 = socket$xdp(0x2c, 0x3, 0x0)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_TTY_SET(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x18, 0x3f9, 0x800, 0x70bd28, 0x25dfdbfe, {0x1}}, 0x18}, 0x1, 0x0, 0x0, 0x8800}, 0x4884)
getsockopt$XDP_MMAP_OFFSETS(r2, 0x11b, 0x8, 0xfffffffffffffffd, &(0x7f0000000040)=0x60)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r4, 0x800452d2, &(0x7f0000000100))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="85000000080000004e00000000000000850000007d00000095000000000000007ab9e683b171b4b09980af6c1ebeda4ac0d3e3aa71a9ab17e14e1b0be949499ca6a5b2c467b6d3d1c0ae1e9820331afd90cc832c761aa3adf9be48c401c7f893694bf8cd19b7173cd4688904f7310af046fd490d3f2cf49b5f68aecf0bc659dc3d53c2"], &(0x7f0000000140)='GPL\x00', 0x0, 0xbd, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000440)={r5, 0x0, 0x9, 0x0, &(0x7f0000000600)="61df712bc884fef053", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000200)={r5}, 0xc)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r7=>0x0})
socket$alg(0x26, 0x5, 0x0)
r8 = socket(0x2, 0x1, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000640)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000210", 0x38, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "8bb91d", 0x0, 0x11, 0x0, @local, @empty, [@fragment]}}}}}}}, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)={0x28, 0x3f, 0x200, 0x5, 0x0, {0x2}, [@typed={0x14, 0xce, 0x0, 0x0, @ipv6=@private1}]}, 0x28}}, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r8, 0xa00000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x948, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000480], 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000010000000068000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b00000000000000000062726964676530000000000000000000626f6e645f736c6176655f3000000000736974300000000000000000000000007465716c3000000000000000000000000000000000000000000000000180c20000000000000000000000b8080000b8080000e8080000616d6f6e670000000000000000000000001b00000000000000000400000000001804000000000000000000000c0020d947c444d3e5e000000000000000000000000000000000000000000000000000000000000000000000000000000d00000000fa0100000000000000000000000000004000000000000000000000000000004037118bc35d3037960000000000000000000000000000000000000000000000000000000000001f0000000000000000000000938d5e000000000000558d7a2006c2257800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e4f500000000000000000300020000000000000000006c00000000000000000000000000000000000000000000000000000000000000000000000000892f9284b45f00000000000000000000000000000000a600000000000000000000000040f9ffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000080000001567cc0fb18ebd10677f000000000000000000000000b038562daba737bd000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c50000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000ce90b91aedadb0c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dd0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ce113362da06e0fa83f39b50390000000000000000ed2c14bc1d077b4817d693d02c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000037ff1cf2f8e52e074300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d659920000000000e5c7ffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000cbcb951a4f0f3300ebb39c00000000000000000000000000000000000000000000000000000000000000000000000000e70000000000053cbf7eee533b170000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffffffffffff80000ff0f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002292091a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042d2afd22b3333cc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c1a8a95ba6a3ba677371c303b5426300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c81e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000020000000000000000000000052000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003800e04771f4c2d1000000000000000000df0000ecffffff0000000000000000000000000000000010be099dac2faa3c6cb226eccfecd2030000726564697265637400"/2367]}, 0x9b7)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r6, 0x400c6615, &(0x7f00000002c0)={0x0, @aes128, 0x0, @desc1})
sendmsg$can_bcm(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x1d, r7}, 0x10, &(0x7f0000000140)={&(0x7f0000000040)={0x1, 0x337, 0x0, {0x0, 0x2710}, {0x0, 0x2710}, {}, 0x1, @can={{0x3, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "fe2fa454bf3f55b9"}}, 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x0)

3.23223323s ago: executing program 5 (id=2138):
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005700)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)=ANY=[@ANYBLOB="14"], 0x30, 0x10}}], 0x1, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

2.762530674s ago: executing program 0 (id=2139):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x483, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'sh\x00'}, 0x2c)

2.417460054s ago: executing program 6 (id=2140):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in=@private=0x1, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e20, 0x0, 0x0, 0x0, 0xa, 0x10}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2}, {0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x1}, {{@in6=@mcast2, 0x0, 0x33}, 0x0, @in=@multicast2, 0x0, 0x0, 0x0, 0x7}}, 0xe8)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0xffd8)

2.36243385s ago: executing program 7 (id=2141):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)=ANY=[@ANYBLOB="380000002d000100000000001f00000000000000", @ANYRES32, @ANYBLOB="0b000080976b64086860300014000180325531db20a2d0431d1ef0f2"], 0x38}], 0x1}, 0x0)

2.35989101s ago: executing program 0 (id=2142):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFBRDADDR(r3, 0x891a, 0x0)
shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)

2.300723967s ago: executing program 5 (id=2143):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=@bridge_setlink={0x2dc, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x14, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x3, 0x0, 0x1, {0xc, 0x5, 0x0, 0x1, [{0x8}]}}]}, @IFLA_VF_PORTS={0x1d4, 0x3, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5, 0xc}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "714abbd2547de97cbbf6efb226f19bf9"}, @IFLA_PORT_PROFILE={0xd, 0x2, ':(\x8e^[[Z@\x00'}]}, {0x60, 0x7, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "293a02149f3b75a67093c28fd6f55a23"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "e48f01e49713f0c2d839f940d9f088d8"}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_PROFILE={0x13, 0x2, 'bridge_ilave_0\x00'}, @IFLA_PORT_PROFILE={0x7, 0x2, '):\x00'}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_VF={0x8}]}, {0x18, 0x1, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "4d2906d0880fc8acc30fe2020f984967"}]}, {0x50, 0x1, 0x0, 0x1, [@IFLA_PORT_HOST_UUID={0x14, 0x5, "a1085e7df341b9dc3d8008a2fe5bdaad"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "9c7e472c916020fe41bcc5aa8f56c947"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "80ab8be51421cfa3c9e5cbfe8217e0af"}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_VF={0x8}]}, {0x60, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_PROFILE={0xc, 0x2, 'syztnl0\x00'}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_PROFILE={0x13, 0x2, 'bridge_slave_0\x00'}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "e078d277f38ed3a40a448f3f6b6763e8"}]}, {0x3c, 0xc, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x25}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x19, "03dd96197aca85b64424a37dbda7b694"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x7, "eb052fcd3dd4d3e8bbcbf1de857c0e1c"}]}, {0x3c, 0x18, 0x0, 0x1, [@IFLA_PORT_VF={0x8}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "b2112a97bf9704ee57915340334b8271"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "e8635392a70f36f95f4b9b352920ebec"}]}]}, @IFLA_GSO_MAX_SEGS={0x8}, @IFLA_AF_SPEC={0xcc, 0x1a, 0x0, 0x1, [@AF_INET6={0x20, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_TOKEN={0x14, 0x7, @local}]}, @AF_INET6={0x40, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @local}, @IFLA_INET6_TOKEN={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @broadcast}}, @IFLA_INET6_TOKEN={0x14, 0x7, @mcast1}]}, @AF_BRIDGE={0x4}, @AF_INET6={0x64, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @remote}, @IFLA_INET6_TOKEN={0x14, 0x7, @loopback}, @IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_TOKEN={0x14, 0x7, @private2}, @IFLA_INET6_TOKEN={0x14, 0x7, @private1}]}]}]}, 0x2dc}}, 0x0)

2.043737986s ago: executing program 6 (id=2144):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r2, &(0x7f0000000600)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r3], 0x3c}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="540000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="60900000000000002c001280090001007866726d000000001c00028008000100020000000800010000000000080002000300000008000a00", @ANYRES32=r3], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x4000)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@dellink={0x20, 0x11, 0x1, 0x1070bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, 0x0, 0x10201}}, 0x20}}, 0x0)

1.715031184s ago: executing program 5 (id=2145):
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0x4)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002b00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000003c0)="90", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000240)='\a', 0x1}], 0x1}}], 0x2, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0x62, 0x0)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000180))
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB="a8000000020101010000000000000000000000000a280e057f12b564295e62c67508001a40000000167c00068008010114000500fc0100"/65], 0xa8}, 0x1, 0x0, 0x0, 0x40001c4}, 0x20008080)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='westwood\x00', 0x9)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
shutdown(r0, 0x2)

1.628855174s ago: executing program 7 (id=2146):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001f80), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000001fc0)={'wpan0\x00'})
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f00000020c0)={0x0, 0x0, &(0x7f0000002080)={&(0x7f0000002000)={0x30, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}]}, 0x30}}, 0x0)

1.559024202s ago: executing program 6 (id=2147):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x0, 0x0}, &(0x7f0000000440)=0x10)
setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000240)={r1, 0xd7, 0xffffffff}, 0x10)

1.410479099s ago: executing program 7 (id=2148):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'bond0\x00'})
r6 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r6, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[{0x10, 0x110, 0x2}], 0x10}, 0x4000000)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000001d00000020000180140002006e657464657673696d30000000000000080003"], 0x34}}, 0x0)
splice(r1, 0x0, r2, 0x0, 0x10500, 0x0)

1.373775353s ago: executing program 1 (id=2149):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000240)={0x1f, 0x4, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r2 = socket$xdp(0x2c, 0x3, 0x0)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_TTY_SET(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x18, 0x3f9, 0x800, 0x70bd28, 0x25dfdbfe, {0x1}}, 0x18}, 0x1, 0x0, 0x0, 0x8800}, 0x4884)
getsockopt$XDP_MMAP_OFFSETS(r2, 0x11b, 0x8, 0xfffffffffffffffd, &(0x7f0000000040)=0x60)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r4, 0x800452d2, &(0x7f0000000100))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="85000000080000004e00000000000000850000007d00000095000000000000007ab9e683b171b4b09980af6c1ebeda4ac0d3e3aa71a9ab17e14e1b0be949499ca6a5b2c467b6d3d1c0ae1e9820331afd90cc832c761aa3adf9be48c401c7f893694bf8cd19b7173cd4688904f7310af046fd490d3f2cf49b5f68aecf0bc659dc3d53c2"], &(0x7f0000000140)='GPL\x00', 0x0, 0xbd, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000440)={r5, 0x0, 0x9, 0x0, &(0x7f0000000600)="61df712bc884fef053", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000200)={r5}, 0xc)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r7=>0x0})
socket$alg(0x26, 0x5, 0x0)
r8 = socket(0x2, 0x1, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000640)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000210", 0x38, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "8bb91d", 0x0, 0x11, 0x0, @local, @empty, [@fragment]}}}}}}}, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)={0x28, 0x3f, 0x200, 0x5, 0x0, {0x2}, [@typed={0x14, 0xce, 0x0, 0x0, @ipv6=@private1}]}, 0x28}}, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r8, 0xa00000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x948, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000480], 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000010000000068000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b00000000000000000062726964676530000000000000000000626f6e645f736c6176655f3000000000736974300000000000000000000000007465716c3000000000000000000000000000000000000000000000000180c20000000000000000000000b8080000b8080000e8080000616d6f6e670000000000000000000000001b00000000000000000400000000001804000000000000000000000c0020d947c444d3e5e000000000000000000000000000000000000000000000000000000000000000000000000000000d00000000fa0100000000000000000000000000004000000000000000000000000000004037118bc35d3037960000000000000000000000000000000000000000000000000000000000001f0000000000000000000000938d5e000000000000558d7a2006c2257800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e4f500000000000000000300020000000000000000006c00000000000000000000000000000000000000000000000000000000000000000000000000892f9284b45f00000000000000000000000000000000a600000000000000000000000040f9ffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000080000001567cc0fb18ebd10677f000000000000000000000000b038562daba737bd000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c50000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000ce90b91aedadb0c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dd0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ce113362da06e0fa83f39b50390000000000000000ed2c14bc1d077b4817d693d02c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000037ff1cf2f8e52e074300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d659920000000000e5c7ffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000cbcb951a4f0f3300ebb39c00000000000000000000000000000000000000000000000000000000000000000000000000e70000000000053cbf7eee533b170000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffffffffffff80000ff0f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002292091a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042d2afd22b3333cc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c1a8a95ba6a3ba677371c303b5426300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c81e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000020000000000000000000000052000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003800e04771f4c2d1000000000000000000df0000ecffffff0000000000000000000000000000000010be099dac2faa3c6cb226eccfecd2030000726564697265637400"/2367]}, 0x9b7)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r6, 0x400c6615, &(0x7f00000002c0)={0x0, @aes128, 0x0, @desc1})
sendmsg$can_bcm(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x1d, r7}, 0x10, &(0x7f0000000140)={&(0x7f0000000040)={0x1, 0x337, 0x0, {0x0, 0x2710}, {0x0, 0x2710}, {}, 0x1, @can={{0x3, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "fe2fa454bf3f55b9"}}, 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x0)

1.343845206s ago: executing program 0 (id=2150):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x2000480, &(0x7f00000002c0), 0x1, 0x78e, &(0x7f0000001480)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0QQQVDxIOilZ1/qzasvV/0vPEhL1bRY8SCR2eym22Y33bTZ3WA+H5js88zM5nm++8w888zOsBPAnjWW/slEHIqID5OIkdr8JCIGqqn+iBPr691eXcmnUxJra6//nlTXubW6ko+G96QO1DKPR8QP70Yczmwut7y0PJsrFgsLtfxEZe78RHlp+ci5udxMYaYwf2xyauro8eeOH9u5WP/8efng9Y9eefrrE3+/89jVD35M4kQcrC1rjGOnjMVY7TMZSD/Cu7y804X1WNLrCvBA0l2zb30vj0MxEn3VVAtD3awZANApb0fEGgCwxySO/wCwx9S/B7i1upKvT739RqK7brwUEfvX469f31xf0l+7Zre/eh10+FZy15WRJCJGd6D8sYj4/Ns3v0yn6NB1SIBmLl2OiDOjY5v7/2TTPQvb9cxWC9cGqy9j98y+b//3/kNWCtjwXTr+eb7Z+C+zMf6JJuOfwSb77oO4//6fubYDxbSUjv9ebLi37XZD/DWjfbXc/6pjvoHk7LliIe3b/h8R4zEwmOYnq6s2vwtq/OY/N1uV3zj+++Pjt75Iy09f76yRudY/ePd7pnOV3MPGXXfjcsQT/c3iTzbaP2kx/j3VZhmvvvDeZ62WpfGn8danzfF31tqViKeatv+dtky2vD9xoro5TNQ3iia++eXT4VblN7Z/OqXl188FuiFt/+Gt4x9NGu/XLG+/jJ+ujHzfatn942++/e9L3qim99XmXcxVKguTEfuS1zbPP3rnvfV8ff00/vEnm+//W23/6TnhmTbj77/+21cPHn9npfFPb6v9t5+4enu2r1X57bX/VDU1XpvTTv/XbgUf5rMDAAAAAAAAAAAAAAAAAAAAAAAAgHZlIuJgJJnsRjqTyWbXn+H9aAxniqVy5fDZ0uL8dFSflT0aA5n6T12ONPwe6mTt9/Dr+aP35J+NiEci4pPBoWo+my8Vp3sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHGjx/P/Ur4O9rh0A0DH7W8zv63I9AIDuaXX8BwD+u7Z3/B/qWD0AgO5x/g8Ae0/bx/8zna0HANA9zv8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADosFMnT6bT2l+rK/k0P31haXG2dOHIdKE8m51bzGfzpYXz2ZlSaaZYyOZLcy3/0aX1l2KpdH4q5hcvTlQK5cpEeWn59Fxpcb5y+txcbqZwujDQtcgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoH3lpeXZXLFYWJDYMjG0O6qxaxL9sSuqIdGxRGMvMdS7DgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgl/s3AAD//4fPK2Y=")
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x400, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100))
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0xc8)
pwrite64(r4, &(0x7f0000000140)='2', 0xfdef, 0xfecc)

1.232799499s ago: executing program 6 (id=2151):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r0, &(0x7f0000000880)=[{{&(0x7f0000000040)={0xa, 0x0, 0xfffffffd, @local}, 0x1c, 0x0, 0x0, &(0x7f00000012c0)=ANY=[@ANYBLOB="1400000000000000290000000800000003000000000000001400000ae4"], 0x30}}], 0x1, 0x0)

1.195959643s ago: executing program 1 (id=2152):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'lc\x00'}, 0x2c)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x483, 0x0, 0x0)

1.116811632s ago: executing program 1 (id=2153):
r0 = socket$inet6(0xa, 0x80003, 0xff)
setsockopt$inet6_int(r0, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
close(0x3)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180200000000000000000000000000008500000041000000850000007d00"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bind$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r3, 0x0, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0xa, &(0x7f00000000c0)=0x7b, 0x4)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000000206050000000000000000000000000003006269746d61703a69702c6d616300000005000400000000000900020073797a300004000000000000000000000500010006000000"], 0x4c}}, 0x0)
setsockopt$sock_int(r1, 0x1, 0x26, &(0x7f0000000600), 0x4)
sendto$inet(r1, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b037511bf746bec66ba", 0x2acf, 0x11, 0x0, 0x27)
recvmsg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x407006}, 0x104)

1.101010574s ago: executing program 7 (id=2154):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000340)={{{@in=@private=0x1, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e20, 0x0, 0x0, 0x0, 0xa, 0x10}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2}, {0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x1}, {{@in6=@mcast2, 0x0, 0x33}, 0x0, @in=@multicast2, 0x0, 0x0, 0x0, 0x7}}, 0xe8)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0xffd8)

25.917557ms ago: executing program 0 (id=2155):
fsopen(0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x800, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000000), 0x1, 0x5d4, &(0x7f0000000b40)="$eJzs3c9vVNUeAPDvvZ0WSt977SMvT3FhGg2BRGlpAYM/FrAnBH/s3FhpIcjwI7RGiyaWBDcmxo0LElcuxP9CiW5dmbhw4caVIUFj2GiMjrkzd4ahnWmH0umtvZ9PMsz5MTPnTOm359xzz50JoLTGs3/SiD0RcTmJGG2rq0ReOd543N1f3z2d3ZKo1V7+JYkkL2s+PsnvR/In/zka8e1XSeweWNnu/OLV8zPV6tyVPD+5cOHy5Pzi1QPnLsycnTs7d3H6memjRw4fOTp18KHeX9qWPnH9jbdGPzj56mef/JFMff7DySSOxc9nGnXt72OjjMd4/Farvbe8PPu5Ht3oxgoy0Po9uSdZXsCWVcljZDAiHonRGGj73xyN918stHNAX9WSiBpQUon4h5JqzgOax/a9HQenfZ6VAJvhzvGoH/2vjP9KY20wxuprA3uXPa/Dkt66ZG188/XJ69ktuq7D7dyg1oB2S9d25Knl8Z/UY3Msj71dd9P71nmzGcCp/D4rf2md7Y8vy/djHR7obOlaRDzaaf6/dvy/1hb/r6+zffEPAAAAAAAAG+fW8Yh4utP5vzQ/N7cznqif/0sa5/++u3eF4LENaH/t83/p7Q1oBujgzvGIFzru/23t8R0byHP/buwGTM6cq84djIj/RMT+GNyR5adWaePAh7tvdKtr3/+X3bL2m3sB837cruy4/zmzMwszD/OegYY71yIeq3Tf/5ON/0n7+J/L/h5c7rGN3XtvnupWt3b8A/1S+zRiX8fxP2k9Jln98zkm6/OByeasYKXH3/noi27ti38oTjb+71o9/seS9s/rmX+w1x+KiEOLlVq3+vXO/4eSVwaar595e2Zh4cpUxFByYmX59IP1GbarZjw04yWL//1Prr7+15r/t8XhcEQs9djm//8a+bFb3XhELX9Z4z9ssiz+ZzuM/8Ndx/8HT0zfHPuyW/u9jf+H62P6/rzE+h+srtcALbqfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBPlEbEvyJJJ1rpNJ2YiBiJiP/FrrR6aX7hqTOX3rw4m9XVv/8/bX7T72gjnzS//3+sLT+9LH8oIv4bER8PDNfzE6cvVWeLfvMAAAAAAAAAAAAAAAAAAACwRYx0uf4/89NA0b0D+q6S34t3KJ9K0R0ACiP+obzEP5SX+IfyEv9QXuuMf6cLYBsw/kNZDfb2sJ397gdQBOM/AAAAAABsK7eef/ZGEhFLzw3Xb5mhvK51YnC4qN4B/ZQW3QGgMPbwQnnZ+gPl1ePmX2AbS1qp32ud6rvv/k/60yEAAAAAAAAAAAAAYIV9e259v+b1/8C2lEYcK7oPQDFc/w/l5fp/KK8ux/iOCaBE1rqK3/X/AAAAAAAAAAAAAFC8+cWr52eaXwI+U63OXamXSEg0ErVacb8bgxGxJX4Im54Yag/PzWg0IpZWlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFvC3wEAAP//COEcHw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_UIE_ON(r4, 0x7003)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(0xffffffffffffffff, &(0x7f00000003c0)={0xa, 0x0, 0x1000002, @mcast2, 0x5}, 0x1c)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
read$FUSE(r5, &(0x7f0000003280)={0x2020}, 0x2020)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)

0s ago: executing program 5 (id=2156):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000001a00)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)='P', 0x1}], 0x1}}, {{&(0x7f0000000100)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000002400)=[{&(0x7f0000000140)='i', 0x1}], 0x1}}], 0x2, 0x0)
shutdown(r0, 0x1)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000240)={0xa63d, 0xae5, 0x200, 0x6, 0xffff, 0x1, 0x101, 0x7}, &(0x7f00000002c0)=0x20)

kernel console output (not intermixed with test programs):

ror (device loop8): ext4_map_blocks:628: inode #12: block 36: comm syz.8.641: lblock 0 mapped to illegal pblock 36 (length 1)
[  203.980261][ T4206] usb 2-1: config 5 interface 214 altsetting 0 has an invalid endpoint with address 0x80, skipping
[  204.006863][ T6657] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  204.030318][ T4206] usb 2-1: config 5 interface 216 altsetting 251 endpoint 0x5 has invalid maxpacket 1024, setting to 64
[  204.055158][ T4220] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  204.081535][ T4220] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  204.090460][ T4206] usb 2-1: config 5 interface 216 has no altsetting 0
[  204.109636][ T4220] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  204.130241][ T4220] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  204.152472][ T5311] EXT4-fs error (device loop8): ext4_map_blocks:628: inode #2: block 13: comm syz-executor: lblock 0 mapped to illegal pblock 13 (length 1)
[  204.168579][ T7023] netlink: 47 bytes leftover after parsing attributes in process `syz.2.642'.
[  204.169351][ T5311] EXT4-fs error (device loop8) in ext4_reserve_inode_write:5806: Corrupt filesystem
[  204.186986][ T7023] netlink: 32 bytes leftover after parsing attributes in process `syz.2.642'.
[  204.195558][ T5311] EXT4-fs error (device loop8): ext4_dirty_inode:6010: inode #2: comm syz-executor: mark_inode_dirty error
[  204.314942][ T4206] usb 2-1: New USB device found, idVendor=1199, idProduct=0120, bcdDevice=9d.d4
[  204.335117][ T4206] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.402111][ T4220] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.410458][ T4220] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.571910][ T4206] usb 2-1: Product: syz
[  204.576205][ T4206] usb 2-1: Manufacturer: syz
[  204.581316][ T4206] usb 2-1: SerialNumber: syz
[  204.582390][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  204.956338][ T4206] sierra 2-1:5.214: Sierra USB modem converter detected
[  205.215058][ T4206] usb 2-1: Sierra USB modem converter now attached to ttyUSB0
[  205.524087][ T4206] sierra 2-1:5.216: Sierra USB modem converter detected
[  205.574011][ T4206] usb 2-1: Sierra USB modem converter now attached to ttyUSB1
[  205.588523][ T4334] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  205.857556][ T4334] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  206.322049][ T4220] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  206.390170][ T4206] usb 2-1: USB disconnect, device number 6
[  206.399974][ T4206] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[  206.409276][ T4206] sierra 2-1:5.214: device disconnected
[  206.420054][ T4206] sierra ttyUSB1: Sierra USB modem converter now disconnected from ttyUSB1
[  206.429224][ T4206] sierra 2-1:5.216: device disconnected
[  206.501690][ T7050] netlink: 8 bytes leftover after parsing attributes in process `syz.4.651'.
[  207.045370][  T144] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.137864][  T144] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.295942][ T7070] loop3: detected capacity change from 0 to 1024
[  207.355214][  T144] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.429740][ T7074] loop2: detected capacity change from 0 to 512
[  207.483055][ T7070] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  207.511374][ T7070] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  207.544246][ T7074] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  207.551509][ T7074] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  207.592011][  T144] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.643453][ T7074] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002]
[  207.646094][ T7081] netlink: 1 bytes leftover after parsing attributes in process `syz.1.658'.
[  207.651935][ T7074] System zones: 1-12
[  207.663994][ T7082] loop4: detected capacity change from 0 to 512
[  207.681216][ T7074] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2219: inode #15: comm syz.2.657: corrupted in-inode xattr
[  207.722242][ T7074] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.657: couldn't read orphan inode 15 (err -117)
[  207.755019][ T7074] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,barrier,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000000400,,errors=continue. Quota mode: none.
[  208.105715][ T7090] loop3: detected capacity change from 0 to 1024
[  208.110094][ T7082] EXT4-fs (loop4): mounted filesystem without journal. Opts: acl,noquota,,errors=continue. Quota mode: writeback.
[  208.128118][ T7100] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.135999][ T7082] ext4 filesystem being mounted at /184/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  208.789407][ T7066] chnl_net:caif_netlink_parms(): no params data found
[  208.819722][ T7090] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  208.883210][ T7090] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869)
[  208.960761][ T7090] EXT4-fs (loop3): invalid journal inode
[  208.962082][ T7110] loop1: detected capacity change from 0 to 512
[  208.989653][ T7108] loop2: detected capacity change from 0 to 1764
[  209.205758][ T7110] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[  209.244950][ T7110] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  209.709531][ T7110] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended
[  209.791114][ T7110] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #16: comm syz.1.667: iget: bogus i_mode (5)
[  209.849891][ T7110] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.667: couldn't read orphan inode 16 (err -117)
[  209.905127][ T7110] EXT4-fs (loop1): mounted filesystem without journal. Opts: auto_da_alloc,jqfmt=vfsold,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,data_err=ignore,init_itable,errors=continue,,errors=continue. Quota mode: writeback.
[  209.968593][ T4499] Bluetooth: hci2: command 0x0409 tx timeout
[  210.081256][ T7136] netlink: 8 bytes leftover after parsing attributes in process `syz.2.668'.
[  210.217871][ T7132] loop3: detected capacity change from 0 to 2048
[  210.292012][ T7110] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  210.357136][ T7132] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  210.483958][ T7132] UDF-fs: Scanning with blocksize 512 failed
[  210.934437][ T7132] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  211.200425][ T7066] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.219610][ T7066] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.338591][ T7066] device bridge_slave_0 entered promiscuous mode
[  211.437574][ T7066] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.444738][ T7066] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.504098][ T7066] device bridge_slave_1 entered promiscuous mode
[  212.661344][ T7066] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  212.715149][   T13] Bluetooth: hci2: command 0x041b tx timeout
[  212.743285][ T7066] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  212.862435][ T7176] netlink: 8 bytes leftover after parsing attributes in process `syz.3.682'.
[  213.079576][ T7066] team0: Port device team_slave_0 added
[  213.645346][ T7182] loop4: detected capacity change from 0 to 512
[  215.022175][   T13] Bluetooth: hci2: command 0x040f tx timeout
[  215.064572][ T7066] team0: Port device team_slave_1 added
[  215.342784][ T7192] loop2: detected capacity change from 0 to 2048
[  215.358913][ T7182] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  215.371806][ T7182] ext4 filesystem being mounted at /189/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  215.481420][ T7192] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  215.505947][   T26] audit: type=1800 audit(1730459465.824:62): pid=7192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.685" name="file2" dev="loop2" ino=16 res=0 errno=0
[  215.518104][ T7066] batman_adv: batadv0: Adding interface: batadv_slave_0
[  215.644906][ T7066] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.671398][ T7066] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  215.684922][ T7066] batman_adv: batadv0: Adding interface: batadv_slave_1
[  215.692702][ T7066] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.720224][ T7066] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  215.796051][ T7213] loop3: detected capacity change from 0 to 1024
[  215.860909][ T7213] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[  215.868248][ T7213] EXT4-fs (loop3): Journaled quota options ignored when QUOTA feature is enabled
[  215.917502][ T7213] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  216.018647][ T7066] device hsr_slave_0 entered promiscuous mode
[  216.042054][ T7066] device hsr_slave_1 entered promiscuous mode
[  216.093969][ T7213] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,errors=remount-ro,dioread_nolock,max_dir_size_kb=0x0000000000000009,nomblk_io_submit,grpjquota=./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa. Quota mode: writeback.
[  216.143088][ T7224] loop1: detected capacity change from 0 to 1024
[  216.164895][ T7213] 9pnet: p9_fd_create_unix (7213): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  216.455789][ T7224] EXT4-fs (loop1): Test dummy encryption mode enabled
[  216.722978][ T7224] EXT4-fs (loop1): Ignoring removed orlov option
[  217.013560][ T7224] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  217.312987][ T4489] Bluetooth: hci2: command 0x0419 tx timeout
[  217.913184][   T26] audit: type=1326 audit(1730459468.078:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7248 comm="syz.4.698" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0e086a2719 code=0x0
[  218.071034][ T7262] netlink: 8 bytes leftover after parsing attributes in process `syz.1.696'.
[  218.461063][ T7273] loop4: detected capacity change from 0 to 1024
[  218.465580][ T7269] loop3: detected capacity change from 0 to 2048
[  218.538857][ T7278] usb usb7: usbfs: process 7278 (syz.2.705) did not claim interface 0 before use
[  218.616002][ T7269] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  218.670510][ T7273] hfsplus: xattr searching failed
[  218.685754][ T7269] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  218.705707][ T7269] EXT4-fs (loop3): shut down requested (1)
[  218.750899][ T4335] hfsplus: b-tree write err: -5, ino 4
[  218.861461][ T7294] loop4: detected capacity change from 0 to 256
[  218.936301][ T4207] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  218.950234][ T7294] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  219.131182][ T7294] loop4: Can't mount, would change RO state
[  219.365961][ T4207] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  219.404406][ T7310] loop1: detected capacity change from 0 to 512
[  219.406454][ T4207] usb 3-1: config 1 has 0 interfaces, different from the descriptor's value: 2
[  219.459440][ T7314] mmap: syz.3.713 (7314): VmData 37466112 exceed data ulimit 82. Update limits or use boot option ignore_rlimit_data.
[  219.513326][ T7310] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  219.517465][ T7066] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  219.545057][ T7066] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  219.571903][ T7310] EXT4-fs (loop1): 1 truncate cleaned up
[  219.600162][ T4207] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  219.604642][ T7310] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  219.651945][ T4207] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.683118][ T4207] usb 3-1: Product: syz
[  219.687372][ T4207] usb 3-1: Manufacturer: syz
[  219.731405][ T4207] usb 3-1: SerialNumber: syz
[  219.749411][ T7329] loop3: detected capacity change from 0 to 512
[  219.781447][ T7066] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  219.813017][ T7066] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  219.848350][ T7329] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.714: bg 0: block 248: padding at end of block bitmap is not set
[  219.939703][ T7329] Quota error (device loop3): write_blk: dquota write failed
[  219.951836][ T7329] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  219.971419][ T7329] EXT4-fs error (device loop3): ext4_acquire_dquot:6197: comm syz.3.714: Failed to acquire dquot type 1
[  219.993513][ T7340] netlink: 8 bytes leftover after parsing attributes in process `syz.1.720'.
[  220.008429][ T7329] EXT4-fs (loop3): 1 truncate cleaned up
[  220.019765][  T144] device hsr_slave_0 left promiscuous mode
[  220.020608][ T7329] EXT4-fs (loop3): mounted filesystem without journal. Opts: discard,noload,,errors=continue. Quota mode: writeback.
[  220.060297][  T144] device hsr_slave_1 left promiscuous mode
[  220.074233][ T7329] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.092589][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  220.122988][  T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[  220.151658][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  220.178856][  T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[  220.226557][ T4489] usb 3-1: USB disconnect, device number 7
[  220.253080][  T144] device bridge_slave_1 left promiscuous mode
[  220.298608][  T144] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.345358][  T144] device bridge_slave_0 left promiscuous mode
[  220.365836][  T144] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.382982][  T144] device veth1_macvtap left promiscuous mode
[  220.389496][  T144] device veth0_macvtap left promiscuous mode
[  220.390721][ T7346] loop4: detected capacity change from 0 to 512
[  220.395654][  T144] device veth1_vlan left promiscuous mode
[  220.395791][  T144] device veth0_vlan left promiscuous mode
[  220.456472][ T7346] EXT4-fs (loop4): orphan cleanup on readonly fs
[  220.466833][ T7346] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #4: comm syz.4.722: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 1(1)
[  220.497831][ T7346] EXT4-fs error (device loop4): ext4_quota_enable:6391: comm syz.4.722: Bad quota inode: 4, type: 1
[  220.520878][ T7346] EXT4-fs warning (device loop4): ext4_enable_quotas:6432: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  220.554952][ T7346] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  220.568968][ T7346] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  220.587324][ T7346] EXT4-fs error (device loop4): ext4_lookup:1855: inode #2: comm syz.4.722: 'file0' linked to parent dir
[  220.787123][ T7351] loop2: detected capacity change from 0 to 512
[  220.909206][ T7355] loop1: detected capacity change from 0 to 512
[  220.917309][ T7351] EXT4-fs: Invalid sb specification: sb=0x00000000000000b9=debug_want_extra_isize=0x0000000000000001,noload,barrier,nojournal_checksum,nogrpid,euid=00000000000000000000,,errors=continue
[  220.988945][ T7355] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  221.005242][ T7351] EXT4-fs (loop2): Unrecognized mount option "sb=0x00000000000000b9=debug_want_extra_isize=0x0000000000000001" or missing value
[  221.146717][  T144] team0 (unregistering): Port device team_slave_1 removed
[  221.186368][  T144] team0 (unregistering): Port device team_slave_0 removed
[  221.253202][  T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  221.308496][  T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  221.601494][  T144] bond0 (unregistering): Released all slaves
[  222.385124][   T26] audit: type=1800 audit(1730459472.548:64): pid=7355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.725" name="file1" dev="loop1" ino=15 res=0 errno=0
[  222.472234][ T7372] loop4: detected capacity change from 0 to 1024
[  222.477672][ T4334] Quota error (device loop3): remove_tree: Getting block too big (0 >= 6)
[  222.514200][ T4334] EXT4-fs error (device loop3): ext4_release_dquot:6220: comm kworker/u4:8: Failed to release dquot type 1
[  222.769033][ T7066] 8021q: adding VLAN 0 to HW filter on device bond0
[  222.818074][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  222.835936][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  222.874828][ T7066] 8021q: adding VLAN 0 to HW filter on device team0
[  222.897184][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  222.938580][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  222.940147][ T7388] loop3: detected capacity change from 0 to 256
[  222.975377][ T4335] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.982563][ T4335] bridge0: port 1(bridge_slave_0) entered forwarding state
[  223.014392][ T7388] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  223.043055][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  223.087443][ T7387] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.107092][ T7387] device bridge_slave_1 left promiscuous mode
[  223.113348][ T7387] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.170055][ T7393] netlink: 8 bytes leftover after parsing attributes in process `syz.3.734'.
[  223.186801][ T7387] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  223.375857][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  223.385785][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  223.395423][ T4335] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.402508][ T4335] bridge0: port 2(bridge_slave_1) entered forwarding state
[  223.436147][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  223.447917][ T4176] hfsplus: walked past end of dir
[  223.457420][ T7401] loop1: detected capacity change from 0 to 128
[  223.531525][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  223.551969][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  223.554869][ T4176] hfsplus: xattr search failed
[  223.562761][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  223.574467][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  223.580772][ T7401] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  223.587815][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  223.602328][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  223.636472][ T7401] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.638936][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  223.667647][ T7406] loop2: detected capacity change from 0 to 256
[  223.675420][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  223.691460][ T7066] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  223.723939][ T7066] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  223.738821][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  223.765569][ T7406] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60c5118c, utbl_chksum : 0xe619d30d)
[  223.781424][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  223.927186][ T7416] netlink: 64 bytes leftover after parsing attributes in process `syz.4.737'.
[  224.371636][ T7424] loop4: detected capacity change from 0 to 128
[  224.988593][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  225.009745][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  225.112831][ T7066] 8021q: adding VLAN 0 to HW filter on device batadv0
[  225.276386][ T4530] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  225.312465][ T4530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  225.461058][ T4530] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  225.497867][ T4530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  225.619857][ T7066] device veth0_vlan entered promiscuous mode
[  225.655250][ T4530] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  225.690020][ T7444] loop1: detected capacity change from 0 to 1024
[  225.977184][ T4530] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  226.769803][ T7066] device veth1_vlan entered promiscuous mode
[  226.797645][ T4530] hfsplus: b-tree write err: -5, ino 4
[  226.886032][ T7066] device veth0_macvtap entered promiscuous mode
[  226.936581][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  226.963694][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  227.006416][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  227.050422][ T7066] device veth1_macvtap entered promiscuous mode
[  227.117594][ T7066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  227.174098][ T7066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.236933][ T7066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  227.281547][ T7066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.311987][ T7066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  227.351988][ T7066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.389558][ T7066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  227.470170][ T7066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.502648][ T7066] batman_adv: batadv0: Interface activated: batadv_slave_0
[  227.510003][ T7481] netlink: 16 bytes leftover after parsing attributes in process `syz.4.753'.
[  227.598004][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  227.607227][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  227.620936][ T7484] loop2: detected capacity change from 0 to 128
[  227.638645][ T7066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.692058][ T7066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.702091][ T7066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.777307][ T7066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.810866][ T7066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.841804][ T7493] netlink: 8 bytes leftover after parsing attributes in process `syz.1.757'.
[  227.856832][ T7066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.867585][ T7495] loop3: detected capacity change from 0 to 128
[  227.876217][ T7066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  228.021979][ T7066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.073706][ T7066] batman_adv: batadv0: Interface activated: batadv_slave_1
[  228.090207][ T7066] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  228.178810][ T7066] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  228.209073][ T7066] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  228.234298][ T7066] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  228.242204][ T7508] loop2: detected capacity change from 0 to 512
[  228.269595][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  228.292402][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  228.330548][ T7508] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  228.368607][ T7508] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  228.430081][ T4536] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  228.466726][ T7508] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002]
[  228.516532][ T7508] System zones: 1-12
[  228.533571][ T4530] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.545781][ T7508] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2219: inode #15: comm syz.2.759: corrupted in-inode xattr
[  228.566396][ T7508] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.759: couldn't read orphan inode 15 (err -117)
[  228.603935][ T4355] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.611502][ T4530] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  228.614670][ T7508] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,barrier,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000000400,,errors=continue. Quota mode: none.
[  228.646709][ T4355] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  228.661879][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  228.708919][ T4530] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  228.850342][ T4536] usb 5-1: config 9 has an invalid interface number: 200 but max is 1
[  228.879159][ T4536] usb 5-1: config 9 has an invalid interface number: 32 but max is 1
[  228.992682][ T4536] usb 5-1: config 9 has no interface number 0
[  228.998801][ T4536] usb 5-1: config 9 has no interface number 1
[  229.334948][ T7525] loop3: detected capacity change from 0 to 512
[  229.577625][ T7525] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  229.603491][ T4536] usb 5-1: config 9 interface 200 has no altsetting 0
[  229.610420][ T4536] usb 5-1: config 9 interface 32 has no altsetting 0
[  229.648046][ T7525] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  229.777806][ T4536] usb 5-1: New USB device found, idVendor=0421, idProduct=01d0, bcdDevice=44.b3
[  229.786887][ T4536] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.976498][ T4536] usb 5-1: Product: syz
[  229.981246][ T4536] usb 5-1: Manufacturer: syz
[  229.985954][ T4536] usb 5-1: SerialNumber: syz
[  230.593396][ T4536] usb 5-1: bad CDC descriptors
[  230.608029][ T4536] usb 5-1: bad CDC descriptors
[  230.759109][ T4536] usb 5-1: USB disconnect, device number 5
[  230.857358][ T7559] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  231.036026][ T7561] loop3: detected capacity change from 0 to 2048
[  231.063229][ T4207] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  231.148601][ T7561] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,minixdf,nolazytime,stripe=0x0000000000000020,,errors=continue. Quota mode: none.
[  231.180155][ T7561] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  231.318459][ T4207] usb 3-1: Using ep0 maxpacket: 16
[  231.446349][ T4207] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  231.480829][ T7578] loop3: detected capacity change from 0 to 512
[  231.506307][ T7582] netlink: 8 bytes leftover after parsing attributes in process `syz.1.777'.
[  231.520678][ T4207] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  231.564661][ T4207] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  231.588779][ T4207] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  231.608975][ T4207] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.645378][ T7578] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  231.661363][ T4207] usb 3-1: config 0 descriptor??
[  231.691057][ T7578] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  231.708870][ T7590] loop4: detected capacity change from 0 to 1024
[  231.770619][ T7578] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002]
[  231.781572][ T7578] System zones: 1-12
[  231.799639][ T7590] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  231.809344][ T7578] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2219: inode #15: comm syz.3.774: corrupted in-inode xattr
[  231.931410][ T7578] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.774: couldn't read orphan inode 15 (err -117)
[  231.946933][   T26] audit: type=1800 audit(1730459481.694:65): pid=7590 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.779" name="file2" dev="loop4" ino=840 res=0 errno=0
[  232.050748][ T7578] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,barrier,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000000400,,errors=continue. Quota mode: none.
[  232.161778][ T4207] microsoft 0003:045E:07DA.0008: unknown main item tag 0x0
[  232.169743][ T4207] microsoft 0003:045E:07DA.0008: unknown main item tag 0x0
[  232.211123][ T7609] loop4: detected capacity change from 0 to 512
[  232.220174][ T4207] microsoft 0003:045E:07DA.0008: unknown main item tag 0x0
[  232.244634][ T4207] microsoft 0003:045E:07DA.0008: unknown main item tag 0x0
[  232.255265][ T4207] microsoft 0003:045E:07DA.0008: unknown main item tag 0x0
[  232.262833][ T4207] microsoft 0003:045E:07DA.0008: unknown main item tag 0x0
[  232.281340][ T4207] microsoft 0003:045E:07DA.0008: unknown main item tag 0x0
[  232.310783][ T4207] microsoft 0003:045E:07DA.0008: unknown main item tag 0x0
[  232.473396][ T7609] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,nouid32,sysvgroups,noblock_validity,user_xattr,errors=remount-ro,barrier=0x0000000000000a0f,. Quota mode: writeback.
[  232.507277][ T4207] microsoft 0003:045E:07DA.0008: unknown main item tag 0x0
[  232.514894][ T4207] microsoft 0003:045E:07DA.0008: unknown main item tag 0x0
[  232.523470][ T4207] microsoft 0003:045E:07DA.0008: No inputs registered, leaving
[  232.535151][ T4207] microsoft 0003:045E:07DA.0008: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  232.547135][ T4207] microsoft 0003:045E:07DA.0008: no inputs found
[  232.557100][ T7609] ext4 filesystem being mounted at /222/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  232.809350][ T4207] microsoft 0003:045E:07DA.0008: could not initialize ff, continuing anyway
[  232.901386][ T4207] usb 3-1: USB disconnect, device number 8
[  233.225802][ T7626] loop2: detected capacity change from 0 to 256
[  233.425591][ T7634] loop4: detected capacity change from 0 to 1024
[  233.530600][ T7634] EXT4-fs (loop4): Ignoring removed orlov option
[  233.539887][ T7634] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  233.921353][ T7642] hub 6-0:1.0: USB hub found
[  234.139771][ T7642] hub 6-0:1.0: 1 port detected
[  234.589607][ T7634] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  235.509160][ T1106] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  236.826596][ T7698] loop2: detected capacity change from 0 to 512
[  236.833378][ T1106] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  236.859268][ T1106] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  236.880671][ T1106] usb 4-1: New USB device found, idVendor=056a, idProduct=0325, bcdDevice= 0.00
[  236.900719][ T1106] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.924228][ T1106] usb 4-1: config 0 descriptor??
[  237.002715][ T7698] EXT4-fs (loop2): Mount option "nouser_xattr" will be removed by 3.5
[  237.002715][ T7698] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  237.002715][ T7698] 
[  237.080523][ T7698] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.805: inode #1: comm syz.2.805: iget: illegal inode #
[  237.125108][ T7698] EXT4-fs (loop2): Remounting filesystem read-only
[  237.161242][ T7698] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.805: error while reading EA inode 1 err=-117
[  237.211837][ T7698] EXT4-fs (loop2): Remounting filesystem read-only
[  237.227312][ T7698] EXT4-fs error (device loop2): ext4_xattr_inode_iget:400: comm syz.2.805: Parent and EA inode have the same ino 15
[  237.294606][ T7698] EXT4-fs (loop2): Remounting filesystem read-only
[  237.301163][ T7698] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.805: inode #1: comm syz.2.805: iget: illegal inode #
[  237.340202][ T7698] EXT4-fs (loop2): Remounting filesystem read-only
[  237.347091][ T4495] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  237.366268][ T7698] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.805: error while reading EA inode 1 err=-117
[  237.387647][ T7698] EXT4-fs (loop2): Remounting filesystem read-only
[  237.405668][ T7698] EXT4-fs (loop2): 1 orphan inode deleted
[  237.423501][ T7698] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,resuid=0x0000000000000000,debug_want_extra_isize=0x000000000000005c,errors=remount-ro,block_validity,nouser_xattr,init_itable=0x0000000000007fff,. Quota mode: none.
[  237.474532][ T1106] wacom 0003:056A:0325.0009: hidraw0: USB HID v0.00 Device [HID 056a:0325] on usb-dummy_hcd.3-1/input0
[  237.643480][ T4495] usb 1-1: Using ep0 maxpacket: 16
[  237.683396][ T1106] usb 4-1: USB disconnect, device number 3
[  237.783903][ T4495] usb 1-1: config 0 has an invalid interface number: 188 but max is 1
[  237.820287][ T4495] usb 1-1: config 0 has an invalid interface number: 167 but max is 1
[  237.860613][ T4495] usb 1-1: config 0 has no interface number 0
[  237.866730][ T4495] usb 1-1: config 0 has no interface number 1
[  237.897895][ T4495] usb 1-1: config 0 interface 188 has no altsetting 0
[  237.938846][ T4495] usb 1-1: config 0 interface 167 has no altsetting 0
[  237.980631][ T7742] loop2: detected capacity change from 0 to 256
[  238.199477][ T4495] usb 1-1: New USB device found, idVendor=0c52, idProduct=2831, bcdDevice= 0.a0
[  238.208577][ T4495] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  238.208872][ T7742] loop2: detected capacity change from 0 to 512
[  238.242437][ T4495] usb 1-1: Product: syz
[  238.246654][ T4495] usb 1-1: Manufacturer: syz
[  238.275293][ T4495] usb 1-1: SerialNumber: syz
[  238.296780][ T4495] usb 1-1: config 0 descriptor??
[  238.486071][ T7742] loop2: detected capacity change from 0 to 2048
[  238.502046][ T7755] loop3: detected capacity change from 0 to 512
[  238.598589][ T7742] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  238.616753][ T4495] ftdi_sio 1-1:0.188: FTDI USB Serial Device converter detected
[  238.642544][ T4495] usb 1-1: Detected FT2232C
[  238.664876][ T7755] EXT4-fs error (device loop3): ext4_do_update_inode:5174: inode #16: comm syz.3.818: corrupted inode contents
[  238.676819][ T7742] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  238.679851][ T4495] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  238.733160][ T4495] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  238.743896][ T7742] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 160: 0x0b != 0xd4
[  238.753112][ T7755] EXT4-fs error (device loop3): ext4_dirty_inode:6010: inode #16: comm syz.3.818: mark_inode_dirty error
[  238.761659][ T7742] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  238.774544][ T4495] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  238.819612][ T4495] ftdi_sio 1-1:0.167: FTDI USB Serial Device converter detected
[  238.829280][ T7755] EXT4-fs error (device loop3): ext4_do_update_inode:5174: inode #16: comm syz.3.818: corrupted inode contents
[  238.846937][ T4495] usb 1-1: Detected FT2232C
[  238.859879][ T7755] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #16: comm syz.3.818: mark_inode_dirty error
[  238.899603][ T7755] EXT4-fs error (device loop3): ext4_do_update_inode:5174: inode #16: comm syz.3.818: corrupted inode contents
[  238.911983][ T4495] ftdi_sio ttyUSB1: Unable to read latency timer: -71
[  238.936154][ T4495] ftdi_sio ttyUSB1: Unable to write latency timer: -71
[  238.936934][ T7755] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  238.952863][ T4495] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB1
[  238.995551][ T4495] usb 1-1: USB disconnect, device number 4
[  239.022485][ T7755] EXT4-fs error (device loop3): ext4_do_update_inode:5174: inode #16: comm syz.3.818: corrupted inode contents
[  239.056331][ T4495] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  239.067514][ T7755] EXT4-fs error (device loop3): ext4_truncate:4272: inode #16: comm syz.3.818: mark_inode_dirty error
[  239.108224][ T4495] ftdi_sio 1-1:0.188: device disconnected
[  239.119451][ T4495] ftdi_sio ttyUSB1: FTDI USB Serial Device converter now disconnected from ttyUSB1
[  239.128917][ T7755] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  239.150953][ T4495] ftdi_sio 1-1:0.167: device disconnected
[  239.156474][ T7755] EXT4-fs (loop3): 1 truncate cleaned up
[  239.172524][ T7755] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  239.254711][ T7755] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.581633][ T4495] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  240.656785][ T7795] loop2: detected capacity change from 0 to 512
[  240.716328][ T7795] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  240.741552][ T7795] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  240.848401][ T7795] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002]
[  240.872116][ T7795] System zones: 1-12
[  240.892871][ T7795] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2219: inode #15: comm syz.2.831: corrupted in-inode xattr
[  240.913215][ T7795] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.831: couldn't read orphan inode 15 (err -117)
[  240.934167][ T7795] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,barrier,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000000400,,errors=continue. Quota mode: none.
[  242.783486][ T4495] usb 1-1: unable to read config index 0 descriptor/start: -71
[  242.791263][ T4495] usb 1-1: can't read configurations, error -71
[  244.118482][ T7833] loop2: detected capacity change from 0 to 512
[  244.305926][ T7833] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.841: bg 0: block 5: invalid block bitmap
[  244.327067][ T7833] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6183: Corrupt filesystem
[  244.355898][ T7833] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.841: invalid indirect mapped block 3 (level 2)
[  244.373548][ T7833] EXT4-fs (loop2): 1 orphan inode deleted
[  244.384000][ T7833] EXT4-fs (loop2): 1 truncate cleaned up
[  244.391351][ T7833] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  244.621789][ T4536] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  245.803505][ T7870] loop2: detected capacity change from 0 to 1024
[  245.823716][ T4536] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  245.835303][ T4536] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[  245.847958][ T4536] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 23
[  245.937259][ T4536] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  246.153189][ T4536] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  246.426405][ T4536] usb 4-1: SerialNumber: syz
[  246.471610][ T7838] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  246.501760][ T4536] cdc_acm 4-1:1.0: Control and data interfaces are not separated!
[  246.815952][ T4536] cdc_acm 4-1:1.0: ttyACM0: USB ACM device
[  246.832986][ T4536] usb 4-1: USB disconnect, device number 4
[  247.820325][   T13] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  247.963122][ T7912] xt_limit: Overflow, try lower: 0/0
[  248.128225][   T13] usb 2-1: Using ep0 maxpacket: 8
[  248.208383][ T7912] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  248.215364][ T7912] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  248.226180][ T7912] vhci_hcd vhci_hcd.0: Device attached
[  248.314085][   T13] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  248.447608][   T13] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.586068][ T7913] vhci_hcd: connection closed
[  248.596235][ T4530] vhci_hcd: stop threads
[  248.606808][ T4530] vhci_hcd: release socket
[  248.644682][   T13] usb 2-1: config 0 descriptor??
[  248.662754][ T4530] vhci_hcd: disconnect device
[  248.667670][ T7919] loop3: detected capacity change from 0 to 512
[  248.738974][ T4489] vhci_hcd: vhci_device speed not set
[  248.757323][ T7919] EXT4-fs (loop3): Unrecognized mount option "appraise_type=imasig" or missing value
[  249.034077][   T13] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  249.044980][   T13] asix: probe of 2-1:0.0 failed with error -61
[  250.837899][ T4530] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.854335][ T4536] usb 2-1: USB disconnect, device number 7
[  251.188360][ T4530] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.262824][ T4530] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.350326][ T7971] netlink: 8 bytes leftover after parsing attributes in process `syz.2.874'.
[  252.366877][ T7971] netlink: 8 bytes leftover after parsing attributes in process `syz.2.874'.
[  252.391257][ T4530] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.526435][ T7980] loop2: detected capacity change from 0 to 512
[  252.602431][ T7980] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  252.629173][ T7980] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  252.650719][ T7980] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002]
[  252.658737][ T7980] System zones: 1-12
[  252.704392][ T7980] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2219: inode #15: comm syz.2.876: corrupted in-inode xattr
[  252.743303][ T7980] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.876: couldn't read orphan inode 15 (err -117)
[  252.747578][ T7955] chnl_net:caif_netlink_parms(): no params data found
[  252.763943][ T7980] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,barrier,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000000400,,errors=continue. Quota mode: none.
[  253.345515][   T23] Bluetooth: hci0: command 0x0409 tx timeout
[  253.484580][ T7955] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.491712][ T7955] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.521989][ T7955] device bridge_slave_0 entered promiscuous mode
[  253.585493][ T7955] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.642107][ T7955] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.692303][ T7955] device bridge_slave_1 entered promiscuous mode
[  253.879496][ T7955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  253.888750][ T7982] chnl_net:caif_netlink_parms(): no params data found
[  253.927429][ T7955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  253.999295][ T8017] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.169073][ T7955] team0: Port device team_slave_0 added
[  254.288974][ T8028] netlink: 40 bytes leftover after parsing attributes in process `syz.0.885'.
[  254.482498][ T8028] netlink: 32 bytes leftover after parsing attributes in process `syz.0.885'.
[  254.909327][ T4207] Bluetooth: hci5: command 0x0409 tx timeout
[  254.949267][ T7955] team0: Port device team_slave_1 added
[  254.974888][ T7955] batman_adv: batadv0: Adding interface: batadv_slave_0
[  254.982006][ T7955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  255.008016][ T7955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  255.022354][ T7955] batman_adv: batadv0: Adding interface: batadv_slave_1
[  255.035886][ T7955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  255.096893][ T7955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  255.138514][ T8042] loop2: detected capacity change from 0 to 512
[  255.175713][ T8045] netlink: 4 bytes leftover after parsing attributes in process `syz.1.888'.
[  255.238634][ T8042] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  255.246210][ T8042] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  255.263583][ T8042] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002]
[  255.303729][ T8042] System zones: 1-12
[  255.333893][ T8042] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2219: inode #15: comm syz.2.889: corrupted in-inode xattr
[  255.349353][ T7955] device hsr_slave_0 entered promiscuous mode
[  255.367339][ T7955] device hsr_slave_1 entered promiscuous mode
[  255.376631][ T7955] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  255.384226][ T7955] Cannot create hsr debugfs directory
[  255.386850][ T8042] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.889: couldn't read orphan inode 15 (err -117)
[  255.438665][ T7982] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.446583][ T7982] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.446756][ T8042] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,barrier,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000000400,,errors=continue. Quota mode: none.
[  255.474435][ T7982] device bridge_slave_0 entered promiscuous mode
[  255.549410][ T7982] bridge0: port 2(bridge_slave_1) entered blocking state
[  255.567026][ T7982] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.574528][   T23] Bluetooth: hci0: command 0x041b tx timeout
[  255.611614][ T7982] device bridge_slave_1 entered promiscuous mode
[  256.806089][ T7982] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  256.991754][ T7982] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  257.108101][   T23] Bluetooth: hci5: command 0x041b tx timeout
[  257.792412][   T23] Bluetooth: hci0: command 0x040f tx timeout
[  258.075198][ T7982] team0: Port device team_slave_0 added
[  258.228947][ T7982] team0: Port device team_slave_1 added
[  258.284105][   T23] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  258.422205][ T7982] batman_adv: batadv0: Adding interface: batadv_slave_0
[  258.459298][ T7982] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.510440][ T8113] loop2: detected capacity change from 0 to 2048
[  258.519132][ T7982] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  258.562005][   T23] usb 1-1: Using ep0 maxpacket: 32
[  258.567499][ T4530] device hsr_slave_0 left promiscuous mode
[  258.585408][ T4530] device hsr_slave_1 left promiscuous mode
[  258.594867][ T4530] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  258.612129][ T4530] batman_adv: batadv0: Removing interface: batadv_slave_0
[  258.638568][ T4530] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  258.652823][ T8113] UDF-fs: error (device loop2): udf_read_inode: (ino 1312) failed !bh
[  258.711815][ T8113] UDF-fs: Scanning with blocksize 512 failed
[  258.738113][ T8113] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  258.754272][ T4530] batman_adv: batadv0: Removing interface: batadv_slave_1
[  258.767628][ T8113] UDF-fs: Scanning with blocksize 1024 failed
[  258.778260][ T4530] device bridge_slave_1 left promiscuous mode
[  258.805962][ T4530] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.817498][ T8113] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  258.844578][ T4530] device bridge_slave_0 left promiscuous mode
[  258.852582][   T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  258.874824][ T4530] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.885502][ T8113] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  258.895040][ T8113] UDF-fs: Scanning with blocksize 2048 failed
[  258.902525][ T4530] device veth1_macvtap left promiscuous mode
[  258.910474][ T8113] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  258.913776][ T4530] device veth0_macvtap left promiscuous mode
[  258.942323][ T4530] device veth1_vlan left promiscuous mode
[  258.950470][ T4530] device veth0_vlan left promiscuous mode
[  258.959465][ T8113] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  258.994337][ T8113] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  259.014773][ T8113] UDF-fs: Scanning with blocksize 4096 failed
[  259.029027][ T8113] UDF-fs: warning (device loop2): udf_fill_super: No partition found (1)
[  259.032657][   T23] usb 1-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  259.085996][   T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.099129][   T23] usb 1-1: Product: syz
[  259.103360][   T23] usb 1-1: Manufacturer: syz
[  259.111579][   T23] usb 1-1: SerialNumber: syz
[  259.137738][   T23] usb 1-1: config 0 descriptor??
[  259.219465][   T23] hub 1-1:0.0: bad descriptor, ignoring hub
[  259.233649][   T23] hub: probe of 1-1:0.0 failed with error -5
[  259.275080][   T23] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input15
[  259.308259][ T8134] loop2: detected capacity change from 0 to 1024
[  259.328896][   T23] usbtouchscreen 1-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -8
[  259.392021][ T1106] Bluetooth: hci5: command 0x040f tx timeout
[  259.403950][ T8134] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  259.416519][ T8134] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869)
[  259.439262][ T8134] EXT4-fs (loop2): invalid journal inode
[  259.649871][   T23] usbtouchscreen: probe of 1-1:0.0 failed with error -8
[  259.685726][   T23] usb 1-1: USB disconnect, device number 7
[  260.016568][ T4157] Bluetooth: hci0: command 0x0419 tx timeout
[  260.645108][ T4530] team0 (unregistering): Port device team_slave_1 removed
[  260.664521][ T4530] team0 (unregistering): Port device team_slave_0 removed
[  260.688634][ T4530] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  260.728083][ T4530] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  260.868697][ T4530] bond0 (unregistering): Released all slaves
[  260.941771][ T7982] batman_adv: batadv0: Adding interface: batadv_slave_1
[  260.956507][ T7982] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.983500][ T7982] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  261.061907][ T4489] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  261.234324][ T8155] loop2: detected capacity change from 0 to 512
[  261.336744][ T8155] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  261.362432][ T7982] device hsr_slave_0 entered promiscuous mode
[  261.401010][ T7982] device hsr_slave_1 entered promiscuous mode
[  261.415428][ T7982] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  261.416480][ T8155] EXT4-fs (loop2): 1 orphan inode deleted
[  261.423892][ T7982] Cannot create hsr debugfs directory
[  261.447111][ T8155] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,bsddf,dioread_lock,,errors=continue. Quota mode: writeback.
[  261.471026][ T8155] ext4 filesystem being mounted at /98/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  261.524026][ T4489] usb 1-1: config 7 has an invalid interface number: 126 but max is 0
[  261.545425][ T4489] usb 1-1: config 7 has no interface number 0
[  261.551729][ T4489] usb 1-1: config 7 interface 126 has no altsetting 0
[  261.555636][ T1106] Bluetooth: hci5: command 0x0419 tx timeout
[  261.599198][ T8152] EXT4-fs error (device loop2): ext4_ext_map_blocks:4183: inode #16: comm syz.2.915: bad extent address lblock: 12, depth: 1 pblock 0
[  261.629846][ T8155] EXT4-fs error (device loop2): ext4_ext_map_blocks:4183: inode #16: comm syz.2.915: bad extent address lblock: 12, depth: 1 pblock 0
[  261.727283][ T5968] EXT4-fs error (device loop2): ext4_map_blocks:628: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[  261.759217][ T4489] usb 1-1: New USB device found, idVendor=18ef, idProduct=e025, bcdDevice=95.ad
[  261.777676][ T5968] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5806: Corrupt filesystem
[  261.791980][ T4489] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.816282][ T4489] usb 1-1: Product: syz
[  261.820574][ T5968] EXT4-fs error (device loop2): ext4_dirty_inode:6010: inode #2: comm syz-executor: mark_inode_dirty error
[  261.837763][ T4489] usb 1-1: Manufacturer: syz
[  261.848054][ T4489] usb 1-1: SerialNumber: syz
[  261.901415][ T5968] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5806: Corrupt filesystem
[  261.922106][ T5968] EXT4-fs error (device loop2): ext4_quota_off:6486: inode #3: comm syz-executor: mark_inode_dirty error
[  262.243079][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  262.249506][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  262.256810][ T4489] cp210x 1-1:7.126: cp210x converter detected
[  262.293152][ T4489] cp210x 1-1:7.126: failed to get vendor val 0x370b size 1: -71
[  262.300856][ T4489] cp210x 1-1:7.126: querying part number failed
[  262.374785][ T4489] usb 1-1: cp210x converter now attached to ttyUSB0
[  262.393245][ T4489] usb 1-1: USB disconnect, device number 8
[  262.410783][ T4489] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  263.262642][ T4489] cp210x 1-1:7.126: device disconnected
[  264.175049][ T7955] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  264.219570][ T7955] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  264.259955][ T4489] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  264.283018][ T7955] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  264.324489][ T7982] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  264.345863][ T7982] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  264.375668][ T7982] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  264.411973][ T7955] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  264.437354][ T7982] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  264.537921][ T4489] usb 1-1: Using ep0 maxpacket: 32
[  264.687746][ T4489] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  264.719663][ T4489] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  264.748535][ T4489] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  264.766664][ T8204] chnl_net:caif_netlink_parms(): no params data found
[  264.779815][ T4489] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.824034][ T4489] usb 1-1: config 0 descriptor??
[  264.859139][ T8206] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  264.892449][ T4489] hub 1-1:0.0: USB hub found
[  264.984972][ T7955] 8021q: adding VLAN 0 to HW filter on device bond0
[  265.076653][ T7982] 8021q: adding VLAN 0 to HW filter on device bond0
[  265.121678][ T8204] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.136651][ T4489] hub 1-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  265.137136][ T8204] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.216986][ T8204] device bridge_slave_0 entered promiscuous mode
[  265.247489][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  265.271838][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  265.318631][ T7982] 8021q: adding VLAN 0 to HW filter on device team0
[  265.326857][ T8204] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.351951][ T8204] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.360340][ T8204] device bridge_slave_1 entered promiscuous mode
[  265.405273][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  265.424707][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  265.462491][ T7955] 8021q: adding VLAN 0 to HW filter on device team0
[  265.513356][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  265.524013][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  265.545261][ T4364] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.552353][ T4364] bridge0: port 1(bridge_slave_0) entered forwarding state
[  265.586501][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  265.607569][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  265.609978][ T4489] hid-generic 0003:046D:C314.000A: item fetching failed at offset 0/1
[  265.616139][ T4364] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.630906][ T4364] bridge0: port 2(bridge_slave_1) entered forwarding state
[  265.662733][ T4489] hid-generic: probe of 0003:046D:C314.000A failed with error -22
[  265.708502][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  265.747413][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  265.812606][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  265.836561][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  265.860708][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  265.873871][ T4364] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.881033][ T4364] bridge0: port 1(bridge_slave_0) entered forwarding state
[  265.992199][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  266.023049][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  266.046002][ T4364] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.053098][ T4364] bridge0: port 2(bridge_slave_1) entered forwarding state
[  266.070335][ T1106] usb 1-1: USB disconnect, device number 9
[  266.080152][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  266.090930][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  266.101280][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  266.118835][ T8204] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  266.150002][ T8204] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  266.175726][ T1106] Bluetooth: hci1: command 0x0409 tx timeout
[  266.474929][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  266.565143][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  266.694104][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  266.819418][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  266.851892][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  266.970349][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  267.005939][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  267.016542][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  267.043297][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  267.057094][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  267.069639][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  267.088772][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  267.101235][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  267.126350][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  267.157690][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  267.182718][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  267.214234][ T7982] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  267.228798][ T8204] team0: Port device team_slave_0 added
[  267.238229][ T8204] team0: Port device team_slave_1 added
[  267.308187][ T7955] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  267.334722][ T7955] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  267.351626][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  267.382982][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  267.392374][ T4208] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  267.428323][ T8204] batman_adv: batadv0: Adding interface: batadv_slave_0
[  267.457415][ T8204] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.487359][ T8204] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  267.523445][ T8204] batman_adv: batadv0: Adding interface: batadv_slave_1
[  267.530429][ T8204] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.645654][ T8204] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  267.773866][ T8204] device hsr_slave_0 entered promiscuous mode
[  267.796765][ T8204] device hsr_slave_1 entered promiscuous mode
[  267.815968][ T8204] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  267.824238][ T4208] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  267.841482][ T4208] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  267.855566][ T8204] Cannot create hsr debugfs directory
[  267.921495][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  267.934906][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  267.962325][ T4530] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.980813][ T4208] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  268.000894][ T4208] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  268.011699][ T4208] usb 2-1: SerialNumber: syz
[  268.048075][ T4530] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.120310][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  268.127974][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  268.158944][ T7982] 8021q: adding VLAN 0 to HW filter on device batadv0
[  268.235101][ T7955] 8021q: adding VLAN 0 to HW filter on device batadv0
[  268.306763][ T4530] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.322791][ T4208] usb 2-1: 0:2 : does not exist
[  268.327759][ T4208] usb 2-1: unit 5: unexpected type 0x09
[  268.385771][ T4208] usb 2-1: USB disconnect, device number 8
[  268.397588][ T4536] Bluetooth: hci1: command 0x041b tx timeout
[  268.521645][ T4530] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.798343][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  268.813050][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  268.955578][ T7955] device veth0_vlan entered promiscuous mode
[  268.965237][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  268.987602][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  269.011896][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  269.035490][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  269.092852][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  269.110623][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  269.121369][ T7955] device veth1_vlan entered promiscuous mode
[  269.135381][  T365] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  269.152283][  T365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  269.182046][  T365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  269.217165][ T7982] device veth0_vlan entered promiscuous mode
[  269.237176][  T365] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  269.247599][  T365] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  269.264428][ T7982] device veth1_vlan entered promiscuous mode
[  269.349288][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  269.376706][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  269.425470][ T7955] device veth0_macvtap entered promiscuous mode
[  269.507724][ T7982] device veth0_macvtap entered promiscuous mode
[  269.547205][ T7955] device veth1_macvtap entered promiscuous mode
[  269.773400][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  269.838753][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  270.069255][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  270.180962][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  270.218388][ T7982] device veth1_macvtap entered promiscuous mode
[  270.280877][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  270.294220][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  270.329539][ T7982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.350141][ T7982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.360538][ T7982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.384261][ T7982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.394262][ T7982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.414154][ T7982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.426059][ T7982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.445330][ T7982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.467668][ T7982] batman_adv: batadv0: Interface activated: batadv_slave_0
[  270.582842][ T7955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.596579][ T7955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.606605][ T7955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.620882][   T23] Bluetooth: hci1: command 0x040f tx timeout
[  270.631546][ T7955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.641385][ T7955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.663550][ T7955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.673398][ T7955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.685186][ T7955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.695490][ T7955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.706315][ T7955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.718175][ T7955] batman_adv: batadv0: Interface activated: batadv_slave_0
[  270.734805][  T365] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  270.743859][  T365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  270.753755][  T365] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  270.763251][  T365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  270.789674][ T7982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.803221][ T7982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.813651][ T7982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.824750][ T7982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.835190][ T7982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.846105][ T7982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.856434][ T7982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.868527][ T7982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.896844][ T7982] batman_adv: batadv0: Interface activated: batadv_slave_1
[  270.909140][ T7955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.926065][ T7955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.936580][ T7955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.958002][ T7955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.969645][ T7955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.983634][ T7955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.994189][ T7955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  271.005069][ T7955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.015010][ T7955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  271.026680][ T7955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.038476][ T7955] batman_adv: batadv0: Interface activated: batadv_slave_1
[  271.050756][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  271.060807][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  271.069906][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  271.079012][ T1275] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  271.092508][ T7982] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  271.101250][ T7982] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  271.119152][ T7982] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  271.133043][ T7982] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  271.223634][ T7955] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  271.248527][ T7955] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  271.259326][ T7955] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  271.280196][ T7955] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  271.302481][ T8204] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  271.382889][ T8204] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  271.432527][ T8204] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  271.449177][ T8204] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  271.597330][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  271.621743][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  271.757806][ T1275] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  271.782923][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  271.808093][ T1275] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  271.906226][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  272.577264][ T4530] device hsr_slave_0 left promiscuous mode
[  272.652793][ T4530] device hsr_slave_1 left promiscuous mode
[  272.672198][ T4530] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  272.722893][ T4530] batman_adv: batadv0: Removing interface: batadv_slave_0
[  272.761317][ T4530] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  272.800148][ T4530] batman_adv: batadv0: Removing interface: batadv_slave_1
[  272.823952][ T4530] device bridge_slave_1 left promiscuous mode
[  272.830201][ T4530] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.844687][ T4157] Bluetooth: hci1: command 0x0419 tx timeout
[  272.859692][ T4530] device bridge_slave_0 left promiscuous mode
[  272.866170][ T4530] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.880855][ T4530] device veth1_macvtap left promiscuous mode
[  272.886926][ T4530] device veth0_macvtap left promiscuous mode
[  272.901452][ T8403] netlink: 104 bytes leftover after parsing attributes in process `syz.0.955'.
[  272.933250][ T4530] device veth1_vlan left promiscuous mode
[  272.939086][ T4530] device veth0_vlan left promiscuous mode
[  276.436729][ T8450] cgroup: none used incorrectly
[  276.459030][ T4489] Bluetooth: hci3: command 0x0406 tx timeout
[  276.922273][ T4530] team0 (unregistering): Port device team_slave_1 removed
[  276.969409][ T4530] team0 (unregistering): Port device team_slave_0 removed
[  277.022537][ T4530] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  277.079048][ T4530] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  277.321319][ T4530] bond0 (unregistering): Released all slaves
[  277.439963][  T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  277.482358][  T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  277.542638][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  277.615535][ T8204] 8021q: adding VLAN 0 to HW filter on device bond0
[  277.717413][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  277.754535][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  277.775825][ T8204] 8021q: adding VLAN 0 to HW filter on device team0
[  277.790303][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  277.803920][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  277.877368][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  278.316428][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  278.480552][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  278.499914][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.507347][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  278.533843][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  278.600147][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  278.623180][ T8494] loop5: detected capacity change from 0 to 2048
[  278.632455][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  278.662855][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.669996][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  278.726039][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  278.765758][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  278.778613][ T8494] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  278.850122][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  278.903190][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  278.921098][ T8498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  278.935409][ T8498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  278.958981][ T8498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  278.980630][ T8498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  278.990717][ T8498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  279.001666][ T8498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.013104][ T8498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  279.024016][ T8498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.042938][ T8498] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  279.096149][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  279.173378][    T7] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  279.238362][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  279.247991][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  279.272327][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  279.302894][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  279.318097][ T8204] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  279.342796][ T8204] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  279.369863][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  279.395182][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  279.484000][    T7] usb 8-1: Using ep0 maxpacket: 16
[  279.522043][ T8538] netlink: 4 bytes leftover after parsing attributes in process `syz.5.982'.
[  279.543473][ T8541] syz.1.983 uses obsolete (PF_INET,SOCK_PACKET)
[  279.565429][ T8538] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  279.597814][ T8538] batman_adv: batadv0: Removing interface: batadv_slave_0
[  279.614361][ T8538] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  279.633265][    T7] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  279.642961][    T7] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0
[  279.659318][ T8538] batman_adv: batadv0: Removing interface: batadv_slave_1
[  279.713798][    T7] usb 8-1: config 0 interface 0 has no altsetting 0
[  279.911404][    T7] usb 8-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  279.920485][    T7] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.972743][    T7] usb 8-1: Product: syz
[  279.982751][    T7] usb 8-1: Manufacturer: syz
[  279.997435][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  280.000865][    T7] usb 8-1: SerialNumber: syz
[  280.018282][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  280.029526][    T7] usb 8-1: config 0 descriptor??
[  280.053873][ T8204] 8021q: adding VLAN 0 to HW filter on device batadv0
[  280.330017][ T8507] deleting an unspecified loop device is not supported.
[  280.382029][    T7] usb 8-1: Can not set alternate setting to 1, error: -71
[  280.389204][    T7] synaptics_usb: probe of 8-1:0.0 failed with error -71
[  280.421789][    T7] usb 8-1: USB disconnect, device number 3
[  281.425102][ T8599] netlink: 16 bytes leftover after parsing attributes in process `syz.0.997'.
[  281.493367][ T8599] team_slave_0: Device is already in use.
[  281.568598][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  281.577620][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  281.676535][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  281.692565][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  281.722733][ T8611] loop5: detected capacity change from 0 to 2048
[  281.734495][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  281.778800][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  281.807775][ T8204] device veth0_vlan entered promiscuous mode
[  281.831819][ T8611] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  281.871224][ T8611] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  281.879872][ T8204] device veth1_vlan entered promiscuous mode
[  281.943884][ T8626] netlink: 1276 bytes leftover after parsing attributes in process `syz.0.1003'.
[  282.099755][ T8204] device veth0_macvtap entered promiscuous mode
[  282.132353][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  282.143409][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  282.168708][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  282.191412][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  282.211806][ T8634] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1008'.
[  282.314467][ T8204] device veth1_macvtap entered promiscuous mode
[  282.321562][ T4206] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  282.336339][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  282.347277][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  282.390683][ T8204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  282.444848][ T8204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  282.454718][ T8204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  282.557311][ T8204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  282.576786][ T8204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  282.583738][ T4206] usb 8-1: Using ep0 maxpacket: 16
[  282.637243][ T8204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  282.677581][ T8204] batman_adv: batadv0: Interface activated: batadv_slave_0
[  282.700248][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  282.712114][ T4206] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  282.729945][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  282.737184][ T4206] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  282.771660][ T8204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  282.799033][ T4206] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  282.805978][ T8668] netlink: 220 bytes leftover after parsing attributes in process `syz.1.1017'.
[  282.843569][ T8204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  282.844469][ T4206] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  282.867381][ T8204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  282.893671][ T4206] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.900690][ T8204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  282.927789][ T4206] usb 8-1: config 0 descriptor??
[  282.947047][ T8204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  282.980452][ T8204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  282.994895][ T8204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  283.005683][ T8204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.017606][ T8204] batman_adv: batadv0: Interface activated: batadv_slave_1
[  283.068164][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  283.081213][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  283.102255][ T8204] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  283.111390][ T8204] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  283.121043][ T8204] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  283.129929][ T8204] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  283.235433][ T8682] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1021'.
[  283.290539][ T8686] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1021'.
[  283.380750][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  283.417148][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  283.448548][ T4206] input: HID 045e:07da as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/0003:045E:07DA.000B/input/input16
[  283.491118][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  283.510134][ T8693] netlink: 'syz.1.1024': attribute type 1 has an invalid length.
[  283.544455][ T8695] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  283.617909][ T4206] microsoft 0003:045E:07DA.000B: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.7-1/input0
[  283.736257][ T1106] usb 8-1: USB disconnect, device number 4
[  283.759988][ T8697] bond1: (slave veth3): Enslaving as a backup interface with a down link
[  283.824305][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  283.851070][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  283.888643][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  285.213026][ T8773] tipc: Started in network mode
[  285.235145][ T8773] tipc: Node identity 369aae636f72, cluster identity 4711
[  285.246951][ T8773] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  285.496178][ T8771] tipc: Resetting bearer <eth:syzkaller0>
[  285.688177][ T8771] tipc: Disabling bearer <eth:syzkaller0>
[  286.821633][ T8817] sctp: [Deprecated]: syz.1.1057 (pid 8817) Use of struct sctp_assoc_value in delayed_ack socket option.
[  286.821633][ T8817] Use struct sctp_sack_info instead
[  286.842813][ T8818] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1053'.
[  287.589880][ T8855] loop5: detected capacity change from 0 to 1024
[  287.703746][ T8855] EXT4-fs (loop5): Ignoring removed orlov option
[  287.822509][ T8855] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option
[  287.984053][ T8855] EXT4-fs (loop5): mounted filesystem without journal. Opts: discard,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  288.346427][ T8882] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1076'.
[  288.651789][ T8890] ip6_tunnel: non-ECT from fe80:0000:0000:0000:0000:0000:0000:0000 with DS=0x2
[  289.033885][ T8897] loop7: detected capacity change from 0 to 1024
[  289.166052][ T8897] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  289.188979][ T8897] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869)
[  289.245282][ T8897] EXT4-fs (loop7): invalid journal inode
[  289.353552][ T8910] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1084'.
[  290.578540][ T8945] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1096'.
[  290.644985][ T8945] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.665851][ T8951] Cannot find add_set index 1 as target
[  290.775160][ T8945] device bridge_slave_0 left promiscuous mode
[  290.792318][ T8945] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.328084][ T8974] loop5: detected capacity change from 0 to 1024
[  291.410258][ T8974] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  291.442000][ T8974] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869)
[  291.498466][ T8974] EXT4-fs (loop5): invalid journal inode
[  291.816166][ T8995] tipc: Started in network mode
[  291.831140][ T8995] tipc: Node identity ac1414aa, cluster identity 4711
[  291.880870][ T8995] tipc: Enabled bearer <udp:s>, priority 10
[  291.901808][ T9005] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1110'.
[  292.188403][ T9015] loop7: detected capacity change from 0 to 2048
[  292.320848][ T9015] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  292.724049][ T9044] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  292.890024][ T9044] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28
[  292.913334][ T9044] EXT4-fs (loop7): This should not happen!! Data will be lost
[  292.913334][ T9044] 
[  293.039015][ T9044] EXT4-fs (loop7): Total free blocks count 0
[  293.072392][ T1106] tipc: Node number set to 2886997162
[  293.082074][ T9044] EXT4-fs (loop7): Free/Dirty block details
[  293.088020][ T9044] EXT4-fs (loop7): free_blocks=2415919104
[  293.201231][ T9044] EXT4-fs (loop7): dirty_blocks=64
[  293.257666][ T9044] EXT4-fs (loop7): Block reservation details
[  293.337673][ T9044] EXT4-fs (loop7): i_reserved_data_blocks=4
[  294.073516][ T9104] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1139'.
[  294.296538][ T9114] tc_dump_action: action bad kind
[  294.909476][    T9] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  294.939241][    T9] EXT4-fs (loop7): This should not happen!! Data will be lost
[  294.939241][    T9] 
[  296.457758][ T9169] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1154'.
[  296.519903][ T9174] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1160'.
[  299.269518][ T9258] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1183'.
[  299.531362][ T9263] Cannot find add_set index 0 as target
[  300.710851][ T9270] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1186'.
[  301.259500][ T9302] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1197'.
[  301.353032][ T9302] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1197'.
[  301.628950][ T9321] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1200'.
[  301.879728][ T9328] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1203'.
[  303.122980][ T9375] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1213'.
[  303.136608][ T9378] netlink: 'syz.1.1215': attribute type 1 has an invalid length.
[  303.163004][ T9375] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1213'.
[  303.198070][ T9375] batman_adv: Cannot find parent device
[  303.250426][ T9381] loop7: detected capacity change from 0 to 1024
[  303.375215][ T9381] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  303.416445][ T9381] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869)
[  303.448033][ T9381] EXT4-fs (loop7): invalid journal inode
[  304.554472][ T9422] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1227'.
[  304.570130][ T9430] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1230'.
[  307.502202][ T9477] device netdevsim1 entered promiscuous mode
[  307.521056][ T9477] device macsec1 entered promiscuous mode
[  307.532261][ T9477] device netdevsim1 left promiscuous mode
[  307.756979][ T9502] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1252'.
[  308.340056][ T9531] netlink: 'syz.0.1257': attribute type 12 has an invalid length.
[  308.779832][ T9538] device syzkaller1 entered promiscuous mode
[  308.819491][ T9545] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1261'.
[  310.406387][ T9603] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1272'.
[  311.294659][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  311.466433][ T9643] loop6: detected capacity change from 0 to 512
[  311.555421][ T9643] EXT4-fs (loop6): Ignoring removed mblk_io_submit option
[  311.581667][ T9643] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  311.624866][ T9643] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002]
[  311.643317][ T9643] System zones: 1-12
[  311.655236][ T9643] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2219: inode #15: comm syz.6.1280: corrupted in-inode xattr
[  311.764729][ T9643] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.1280: couldn't read orphan inode 15 (err -117)
[  311.833785][ T9643] EXT4-fs (loop6): mounted filesystem without journal. Opts: jqfmt=vfsold,barrier,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000000400,,errors=continue. Quota mode: none.
[  313.070906][ T9674] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1285'.
[  313.190470][ T9674] device bridge_slave_1 left promiscuous mode
[  313.209771][ T9674] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.249698][ T9676] bridge1: port 1(macvlan2) entered blocking state
[  313.282106][ T9676] bridge1: port 1(macvlan2) entered disabled state
[  313.330227][ T9676] device macvlan2 entered promiscuous mode
[  313.495552][ T9680] openvswitch: netlink: Key 0 has unexpected len 8 expected 0
[  315.514678][ T9751] loop5: detected capacity change from 0 to 512
[  315.541595][ T9751] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[  315.553660][ T9751] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  315.584443][ T9751] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002]
[  315.604508][ T9751] System zones: 1-12
[  315.616157][ T9751] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2219: inode #15: comm syz.5.1302: corrupted in-inode xattr
[  315.629201][ T9751] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.1302: couldn't read orphan inode 15 (err -117)
[  315.687179][ T9751] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,barrier,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000000400,,errors=continue. Quota mode: none.
[  315.741903][ T9762] loop7: detected capacity change from 0 to 2048
[  316.099726][ T9762] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  316.526468][ T9792] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  316.542149][ T9792] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28
[  316.554620][ T9792] EXT4-fs (loop7): This should not happen!! Data will be lost
[  316.554620][ T9792] 
[  316.565137][ T9792] EXT4-fs (loop7): Total free blocks count 0
[  316.571508][ T9792] EXT4-fs (loop7): Free/Dirty block details
[  316.577496][ T9792] EXT4-fs (loop7): free_blocks=2415919104
[  316.583333][ T9792] EXT4-fs (loop7): dirty_blocks=64
[  316.588509][ T9792] EXT4-fs (loop7): Block reservation details
[  316.594622][ T9792] EXT4-fs (loop7): i_reserved_data_blocks=4
[  317.073230][  T144] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  317.118108][  T144] EXT4-fs (loop7): This should not happen!! Data will be lost
[  317.118108][  T144] 
[  317.353176][ T9806] netlink: 'syz.7.1313': attribute type 1 has an invalid length.
[  317.434722][ T9806] 8021q: adding VLAN 0 to HW filter on device bond1
[  317.457644][ T9808] netlink: 'syz.0.1315': attribute type 1 has an invalid length.
[  317.620344][ T9812] 8021q: adding VLAN 0 to HW filter on device bond1
[  317.652542][ T9812] bond1: (slave vti0): The slave device specified does not support setting the MAC address
[  317.663768][    T7] Bluetooth: hci0: command 0x0c1a tx timeout
[  317.714884][ T9812] bond1: (slave vti0): Error -95 calling set_mac_address
[  317.791379][ T9813] bond1: (slave xfrm1): The slave device specified does not support setting the MAC address
[  317.830866][ T9813] bond1: (slave xfrm1): Setting fail_over_mac to active for active-backup mode
[  317.864445][ T9813] bond1: (slave xfrm1): making interface the new active one
[  317.890963][ T9813] bond1: (slave xfrm1): Enslaving as an active interface with an up link
[  317.912752][ T9814] netlink: 'syz.7.1313': attribute type 25 has an invalid length.
[  317.946154][ T9814] netlink: 'syz.7.1313': attribute type 7 has an invalid length.
[  318.671741][ T9860] loop7: detected capacity change from 0 to 2048
[  318.769813][ T9861] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  318.865228][ T9860] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  318.873079][ T9858] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  318.926646][ T9871] loop5: detected capacity change from 0 to 1024
[  319.003296][ T9877] netlink: 'syz.6.1327': attribute type 8 has an invalid length.
[  319.073095][ T9871] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  319.151186][ T9871] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869)
[  319.267204][ T9882] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  319.282903][ T9882] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28
[  319.296307][ T9882] EXT4-fs (loop7): This should not happen!! Data will be lost
[  319.296307][ T9882] 
[  319.306290][ T9882] EXT4-fs (loop7): Total free blocks count 0
[  319.312369][ T9882] EXT4-fs (loop7): Free/Dirty block details
[  319.318388][ T9882] EXT4-fs (loop7): free_blocks=2415919104
[  319.324238][ T9882] EXT4-fs (loop7): dirty_blocks=64
[  319.329496][ T9882] EXT4-fs (loop7): Block reservation details
[  319.335616][ T9882] EXT4-fs (loop7): i_reserved_data_blocks=4
[  319.580587][ T9871] EXT4-fs (loop5): invalid journal inode
[  319.668992][ T9887] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1328'.
[  319.868803][ T4334] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  319.918754][ T4334] EXT4-fs (loop7): This should not happen!! Data will be lost
[  319.918754][ T4334] 
[  319.926154][ T9898] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1334'.
[  320.121069][ T9887] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.229004][ T9911] 8021q: adding VLAN 0 to HW filter on device bond1
[  320.253201][ T9920] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  320.306133][ T9911] syz.5.1338[9911] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  320.306238][ T9911] syz.5.1338[9911] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  320.403379][ T9887] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.536623][ T9887] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.639940][ T9887] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.849490][ T9887] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  320.906355][ T9887] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  320.932002][ T9887] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  321.014993][ T9887] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  321.058373][ T9913] netlink: 'syz.0.1337': attribute type 9 has an invalid length.
[  321.496824][ T9962] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  322.044626][ T9963] device netdevsim0 entered promiscuous mode
[  322.086583][ T9963] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  322.352460][ T9991] netlink: 'syz.5.1353': attribute type 1 has an invalid length.
[  322.545102][    T7] Bluetooth: hci0: command 0x0c1a tx timeout
[  322.555463][ T9996] bond2: (slave xfrm1): The slave device specified does not support setting the MAC address
[  322.573438][ T9996] bond2: (slave xfrm1): Setting fail_over_mac to active for active-backup mode
[  322.654056][ T9996] bond2: (slave xfrm1): making interface the new active one
[  322.687364][ T9996] bond2: (slave xfrm1): Enslaving as an active interface with an up link
[  324.106089][ T4157] Bluetooth: hci1: command 0x0407 tx timeout
[  324.261983][T10047] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1366'.
[  324.438494][T10059] syz.0.1371 sent an empty control message without MSG_MORE.
[  324.499437][T10059] netlink: 'syz.0.1371': attribute type 12 has an invalid length.
[  325.344983][T10112] netlink: 'syz.7.1391': attribute type 12 has an invalid length.
[  326.056221][T10138] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1398'.
[  326.067126][T10138] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1398'.
[  326.089201][T10138] device bridge0 entered promiscuous mode
[  326.099092][T10138] device batadv_slave_1 entered promiscuous mode
[  326.112763][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready
[  326.478092][T10160] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1407'.
[  326.642892][T10171] netlink: 'syz.0.1410': attribute type 1 has an invalid length.
[  326.747521][T10171] 8021q: adding VLAN 0 to HW filter on device bond2
[  326.805897][T10177] 8021q: adding VLAN 0 to HW filter on device bond2
[  326.821854][T10177] bond2: (slave vti0): The slave device specified does not support setting the MAC address
[  326.833666][T10177] bond2: (slave vti0): Error -95 calling set_mac_address
[  327.965815][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  327.972218][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  328.390093][T10232] netlink: 'syz.7.1426': attribute type 3 has an invalid length.
[  328.547267][T10239] netlink: 148 bytes leftover after parsing attributes in process `syz.7.1427'.
[  329.103394][T10248] hub 6-0:1.0: USB hub found
[  329.108374][T10248] hub 6-0:1.0: 1 port detected
[  329.572880][T10274] Cannot find add_set index 0 as target
[  330.505846][T10303] netlink: 'syz.6.1442': attribute type 12 has an invalid length.
[  330.750256][T10314] hub 6-0:1.0: USB hub found
[  330.755619][T10314] hub 6-0:1.0: 1 port detected
[  330.953386][T10311] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1444'.
[  331.551425][T10351] loop6: detected capacity change from 0 to 2048
[  331.719215][T10351] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  331.733404][T10363] netlink: 'syz.0.1454': attribute type 12 has an invalid length.
[  331.915592][T10367] sctp: [Deprecated]: syz.1.1455 (pid 10367) Use of struct sctp_assoc_value in delayed_ack socket option.
[  331.915592][T10367] Use struct sctp_sack_info instead
[  332.083128][T10375] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  332.098607][T10375] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28
[  332.111816][T10375] EXT4-fs (loop6): This should not happen!! Data will be lost
[  332.111816][T10375] 
[  332.121940][T10375] EXT4-fs (loop6): Total free blocks count 0
[  332.128051][T10375] EXT4-fs (loop6): Free/Dirty block details
[  332.134031][T10375] EXT4-fs (loop6): free_blocks=2415919104
[  332.139869][T10375] EXT4-fs (loop6): dirty_blocks=64
[  332.145054][T10375] EXT4-fs (loop6): Block reservation details
[  332.151128][T10375] EXT4-fs (loop6): i_reserved_data_blocks=4
[  332.638403][    T9] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  332.696683][    T9] EXT4-fs (loop6): This should not happen!! Data will be lost
[  332.696683][    T9] 
[  334.000110][T10448] sctp: [Deprecated]: syz.1.1476 (pid 10448) Use of int in max_burst socket option deprecated.
[  334.000110][T10448] Use struct sctp_assoc_value instead
[  334.220464][T10460] device syzkaller1 entered promiscuous mode
[  334.276561][T10460] netlink: 80 bytes leftover after parsing attributes in process `syz.6.1478'.
[  334.888541][T10494] loop6: detected capacity change from 0 to 1024
[  334.977414][T10494] EXT4-fs (loop6): Ignoring removed orlov option
[  334.995855][T10494] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[  335.003601][T10502] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  335.105835][T10494] EXT4-fs (loop6): mounted filesystem without journal. Opts: discard,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  335.904656][T10534] device syzkaller0 entered promiscuous mode
[  337.770407][T10588] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1511'.
[  338.001074][T10593] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input17
[  338.240054][T10606] netlink: 312 bytes leftover after parsing attributes in process `syz.0.1514'.
[  338.338742][T10606] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1514'.
[  338.349290][T10606] batman_adv: batadv0: Removing interface: batadv_slave_0
[  338.365722][T10606] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  338.383128][T10606] batman_adv: batadv0: Removing interface: batadv_slave_1
[  338.408169][T10616] Cannot find set identified by id 0 to match
[  338.534052][T10620] netlink: 148 bytes leftover after parsing attributes in process `syz.7.1516'.
[  338.779829][T10625] openvswitch: netlink: Flow actions attr not present in new flow.
[  338.998717][T10634] raw_sendmsg: syz.0.1518 forgot to set AF_INET. Fix it!
[  339.345107][T10649] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1522'.
[  340.341219][T10694] netlink: 148 bytes leftover after parsing attributes in process `syz.6.1534'.
[  340.920355][T10718] device team_slave_0 entered promiscuous mode
[  340.927336][T10718] device team_slave_1 entered promiscuous mode
[  341.178979][ T4536] Bluetooth: hci0: command 0x0c1a tx timeout
[  341.615850][T10718] device macsec1 entered promiscuous mode
[  341.662761][   T13] Bluetooth: hci2: command 0x0406 tx timeout
[  341.674409][T10718] device team0 entered promiscuous mode
[  341.765124][T10718] device team0 left promiscuous mode
[  341.843171][T10718] device team_slave_0 left promiscuous mode
[  341.849213][T10718] device team_slave_1 left promiscuous mode
[  342.148743][T10743] netlink: 'syz.0.1545': attribute type 12 has an invalid length.
[  342.287424][T10755] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1549'.
[  342.307860][T10756] netlink: 56 bytes leftover after parsing attributes in process `syz.7.1548'.
[  342.330547][T10755] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1549'.
[  342.360810][T10755] device gtp0 entered promiscuous mode
[  342.556314][T10768] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1551'.
[  342.728323][T10773] device syzkaller0 entered promiscuous mode
[  343.106590][T10792] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1556'.
[  343.476888][T10810] netlink: 'syz.1.1559': attribute type 1 has an invalid length.
[  343.634723][T10816] bond2: (slave xfrm1): The slave device specified does not support setting the MAC address
[  343.647167][T10820] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1561'.
[  343.664537][T10816] bond2: (slave xfrm1): Setting fail_over_mac to active for active-backup mode
[  343.684190][T10816] bond2: (slave xfrm1): making interface the new active one
[  343.692517][T10820] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1561'.
[  343.697974][T10816] bond2: (slave xfrm1): Enslaving as an active interface with an up link
[  343.712963][T10820] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1561'.
[  343.721741][T10818] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1560'.
[  345.730892][T10884] __nla_validate_parse: 7 callbacks suppressed
[  345.730911][T10884] netlink: 312 bytes leftover after parsing attributes in process `syz.6.1577'.
[  346.147561][T10911] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1582'.
[  346.209924][T10916] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1584'.
[  346.222929][T10914] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1583'.
[  346.223084][T10916] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1584'.
[  346.250252][T10916] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1584'.
[  346.263990][T10916] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1584'.
[  346.524929][T10936] netlink: 'syz.5.1588': attribute type 1 has an invalid length.
[  347.173901][T10975] netlink: 'syz.1.1600': attribute type 1 has an invalid length.
[  348.436735][T11036] device vlan2 entered promiscuous mode
[  348.663165][T11051] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1615'.
[  348.856019][T11064] device bridge0 entered promiscuous mode
[  348.880140][T11064] bond0: (slave macvlan3): Enslaving as an active interface with an up link
[  348.926453][T11067] : renamed from ipvlan1
[  349.827217][T11098] loop7: detected capacity change from 0 to 1024
[  349.991700][T11098] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  350.034889][T11098] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869)
[  350.057841][T11110] netlink: 'syz.0.1632': attribute type 1 has an invalid length.
[  350.063030][T11098] EXT4-fs (loop7): invalid journal inode
[  350.128507][T11110] 8021q: adding VLAN 0 to HW filter on device bond3
[  351.452737][T11170] netlink: 'syz.6.1647': attribute type 1 has an invalid length.
[  351.559804][T11172] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1648'.
[  351.690583][T11170] 8021q: adding VLAN 0 to HW filter on device bond1
[  351.908414][T11191] netlink: 'syz.7.1653': attribute type 1 has an invalid length.
[  352.282234][T11203] device hsr0 entered promiscuous mode
[  352.338507][T11203] device hsr0 left promiscuous mode
[  352.506449][T11209] openvswitch: netlink: Key 0 has unexpected len 3 expected 0
[  354.445716][T11265] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1675'.
[  354.517665][T11263] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1675'.
[  355.757568][T11308] netlink: 'syz.5.1686': attribute type 1 has an invalid length.
[  357.314427][T11352] netlink: 'syz.5.1700': attribute type 1 has an invalid length.
[  357.925134][T11381] netlink: 132 bytes leftover after parsing attributes in process `syz.7.1708'.
[  358.017641][T11384] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1709'.
[  358.160644][T11388] device syzkaller0 entered promiscuous mode
[  358.317646][T11401] netlink: 'syz.0.1713': attribute type 1 has an invalid length.
[  359.176533][T11453] netlink: 'syz.0.1727': attribute type 1 has an invalid length.
[  359.283027][T11453] 8021q: adding VLAN 0 to HW filter on device bond5
[  359.301373][T11459] netlink: 'syz.1.1728': attribute type 1 has an invalid length.
[  359.808123][T11474] netlink: 48 bytes leftover after parsing attributes in process `syz.7.1730'.
[  359.839904][T11474] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1730'.
[  359.867485][T11474] device bridge_slave_0 left promiscuous mode
[  359.898935][T11474] bridge0: port 1(bridge_slave_0) entered disabled state
[  360.012462][T11474] device bridge0 left promiscuous mode
[  360.656840][T11509] netlink: 'syz.7.1742': attribute type 1 has an invalid length.
[  360.721116][T11509] 8021q: adding VLAN 0 to HW filter on device bond2
[  361.258784][T11552] netlink: 'syz.1.1755': attribute type 1 has an invalid length.
[  361.346722][T11552] 8021q: adding VLAN 0 to HW filter on device bond5
[  362.801772][T11635] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  363.053775][T11654] ieee802154 phy0 wpan0: encryption failed: -22
[  363.385848][T11678] tipc: Started in network mode
[  363.391684][T11678] tipc: Node identity dadb2923bb17, cluster identity 4711
[  363.400790][T11678] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  363.420393][T11676] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1783'.
[  363.464196][T11677] tipc: Disabling bearer <eth:syzkaller0>
[  363.576249][ T4174] Bluetooth: hci1: link tx timeout
[  363.582836][ T4174] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[  363.856230][T11703] netlink: 'syz.6.1790': attribute type 1 has an invalid length.
[  363.908496][T11703] 8021q: adding VLAN 0 to HW filter on device bond2
[  364.117534][T11719] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input18
[  364.410807][T11731] tipc: Started in network mode
[  364.426352][T11731] tipc: Node identity aeb0ecd98323, cluster identity 4711
[  364.434742][T11731] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  364.472684][T11730] tipc: Disabling bearer <eth:syzkaller0>
[  365.172596][T11757] netlink: 'syz.5.1803': attribute type 1 has an invalid length.
[  365.275929][T11757] 8021q: adding VLAN 0 to HW filter on device bond6
[  365.453111][T11771] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1806'.
[  365.604590][T11773] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1807'.
[  365.626479][T11779] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  365.675461][T11778] tipc: Disabling bearer <eth:syzkaller0>
[  365.810169][ T4206] Bluetooth: hci1: command 0x0406 tx timeout
[  365.950997][T11790] device vlan2 entered promiscuous mode
[  365.989687][T11790] device ip6gretap0 entered promiscuous mode
[  366.028626][T11790] device ip6gretap0 left promiscuous mode
[  366.437130][T11821] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1819'.
[  366.978783][T11850] device team_slave_0 entered promiscuous mode
[  366.985112][T11850] device team_slave_1 entered promiscuous mode
[  367.029115][T11850] device macsec1 entered promiscuous mode
[  367.047920][T11850] device team0 entered promiscuous mode
[  367.166804][T11866] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1829'.
[  367.547431][T11876] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1833'.
[  368.072448][T11909] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1841'.
[  368.498652][T11926] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1846'.
[  370.304232][T12012] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1869'.
[  370.306190][T12014] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  370.325117][T12012] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1869'.
[  372.777468][T12102] dccp_invalid_packet: P.Data Offset(4) too small
[  373.408871][T12131] lo speed is unknown, defaulting to 1000
[  373.467927][T12131] lo speed is unknown, defaulting to 1000
[  373.543986][T12131] lo speed is unknown, defaulting to 1000
[  373.615063][T12144] netlink: 'syz.7.1900': attribute type 12 has an invalid length.
[  373.637666][T12131] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  373.731115][T12131] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  373.879314][T12131] lo speed is unknown, defaulting to 1000
[  373.929297][T12131] lo speed is unknown, defaulting to 1000
[  373.969441][T12131] lo speed is unknown, defaulting to 1000
[  373.980922][T12131] lo speed is unknown, defaulting to 1000
[  374.007430][T12131] lo speed is unknown, defaulting to 1000
[  374.058171][T12131] lo speed is unknown, defaulting to 1000
[  374.121757][T12164] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1905'.
[  374.892415][T12196] hub 6-0:1.0: USB hub found
[  374.899878][T12196] hub 6-0:1.0: 1 port detected
[  375.230253][T12201] netlink: 'syz.1.1915': attribute type 12 has an invalid length.
[  375.620404][T12214] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  375.911904][T12225] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1920'.
[  376.505875][T12256] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1930'.
[  376.536027][T12260] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1931'.
[  376.890140][T12276] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1936'.
[  377.683595][T12325] netlink: 'syz.7.1947': attribute type 12 has an invalid length.
[  378.101879][T12340] netlink: 148 bytes leftover after parsing attributes in process `syz.5.1948'.
[  378.368956][T12351] netlink: 'syz.5.1951': attribute type 30 has an invalid length.
[  379.094125][T12393] netlink: 'syz.1.1959': attribute type 12 has an invalid length.
[  379.434706][T12413] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1961'.
[  379.758266][T12417] delete_channel: no stack
[  380.055434][T12454] device syz_tun entered promiscuous mode
[  380.082007][T12454] device macsec1 entered promiscuous mode
[  380.104580][T12454] device syz_tun left promiscuous mode
[  380.216154][T12461] netlink: 'syz.7.1976': attribute type 12 has an invalid length.
[  381.066858][T12503] device syzkaller0 entered promiscuous mode
[  381.589931][T12535] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1996'.
[  381.730514][T12552] netlink: 'syz.5.2003': attribute type 10 has an invalid length.
[  381.780681][T12552] netlink: 2 bytes leftover after parsing attributes in process `syz.5.2003'.
[  381.825615][T12552] bridge0: port 3(team0) entered blocking state
[  381.857493][T12552] bridge0: port 3(team0) entered disabled state
[  381.884172][T12552] device team0 entered promiscuous mode
[  381.910190][T12552] device team_slave_0 entered promiscuous mode
[  381.916578][T12552] device team_slave_1 entered promiscuous mode
[  381.970881][T12552] bridge0: port 3(team0) entered blocking state
[  381.977269][T12552] bridge0: port 3(team0) entered forwarding state
[  382.409737][T12596] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2015'.
[  382.624669][T12609] netlink: 'syz.6.2020': attribute type 12 has an invalid length.
[  382.711296][T12612] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2021'.
[  382.730662][T12615] device caif0 entered promiscuous mode
[  383.800900][T12649] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2029'.
[  383.829869][T12645] netlink: 892 bytes leftover after parsing attributes in process `syz.0.2027'.
[  383.964931][T12659] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  383.981448][T12666] netlink: 'syz.1.2035': attribute type 12 has an invalid length.
[  383.989855][T12659] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  384.003455][T12666] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2035'.
[  384.989032][ T4157] Bluetooth: hci0: command 0x0406 tx timeout
[  385.042793][ T4157] Bluetooth: hci5: command 0x0406 tx timeout
[  385.332216][T12714] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2045'.
[  385.378203][T12715] netlink: 892 bytes leftover after parsing attributes in process `syz.1.2044'.
[  385.569260][T12735] device bond0 entered promiscuous mode
[  385.591607][T12735] device bond_slave_0 entered promiscuous mode
[  385.610994][T12735] device bond_slave_1 entered promiscuous mode
[  386.692085][T12756] device vlan0 entered promiscuous mode
[  386.742724][T12756] device vlan0 left promiscuous mode
[  387.324616][T12781] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2061'.
[  387.433417][T12779] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2063'.
[  387.496756][T12785] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2062'.
[  387.611828][T12788] qfq: no options
[  389.515121][T12857] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2083'.
[  389.610035][T12862] lo speed is unknown, defaulting to 1000
[  391.518999][T12907] device vlan3 entered promiscuous mode
[  391.876968][T12918] netlink: 892 bytes leftover after parsing attributes in process `syz.6.2098'.
[  392.199637][T12943] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2107'.
[  392.835630][T12948] dccp_invalid_packet: P.Data Offset(4) too small
[  394.238329][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  394.244660][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  394.567385][T12975] netlink: 'syz.1.2115': attribute type 12 has an invalid length.
[  394.635484][T12975] device caif0 entered promiscuous mode
[  394.714963][T12982] netlink: 'syz.5.2116': attribute type 1 has an invalid length.
[  394.776306][T12992] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2119'.
[  395.031260][T12995] device syzkaller0 entered promiscuous mode
[  396.860838][T13041] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2131'.
[  397.051634][T13051] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2134'.
[  398.800050][T13081] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2144'.
[  399.146412][T13093] netlink: 148 bytes leftover after parsing attributes in process `syz.5.2145'.
[  400.554549][   T27] INFO: task syz.4.788:7634 blocked for more than 143 seconds.
[  400.562142][   T27]       Not tainted 5.15.170-syzkaller #0
[  400.565655][T13116] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2153'.
[  400.698276][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  400.711475][   T27] task:syz.4.788       state:D stack:23392 pid: 7634 ppid:  4176 flags:0x00004004
[  400.721016][   T27] Call Trace:
[  400.724664][   T27]  <TASK>
[  400.727653][   T27]  __schedule+0x12c4/0x45b0
[  400.732342][   T27]  ? release_firmware_map_entry+0x190/0x190
[  400.738350][   T27]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  400.744924][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  400.750223][   T27]  schedule+0x11b/0x1f0
[  400.754402][   T27]  find_inode_fast+0x315/0x450
[  400.759258][   T27]  ? iget_locked+0x7f0/0x7f0
[  400.763870][   T27]  ? bit_waitqueue+0x30/0x30
[  400.773143][   T27]  ? ____kasan_kmalloc+0xd1/0xf0
[  400.778786][   T27]  ? ____kasan_kmalloc+0xba/0xf0
[  400.784361][   T27]  ? __kmalloc_node+0x199/0x390
[  400.789332][   T27]  ? ext4_xattr_set_entry+0x2247/0x4040
[  400.795475][   T27]  ? ext4_xattr_block_set+0xb10/0x36a0
[  400.820323][   T27]  iget_locked+0xb2/0x7f0
[  400.844345][   T27]  __ext4_iget+0x25d/0x3f00
[  400.873949][   T27]  ? ext4_get_projid+0x140/0x140
[  400.882425][T13129] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2157'.
[  400.898756][   T27]  ? __kmalloc_node+0x199/0x390
[  400.903738][   T27]  ? kvmalloc_node+0x80/0x140
[  400.909010][   T27]  ? hlist_bl_lock+0x55/0x120
[  400.913722][   T27]  ext4_xattr_set_entry+0x22cd/0x4040
[  400.928593][   T27]  ? ____kasan_kmalloc+0xd1/0xf0
[  400.933582][   T27]  ? ____kasan_kmalloc+0xba/0xf0
[  400.938594][   T27]  ? ext4_xattr_ibody_set+0x330/0x330
[  400.955625][   T27]  ? __kmalloc+0x168/0x300
[  400.960531][   T27]  ext4_xattr_block_set+0xb10/0x36a0
[  400.966063][   T27]  ? errseq_check+0x39/0x70
[  400.970953][   T27]  ? ext4_xattr_block_find+0x510/0x510
[  400.976730][   T27]  ? __xattr_check_inode+0x396/0x3f0
[  400.982232][   T27]  ? ext4_xattr_ibody_set+0x131/0x330
[  400.987792][   T27]  ext4_xattr_set_handle+0xdac/0x1560
[  401.043813][   T27]  ? ext4_xattr_set_entry+0x4040/0x4040
[  401.171639][   T27]  ? register_lock_class+0x100/0x9a0
[  401.248694][   T27]  ? dquot_initialize+0x20/0x20
[  401.315788][   T27]  ? ext4_journal_check_start+0x17b/0x240
[  401.390553][   T27]  ? __ext4_journal_start_sb+0x1cb/0x370
[  401.465366][   T27]  ext4_xattr_set+0x26e/0x3d0
[  401.554399][   T27]  ? ext4_xattr_set_credits+0x2a0/0x2a0
[  401.576838][   T27]  ? posix_xattr_acl+0xa5/0xd0
[  401.587781][   T27]  ? evm_protect_xattr+0x33b/0xa70
[  401.593423][   T27]  ? ext4_xattr_trusted_get+0x40/0x40
[  401.599055][   T27]  __vfs_setxattr+0x3e7/0x420
[  401.609608][   T27]  __vfs_setxattr_noperm+0x12a/0x5e0
[  401.615517][   T27]  vfs_setxattr+0x21d/0x420
[  401.620692][   T27]  ? xattr_permission+0x4f0/0x4f0
[  401.631435][   T27]  ? __might_fault+0xb4/0x110
[  401.636608][   T27]  ? _copy_from_user+0x10f/0x170
[  401.641768][   T27]  setxattr+0x27e/0x2e0
[  401.660494][   T27]  ? path_setxattr+0x2a0/0x2a0
[  401.674376][   T27]  ? preempt_count_add+0x8f/0x180
[  401.680414][   T27]  ? __mnt_want_write+0x1e6/0x260
[  401.685633][   T27]  path_setxattr+0x1bc/0x2a0
[  401.696951][   T27]  ? simple_xattr_list_add+0xf0/0xf0
[  401.704422][   T27]  ? syscall_enter_from_user_mode+0x2e/0x240
[  401.721930][   T27]  __x64_sys_setxattr+0xb7/0xd0
[  401.729653][   T27]  do_syscall_64+0x3b/0xb0
[  401.736836][   T27]  ? clear_bhb_loop+0x15/0x70
[  401.742070][   T27]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  401.748097][   T27] RIP: 0033:0x7f0e086a2719
[  401.752653][   T27] RSP: 002b:00007f0e06b1a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  401.761097][   T27] RAX: ffffffffffffffda RBX: 00007f0e08859f80 RCX: 00007f0e086a2719
[  401.769188][   T27] RDX: 0000000020001400 RSI: 00000000200001c0 RDI: 0000000020000200
[  401.777222][   T27] RBP: 00007f0e0871532e R08: 0000000000000000 R09: 0000000000000000
[  401.785324][   T27] R10: 0000000000000835 R11: 0000000000000246 R12: 0000000000000000
[  401.793308][   T27] R13: 0000000000000000 R14: 00007f0e08859f80 R15: 00007ffe823dca58
[  401.801376][   T27]  </TASK>
[  401.804424][   T27] INFO: task syz.4.788:7662 blocked for more than 144 seconds.
[  401.812258][   T27]       Not tainted 5.15.170-syzkaller #0
[  401.818195][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  401.826934][   T27] task:syz.4.788       state:D stack:24504 pid: 7662 ppid:  4176 flags:0x00004004
[  401.836469][   T27] Call Trace:
[  401.842457][   T27]  <TASK>
[  401.845535][   T27]  __schedule+0x12c4/0x45b0
[  401.851175][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  401.857297][   T27]  ? print_irqtrace_events+0x210/0x210
[  401.862876][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  401.868099][   T27]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  401.874043][   T27]  ? release_firmware_map_entry+0x190/0x190
[  401.880057][   T27]  ? __might_sleep+0xc0/0xc0
[  401.884683][   T27]  ? prepare_to_wait_event+0x3aa/0x3e0
[  401.890259][   T27]  schedule+0x11b/0x1f0
[  401.894475][   T27]  mb_cache_entry_wait_unused+0x164/0x240
[  401.900215][   T27]  ? __mb_cache_entry_free+0x2d0/0x2d0
[  401.905779][   T27]  ? init_wait_var_entry+0x150/0x150
[  401.911443][   T27]  ? mb_cache_entry_delete_or_get+0x166/0x1f0
[  401.917613][   T27]  ext4_evict_ea_inode+0x146/0x2e0
[  401.922847][   T27]  ext4_evict_inode+0x17d/0x1100
[  401.927817][   T27]  ? _raw_spin_unlock+0x24/0x40
[  401.932675][   T27]  ? inode_wait_for_writeback+0x21f/0x280
[  401.938491][   T27]  ? sb_clear_inode_writeback+0x360/0x360
[  401.944401][   T27]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  401.950859][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  401.958004][   T27]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  401.964039][   T27]  evict+0x529/0x930
[  401.968220][   T27]  ? __lock_acquire+0x1ff0/0x1ff0
[  401.973302][   T27]  ? mode_strip_sgid+0x210/0x210
[  401.978331][   T27]  ? _raw_spin_unlock+0x24/0x40
[  401.983205][   T27]  ext4_xattr_inode_array_free+0x77/0xf0
[  401.989055][   T27]  ext4_evict_inode+0xdfc/0x1100
[  401.994014][   T27]  ? _raw_spin_unlock+0x24/0x40
[  401.998949][   T27]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  402.004860][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  402.010138][   T27]  ? _raw_spin_unlock+0x24/0x40
[  402.015002][   T27]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  402.020939][   T27]  evict+0x529/0x930
[  402.024863][   T27]  ? mode_strip_sgid+0x210/0x210
[  402.029874][   T27]  ? rcu_is_watching+0x11/0xa0
[  402.034660][   T27]  ? _raw_spin_unlock+0x24/0x40
[  402.039531][   T27]  ? iput+0x6f5/0x8b0
[  402.043602][   T27]  do_unlinkat+0x508/0x950
[  402.048042][   T27]  ? fsnotify_link_count+0xf0/0xf0
[  402.053236][   T27]  ? strncpy_from_user+0x209/0x370
[  402.058874][   T27]  __x64_sys_unlink+0x45/0x50
[  402.063661][   T27]  do_syscall_64+0x3b/0xb0
[  402.068092][   T27]  ? clear_bhb_loop+0x15/0x70
[  402.073081][   T27]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  402.079132][   T27] RIP: 0033:0x7f0e086a2719
[  402.084382][   T27] RSP: 002b:00007f0e06ad8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  402.092853][   T27] RAX: ffffffffffffffda RBX: 00007f0e0885a130 RCX: 00007f0e086a2719
[  402.101276][   T27] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000f40
[  402.109336][   T27] RBP: 00007f0e0871532e R08: 0000000000000000 R09: 0000000000000000
[  402.117403][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  402.125485][   T27] R13: 0000000000000001 R14: 00007f0e0885a130 R15: 00007ffe823dca58
[  402.133549][   T27]  </TASK>
[  402.136703][   T27] 
[  402.136703][   T27] Showing all locks held in the system:
[  402.144895][   T27] 1 lock held by khungtaskd/27:
[  402.149835][   T27]  #0: ffffffff8c91fc60 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30
[  402.159374][   T27] 4 locks held by kworker/u4:1/144:
[  402.167227][   T27]  #0: ffff8880171cd938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  402.187352][   T27]  #1: ffffc9000174fd20 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  402.201554][   T27]  #2: ffffffff8c924130 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x9c/0x4e0
[  402.215750][   T27]  #3: ffff8880b903a318 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140
[  402.227556][   T27] 2 locks held by getty/3922:
[  402.232340][   T27]  #0: ffff88814cb58098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  402.246674][   T27]  #1: ffffc900025ae2e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6af/0x1db0
[  402.259076][   T27] 2 locks held by kworker/0:4/4208:
[  402.264388][   T27]  #0: ffff888017072138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  402.278207][   T27]  #1: ffffc90003147d20 ((work_completion)(&rew.rew_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  402.289995][   T27] 3 locks held by syz.4.788/7634:
[  402.295137][   T27]  #0: ffff8880252e6460 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80
[  402.304865][   T27]  #1: ffff888063d567a0 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: vfs_setxattr+0x1dd/0x420
[  402.318200][   T27]  #2: ffff888063d56478 (&ei->xattr_sem){++++}-{3:3}, at: ext4_xattr_set_handle+0x270/0x1560
[  402.333389][   T27] 1 lock held by syz.4.788/7662:
[  402.338399][   T27]  #0: ffff8880252e6460 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80
[  402.347821][   T27] 2 locks held by dhcpcd/12134:
[  402.357393][   T27]  #0: ffff888063cad010 (&sb->s_type->i_mutex_key#11){+.+.}-{3:3}, at: sock_close+0x98/0x230
[  402.367825][   T27]  #1: ffffffff8c924228 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x280/0x740
[  402.384517][   T27] 1 lock held by syz.6.2157/13129:
[  402.389667][   T27]  #0: ffffffff8c924130 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x9c/0x4e0
[  402.400962][   T27] 1 lock held by dhcpcd-run-hook/13146:
[  402.413699][   T27] 
[  402.416754][   T27] =============================================
[  402.416754][   T27] 
[  402.425325][   T27] NMI backtrace for cpu 0
[  402.429663][   T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 5.15.170-syzkaller #0
[  402.437654][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  402.447723][   T27] Call Trace:
[  402.451023][   T27]  <TASK>
[  402.453973][   T27]  dump_stack_lvl+0x1e3/0x2d0
[  402.458678][   T27]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  402.464340][   T27]  ? panic+0x860/0x860
[  402.468439][   T27]  ? nmi_cpu_backtrace+0x23b/0x4a0
[  402.473575][   T27]  nmi_cpu_backtrace+0x46a/0x4a0
[  402.478539][   T27]  ? __wake_up_klogd+0xd5/0x100
[  402.483412][   T27]  ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0
[  402.489587][   T27]  ? _printk+0xd1/0x120
[  402.493760][   T27]  ? panic+0x860/0x860
[  402.497845][   T27]  ? __wake_up_klogd+0xcc/0x100
[  402.502693][   T27]  ? panic+0x860/0x860
[  402.506765][   T27]  ? __rcu_read_unlock+0x92/0x100
[  402.511789][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  402.517961][   T27]  nmi_trigger_cpumask_backtrace+0x181/0x2a0
[  402.523948][   T27]  watchdog+0xe72/0xeb0
[  402.528114][   T27]  kthread+0x3f6/0x4f0
[  402.532239][   T27]  ? hungtask_pm_notify+0x50/0x50
[  402.537265][   T27]  ? kthread_blkcg+0xd0/0xd0
[  402.541873][   T27]  ret_from_fork+0x1f/0x30
[  402.546300][   T27]  </TASK>
[  402.550456][   T27] Sending NMI from CPU 0 to CPUs 1:
[  402.555966][    C1] NMI backtrace for cpu 1
[  402.555977][    C1] CPU: 1 PID: 4207 Comm: kworker/1:5 Not tainted 5.15.170-syzkaller #0
[  402.555995][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  402.556006][    C1] Workqueue: events bpf_prog_free_deferred
[  402.556027][    C1] RIP: 0010:unwind_next_frame+0x451/0x1fa0
[  402.556049][    C1] Code: c1 e8 03 0f b6 04 10 84 c0 0f 85 49 14 00 00 0f b7 45 00 89 c3 83 e3 0f 0f 84 9b 00 00 00 8d 43 fe 83 f8 07 0f 87 29 01 00 00 <48> 89 6c 24 18 ff 24 c5 60 8f 88 8a 48 8b 44 24 30 80 3c 10 00 48
[  402.556063][    C1] RSP: 0018:ffffc90003137448 EFLAGS: 00000297
[  402.556076][    C1] RAX: 0000000000000003 RBX: 0000000000000005 RCX: ffffffff8df7732c
[  402.556088][    C1] RDX: dffffc0000000000 RSI: ffffffff8e5fcbe4 RDI: ffffffff8df77308
[  402.556100][    C1] RBP: ffffffff8e5fcc18 R08: 0000000000000009 R09: ffffc90003137560
[  402.556112][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffffffff1cbf983
[  402.556124][    C1] R13: ffffffff8138ba8e R14: ffffffff8e5fcc14 R15: ffffc90003137560
[  402.556137][    C1] FS:  0000000000000000(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[  402.556151][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  402.556162][    C1] CR2: 0000555cac8ba131 CR3: 0000000023684000 CR4: 00000000003506e0
[  402.556177][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  402.556187][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  402.556198][    C1] Call Trace:
[  402.556202][    C1]  <NMI>
[  402.556208][    C1]  ? nmi_cpu_backtrace+0x39f/0x4a0
[  402.556227][    C1]  ? read_lock_is_recursive+0x10/0x10
[  402.556246][    C1]  ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0
[  402.556265][    C1]  ? unknown_nmi_error+0xd0/0xd0
[  402.556291][    C1]  ? nmi_cpu_backtrace_handler+0x8/0x10
[  402.556308][    C1]  ? nmi_handle+0xf7/0x370
[  402.556326][    C1]  ? unwind_next_frame+0x451/0x1fa0
[  402.556344][    C1]  ? default_do_nmi+0x62/0x150
[  402.556363][    C1]  ? exc_nmi+0xa8/0x100
[  402.556379][    C1]  ? end_repeat_nmi+0x16/0x31
[  402.556395][    C1]  ? __unwind_start+0xee/0x720
[  402.556416][    C1]  ? unwind_next_frame+0x451/0x1fa0
[  402.556434][    C1]  ? unwind_next_frame+0x451/0x1fa0
[  402.556453][    C1]  ? unwind_next_frame+0x451/0x1fa0
[  402.556471][    C1]  </NMI>
[  402.556476][    C1]  <TASK>
[  402.556484][    C1]  ? __unwind_start+0xef/0x720
[  402.556505][    C1]  __unwind_start+0x59d/0x720
[  402.556524][    C1]  ? stack_trace_save+0x1c0/0x1c0
[  402.556542][    C1]  arch_stack_walk+0xdb/0x140
[  402.556563][    C1]  ? __unwind_start+0xef/0x720
[  402.556583][    C1]  stack_trace_save+0x113/0x1c0
[  402.556601][    C1]  ? stack_trace_snprint+0xe0/0xe0
[  402.556623][    C1]  ? kmem_cache_free+0x91/0x1f0
[  402.556641][    C1]  kasan_set_track+0x4b/0x80
[  402.556687][    C1]  kasan_set_free_info+0x1f/0x40
[  402.556703][    C1]  ____kasan_slab_free+0xd8/0x120
[  402.556720][    C1]  slab_free_freelist_hook+0xdd/0x160
[  402.556740][    C1]  ? __purge_vmap_area_lazy+0x548/0x1740
[  402.556764][    C1]  kmem_cache_free+0x91/0x1f0
[  402.556788][    C1]  __purge_vmap_area_lazy+0x548/0x1740
[  402.556806][    C1]  ? purge_fragmented_blocks_allcpus+0x8da/0x950
[  402.556832][    C1]  ? purge_fragmented_blocks_allcpus+0x950/0x950
[  402.556858][    C1]  _vm_unmap_aliases+0x453/0x4e0
[  402.556880][    C1]  __vunmap+0x72e/0xa20
[  402.556903][    C1]  bpf_jit_free+0x92/0x180
[  402.556919][    C1]  process_one_work+0x8a1/0x10c0
[  402.556945][    C1]  ? worker_detach_from_pool+0x260/0x260
[  402.556965][    C1]  ? _raw_spin_lock_irqsave+0x120/0x120
[  402.556984][    C1]  ? kthread_data+0x4e/0xc0
[  402.557000][    C1]  ? wq_worker_running+0x97/0x170
[  402.557018][    C1]  worker_thread+0xaca/0x1280
[  402.557048][    C1]  kthread+0x3f6/0x4f0
[  402.557062][    C1]  ? rcu_lock_release+0x20/0x20
[  402.557079][    C1]  ? kthread_blkcg+0xd0/0xd0
[  402.557095][    C1]  ret_from_fork+0x1f/0x30
[  402.557120][    C1]  </TASK>
[  402.958297][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[  402.965175][   T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 5.15.170-syzkaller #0
[  402.973174][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  402.983240][   T27] Call Trace:
[  402.986531][   T27]  <TASK>
[  402.989478][   T27]  dump_stack_lvl+0x1e3/0x2d0
[  402.994189][   T27]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  402.999842][   T27]  ? panic+0x860/0x860
[  403.003945][   T27]  panic+0x318/0x860
[  403.007862][   T27]  ? schedule_preempt_disabled+0x20/0x20
[  403.013515][   T27]  ? nmi_trigger_cpumask_backtrace+0x221/0x2a0
[  403.019691][   T27]  ? fb_is_primary_device+0xd0/0xd0
[  403.024913][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  403.031001][   T27]  ? nmi_trigger_cpumask_backtrace+0x221/0x2a0
[  403.037213][   T27]  ? nmi_trigger_cpumask_backtrace+0x281/0x2a0
[  403.043912][   T27]  ? nmi_trigger_cpumask_backtrace+0x286/0x2a0
[  403.050092][   T27]  watchdog+0xeb0/0xeb0
[  403.054280][   T27]  kthread+0x3f6/0x4f0
[  403.058370][   T27]  ? hungtask_pm_notify+0x50/0x50
[  403.063414][   T27]  ? kthread_blkcg+0xd0/0xd0
[  403.068031][   T27]  ret_from_fork+0x1f/0x30
[  403.072486][   T27]  </TASK>
[  403.075802][   T27] Kernel Offset: disabled
[  403.080135][   T27] Rebooting in 86400 seconds..