last executing test programs:

5m26.128628761s ago: executing program 32 (id=86):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f00000000c0)={0xcf50, 0x2, 0xffff, 0x9dfe, 0x11})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0xfffffff9, 0x7fff, 0x16, "0062007d820000005200"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x17)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000200)=0x4)

4m52.158320451s ago: executing program 33 (id=332):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x15, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x2721, 0x0, &(0x7f0000000040))
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000480)={'bridge0\x00', <r3=>0x0})
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x4, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x2, 0x200000000000}, 0x0, 0x0, 0x1, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x2b}, 0xa, @in6=@empty, 0x0, 0x4}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000001040)={'sit0\x00', &(0x7f0000001000)={'syztnl2\x00', r3, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x64, 0x0, 0x0, 0x4, 0x0, @local, @dev={0xac, 0x14, 0x14, 0x2f}}}}})

3m42.598843339s ago: executing program 34 (id=849):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000000c0)="170000000200010400ffbe8c5ee17688a2002be80101000a000002a257fc5ad90200bb6a880000d6c8db000000df018002000000fc0607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dfc060115003901000000000000eaffff00000000000062068f5ee50ce4af9b1c5683ffffff02ff030000ba000840024f0298e9e90539062a80e605007f71174aa951f3c63e5a1b47b63a6323ded2231454668464bfc681a6a9fc", 0xb8)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
sched_setscheduler(0x0, 0x2, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x80, 0x8)
pipe(0x0)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x827, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

3m12.563245783s ago: executing program 5 (id=1031):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000001840)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="c6", 0x1}], 0x1, 0x0, 0x0, 0x20048054}}], 0x1, 0x8800)
sendto$inet(r1, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000100)={0x3}, 0x10)
sendto$inet(r1, &(0x7f0000000300)="b3", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000200)={0x0, 0x2}, 0x8)
close(r1)

3m12.46037285s ago: executing program 5 (id=1034):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$packet(0x11, 0x2, 0x300)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x22}}, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0xd}, 0x1c)
connect(0xffffffffffffffff, &(0x7f00000002c0)=@nfc_llcp={0x25, 0x0, 0x1, 0x0, 0x8, 0x1, "aeadc233a20573f54110b96dc87683a424a5e4d81b7da7682cd74ab71687086a5f45f7c0511960fdce705f69ab3351a1f1dc10c10d8360ec7ad46a07bc3319", 0x25}, 0x80)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000e40)=ANY=[], 0x20}}, 0x1)
sendmmsg$inet6(r1, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="cd", 0x1}], 0x1}}], 0x4000000000000ec, 0x8001)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000000540)=""/165, 0xee, 0x1, 0x0}, &(0x7f0000000180)=0x40)

3m12.28324013s ago: executing program 5 (id=1036):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
r2 = dup(r1)
write$FUSE_INIT(r2, &(0x7f0000000080)={0x4f}, 0xfffffdef)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000280)={0xaa, 0x7c9})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
setsockopt(r2, 0x1, 0x20, &(0x7f0000000040)="c04bfa0a", 0x4)
read$FUSE(r2, &(0x7f0000002000)={0x2020}, 0xfffffc7c)

3m12.094880061s ago: executing program 5 (id=1039):
openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
ioperm(0x0, 0x5, 0x2)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x180000c, &(0x7f0000000300)=ANY=[@ANYBLOB='nls=ascii,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c706172743d3078303030303030303030303030303062622c6e6f626172726965722c6e6f626172726965722c63726561746f723d7fcfb5b72c706172743d3078303030303030303030303030303130312c6769643d", @ANYRESHEX=0x0, @ANYBLOB="2c756d61736b3d30303030303030303030303030303030303030303030302c6465636f6d706f73652c666f7263652c6e6f6465636f6d706f73652c626172726965722c6e6f6465636f6d706f73652c747970653db029e1c02c7569643d", @ANYRESOCT, @ANYBLOB="2c747970653dd2100d1b2c7529643dd4f81c66210bbcbf82440a104ab956f2ba5e36e41ccb1b040fa8b829b0b87078de654c66ac22aebaa2c653ef127e38e0aa2229f9cf6a85035eb86c32a59f1f3acdb98c", @ANYRESDEC=0x0, @ANYBLOB="060000bd00", @ANYRESHEX, @ANYRES8=0x0], 0x2, 0x6eb, &(0x7f0000000dc0)="$eJzs3UtoHPcdB/DvrFYvFxw58SMtgYgY0lJTW7JwWvdSt5TiQyghPfQsHDkWXttBUopsSqP0ce8hh9JTetAt9FDSu6E9N6SUXHUMFHLJyTeVnZ1d7UqrXcmSJTX5fMTs/Gf+z/nNzszuDmICfG3dvJT64xS5een11ebyxvpcY2R9brzKbiQZS1JL6s1ZM30/Ze6Naso3kxRV+aLT8L97+/lg8fqbn3258XlrqV5NZfmip95wYztXrVVTppOMVPOdRndp8ePt3fe0d2vX9vZqawubAbvYDlz+fKBW4cA2d1jr5H30n/J1UPX9HLfACVW0rps7TCWnkkwkrat+dXaoHe3oDt/acQ8AAAAA9mty/1Wee5InWc3pZzEcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Kqqnv9fVFOtnZ5O0X7+/1i1LlX6BBr+IMRPx1vzx89+MAAAAAAAAADwzL38JE+ymtPt5c2ivOf/Stc9/m/k3SxnIUu5nNXMZyUrWcpskqmuhsZW51dWlmbLmsnZATWv5pM+Na/uPsYbh7zNAAAAAAAAAHDCTQzJvztazv7U/X/7v83Nrfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwEhTJSGtWTmfb6anU6kkm2uXWkk+SjB3vaPel6Lfy8dGPAwAAAA5konexmNhDnefey5Os5nR7ebMov/OfL78vT+Td3M9KFrOSRhbyVvUduvmtv7axPtfYWJ+715x2tvvjL/Y19LLFtH576N9zkrV6kttZLNdczq0U2SzVqlZe3Fifa87v9R/X+80xFT+qDBjNSFe67PnCx2X6j72/ItT3tYlPqbZrzlSZO9qJyEw1tmaNM+0I9I9Ez97p9zapD+xpNrXOLz9nB/fUP+bvD97mU9tK9f3l5lhsj8TV1Dp76PzgSCTf/vtHv7zTuH/3zu3lSydnk/p6b2iJ7ZGY64rEha9QJIabKSNxrrN8Mz/LL3IpX4y/kaUs5leZz0oWptv589X7ufk6NThSn57qXnpj2Eiax+R05/zVb0zT6RlTpvPTMjWfV8p9ejqLKfIgyUJeK/+uZrZzNtjaw+f2cNTX9nCm7XLxO+WsE6ZM7l72r3tr8rA043qmK67d59ypMq97zVaUnu8bpfa1bu/Xoy71b1WJZgu/G3h9OGrbIzHbFYkXdnu/tEL6l/Jqsty4f3fpzvw7e+zv1WrePI7+cKKuEs2teT4T1cadKV+L8piaKfNe6Fxhe+M1Vt1xaantyDvXqdc6Un+eB3mr50j9fq7lWq6Xpc+XpUd3XLGaeRc6LfWew5t5LzbzOjd2uj9vPUij9XkIgJPt1HdPjU3+d/Jfkx9O/n7yzuTrEz8Z/8H4S2MZ/efoD+szI6/WXir+lg/zm63v/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNNbfvjo7nyjsbDUP1Hrn1UMrjXf2Gw/SGxAmZ5EUT0qZw+Fi+WHjzaHNjg4MV4N7ymrH2ai/Ri+4YWnB7ZTP9AwirXt+2ti+L5oP+VpD10UOwLerPzUoWv3vLVm9ATsyu2J6cNrsP2G7craz7t3tOeg78kaSdKv1pATx8jBzjvA8buycu+dK8sPH31v8d782wtvL9wfvXbt+sz1a6/NXbm92FiYab12VTiSh98CR6H740THWJKXh9cd8KBWAAAAAAAAAAAA4Bk6iv+FOO5tBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6/3byU+uMUmZ25PNNc3lifazSndnqrZD1JLUnx66T4R3IjrSlTXc0Vu/XzweL1Nz/7cuPzrbbq7fK1ZG3XenuzVk2ZTjJSzQ+rvVvD2xvbSo73yS46kWkG7GI7cHDc/hcAAP//ZuzqYw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x105042, 0xa)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x69000}], 0x1)
syz_open_procfs(0x0, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

3m11.605441039s ago: executing program 5 (id=1042):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001640)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020000180070001006374000014000280080002400000000f08000140000000020900010073797a30000000000900020073797a320000000014000000110001"], 0x78}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0xb, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x38}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x800, @empty, 0xfffffffe}}, 0x80000, 0x0, 0x0, 0x0, 0xb3550aa4ba878396, 0x0, 0x4}, 0x9c)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1400000003010101"], 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x0)
recvmmsg(r2, &(0x7f0000003e00)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000003b40)=""/210, 0xd2}], 0x1}, 0x1c5}], 0x1, 0x40000000, 0x0)

3m10.643737925s ago: executing program 5 (id=1051):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_EEE_GET(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000700)={0x2c, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x200040d4)
bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e22, 0x1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xd}}, 0x7}, 0x1c)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x13, 0x8, 0x6}]}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r2, 0x8)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffffffffffeec, 0x0, 0x100000}, &(0x7f0000000340)=0x30)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0xfff}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003740)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="02", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000180)="bb", 0x1}], 0x1}}], 0x2, 0x404c851)

3m8.963658693s ago: executing program 35 (id=1051):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_EEE_GET(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000700)={0x2c, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x200040d4)
bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e22, 0x1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xd}}, 0x7}, 0x1c)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x13, 0x8, 0x6}]}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r2, 0x8)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffffffffffeec, 0x0, 0x100000}, &(0x7f0000000340)=0x30)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0xfff}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003740)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="02", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000180)="bb", 0x1}], 0x1}}], 0x2, 0x404c851)

3m6.956759209s ago: executing program 4 (id=1064):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendto$inet(r1, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000000)={0x2, 0x0, 0x6, 0xffffffff}, 0x10)
sendto$inet6(r1, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000001400)={0x0, 0x7, 0x7a}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000100)={0x0, 0x2, 0x7a}, 0x8)

3m6.77548357s ago: executing program 4 (id=1066):
memfd_create(0x0, 0x0)
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
move_pages(0x0, 0x20000000000000fe, &(0x7f0000000080)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0)
close(r1)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f00000010c0)={[], 0x11}, 0x0, 0x0)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, 0x0, 0x4)
r2 = memfd_create(0x0, 0x2)
writev(r2, 0x0, 0x0)
copy_file_range(r2, &(0x7f0000000080)=0x9, r2, 0x0, 0x7, 0x0)

2m58.550409957s ago: executing program 4 (id=1091):
close(0x3)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x19, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000b98cad95850000000100000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000002080)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$unix(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

2m57.594357103s ago: executing program 4 (id=1094):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x2048c5, &(0x7f0000000400)={[{@fat=@quiet}, {@shortname_winnt}, {@rodir}, {@fat=@discard}, {@fat=@flush}, {@shortname_winnt}, {@numtail}, {@fat=@dmask={'dmask', 0x3d, 0x100}}, {@fat=@tz_utc}, {@uni_xlate}, {@utf8no}, {@shortname_winnt}]}, 0x0, 0x274, &(0x7f0000000a00)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
r0 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000500)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11080, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2100)
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000240)=0x3)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, 0x0, 0x0)

2m57.30890296s ago: executing program 4 (id=1102):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x5, 0x5, 0x2, 0x4}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001c40)={0x14, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001bc6500850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$unix(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

2m53.759217246s ago: executing program 4 (id=1141):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
connect$pppl2tp(r1, &(0x7f0000000140)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x4000000, @mcast1}}}, 0x32)
r2 = socket$rds(0x15, 0x5, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r2, 0x8982, 0x0)
sendmmsg(r1, &(0x7f0000004380)=[{{0x0, 0x0, 0x0}}], 0x34000, 0x0)

2m53.563339737s ago: executing program 36 (id=1141):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
connect$pppl2tp(r1, &(0x7f0000000140)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x4000000, @mcast1}}}, 0x32)
r2 = socket$rds(0x15, 0x5, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r2, 0x8982, 0x0)
sendmmsg(r1, &(0x7f0000004380)=[{{0x0, 0x0, 0x0}}], 0x34000, 0x0)

2m49.187104112s ago: executing program 7 (id=1183):
setfsgid(0xee00)
r0 = syz_clone(0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$getsig(0x4202, r0, 0x6, &(0x7f00000001c0))
stat(&(0x7f0000000140)='./file1\x00', &(0x7f0000000180))
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0xffffffffffffffff, 0x70bd28, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x31a39, 0x59629}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_IGMP_VERSION={0x5, 0x2b, 0x44}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20048015}, 0x240400c0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x800000, 0x0)
r3 = syz_open_procfs(r0, &(0x7f0000000100)='stack\x00')
pread64(r3, &(0x7f0000000140)=""/15, 0xf, 0x4)

2m47.688991999s ago: executing program 7 (id=1187):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000002c0)=""/87, &(0x7f00000000c0)=""/90})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x70000, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000340)=0x1)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000380)={0x0, 0x3fb, 0x7fff})

2m47.618583873s ago: executing program 7 (id=1188):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
unshare(0x2040600)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0xa, r2}, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x5, 0x4, 0x9, 0xfffa}, 0x1d, [0x2, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x3, 0x7b, 0x6, 0x4d, 0x39cc191a, 0x100062, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x2, 0x8, 0x4, 0x3c5b, 0x1, 0x3, 0x5, 0x1, 0x1f461e2c, 0x0, 0xe661, 0x4, 0x7, 0x101, 0x7fff, 0x400, 0x800, 0x0, 0x1003, 0xe, 0x0, 0x71, 0xfffffff8, 0x7, 0x0, 0x0, 0xd, 0x3e, 0x8f, 0x6, 0x10000006, 0x400000, 0x5, 0x8, 0x8, 0x7, 0x80, 0x4, 0x4000005, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x131, 0x7ffd, 0x10, 0xfffffff3, 0x75, 0xcb, 0xf9, 0xd, 0x2bf, 0x6c9, 0x9, 0x2, 0x3, 0x0, 0x8, 0x5, 0x800, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x0, 0x8000, 0x9, 0x400, 0x5, 0xfffffffb, 0x7, 0xff, 0x8, 0x5, 0x5f31, 0x4, 0x0, 0x2, 0x2, 0xa, 0x4, 0x9, 0xc, 0x800, 0x6, 0x7, 0x8000, 0x1, 0xfe000000, 0xff7f, 0x2, 0x7f, 0x9, 0x3010, 0x3, 0x9, 0x1, 0x7, 0x3, 0x9, 0x7, 0x42, 0x2], [0x7, 0x1, 0x0, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x7f, 0x3, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x7, 0xa, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0x3, 0x800, 0xc1aa, 0x6d01, 0x5, 0x38, 0x800003, 0x200, 0x80, 0xf, 0xd, 0x2950bfaf, 0x1000, 0xa4, 0x7, 0x53cf697c, 0x5, 0x6, 0xac8, 0x1, 0x2, 0x0, 0x7ff, 0xfffffff9, 0x1, 0x1, 0xffff, 0x2, 0xa, 0x1c, 0x120000, 0x3, 0x6, 0xaaed, 0x4, 0x65], [0x9, 0xe, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x2, 0xf58, 0xebdc, 0x3, 0x101, 0x10000, 0x40006, 0x7ffe, 0x8, 0x200a620, 0xb, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0xe, 0x6, 0xfffffffe, 0x3, 0x5, 0x8, 0xc8, 0xee1, 0x14, 0xffff, 0x3, 0x7f, 0x0, 0x9402, 0x4, 0x2, 0x4, 0x6, 0x1, 0x10080, 0x5, 0x8, 0x30b1d693, 0xa1d, 0x8, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffbf2441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

2m47.530494478s ago: executing program 8 (id=1191):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
sendmsg$TIPC_CMD_GET_REMOTE_MNG(r0, 0x0, 0x44060)
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f0000000140)=ANY=[], 0x1, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x88040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
read$FUSE(r1, &(0x7f0000000040)={0x2020}, 0x2020)

2m47.379140807s ago: executing program 8 (id=1194):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001300)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd2d, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {}, {0xfff3, 0xffe0}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0xc854}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006080)=@delchain={0x2c, 0x66, 0x221, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff2}, {}, {0xb, 0xfff3}}, [@TCA_CHAIN={0x8, 0xb, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004800)

2m47.294584012s ago: executing program 7 (id=1195):
syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x201000a, &(0x7f0000000300)=ANY=[], 0x1, 0x236, &(0x7f0000000000)="$eJzs3TFrE2EYB/DHNm1DFjuLw4GLU1C/wSEVxAMhkkEnD6pLK8J1OZ3uY/gZ/Eh+jEzdTpIrTRujiyav6f1+EPInfw6ey5A3w/sm7x9+Ojv9fPGx/fEthsMsBhFNXEYcx17sR+fe1fPeIh/GTU0AALtmMinz1DOwWVWVlwcRcfRLM/2eZCAAAAAAAAAAAAD+mv3/ANA/9v/ffVWVl6Or72+32f8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAApHPZtvfbPzxSzwcA/HvWfwDoH+s/APSP9R8A+ufN23ev8qI4mWTZMGLW1O381VlTTyNGEfHiZXHyJFs4Xl41q+vp/iLN+6ddn93uD66vf7a2P4zHj7p+3j1/Xaz0R3G6jTcAAAAAAAAAAAAAAAAAAAAA/gPj7Nra8/3j8e/6Lt34fYCV8/uDeDDY2m0AAAAAAAAAAAAAAAAAAADATrv48vWsPD//UAmC0NMwWlOl/mQCAAAAAAAAAAAAAAAAAID+WR76TT0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKSz/P//zYXU9wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0w88AAAD//9vbk2A=")
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4008800)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x99501e, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000001a40)={0x2020}, 0x2020)

2m47.14829657s ago: executing program 8 (id=1196):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x90ff}, {}, {0x7, 0x0, 0xb, 0x7}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2m47.061678045s ago: executing program 7 (id=1198):
syz_read_part_table(0x60d, &(0x7f0000002200)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(aes)\x00'}, 0x58)
pipe(&(0x7f00000045c0)={<r1=>0xffffffffffffffff})
splice(r1, 0x0, 0xffffffffffffffff, 0x0, 0x8000, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
pipe2(0x0, 0x80)
ioctl$UFFDIO_CONTINUE(0xffffffffffffffff, 0xc020aa07, &(0x7f00000000c0)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}})
r2 = fsopen(&(0x7f0000000180)='ext4\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)

2m45.787122099s ago: executing program 8 (id=1202):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r2, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="4000000010000305000000000007000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000100000180012800e0001007769726567756172640000000400028008000a00", @ANYRES32=r2], 0x40}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x4)
sendmsg$NL80211_CMD_GET_COALESCE(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r5, {0xffe0}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4040940}, 0x0)

2m44.4029543s ago: executing program 7 (id=1210):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20040040)
pwritev(0xffffffffffffffff, &(0x7f0000000480)=[{0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000000680)}], 0x5, 0x4, 0x5)
syz_io_uring_setup(0x512b, &(0x7f0000000180)={0x0, 0x6f04, 0x130c8, 0x1, 0x2a4}, 0x0, &(0x7f0000000140))
epoll_create1(0x0)
socket(0x10, 0x803, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000fdff128000000000ff070000850000005300000018110000", @ANYRES32, @ANYRESOCT], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000001000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r1}, 0xc)

2m44.152892894s ago: executing program 37 (id=1210):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20040040)
pwritev(0xffffffffffffffff, &(0x7f0000000480)=[{0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000000680)}], 0x5, 0x4, 0x5)
syz_io_uring_setup(0x512b, &(0x7f0000000180)={0x0, 0x6f04, 0x130c8, 0x1, 0x2a4}, 0x0, &(0x7f0000000140))
epoll_create1(0x0)
socket(0x10, 0x803, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000fdff128000000000ff070000850000005300000018110000", @ANYRES32, @ANYRESOCT], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000001000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r1}, 0xc)

2m44.032946441s ago: executing program 8 (id=1213):
set_mempolicy(0x2, &(0x7f0000000000)=0x1, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xc}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x5)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x4000814)
syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x8010, &(0x7f0000001880)=ANY=[@ANYBLOB="005901e3fd18fb9c322293c67dcde48bfeffd1843c336e09b34af65ad26aafded7da5cfeeda2b8d8d900c2195f00f646f699eeb47813177405a6a6baf786c0d14f2079a9efa9db8973bcca25eb2973856c6760a483c41d0980c78a4cb096a5affa6b980600000000000000a1eacd2c820176737d4eb55dca564820dd769d8742f6d9ab243775a67afcdf845f978e95365cdf6f30aa43423b381881433e00ccbe6353b21300d8f0ca972589398eef9487db78486fcf174990c488031f8b39cc01bb509f3ea4bcde33d4c9e305ecb4dd88204c5d7bb5e469cabfda0feca3ce70c0acbc34d13e5a5c796eab23abfe3b717834f8e9d7120e1e925c4e210b4152c75210b3e979fbe8ddf23eef2d53733209b22206e0a4afc354c33d7ca2a00116a14d686e4aa86b6ec6a4130178c3ad8c723c0d8506bd7bff780000000000000000004b2ec61cfde813cc124715aaaf5508b93d8cf0860042108b660b74f94b1e4851eeec09fdb7a617eabeeeff8ce8bb99f4b1f9c2896cf31e19c3c24155b0ea7dc3cae1b56acb1946830cad94af3f1caf43ea03b38fc08a7e19480e283a4c0d", @ANYRESDEC, @ANYRESHEX, @ANYRESOCT, @ANYRES16, @ANYRES8, @ANYBLOB="eae535d4c5cd41b584d3bdb8d3fb3e37666220165c8aec9c235bc9af137d4058a50551a5b228bbbcf6cd1275ef3732adfeaebdf711988cbe9d1da671f8bbaac371392e227f548006163fc9aaf3d55e97410ccacb7df3444c03ac4170da3fbc69ae1c8a590318a7a33a774debbcc54bb6d6025bc65458b94791d5a8bcd898b75cce569e2c6fd55928c5084aab22c8196fb436916cff76302fd8c4b69ca674271f5db630ffad103ad9286287759d0d5470d0b54f701a713e8803665b87799065f31bb0cff21d9c109c1fbfffb640facdacd569f158f694c34ffb4c405b186aa90e8be7b47c56e6e439ae953605d89c131c711ff56f0adb96e5ee0d269b4cfc9d089794f60bdd06e845b5ffdccfefee032ecfd92f6cba5920130f685e807f88de4a2e595ea37f39a92dcbaeb2de15dab62a5a199d4666578eb1707e88ebb0b98140fdb62d60005fd6721f18a2054b2ba2ed308813164f8dbc7e1d26a11a707adc6978a25cca2fca5d62e51794447f656b92f8372ebf98934a0bc057b901080da81ef02ccfa18a29c9b82c90fd38eb554b83428948f3608cd8fd5845bed25a0d96b146f09bd4cce20efc1ecc7bf64bd88e7a460b372a298cb776eb1d78cc334da71dc6056b2d1119cdad3af9092a42c184e9d487076399f0be65a442fdc06901089e6b5178ecb57aa4b98ff1f538696e8510551dbb5cbd36b125efa2a3e719f22b96eeec80a178dae9c894a7dd170419c33817baedfc132cde868a1c55192b9c8a332772fc40fed9f6fee1aea0e2001752caeb58afb55ea7c421cd0eb5e6ea301f8e2f6b68484849f5d3e7bd1b4aa865d2cd049dfc773bb4281f5f8dd2a3f1563c8cd3655dd9e391424151dadf7415afb242cb99b9b9541b6780beafc6a8c2c0bd109749dde1e8535040d8d2cda8393abaa6cdae24e13917e867d6d301f6f39619bcbd70acc747e093ef3c22f0b1a8b8a4d8bd11bc19c7102e11a8603d563507423c96d1653a42d02ff1ee390934927f037d2022cbbf86cb605e82e2b6e2c2fa1d523f72b47738f318836defed1f898271bdd4fcbe7863e5aa7c7e468d9bad908de3c6851c696df710da87771840f46e63fc4c3d5d9b13b663ed2fef2e56a8690cdee9e6ac0a9824c9fe458ad29614f9485f9c18caf2d5c229f24a220ab84daa26ddb2a0d4059b43e073b703148d82fe4d91ae24db7224df2ee4e10d596846466d6a62faa9da7d24f9dd1e3b5cc291f4840b6603d1173204a452a9b05a5efcf4f9e09c2a3c38f2fd49322e718ddc8278ea182a359043387705c0be61be7e62ba7bb85dfa0f24400f89087f78d84d2296844944d186fb55045eb016dd3d602c85211d7b19dbebe3247313283da5bcbba09a3a74c590fdce8cdbef49a73b11413a9df4aaefc356e94f838cef801ba2380d7e5fdc8865140311f071c82bc1482c2033b8ad70d08a5a71e1c949f93cd8743b0bd4eefdaf45f5246efcf800444c8e9b8c2a01b76b6eb4e0639ee7381971172c53e165f14946fb56896e40424a3b981d97b4b01504806d797bb9e3405a7326d2ba7bfa6efc923c4c68d0165aea2d80ae953c7e2ec6534d0da7c28bbe255d81097e84254ff7bd065caa84fa7455885e1b28ab7d6243d0f02903860049935a764ebfe5384bdf9ae0b71f1641e457780da2071a84937dd88d2e4aec7ddaab66e335887f555a724ad9692ee996521ccaa35e2358aea1ab6a8c9845af8af552520fdec7ecb635d230074aa532c3efe6677c79b1328451a779501eccb4c11750744cfce16ba2ced0fc6dd2b75a5ff1770f3851c93bcf8850adf496012d94b8dd6a00d1f9f0c96989979b89838a29875072e0b678a2a55338f21625165c350134d7cb9119ac4dcc77f13a153fe6819d1bdc6b357e93531a68813913daf65d2e62d4bd09da6bb16e8d686518f6faff70dc0804b4b6810117d8698a4d27f0482f9adf9be3aae179dbcad90ab1fbd6b1ba15cdc78ee7686bd15a8fe1cf5af00fcc0a6981a77ac5c3485518921a1b4ea90b02e0059c2c71850d517bddc12bd61a5571da765a34b53e5f06a2b8bb122bf9d642f1ad50a0eb7afe34ef6fd2474d25f314adbf276a895b80b8de6e31eaee5fe4544f4709bf6416f26ec52d517dd3a350cb68df6791dc671495e0f056de8b158095b32ec8b43f65b1f3110cf7da37d2383e99a5bd9a0e0d5684a5b15246170bd11909ef22ee740aa5556dbc0f9dacc8ce440c137bf0ec673651067ef1146004701376116986c49b10226141bea12f679c3f53eaea945b1bb92e6c922a85a2221f768ff4f1c188dc82f9e8d947e140f43c4950430f88a47fb15dcd8ef8491ff08d7b287b280eab99e44a7fba6d4fe20fcb2c2cfa1a6f4d59b51755e66a3d9a325a08a286185c2bdac8c8c2910ed3ff8e047f28b2bf1827e0829f8ec8459241300583f1880c96b2e405b253af5f7e9ee91e34c3fa2cd5c53a71bc3b4b1a5741c17a7b73c8e7d3e8ec9e51a90772b8eb38f23fcb9e07eff8b0f68d4f7d4d68bfb8fbc8d90be681166fe5ed220e3a425c65c0e678e8b7470a99d7fccc7a3be07189ee02e1f8c81549b0b8c0113ef602d10d5d2429e8b60fa5aaddd55cb86141609bae35c185c5ad743d0fb0a1244ba6d67755e46073f3d428926c0d9033f8180120deab78a4b42664e36b6723039457195bff897760ede28bf2661a95715dd20bc744ae2a06bcb12ef8b7a373f3a5557f20256446ba95d45b7810d68494f954d1802aa8986279adc368c2365168c0619bc8952ec6ac60840d9968302edb8809d36f6b0c83dc6941193fb8eb2adcef36db70cbe51fd533ee108eaedebc05ab363058feecfb51e294419695019d0ba50a660ecbe3fd1b43ac973141b7e4c423c062f63ad24468ca79740502716b10a823821429d53f34409cc0757587a5de21663c33a8b194c988a3c209cec76b9fc18805649d9cc109635271c968972f4328e561b562ad6c32a71b269718a303ae3635e5b06717152817a11589d3efa0f803d7bb560c08132827333ada867d1a870e2feb3a5e7851363fc333bb681018764aab63eb740978994f62ec3147d4d6a40e099ada0c50c1a5f6a8196549be226508055aef349c76af40596f6c9b7217423628bb6dc07d9382f6d4c87c962ec97bee6384ba3e2522b76ee8619093500a75bcc8fd0fb9bb5093650ec0ca9c867a22260e2668ecf46047e3df87f5d82d992a558e45fb852be616c030edf6aeeae70848403dc1166e6a16776e8660f90449f297224f667563850480f259f6a59039b1a3ea5488971b5e4bcbf380c527c937055dbf4f5a676bacc09f4dde33c50a1286f6024980df1064a9dc4b3f101b129fa1fc141e54f52d4b7322a0cb1c2567205016f5ede0794122fcaa2d11fa77f5fddb3a5f3c7b3d85f0cb6f32cd11d752f755687fb8d93d40711a4c8873ec7c794f0f781bb9c10f9df22fa8f40cca06a48c37e66ea4480fcdd686526be62915ebe36e0bdf7dafd3940f698469ecdc792ca6105a37499a19382247a85bb734e4ba325dd307be8444b5860f99f9dbc7aa28c26747c89041bde3c10c459406786e10792078a52f4bcc32aff61b3f5798cb5dc2927f260f70a41d8e5fc38498b02d0053a86ae408d2efdc1aca9a8508ef9128dfd1fc6a92ba72f940ee469a3111e2cf6c28e77e5a206db6f09139db812fa4e4cfe33c8d184e4763bd8e54e0e473346215b8905d101463dd2ca855747c81c7ffd6c2625e0b59273a9516ec96a5cd8d9078c974980a16b6b87563986ba287821cd41f417792e42dd24e796e313b9cd943f1b9dd6ee35676ff4ad46dbd52db83abbc78f5dad11b6e7bd09a4ace8c246d0a52c36dcb1f0c6025f6ed2868f4b918b6e4e645c63689b7e7bc369dbe44725993b3b43f4572a7136b6e610adc161f45fc307c0937f2338ebc4fd571852b229b80ccd071e1a29c927f88b8b45efa503691758125d29463e742e2ef508babf30ae39ff8bb3a94cfee379f84348c002fdef77b410bee9f47f8119388b3fc159b409b9d9c9af97a4b75c38ca5fc0665cd975df293370de64714cefdd470c1d05a5d3e0f257182889d7a2d797ebf42d6935d1c6b5ef8cd1e2783cef3a316dbd4768510f26ee5b1c481bcac3e1608458d4b5ec6411cb3c921a131140440561931ca51b92231de91d1f950d992eec74c6500a6ecc9e8bc26eec367dba82720accd6dee234db88c132ec649baeef23a16ebb18c8e5b68b95aac984d8322a01b39636baf16911e458242730ea8b22c686bd01bc451e91c34f81fafe88485bbe97ec99299940ca897c3f802d080ecf8ca7e5032c728b8b33f162ab26a6805db239b88103c19ff8160a28268f8f7ac66593c67251fb0f3fa3004d5ad08107f48e0ecc1e4e910554f49ca72e3fd7e212d828fc3c0c40203e4642a3a372f36cfd13a037fd4dd107d6b386659b379c4c41813c8599cb71fd08e4b80f22dbb088d3d0257f30493b1c4d54201a00e049d998d291ecb659e65e2eed9776b367afc9b84b03957701bcbef289b0eea8e5722a63e1bd748d5af209c5ebff7df185d0d68e7ceabbf9a63bba55946cd3b52a09383fd9b9d2d956dc4e5af16986c5600dfd0db89e0e478420557d001c3716350c3e6ba0bbec1e5888435d296d8666f455d22205ea407a95eb60bc68a184e95ae3259f3783c594d3e550c018369df677ea11a37c757a3bd3c19eb257f5e228ad760562e431754a0c620004548962c3a4fb42d49259dafc1b9d365323fa2ace81876728a24f70b06e1198d5f863bfd00a04d5393b3adb15f4191d374c607c7ccb6b7ef84303454b6655392a23dccca41f55cb314a3bfbb637f57178cc9df4fe0645a8dc1ca0386d1fb0ff2cfc3e149991f97264d893fba0b013c027ce753c3e1f907a2988b1507eecd0e5e26368155ff5c55f616ffec31a613be450ee048955a46d68c272aa53f1db6ce199e2765f4be20933799d96f13b3a65f33cb60da1929023ff5d820172c423f83210a992264a37854033cd43c88129fabb5146367d2b748d84be96dc3a4ad95279ec7ed78dcb57056597a9f46a948708b0e9915b22f28216d94554db2082f4b9782a5802bf6700ef9017168a68304b6573f46c78a0a3be302e096b4f5b87313a2ef9a2b5f51956d9e315b08ee89a59aeec225227f3ece808c451e1103df7887f944138af1b93235bc93121fb84591d065d5f245c035c238a1c30d510be5db14725148919e8d57f1e3a36ead8be870e2505e3c9935c4461741c4a8dc4dff7e0e042167a7228bf218c9d8dd9c0be9e5ff4a79968d8f34cfc3206e0ade5889e9c5e44c918ed3755063d4148e7f1da9d2ce7aa45b9fc873f85cb92160b8a4d5b219884d0c43cc1194259ec4a6127887470d2fabbc1983b1bcc51e931f131d1238333c09740b43802fc5b1c01a942c5d08693b81e59429cb7d49f454f517cddc160d563a243182083008f2481e35312b4b35a2688468f18f4733f4b40d2f298c0b88ec2ad51e2efa509905233e3bbb9e172a1e697ab379f500c8c791aa97623bc8faa7f0468e02e6bc6f9bc40c75b4c01b92731fc371ad7c90928bead62a74580bb2d0aa1d8972fa857766ebe8aa00cd9eae79a591ea3e87a5ce636dc865b992c98a6fafe478973665936ad477558dac400fe179e86e6fef41aa074d0812f0c14f3992edb76358d02a2b763512ca9abc0940dd711670deb4d9abf196de9106efa5e1c14a673de86193908206ab9f72afd6ef1b05355f06ad0b9bc83750bb196654566b56e13e6e820d12bc34920b45c3", @ANYRESDEC=r0, @ANYRESDEC=0x0, @ANYRES8, @ANYRES32=r2], 0xfd, 0x200, &(0x7f00000002c0)="$eJzskr9rFEEUx7+zO3fuaUIOORBFEDVoLJLbbDT+KBRsDCoIohADgsfdJS5u/JE90DsOXKsUNoIiJIiFIElhIf4DLqiN2CgEuxBJnSKFjSSsvNm3mwnY28ynuO/NvLfvve/M3A4fhDsAbK5360AZhEQF338JSAAHhNpCw07VYb3MWuT4BSvVmPUP6+bJzvgEIPxDy6NWvKdxUJTRU/n9dQV19N3E6deX3v24WnixtHvt7UfKv3i9/QHiaKPvzav3z87P9ary4saEXseO9887VAjA843x5RW5165ktfxoiVoXkPFyEsKddwAMfR6cO+v2PrW4Ztju3KkFQXMmPPfEwppq9XO9W6c/twAkBPsbA6DnkP1FzqG9fRK4BsBGkudIbFFtTd+vhu3OoD9dm2pONe963sioe9x1T3jVST9ouvQLcDf1OZ8gSI8BoGsq0QhCxXdRbINzdmI7VIfmivK496XE45fQrRe1qxs4jHRb65fZylQgZluOmgPKKlk+Ajrah5HQdvtVFQllbAwCNi+GpTZf2stRgaFP94LGLMgbf7YAmdcYXkUhX3j6YuRU5hCzrP3YujFigXWVNXvR2UuVqoLF73kgAop4VGu1kiR5jMUeXPmWRmhvxivm/8qRfmDUtWxvN3fG/setGAwGg8FgMBgMBsN/4m8AAAD//4Hjlpw=")
open(&(0x7f0000000140)='./file2\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'})

2m42.67361143s ago: executing program 8 (id=1216):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.time\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2m27.409499517s ago: executing program 38 (id=1216):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.time\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1m17.241841823s ago: executing program 9 (id=1605):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x83000000}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000440), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32=r2, @ANYBLOB="00000016010000001800120008000100736974000c0002000800030036"], 0x38}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=@newlink={0x40, 0x10, 0x439, 0x70bd2c, 0xffffffea, {0x0, 0x0, 0xe403, r2, 0x40083, 0x602a}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_FWMARK={0x8, 0x14, 0x5}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0xd}}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4040)

1m16.123105628s ago: executing program 9 (id=1606):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@nobarrier}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r2, &(0x7f0000000280)="f1", 0x1)
sendfile(r2, r0, 0x0, 0x40001)
sendfile(r2, r1, 0x0, 0x7ffff000)

1m13.953901304s ago: executing program 9 (id=1611):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
set_mempolicy(0x2, 0x0, 0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x8, 0x7fff, 0xcc}, 0x50)

1m12.554906735s ago: executing program 9 (id=1613):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x10}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1000, 0xfffffff7)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x111240, 0xa)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x4028, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
setxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='system.posix_acl_default\x00', &(0x7f0000000000)={{}, {}, [], {}, [], {0x10, 0x5}}, 0x24, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
chdir(&(0x7f0000000240)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)

1m10.631231457s ago: executing program 9 (id=1624):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000440)={{0x0, 0x5, 0x0, 0x25}, 'syz0\x00', 0x53})
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x2000c12, &(0x7f0000000e40)=ANY=[@ANYBLOB='check=relaxed,showassoc,overriderockperm,unhide,map=off,showassoc,uid=', @ANYRESHEX=0x0, @ANYBLOB=',check=strict,map=off,overriderockperm,map=acorn,hide,norock,map=normal,overriderockperm,norock,showassoc,gid=', @ANYRESHEX=0x0, @ANYBLOB='\x00\x00'], 0x1, 0xa24, &(0x7f0000000280)="$eJzs3U1snPWdB/DvM7YTx7BJgCzLIiCTsAkGvI7tQLIRBzaxJ4lZv6xsRyLaAwHirLLxLrtkKwGqRJCqnopaqVUP7Q311F6QuJRLxa29tScOlSpOvaOe0pOrZ2Ycv409tnHsJHw+1niel9/z//+eeV7+npnHzz/cX+YPLBubn68/tjh+6Zc7kDH3sHMjX33y6cfl46Nb2ZOOvFz8OulOUk06kzyRdA2PTE2O712/oBvJlSRfJEWSMrjYaA5XUvwwDy+Of5Hi52W9a9qz0ZJpZ55vtd3e/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4F5UDI8MDAwWezI6cen1akNSXWV4ZGqyyPz86jkLyzR8Xu/1u/i8bb1JUT7S3b3Q1fcThxZnP56kejRPNcaeqndInu588NDjB195rLOysPxa2XwjezdUbCqN3G68OTc3++7acfMfNuK2McF7x4XaxOj05Oj42Qu16uj0ZPXMqVMDJy6en66eHx2rTV+enqmNV4enamdnJqeqvcPPVwfPnDlZrfVfnrw0cWGkf6y2MPH0Pw8NDJyqvtb/77WzU9OTEyde658evjg6NjY6caEeU84uY06XO+K/jc5UZ2pnx6vVa9fnZk+uyKlj5YtdBg22W5MyaKhd0NDA0NDg4NDQ4EfN3rPvTDj18pmXTw8MdA6skFURd2mn5d6yb+3NvJ2nb/hGKo32P/81ltFM5FJeT7Xlz3BGMpXJjK8xv2mh/T92orZuvUvb/2Yr37lk9pPlr6N5pjna3Wz//y7J0vZ/jVx27udm3s8HuZE3M5e5zObdXc9oZ38upJaJjGY6kxnNeM7Wp1SbU6o5k1M5lYG8kYs5nOlUcz6jGUst07mc6cykVt+jhjOVWs5mJpOZSjW9Gc7zqWYwZ3ImJ1NNLf25nMlcykQuZCRn66Vcy/X6635ynRzvBA1uJGhonaCVjXm5r2+u/a89qH8JsmHbfxKHLZpvtv97VkzvWB3aO7xTSQEAAADb6h9/l/2HHv3tn5IiT9c/lz8/OlZ7dbfTAgAAALZR/XK9p8qnrnLo6e76+/+B3U4LAAAA2EZF/X/siiQ9OdwYWvhPKB8CAAAAwAOi/v3/MykOL07w/h8AAAAeMO3vsd82ouhbuP1v9Wrj+WozojFWFBkdq/UPT469Mpjj9bsMJHl6dWkdSdFV//eDF3KkEXWkp/Hcs1hiWWd3GTXY/8pgXsjR5or0Pls+PdvbInKoEflcI/K5pZEdWRZ5sowEgAfd0XXa4422/y+krxHR92S9ye98skUbPKBlBYB7xZ0+dv7a7NKsRfvfjHhmrfb/pXXe/5cRj+ba4cYlBf15O+9kLlfTl+YVB4dblbrQG0HjMoS+Np8G9DQvWfjD6Ur6Vn0e0H1nXZfGzmYofYufCLzV/KxiebnFQg4nG3NbdIoAAPejo+u2wxtr//vavP/vcUkhANxTbr7/QaMH+00MfLiZ4Nl3b+72OgIAy2mlAQAAAAAAAAAAAAAAAAAAAAAAAAAAYPstu13/vubElTfw//3xZG5uNtlCZwFbHuhuleHWBirZoZx3faAjyW7V/mo2vVR3i51tEwO/2tdc/M+7/8o/cAO7eFICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgxxRJR6vplWRvkoEkJ3Y+q7vn1m4nsF2qe7a0WHE7t/Ne9m97PgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA33LN+/9X0nh+qDEpnZXkWJIrSf5jt3PcTrd3O4G7o2gf8t+NwMX7/1eSrswX6Wxs9hRdwyNTk+NlUcXecv5Xn3z6cfloX/bqXhXKAsoalnUu0axhyZSu5Us9Ul/qy+ZYdeRcfcc8N3N+bGT8wtS/LgY+XnyWVNN4LFjI97vHfvOjJZObHSUUn5Vr2lqj3p6R2Zs3/v+d/62OnK/XO7K63n9otfQa9W7A9bnZobKmmdrrM9/5n+vvLZn1aI4kz/Ymvctr+s/ysUZNR1a+nssVXxffL/bnp7lS3/7lq1HMF+UmOlBf/33Xrs/N9r/9ztzVOzl9uCyngzmc5GrSvfGcDq+9b9b3ukpXWetAPaj8dahNeetaUuLgGq/rI/VdpmdT61Btc3y1ed2bGZ1smdGP/++xHN/0lj7epsaWiq+LPxYX82W+t6T/j0q5/Y+l5dHZooh65JI9Zem8ZYdXpRFZX/OhpTPeWFnmmkcld8EP8lb+5c72ryw5/ze31c6cj5bU2Pq4SDZ/XPziwKoWZVG9RTq0okVqnn3WWqaZ56FG1Bp5/n1ebJS5iTPKi+1a7Lt0/P+s6M1fckv/PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2vSDpaTa8kx5IcTHKgHK8m8ytjbm2hvkpPsZU0t81Wcr7/FGuuaHE7t/Ne9u90RgAAAAAAAADcHedGvvrk04/LR/37+I78UyXJS41v+juTHCx+0jU8MjU53qagruTKwlf63ZvL4Ur56+HF8S/KsSfaLLS7lw8AwH3tbwEAAP//YkVl3Q==")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x12)
ioctl$UI_SET_SNDBIT(r2, 0x4004556a, 0x1)
ioctl$UI_DEV_CREATE(r2, 0x5501)
write$uinput_user_dev(r1, &(0x7f00000004c0)={'syz0\x00', {0x7, 0x3, 0x1, 0x9}, 0x7, [0x4, 0x6, 0x802, 0xe9a2, 0x1, 0x0, 0xa9ba, 0xc1f, 0x1, 0x7f5d, 0x3, 0x6, 0x5, 0x10000, 0x2, 0x3, 0x0, 0x3, 0xe, 0x3, 0x0, 0x2, 0xd9, 0x2, 0x6, 0x3, 0x3, 0x9, 0xfff, 0x8a0, 0x6, 0x8001, 0x33b5, 0x1, 0xfffffffc, 0x0, 0x0, 0xb, 0xcc, 0x5, 0x7e, 0x401, 0x5, 0x5, 0xfffffffd, 0x8, 0xb, 0x3, 0xffff7fff, 0x6, 0x4, 0x80000000, 0x1, 0x9, 0x7, 0x0, 0x5, 0xfff, 0x1, 0x7fe, 0x7fff, 0x5, 0x2, 0x8], [0x2, 0x1, 0x10000, 0x7, 0x9, 0x9, 0x5, 0x4, 0x9, 0x7, 0x5, 0x6, 0x6, 0x5, 0x7, 0x8, 0x5, 0x8, 0xbc1, 0x80000, 0x0, 0x5e81b39d, 0xffffc256, 0x5, 0x80000001, 0x0, 0x0, 0x4, 0x4, 0x7, 0x9, 0x4, 0x1, 0x5, 0x5, 0xfffffb66, 0xfb5, 0x2, 0x4, 0x7, 0x2, 0x8000, 0x7fff, 0x1, 0x9425, 0x8, 0x6f, 0x80b, 0x1, 0x6, 0x525ba681, 0x4f74, 0x9, 0x1, 0x1, 0x8, 0x100, 0x6, 0x10000, 0x1306, 0x8b, 0x10000, 0xfe4, 0x3ff], [0x2, 0x40, 0x4, 0xfffffff9, 0x7aa, 0x10, 0x80, 0x8001, 0x5, 0x0, 0x9, 0x8, 0x7fffffff, 0x1, 0x2001, 0x4, 0x8, 0xfffffffa, 0xb, 0x9, 0x6, 0x4, 0xfffffff7, 0xa3, 0x3, 0x0, 0x8, 0x3, 0x4c, 0x3, 0x5, 0x2, 0x0, 0x9, 0x13, 0x0, 0x2, 0xfff, 0x6, 0x100, 0x7c83, 0xd, 0x1, 0x4, 0xf, 0x6, 0x47, 0x7, 0x0, 0x11, 0x3, 0xffd, 0x7, 0x7, 0x8000, 0x7ff, 0x10, 0x2, 0x10001, 0x1, 0x0, 0x6, 0x71c], [0x81, 0x3, 0x10, 0x4e26, 0x3, 0x40, 0xfffffff3, 0x497, 0x4, 0x1, 0x3, 0x5, 0x56, 0xc28, 0x9, 0x5, 0x5, 0xa, 0x79a, 0x40, 0x9, 0x6, 0xc41f, 0x80000001, 0x6, 0xffffffff, 0x0, 0xd5, 0x6a, 0x9, 0x0, 0x0, 0x1000, 0x10, 0xd, 0x6, 0x8000, 0x53, 0x78d, 0x4, 0x1, 0xffffb027, 0xfffffff8, 0x9, 0x7, 0x6, 0x101, 0x7, 0x7, 0x4000004, 0x0, 0xb, 0x400, 0x8, 0x0, 0x7fffffff, 0x7, 0x9a33247, 0x8, 0x0, 0x1, 0x8001, 0xfffffff7, 0x5]}, 0x45c)
read$hiddev(r2, &(0x7f0000000040)=""/117, 0x75)

1m3.314071182s ago: executing program 9 (id=1631):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x800000000003)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mlock2(&(0x7f0000009000/0x4000)=nil, 0x4000, 0x0)

1m2.876036527s ago: executing program 39 (id=1631):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x800000000003)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mlock2(&(0x7f0000009000/0x4000)=nil, 0x4000, 0x0)

30.4676584s ago: executing program 2 (id=1766):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x106, 0xa}}, 0x20)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf6700000000000036000b000fff52004507faff15300000d60600000ee60090bf050000000000003d63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070000000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999eef9d60bb39d0af449deaa27ea949e8f9000d885deea2783835e29eba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f26cac1c7b21bde7d1a55d6ebe700b3be005e47ef55e0dd81244b18590e000000000000356d82e43407a6d7fa94b21002f06cd247b126b6349ab62d7b07ba0a71a72145edade9941f49f300a8c8913e0e4ea9e4c77740ab3312edee62a4dc2fc85755d387d8a1bc8eb71fbe11b2216cc8d1f0160c237d929b49d828724b95555b459f4763c6222175c974be2f76fb5f330b015a68587a75c013000000000000000000000003000000000000d6ddc46e58eff8f4fbadfc6a3af8123b7f4240713a4c0cdc9d7820c4eb67cc0f8b5fe9258eeacb5776aebbab3d5c55020000006082778366dadfc36029633e0514cbcee1f3928970bde148c940434f33acd377cbad17673b2d30b6339255c98eba97efb4e9ac1f11be815dd6045592edcbee7f253ec74c7c1313505bd7ff8fd58b3a6569c91dbdef1df585aeaea7346a2a65caee5c85f9eddeeeee3c8a2e523c864ac430eb47cb4d0c8767b9d4125661b5a1a170c04b64da3a99ddb93bf14fae3ca2d1e882375b8dbac83978e136c34f90b33cc0eeb57debcfe26589efc08125d5d62a7e593c9738a50171adf051ea4f07e7e7e770c2016eeacbe8511afffffbea75759a1ea5404f5453c0b5c46c9700808c096cf8cf5223f341cbea3841b5cd224c1b381d56afebe9f99a00e3cd94dc0bb7af9e8709db487cc4d9b3b96723d69d512ddd57b0dee9b9f6ae80a502cce352098603e77f9ecced07fa25e99e9e415414c91f8bfd1c150570512f26c4ee34a64c131dce3800000000000000006c86287945bd8d258442870e000000000000000000000000f7e6a10de4bf7369b0d5b5373829b09bf5b7b34099b27ac7770fca449d4c4ca15f88b588b2429af2e1d1a4e1fa44cb80fcfae6e50d7e5b4675d7e0be706224f34e6eed553b40e2b897e73752fc7d1e4b0f4c5967eefd7448d5fde5841fa464a67267c631052bd7333769a4b8d19d4794357edce762e8136ab9d7ed34a72baffd849b90579b96b3"], &(0x7f0000000100)='GPL\x00'}, 0x48)

29.674054886s ago: executing program 2 (id=1768):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xaf, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone(0xc70e1100, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$BLKIOMIN(0xffffffffffffffff, 0x1278, &(0x7f00000000c0))
write$cgroup_subtree(r2, &(0x7f0000000040)={[{0x2b, 'cpu'}, {0x2d, 'pids'}]}, 0xb)
syz_usb_connect(0x3, 0x373, &(0x7f00000009c0)=ANY=[@ANYBLOB="120150020953212056bb36d660b401020301090261030103f990090904d9090e9920537f0905070108000507049b23d3805c268e37e66b63a777b8f918624d1f8abb397e8da3d5c0c01f463dd7cdfaf565f6ebead3e84aab4088f5c485998c7f013f208878825f2ba447553eb52cf47ccbe2e51b87e0ee91b180fbe8afc60357034505316e1b0885ca4bf680b1a25b38e0b88d4bb947f298d4c352978e513a126ce38255cafb46d54261af02cf72983fae23e9c2a2c5473207f82de6e08debf98a0d435b81e809bd09050f14100007290007250102017aa10905090020008081020905030c4000020905072501c30802000725010000070e09050e0c08000b03086011014de69a3e813813ca6f5cb826418d95c4ca9fe45079aa5d548db5890158efe4269e8e1b97e09fa778c756dcf3cdd04b1c64b2715f6dcf2799263541b8df5e6b7dce9828a1691dc3520fefe6dc59f53ec10aea367af0bde0b5d3f8e6d3c2090502010004000806072501010843f38b232e5242cc550dc448369df4c8db00be54c90461d4fd612d760d2b2bff42422b983ab6ac4039681abaed95aa53927a2718e0566f24c810f2d0a49ea2a6089afcc21f0ba7434bdb728ca3fde3384c59c59489dd7d81d38eb38588302ef0ff158f64c3dd50a6917ebddc35d3c406f75ebcb1019eb10b37ecc204163f76f0834c678c092019cc240ed48a8f0905081018000004f8072501010709000725018001050009050003ff0308010b09050b100004027f043401f788d8cfd01cb2e913fbeb9870c3ceaefcf549af521aa856482d6fafaf4d7c4f1f5db1030e252a0c08f958bf83a4303549e909050910000208060209050a0c400000078107250100088100090507020002060909072501010680004c0ad92977e7b1912ba8400b1ae80d47aa5c40c77f5129b0a8afaa1b521e92234f96a6d58227f423c01a168712f12c918b3d2e1397a36d463ae1932665ed5a1cc5040a138542ea922f1b685409050e100004019981072501000205000905000c2000011f008c0f6f884a093c17d2c251"], &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})

26.596932575s ago: executing program 2 (id=1778):
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0xf9)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000001c0)=0x9)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000280)=0xb3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x1)

26.127557502s ago: executing program 2 (id=1781):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
io_setup(0x4, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000b80)='./file0\x00', 0x1008002, &(0x7f0000000d00)={[{@grpjquota}]}, 0x3, 0x5ee, &(0x7f0000000280)="$eJzs3c1vVFUbAPDnTj9oKXk7kDcqLqSJMZAoLS1gGuMCtoY0+BE3urDSgkiBhtZo0YSS4MbEuDHGxJUL8b9QIltWunLhxpUhIWpYmjjmztxbOu1Mv2jnEu7vlwxz7zlze86lfeace+acOwGU1lD6TyVif0TMJhGDyeJSXndkmUON193/+5Mz6SOJWu31P5NIsrT89Un2PJAd3BcRP/+UxL6u1eXOLVy9MDkzM30l2x+Zvzg7Mrdw9fD5i5Pnps9NXxp7cWz8+LHj46NHtnRe11qknbrx/oeDn0289d03/ySj3/82kcSJeCV74fLz2C5DMVT/P0lWZw2Mb3dhBenK/k5qtVotT0u6i60TG5f//noi4skYjK548MsbjE9fLbRywI6qJY33bqCMEvEPJZX3A/Jr+5XXwZVCeiVAJ9w72RgAWB3/3Y2xweirjw3svp/E8mGdJCK2NjLXbE9E3Lk9cePs7YkbsUPjcEBri9cj4qlW8Z/U478afVGtx3+lKf7TfsHp7DlNf22L5a8cKhb/0DmN+O9bM/6jTfy/kz5fa8Twu1ssv/pg873+pvjv3+opAQAAAAAAQGndOhkRL7T6/L+yNP8nWsz/GYiIE9tQ/tCK/dWf/1fubkMxQAv3Tka83HL+byWf/VvtWraEtRo9ydnzM9NHIuJ/EXEoenal+6NrlHH4831ft8sbyub/5Y+0/DvZXMCsHne7dzUfMzU5P/kQpwxk7l2PeLrl/N9kqf1PWrT/6TvD7AbL2PfczdPt8taPf2Cn1L6NONiy/X9w14pk7ftzjNT7AyN5r2C1Zz7+4od25W81/t1iAh5e2v7vXjv+q8ny+/XMbb6MowvdtXZ5W+3/9yZv1O8q1JulfTQ5P39lNKI3OdWVpjalj22+zvA4yuMhj5c0/g89u/b4X6v+f39ELK742clfzWuKc0/8O/B7u/ro/0Nx0vif2lT7v/mNsZvVH9uVv7H2/1i9rT+UpRj/g4av8jDtbU5vEY7drbI6XV8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBxUImJPJJXhpe1KZXg4YiAi/h+7KzOX5+afP3v5g0tTaV79+/8r+Tf9Djb2k/z7/6vL9sdW7B+NiL0R8WVXf31/+MzlmamiTx4AAAAAAAAAAAAAAAAAAAAeEQNt1v+n/ugqunbAjusuugJAYVrE/y9F1APoPO0/lJf4h/IS/1Be4h/KS/xDea0d/2+Pd6wiQMdp/6G8xD8AAAAAADxW9h649WsSEYsv9dcfqd4sr6fQmgE7rVJ0BYDCuMUPlJepP1BervGBZJ38vrYHrXfkWmbPPMTBAAAAAAAAAAAAAFA6B/db/w9lZf0/lJf1/1Be+fr/AwXXA+g81/hArLOSv+X6/3WPAgAAAAAAAAAAAAC209zC1QuTMzPTV2y8+WhUo5MbtVrtWvpX8KjUZ/s3kmyGekcKzafCd/5Mezdygvlav4395OLekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGb/BQAA//8wviV5")
open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x1)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f00000000c0)='./bus\x00', 0x0, 0x1c10, 0x0)
r1 = open(&(0x7f0000000400)='./bus\x00', 0xc40, 0x0)
ioctl$BLKROSET(r1, 0x125d, &(0x7f0000000080)=0x3f)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r2, 0x0, 0x0, 0x8000c62)
truncate(&(0x7f00000002c0)='./file1\x00', 0x42d9)

25.372110376s ago: executing program 2 (id=1787):
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002700)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000000c0)="1bc7a7fab25c4d096d13ab609699ccfad50f833b12f72e7d9a802d8457394031e7227a4d2e5133ed69e3195918c45d8b0ef7", 0x32}], 0x1}}], 0x1, 0x2404c044)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000ff4000/0x2000)=nil})
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{}, 0x0, &(0x7f0000000240)='%pB    \x00'}, 0x20)
r3 = dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000)=@arm64={0x48, 0x9, 0x2, '\x00', 0x2})
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000002c0)=0x10000)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

22.585690678s ago: executing program 2 (id=1799):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r0 = socket(0x28, 0x801, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
futimesat(r0, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
close(0x3)
accept$alg(r2, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x8c, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])

22.143455603s ago: executing program 40 (id=1799):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r0 = socket(0x28, 0x801, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
futimesat(r0, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
close(0x3)
accept$alg(r2, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x8c, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])

15.093506903s ago: executing program 0 (id=1817):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a0300fef0ffffff79a4f0ff00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c850000003f000000b70000000000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000500000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac64d9c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccfd8b129258bb0a93cee1d44f8665172c06933d20f184b78b435462c52a85149451ffd564c56a7cbf11a1127c77242915e43b2bc"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x200000, 0x10, &(0x7f0000000000), 0x143}, 0x48)

13.864428284s ago: executing program 3 (id=1819):
r0 = socket(0x2, 0x80805, 0x0)
close(0x3)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in={{0x2, 0x4e24, @remote}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={<r4=>0x0}, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000400)={0x93de, 0x1, 0x0, 0x3, 0x1ff, 0x7, 0xdff8, 0xb, r4}, 0x20)

12.73139341s ago: executing program 0 (id=1820):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = memfd_create(&(0x7f0000000640)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\xfd\x89\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\rW\xef\x10\xd6d#\xf2\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8\x1f\xb2C\xf8\'?]\x16C\x166\xc0\xbcJT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8', 0x2)
pwritev(r2, &(0x7f0000000540)=[{&(0x7f0000000600)='\x00', 0x1}], 0x1, 0x7fffff, 0x8)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000380)={0x26, 'hash\x00', 0x0, 0x0, 'streebog256\x00'}, 0x58)
r4 = accept$alg(r3, 0x0, 0x0)
sendfile(r4, r2, 0x0, 0x2000081)

12.612031598s ago: executing program 3 (id=1821):
syz_clone3(&(0x7f0000000080)={0x801400, &(0x7f0000000040)=<r0=>0xffffffffffffffff, 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = pidfd_getfd(r0, r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x13, 0x0, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r3 = mq_open(&(0x7f0000000140)='*+@[^#^\x00', 0x40, 0x65, 0x0)
mq_notify(r3, &(0x7f0000000300)={0x0, 0x1b, 0x1})
read(r3, 0x0, 0x0)
setns(r1, 0x2e000080)
ioctl$KDADDIO(r1, 0x4b34, 0x5c549bee)

11.35434393s ago: executing program 3 (id=1824):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x9031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x88}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)

9.173175477s ago: executing program 3 (id=1826):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000034f0e61000000000000000004000000bb7f1a007600feff000020009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x4, 0x93, &(0x7f0000000100)=""/147, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x61e5cc96}, 0x22)

8.042038303s ago: executing program 3 (id=1827):
prlimit64(0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$BLKROGET(0xffffffffffffffff, 0x125e, 0x0)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070011000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
sendmsg$IPSET_CMD_RENAME(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000400)=ANY=[@ANYBLOB="80000000050601080000000000000000070000080900030073797a320010000005000100070000000900030073797a310000000005000100070000000900020073797a320000000005000100070000000900020073797a310000000009000300"], 0x80}, 0x1, 0x0, 0x0, 0x4000010}, 0x20000000)

8.004001635s ago: executing program 1 (id=1828):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
shutdown(r1, 0x1)
sendmmsg$inet(r1, &(0x7f00000004c0)=[{{&(0x7f0000000340)={0x2, 0x4e23, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x28}, @dev={0xac, 0x14, 0x14, 0xe}}}}], 0x20}}], 0x1, 0x40080c0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_usb_connect(0x5, 0x1bb, &(0x7f0000000880)=ANY=[@ANYBLOB="12010000a677c120229062d60eb3000000010902a90101000000000904"], 0x0)
r2 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_SMBUS(r2, 0x720, &(0x7f0000000580)={0x0, 0xa, 0x5, &(0x7f0000000040)={0x2, "ba33b4f76c1147713bbb79931987e92352124c3f58f98e3897d9030000002c833a"}})
getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000180)={'broute\x00', 0x0, 0x0, 0x0, [0x2, 0x3ff, 0x4, 0x0, 0x6, 0x8000000000000001]}, &(0x7f0000000140)=0x78)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x0, 0x6}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000010c0)=ANY=[@ANYBLOB="200000001600010a00"], 0x20}, 0x1, 0x0, 0x0, 0x200c0801}, 0x0)

6.71642286s ago: executing program 6 (id=1831):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000006c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0100000002000000a003000005", @ANYBLOB, @ANYRES32=0x0], 0x48)
bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000640)={r3, &(0x7f0000000080), 0x0}, 0x20)

5.448266863s ago: executing program 6 (id=1832):
pipe(&(0x7f00000007c0))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0))
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0xbdc, &(0x7f00000003c0)={0x0, 0xec25, 0x400, 0x0, 0x24d, 0x0, r2}, &(0x7f00000006c0)=<r4=>0x0, &(0x7f0000000240)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x8, 0x0, &(0x7f0000000140)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0x0)

5.394851556s ago: executing program 1 (id=1834):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000002440), 0x40, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001040)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0x4}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r4, &(0x7f0000002400)="800000800000210ee7decd7a0000", 0xe, 0x200000c1, &(0x7f00000001c0)={0x11, 0x88a8, r3, 0x1, 0x3}, 0x14)

5.043428917s ago: executing program 1 (id=1835):
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000680)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
r0 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43)
mknodat$loop(r0, &(0x7f0000000200)='./file1\x00', 0x800, 0x1)
r1 = open(&(0x7f0000000480)='./bus\x00', 0xea000, 0x718bb647156ec3be)
chdir(&(0x7f0000000140)='./bus\x00')
linkat(r1, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000180)='./file0\x00', 0x1000)
linkat(r0, &(0x7f0000000000)='./file1\x00', r0, &(0x7f00000001c0)='./bus\x00', 0x400)
rename(&(0x7f0000000400)='./bus\x00', &(0x7f0000000f00)='./file0\x00')

4.892256876s ago: executing program 0 (id=1836):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_open_dev$loop(0x0, 0x1, 0x135e80)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syslog(0x4, &(0x7f0000000000)=""/19, 0xb12288e90d7c8384)

4.593331313s ago: executing program 1 (id=1837):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000800000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="05000000040000000c0000000b"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)=0x10, 0x12)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)=r2}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r0, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfa, &(0x7f0000000640)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000000680), 0x0, 0x0, 0x16, 0x8, 0x8, &(0x7f0000000700)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x1, 0xf, &(0x7f0000000900)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000009c0)='GPL\x00', 0x7, 0x48, &(0x7f0000000a00)=""/72, 0x40f00, 0x41, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r0, 0x1, &(0x7f0000000ac0)=[r0, r1, r1, r1, r1], &(0x7f0000000b00)=[{0x0, 0x5, 0x2, 0x5}], 0x10, 0x4}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0a0000000400000006000000ff00000042"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000080), 0x619, r3}, 0x38)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r2}, 0xc)

3.564923063s ago: executing program 6 (id=1838):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x6, &(0x7f0000000000)=0x1, 0x4)

3.405434462s ago: executing program 1 (id=1839):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a0300fef0ffffff79a4f0ff00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c850000003f000000b70000000000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000500000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac64d9c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccfd8b129258bb0a93cee1d44f8665172c06933d20f184b78b435462c52a85149451ffd564c56a7cbf11a1127c77242915e43b2bc"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x200000, 0x10, &(0x7f0000000000), 0x143}, 0x48)

3.404713012s ago: executing program 0 (id=1848):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f00000000c0)=0x800, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x770, 0x0, 0xbabd}, 0x1c)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x641, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_devices(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="1e0308004d6b71ef288563"], 0xffdd)

1.616052696s ago: executing program 0 (id=1840):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000140)='syzkaller\x00'}, 0x80)
bpf$OBJ_PIN_PROG(0x11, &(0x7f0000000280)=@generic={&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r3}, 0x18)

1.615884586s ago: executing program 6 (id=1841):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@bridge_getlink={0x28, 0x12, 0xdbf44c00c5896d57, 0x10, 0x0, {0x7, 0x0, 0x0, 0x0, 0x20000}, [@IFLA_EXT_MASK={0x8, 0x1d, 0xeca}]}, 0x28}}, 0x0)

215.096557ms ago: executing program 1 (id=1842):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x7, &(0x7f0000000380)={0x0, 0x2, 0x200000b, 0xffffffffffffffff})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
unshare(0x400)
fcntl$lock(r1, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x10, 0x3})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x7, &(0x7f0000000180)={0x1, 0x0, 0x12, 0x10})
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)

214.772637ms ago: executing program 6 (id=1843):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x8)
pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
linkat(r2, &(0x7f0000000080)='./bus/file0\x00', r1, &(0x7f00000000c0)='./bus\x00', 0x400)
fchdir(r1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
openat2(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', &(0x7f0000000280)={0x591002, 0x1, 0xc}, 0x18)
open(&(0x7f0000000040)='./file0\x00', 0x551083, 0x28)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x4d)
rename(&(0x7f0000000180)='./bus\x00', &(0x7f00000001c0)='./file0\x00')

89.618834ms ago: executing program 3 (id=1844):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0xfffffff8, {0x0, 0x0, 0x0, r3, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)
recvmmsg(r4, &(0x7f0000003540)=[{{0x0, 0x0, &(0x7f0000001e00)=[{&(0x7f0000001e40)=""/4101, 0x1005}], 0x1}, 0x6d0d}], 0x1, 0x10022, 0x0)

15.217119ms ago: executing program 0 (id=1845):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0xc4142, 0x12)
read$hidraw(r0, &(0x7f0000003000)=""/4096, 0x1000)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/disk', 0x1, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000400)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r1, 0x0, 0x0, 0x1000000000003}])
write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, &(0x7f0000000080)={0x12, 0x10, 0xfa00, {&(0x7f0000000040), 0xffffffffffffffff, r1}}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001900)=@newlink={0x60, 0x10, 0x403, 0x300, 0x0, {}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x20, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0x1e, 0xc}}, @IFLA_VLAN_ID={0x6, 0x1, 0xffe}, @IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x88a8}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x60}}, 0x8000)

0s ago: executing program 6 (id=1846):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c000000000061138c0000000000bfa00000000000001503000008004e002d35010000000000950041000000000069163a0000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)

kernel console output (not intermixed with test programs):

8 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  214.563521][ T7765] RSP: 002b:00007f84898dc028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  214.572150][ T7765] RAX: ffffffffffffffda RBX: 00007f848b8fbfa0 RCX: 00007f848b680eb9
[  214.580155][ T7765] RDX: 0000200000000b80 RSI: 0000200000000000 RDI: 0000000000000000
[  214.588160][ T7765] RBP: 00007f848b6eec1f R08: 0000200000000180 R09: 0000000000000000
[  214.596161][ T7765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  214.604365][ T7765] R13: 00007f848b8fc038 R14: 00007f848b8fbfa0 R15: 00007ffd8ec3e118
[  214.612488][ T7765]  </TASK>
[  214.615658][    C0] vkms_vblank_simulate: vblank timer overrun
[  214.787361][ T7765] overlayfs: statfs failed on './file0'
[  214.978901][ T7797] netlink: 24 bytes leftover after parsing attributes in process `syz.4.968'.
[  216.321307][ T7807] 8021q: adding VLAN 0 to HW filter on device bond3
[  216.389796][ T7807] bond2: (slave bond3): Enslaving as an active interface with a down link
[  216.599848][ T7830] netlink: 12 bytes leftover after parsing attributes in process `syz.7.978'.
[  216.783195][ T7838] netlink: 12 bytes leftover after parsing attributes in process `syz.7.982'.
[  216.921912][   T21] Bluetooth: hci3: command 0x0406 tx timeout
[  217.454130][ T7870] netlink: 4 bytes leftover after parsing attributes in process `syz.0.992'.
[  217.563758][ T7875] netlink: 52 bytes leftover after parsing attributes in process `syz.1.994'.
[  218.036275][ T7896] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1001'.
[  218.050143][ T7896] device veth1_macvtap left promiscuous mode
[  218.249830][ T7905] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  218.256508][ T7905] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  218.272448][ T7911] loop7: detected capacity change from 0 to 512
[  218.285627][ T7905] vhci_hcd vhci_hcd.0: Device attached
[  218.382475][ T7908] vhci_hcd: connection closed
[  218.383468][ T6595] vhci_hcd: stop threads
[  218.426085][ T7911] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  218.446224][ T6595] vhci_hcd: release socket
[  218.460629][ T6595] vhci_hcd: disconnect device
[  218.470258][ T7911] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  218.486388][ T5601] vhci_hcd: vhci_device speed not set
[  218.639360][ T7306] EXT4-fs error (device loop7) in ext4_reserve_inode_write:5854: Out of memory
[  218.673389][ T7306] EXT4-fs error (device loop7): ext4_quota_off:6540: inode #3: comm syz-executor: mark_inode_dirty error
[  218.690453][ T7306] EXT4-fs error (device loop7) in ext4_reserve_inode_write:5854: Out of memory
[  218.704388][ T7306] EXT4-fs error (device loop7): ext4_quota_off:6540: inode #4: comm syz-executor: mark_inode_dirty error
[  222.265646][ T7993] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1027'.
[  222.784716][ T8016] overlayfs: failed to clone upperpath
[  222.968030][ T8024] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1037'.
[  223.117925][ T8028] loop5: detected capacity change from 0 to 1024
[  223.392717][   T26] audit: type=1800 audit(2000000567.729:39): pid=8028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1039" name="bus" dev="loop5" ino=26 res=0 errno=0
[  223.538640][ T4593] hfsplus: bad catalog entry type
[  223.659333][ T8043] PKCS8: Unsupported PKCS#8 version
[  224.173856][  T154] hfsplus: b-tree write err: -5, ino 4
[  225.668283][ T8070] loop7: detected capacity change from 0 to 1024
[  225.830718][   T26] audit: type=1800 audit(2000000570.099:40): pid=8070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1053" name="bus" dev="loop7" ino=26 res=0 errno=0
[  226.021941][ T8074] attempt to access beyond end of device
[  226.021941][ T8074] loop7: rw=34817, want=1036, limit=1024
[  226.229245][  T154] hfsplus: b-tree write err: -5, ino 4
[  226.435129][ T8078] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  226.948002][ T8089] loop4: detected capacity change from 0 to 512
[  227.118509][ T8082] chnl_net:caif_netlink_parms(): no params data found
[  227.293455][ T8089] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  227.319119][ T8089] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5854: Out of memory
[  227.332046][ T8089] EXT4-fs error (device loop4): ext4_dirty_inode:6058: inode #18: comm syz.4.1059: mark_inode_dirty error
[  227.344215][ T8089] EXT4-fs error (device loop4): ext4_get_max_inline_size:115: inode #18: comm syz.4.1059: can't get inode location 18
[  227.358505][ T8089] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5854: Out of memory
[  227.372099][ T8089] EXT4-fs error (device loop4): ext4_dirty_inode:6058: inode #18: comm syz.4.1059: mark_inode_dirty error
[  227.384907][ T8089] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5854: Out of memory
[  227.394723][ T8089] EXT4-fs error (device loop4): ext4_dirty_inode:6058: inode #18: comm syz.4.1059: mark_inode_dirty error
[  227.407836][ T8089] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5854: Out of memory
[  227.422753][ T8089] EXT4-fs error (device loop4): ext4_ext_truncate:4456: inode #18: comm syz.4.1059: mark_inode_dirty error
[  227.434951][ T8089] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5854: Out of memory
[  227.665899][ T6591] Quota error (device loop4): qtree_write_dquot: dquota write failed
[  227.782653][ T6591] Quota error (device loop4): dquot_write_dquot: Can't write quota structure (error -117). Quota may get out of sync!
[  227.805735][ T6591] Quota error (device loop4): qtree_write_dquot: dquota write failed
[  227.817969][ T6591] Quota error (device loop4): dquot_write_dquot: Can't write quota structure (error -117). Quota may get out of sync!
[  227.904935][ T8082] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.987664][ T8082] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.036577][ T8082] device bridge_slave_0 entered promiscuous mode
[  228.077134][ T8082] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.101178][ T8082] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.119054][ T8082] device bridge_slave_1 entered promiscuous mode
[  228.292088][ T8082] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  228.352146][ T8082] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  228.557288][ T8082] team0: Port device team_slave_0 added
[  228.655457][ T8082] team0: Port device team_slave_1 added
[  228.701147][ T4247] Bluetooth: hci3: command 0x0409 tx timeout
[  228.828628][ T8082] batman_adv: batadv0: Adding interface: batadv_slave_0
[  228.872307][ T8082] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  228.984864][ T8082] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  229.065096][ T8082] batman_adv: batadv0: Adding interface: batadv_slave_1
[  229.105015][ T8082] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  229.216355][ T8082] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  229.816859][ T8082] device hsr_slave_0 entered promiscuous mode
[  229.835004][ T8082] device hsr_slave_1 entered promiscuous mode
[  229.895623][ T8082] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  229.981042][ T8082] Cannot create hsr debugfs directory
[  230.784643][ T8163] loop7: detected capacity change from 0 to 4096
[  230.812550][ T4255] Bluetooth: hci3: command 0x041b tx timeout
[  230.878091][ T8163] ntfs3: loop7: Different NTFS' sector size (4096) and media sector size (512)
[  230.911397][ T8082] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  231.002321][ T8082] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  231.044634][ T8082] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  231.069498][ T8163] ntfs3: loop7: Mark volume as dirty due to NTFS errors
[  231.111815][ T8082] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  231.151115][ T8163] ntfs3: loop7: Failed to load $Extend.
[  232.385809][ T6598] tipc: Subscription rejected, illegal request
[  232.693949][ T8082] 8021q: adding VLAN 0 to HW filter on device bond0
[  232.756685][ T6591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  232.781575][ T6591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  232.836411][ T8082] 8021q: adding VLAN 0 to HW filter on device team0
[  232.876981][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  232.901880][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  232.920163][ T1326] Bluetooth: hci3: command 0x040f tx timeout
[  232.956731][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.963913][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  233.022406][ T8199] block device autoloading is deprecated and will be removed.
[  233.037143][ T8202] block device autoloading is deprecated and will be removed.
[  233.056261][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  233.098291][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  233.148307][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  233.203316][  T154] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.210537][  T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[  233.244086][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  233.269590][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  233.298849][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  233.355248][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  233.387597][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  233.417496][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  233.454508][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  233.478056][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  233.518056][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  233.538194][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  233.558684][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  233.585793][ T8082] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  234.128199][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  234.164950][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  234.221617][ T8082] 8021q: adding VLAN 0 to HW filter on device batadv0
[  234.945025][ T6591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  235.004184][ T6591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  235.034034][ T4192] Bluetooth: hci3: command 0x0419 tx timeout
[  235.058143][ T6591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  235.085561][ T6591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  235.113640][ T6591] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  235.141032][ T6591] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  235.168152][ T8082] device veth0_vlan entered promiscuous mode
[  235.211251][ T8082] device veth1_vlan entered promiscuous mode
[  235.295176][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  235.311679][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  235.327509][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  235.356211][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  235.382382][ T8082] device veth0_macvtap entered promiscuous mode
[  235.400479][ T8082] device veth1_macvtap entered promiscuous mode
[  235.427515][ T8082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  235.447449][ T8082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.460071][ T8082] batman_adv: batadv0: Interface activated: batadv_slave_0
[  235.467492][ T6591] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  235.499680][ T6591] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  235.519573][ T6591] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  235.550738][ T6591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  235.583707][ T8082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.610019][ T8082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.630126][ T8082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.652660][ T8082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.682597][ T8082] batman_adv: batadv0: Interface activated: batadv_slave_1
[  235.692263][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  235.712284][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  235.735487][ T8082] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.745636][ T8082] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.765617][ T8082] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.782914][ T8082] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.954006][ T4573] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  235.962492][ T4573] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  236.024618][ T6591] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  236.032289][ T4573] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  236.042189][ T4573] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  236.065203][ T6591] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  237.683179][ T8318] loop4: detected capacity change from 0 to 128
[  238.243145][ T8346] loop7: detected capacity change from 0 to 1024
[  238.289898][ T8346] hfsplus: invalid file type 0120411 for inode 2
[  238.303229][ T8346] hfsplus: failed to load root directory
[  238.544636][ T8361] loop7: detected capacity change from 0 to 1024
[  238.595281][ T8361] EXT4-fs (loop7): Ignoring removed oldalloc option
[  238.641989][ T8361] EXT4-fs (loop7): Ignoring removed bh option
[  238.666162][ T8361] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  238.786472][ T8361] EXT4-fs (loop7): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,nobarrier,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  238.878264][   T26] audit: type=1804 audit(2000000582.989:41): pid=8361 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.1112" name="/newroot/41/file1/bus" dev="loop7" ino=18 res=1 errno=0
[  239.344572][ T8389] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1119'.
[  239.410707][ T8389] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1119'.
[  239.454076][ T8389] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1119'.
[  239.544783][ T8389] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1119'.
[  239.738169][ T8399] fuse: Bad value for 'fd'
[  239.855168][ T8406] fuse: Bad value for 'fd'
[  242.116852][ T8475] chnl_net:caif_netlink_parms(): no params data found
[  242.278146][ T8475] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.326612][ T8475] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.369569][ T8475] device bridge_slave_0 entered promiscuous mode
[  242.382980][ T8475] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.404238][ T8475] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.427992][ T8475] device bridge_slave_1 entered promiscuous mode
[  242.513116][ T8475] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  242.525767][ T8508] x_tables: duplicate underflow at hook 1
[  242.542938][ T8475] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  242.636905][   T26] audit: type=1326 audit(2000000586.712:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8510 comm="syz.7.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848b680eb9 code=0x7ffc0000
[  242.679521][ T8475] team0: Port device team_slave_0 added
[  242.704716][ T8475] team0: Port device team_slave_1 added
[  242.714097][   T26] audit: type=1326 audit(2000000586.721:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8510 comm="syz.7.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848b680eb9 code=0x7ffc0000
[  242.802783][ T8475] batman_adv: batadv0: Adding interface: batadv_slave_0
[  242.819194][   T26] audit: type=1326 audit(2000000586.721:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8510 comm="syz.7.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848b680eb9 code=0x7ffc0000
[  242.849372][ T8475] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  242.892891][   T26] audit: type=1326 audit(2000000586.721:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8510 comm="syz.7.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f848b680eb9 code=0x7ffc0000
[  242.907292][ T8475] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  242.923595][   T26] audit: type=1326 audit(2000000586.721:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8510 comm="syz.7.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848b680eb9 code=0x7ffc0000
[  242.952709][   T26] audit: type=1326 audit(2000000586.721:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8510 comm="syz.7.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848b680eb9 code=0x7ffc0000
[  242.978756][ T8475] batman_adv: batadv0: Adding interface: batadv_slave_1
[  242.985858][   T26] audit: type=1326 audit(2000000586.721:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8510 comm="syz.7.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848b680eb9 code=0x7ffc0000
[  243.008912][ T8475] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.054197][   T26] audit: type=1326 audit(2000000586.721:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8510 comm="syz.7.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f848b64178e code=0x7ffc0000
[  243.091131][ T8475] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  243.130631][   T26] audit: type=1326 audit(2000000586.721:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8510 comm="syz.7.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848b680eb9 code=0x7ffc0000
[  243.195449][ T8475] device hsr_slave_0 entered promiscuous mode
[  243.213795][ T8475] device hsr_slave_1 entered promiscuous mode
[  243.225729][ T8475] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  243.247362][ T8475] Cannot create hsr debugfs directory
[  243.322520][    T7] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  243.336024][ T8530] 9pnet: p9_errstr2errno: server reported unknown error 0x00000000
[  243.660328][ T8541] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1169'.
[  243.685146][ T8475] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  243.695027][    T7] usb 8-1: unable to get BOS descriptor or descriptor too short
[  243.711705][ T8475] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  243.732678][ T8475] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  243.752195][ T8475] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  243.759523][    T7] usb 8-1: unable to read config index 0 descriptor/start: -71
[  243.767434][    T7] usb 8-1: can't read configurations, error -71
[  244.096722][ T4255] Bluetooth: hci1: command 0x0409 tx timeout
[  244.136609][ T8557] device bond5 entered promiscuous mode
[  244.171610][ T8557] device bridge6 entered promiscuous mode
[  244.185780][ T8557] bond5: (slave bridge6): making interface the new active one
[  244.195825][ T8557] bond5: (slave bridge6): Enslaving as an active interface with an up link
[  244.271123][ T8475] 8021q: adding VLAN 0 to HW filter on device bond0
[  244.318053][ T8475] 8021q: adding VLAN 0 to HW filter on device team0
[  244.326855][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  244.337495][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  244.359785][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  244.390101][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  244.409390][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.416624][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  244.435410][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  244.450872][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  244.459992][  T154] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.467103][  T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[  244.484256][ T8570] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  244.521133][ T8570] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  244.533766][ T8570] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  244.557640][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  244.572623][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  244.595993][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  244.621172][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  244.659450][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  244.708824][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  244.738291][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  244.799123][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  244.808229][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  244.816983][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  245.701240][ T8475] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  245.806873][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  245.856032][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  246.149391][ T4270] Bluetooth: hci1: command 0x041b tx timeout
[  246.163519][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  246.172147][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  247.250148][ T8475] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.501844][ T8602] fuse: Bad value for 'fd'
[  247.854327][ T8625] loop7: detected capacity change from 0 to 512
[  247.976570][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  248.020435][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  248.190375][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  248.240813][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  248.286524][ T8475] device veth0_vlan entered promiscuous mode
[  248.332285][   T21] Bluetooth: hci1: command 0x040f tx timeout
[  248.375603][ T8633] netlink: 'syz.0.1199': attribute type 4 has an invalid length.
[  248.535190][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  248.593115][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  249.241253][ T8475] device veth1_vlan entered promiscuous mode
[  249.347745][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  249.392126][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  249.422006][ T6591] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.443220][ T8641] netlink: 'syz.8.1202': attribute type 1 has an invalid length.
[  249.504818][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  249.520147][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  249.581225][ T8641] device netdevsim2 entered promiscuous mode
[  249.614308][ T8475] device veth0_macvtap entered promiscuous mode
[  249.696295][ T6591] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.737671][ T8475] device veth1_macvtap entered promiscuous mode
[  249.792185][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  249.839096][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.874477][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  249.898011][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.922172][ T8475] batman_adv: batadv0: Interface activated: batadv_slave_0
[  250.045615][ T6591] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.803397][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  250.822500][   T21] Bluetooth: hci1: command 0x0419 tx timeout
[  250.831100][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  250.864285][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  250.898743][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  250.919107][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  250.950623][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.970259][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  250.990296][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.030468][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  251.063603][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.084460][ T8475] batman_adv: batadv0: Interface activated: batadv_slave_1
[  251.152969][ T6591] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.167175][ T8668] loop8: detected capacity change from 0 to 8
[  251.188996][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  251.205148][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  251.264686][ T8666] netlink: 'syz.0.1212': attribute type 4 has an invalid length.
[  251.280702][ T8664] netlink: 'syz.0.1212': attribute type 4 has an invalid length.
[  251.309835][ T8475] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  251.327377][ T8475] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  251.337118][ T8475] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  251.347232][ T8475] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  251.630041][ T5240] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  252.275060][ T5240] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  252.295888][   T26] kauditd_printk_skb: 8 callbacks suppressed
[  252.296000][   T26] audit: type=1800 audit(2000000596.225:59): pid=8668 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.1213" name="file2" dev="loop8" ino=6 res=0 errno=0
[  252.490556][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  252.574262][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  252.635269][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  252.656791][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  253.026141][ T5240] bond0: (slave syz_tun): interface is now down
[  253.057955][ T8692] netlink: 'syz.1.1218': attribute type 10 has an invalid length.
[  253.081236][ T6595] bond0: (slave syz_tun): interface is now down
[  253.098003][ T6595] bond0: (slave syz_tun): interface is now down
[  253.158109][ T6595] bond0: (slave syz_tun): interface is now down
[  253.170869][ T8671] chnl_net:caif_netlink_parms(): no params data found
[  253.208341][ T5240] bond0: (slave syz_tun): interface is now down
[  253.239267][ T5240] bond0: (slave syz_tun): interface is now down
[  253.262110][ T5240] bond0: (slave syz_tun): interface is now down
[  253.309009][ T6595] bond0: (slave syz_tun): interface is now down
[  253.329516][ T5240] bond0: (slave syz_tun): interface is now down
[  253.337356][ T8700] Bluetooth: hci0: service_discovery: too big uuid_count value 63764
[  253.359187][ T5240] bond0: (slave syz_tun): interface is now down
[  253.451003][ T6595] bond0: (slave syz_tun): interface is now down
[  253.460086][ T4270] Bluetooth: hci4: command 0x0409 tx timeout
[  253.479467][ T5240] bond0: (slave syz_tun): interface is now down
[  253.540031][  T154] bond0: (slave syz_tun): interface is now down
[  253.552496][ T8671] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.559933][ T8671] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.569116][ T4573] bond0: (slave syz_tun): interface is now down
[  253.576741][ T8671] device bridge_slave_0 entered promiscuous mode
[  253.593887][ T8671] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.601162][ T5240] bond0: (slave syz_tun): interface is now down
[  253.609804][ T8671] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.619273][ T8671] device bridge_slave_1 entered promiscuous mode
[  253.627026][ T5240] bond0: (slave syz_tun): interface is now down
[  253.636862][ T8707] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1220'.
[  253.681412][ T5240] bond0: (slave syz_tun): interface is now down
[  253.700445][ T4573] bond0: (slave syz_tun): interface is now down
[  253.728989][ T8707] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1220'.
[  253.738392][ T5240] bond0: (slave syz_tun): interface is now down
[  253.750123][ T4573] bond0: (slave syz_tun): interface is now down
[  253.770133][ T4573] bond0: (slave syz_tun): interface is now down
[  253.810213][ T4573] bond0: (slave syz_tun): interface is now down
[  253.860817][ T5240] bond0: (slave syz_tun): interface is now down
[  253.880874][ T8671] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  253.901100][  T154] bond0: (slave syz_tun): interface is now down
[  253.921078][ T6595] bond0: (slave syz_tun): interface is now down
[  253.966466][ T6595] bond0: now running without any active interface!
[  254.004263][ T8671] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  254.218748][ T8716] bond4: (slave batadv_slave_1): Enslaving as a backup interface with an up link
[  254.441464][ T6591] device hsr_slave_0 left promiscuous mode
[  254.477337][ T6591] device hsr_slave_1 left promiscuous mode
[  254.486491][ T6591] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  254.498545][ T6591] batman_adv: batadv0: Removing interface: batadv_slave_0
[  254.510077][ T6591] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  254.521440][ T6591] batman_adv: batadv0: Removing interface: batadv_slave_1
[  254.543212][ T6591] device bridge_slave_1 left promiscuous mode
[  254.549628][ T6591] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.565084][ T6591] device bridge_slave_0 left promiscuous mode
[  254.578247][ T6591] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.614376][ T6591] device veth0_macvtap left promiscuous mode
[  254.621523][ T6591] device veth1_vlan left promiscuous mode
[  254.630854][ T6591] device veth0_vlan left promiscuous mode
[  255.249611][ T6591] team0 (unregistering): Port device team_slave_1 removed
[  255.270485][ T6591] team0 (unregistering): Port device team_slave_0 removed
[  255.297313][ T6591] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  255.333874][ T6591] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  255.545621][ T4262] Bluetooth: hci4: command 0x041b tx timeout
[  255.563674][ T6591] bond0 (unregistering): Released all slaves
[  255.661822][ T8671] team0: Port device team_slave_0 added
[  255.691036][ T8723] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1222'.
[  255.808201][ T8671] team0: Port device team_slave_1 added
[  256.792202][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  256.798657][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  257.208132][ T8734] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.216620][ T8734] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.631173][ T4262] Bluetooth: hci4: command 0x040f tx timeout
[  257.772112][ T8734] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  257.830274][ T8734] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  258.349768][ T8734] netdevsim netdevsim9 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  258.360768][ T8734] netdevsim netdevsim9 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  258.370487][ T8734] netdevsim netdevsim9 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  258.379464][ T8734] netdevsim netdevsim9 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  258.546516][ T8748] sch_fq: defrate 53322 ignored.
[  258.580062][ T8671] batman_adv: batadv0: Adding interface: batadv_slave_0
[  258.611600][ T8671] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.663077][ T8671] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  258.706082][ T8755] team0: Port device team_slave_0 removed
[  258.755401][ T8671] batman_adv: batadv0: Adding interface: batadv_slave_1
[  258.773812][ T8671] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.851575][ T8671] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  258.983201][ T8671] device hsr_slave_0 entered promiscuous mode
[  258.991289][ T8671] device hsr_slave_1 entered promiscuous mode
[  259.011342][ T8671] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  259.034887][ T8671] Cannot create hsr debugfs directory
[  259.328647][ T8777] mmap: syz.1.1237 (8777) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  259.717157][ T6665] Bluetooth: hci4: command 0x0419 tx timeout
[  260.791465][ T8671] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  260.848949][ T8671] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  260.884934][ T8812] overlayfs: './file0' not a directory
[  260.892969][ T8671] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  260.939591][ T8671] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  261.006663][ T8821] loop9: detected capacity change from 0 to 16
[  261.046195][ T8821] erofs: (device loop9): mounted with root inode @ nid 36.
[  261.366760][ T8671] 8021q: adding VLAN 0 to HW filter on device bond0
[  261.453332][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  261.475654][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  261.536014][ T8671] 8021q: adding VLAN 0 to HW filter on device team0
[  261.575375][ T8832] loop9: detected capacity change from 0 to 32768
[  261.604129][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  261.646197][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  261.693670][ T5240] bridge0: port 1(bridge_slave_0) entered blocking state
[  261.701052][ T5240] bridge0: port 1(bridge_slave_0) entered forwarding state
[  261.720494][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  261.770619][ T8832] XFS (loop9): Mounting V5 Filesystem
[  261.803776][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  261.854086][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  261.947862][ T8832] XFS (loop9): Ending clean mount
[  261.958802][ T8832] XFS (loop9): Quotacheck needed: Please wait.
[  261.982622][ T6595] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.989931][ T6595] bridge0: port 2(bridge_slave_1) entered forwarding state
[  262.054436][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  262.149556][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  262.151993][ T8832] XFS (loop9): Quotacheck: Done.
[  262.189212][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  262.270253][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  262.285361][ T8475] XFS (loop9): Unmounting Filesystem
[  262.307838][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  262.342468][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  262.383942][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  262.395955][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  262.420483][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  262.447210][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  262.457057][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  264.050844][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  264.078383][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  264.088122][ T8878] trusted_key: encrypted_key: insufficient parameters specified
[  264.110604][ T8671] 8021q: adding VLAN 0 to HW filter on device batadv0
[  264.206602][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  264.220055][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  264.288693][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  264.320227][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  264.347739][ T8671] device veth0_vlan entered promiscuous mode
[  264.363020][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  264.425068][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  264.472606][ T8671] device veth1_vlan entered promiscuous mode
[  264.632862][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  264.661494][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  264.739591][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  264.776305][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  264.995515][ T8671] device veth0_macvtap entered promiscuous mode
[  266.027152][    C0] sched: RT throttling activated
[  266.032334][ T8671] device veth1_macvtap entered promiscuous mode
[  266.150359][ T8671] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  266.217369][ T8671] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.299934][ T8671] batman_adv: batadv0: Interface activated: batadv_slave_0
[  266.353506][ T8671] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  266.411922][ T8671] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.449844][ T8671] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  266.697812][ T8671] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.719612][ T8671] batman_adv: batadv0: Interface activated: batadv_slave_1
[  267.041491][ T8671] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  267.683958][ T8671] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  267.727595][ T8671] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  267.759648][ T8671] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  267.814598][ T6600] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  267.845901][ T6600] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  267.870728][ T6600] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  267.903220][ T6600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  267.935632][ T8914] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  268.286217][ T6595] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  268.323311][ T6595] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  268.406851][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  268.445977][ T4573] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  268.472401][ T4573] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  268.493374][ T6591] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  268.550990][ T8937] netlink: 'syz.9.1273': attribute type 3 has an invalid length.
[  268.559324][ T8937] netlink: 72 bytes leftover after parsing attributes in process `syz.9.1273'.
[  268.787495][ T8921] chnl_net:caif_netlink_parms(): no params data found
[  268.840462][   T26] audit: type=1326 audit(2000000612.838:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.9.1279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1c522feb9 code=0x7ffc0000
[  268.873017][   T26] audit: type=1326 audit(2000000612.868:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.9.1279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1c522feb9 code=0x7ffc0000
[  268.897832][   T26] audit: type=1326 audit(2000000612.868:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.9.1279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1c522feb9 code=0x7ffc0000
[  268.921868][   T26] audit: type=1326 audit(2000000612.868:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.9.1279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe1c522feb9 code=0x7ffc0000
[  268.949248][   T26] audit: type=1326 audit(2000000612.868:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.9.1279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1c522feb9 code=0x7ffc0000
[  268.976624][ T8954] netlink: 'syz.3.1211': attribute type 1 has an invalid length.
[  269.000833][ T8954] 8021q: VLANs not supported on gre0
[  269.012775][   T26] audit: type=1326 audit(2000000612.868:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.9.1279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1c522feb9 code=0x7ffc0000
[  269.065311][   T26] audit: type=1326 audit(2000000612.868:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.9.1279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1c522feb9 code=0x7ffc0000
[  269.120699][   T26] audit: type=1326 audit(2000000612.868:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.9.1279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7fe1c522feb9 code=0x7ffc0000
[  269.156557][   T26] audit: type=1326 audit(2000000612.868:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.9.1279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1c522feb9 code=0x7ffc0000
[  269.196319][ T8921] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.204150][ T8921] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.212673][ T8921] device bridge_slave_0 entered promiscuous mode
[  269.240115][ T8921] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.265629][ T8921] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.290294][   T26] audit: type=1326 audit(2000000612.868:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.9.1279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1c522feb9 code=0x7ffc0000
[  269.312903][ T8921] device bridge_slave_1 entered promiscuous mode
[  269.863360][ T8921] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  270.177542][ T8921] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  270.201615][ T4295] Bluetooth: hci5: command 0x0409 tx timeout
[  270.276007][ T8921] team0: Port device team_slave_0 added
[  270.288910][ T8921] team0: Port device team_slave_1 added
[  270.320765][ T8986] x_tables: ip_tables: osf match: only valid for protocol 6
[  270.387840][ T8921] batman_adv: batadv0: Adding interface: batadv_slave_0
[  270.423256][ T8921] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  270.479546][ T8921] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  270.509280][ T8921] batman_adv: batadv0: Adding interface: batadv_slave_1
[  270.520925][ T8921] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  271.426984][ T8921] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  271.527854][ T8999] loop9: detected capacity change from 0 to 1024
[  271.593274][ T8999] hfsplus: invalid btree flag
[  271.620204][ T8999] hfsplus: failed to load extents file
[  271.630905][ T8921] device hsr_slave_0 entered promiscuous mode
[  271.664455][ T8921] device hsr_slave_1 entered promiscuous mode
[  271.696540][ T9005] raw_sendmsg: syz.1.1291 forgot to set AF_INET. Fix it!
[  271.736220][ T8921] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  271.761143][ T8921] Cannot create hsr debugfs directory
[  273.386259][ T5604] Bluetooth: hci5: command 0x041b tx timeout
[  273.476289][ T9024] overlayfs: failed to clone upperpath
[  273.599407][ T9029] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=none:owns=io+mem
[  273.676009][ T9032] netlink: 'syz.1.1298': attribute type 6 has an invalid length.
[  273.728908][ T9029] loop3: detected capacity change from 0 to 8
[  274.235257][ T9029] SQUASHFS error: zlib decompression failed, data probably corrupt
[  274.558119][ T9029] SQUASHFS error: Failed to read block 0x9b: -5
[  274.565202][ T9029] SQUASHFS error: Unable to read metadata cache entry [99]
[  274.608258][ T9029] SQUASHFS error: Unable to read inode 0x127
[  275.740097][    T7] Bluetooth: hci5: command 0x040f tx timeout
[  277.458694][ T9091] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=none,decodes=none:owns=io+mem
[  277.508813][ T9091] loop9: detected capacity change from 0 to 8
[  277.576932][ T9091] SQUASHFS error: zlib decompression failed, data probably corrupt
[  277.616356][ T9091] SQUASHFS error: Failed to read block 0x9b: -5
[  277.630204][ T9091] SQUASHFS error: Unable to read metadata cache entry [99]
[  277.637734][ T9091] SQUASHFS error: Unable to read inode 0x127
[  277.839225][ T5604] Bluetooth: hci5: command 0x0419 tx timeout
[  278.707831][ T9119] loop3: detected capacity change from 0 to 256
[  278.911484][ T9126] fuse: Bad value for 'fd'
[  279.089178][ T9134] netlink: 1335 bytes leftover after parsing attributes in process `syz.1.1328'.
[  279.282803][ T9141] netlink: 'syz.0.1330': attribute type 6 has an invalid length.
[  279.419194][ T8921] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  279.645612][ T8921] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  279.924855][ T8921] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  280.168792][ T8921] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  280.176268][ T4255] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  280.424074][ T4255] usb 4-1: Using ep0 maxpacket: 32
[  280.522827][ T8921] 8021q: adding VLAN 0 to HW filter on device bond0
[  280.541536][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  280.548917][ T4255] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  280.556657][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  280.587640][ T8921] 8021q: adding VLAN 0 to HW filter on device team0
[  280.602641][ T4255] usb 4-1: config 0 has no interfaces?
[  280.608705][ T4255] usb 4-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00
[  280.626654][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  280.643112][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  280.654270][ T4255] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.676401][ T4255] usb 4-1: config 0 descriptor??
[  280.685790][ T3072] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.692974][ T3072] bridge0: port 1(bridge_slave_0) entered forwarding state
[  280.720957][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  280.748314][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  280.757998][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  280.768710][ T3072] bridge0: port 2(bridge_slave_1) entered blocking state
[  280.775874][ T3072] bridge0: port 2(bridge_slave_1) entered forwarding state
[  280.788796][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  280.811543][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  280.821732][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  280.835646][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  280.857111][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  280.866396][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  280.877608][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  280.887875][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  280.898368][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  280.916309][ T8921] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  280.928887][ T8921] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  280.953181][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  280.963781][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  280.974197][ T9133] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1326'.
[  280.986276][ T9133] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1326'.
[  281.011251][ T5604] usb 4-1: USB disconnect, device number 2
[  281.294324][ T9186] loop9: detected capacity change from 0 to 256
[  281.323578][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  281.332976][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  281.401793][ T8921] 8021q: adding VLAN 0 to HW filter on device batadv0
[  281.468909][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  281.499895][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  281.581391][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  281.602571][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  281.688105][ T8921] device veth0_vlan entered promiscuous mode
[  281.708623][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  281.748459][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  281.814558][ T8921] device veth1_vlan entered promiscuous mode
[  282.013402][ T6600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  282.049975][ T6600] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  282.338497][ T8921] device veth0_macvtap entered promiscuous mode
[  282.697686][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  282.714580][ T8921] device veth1_macvtap entered promiscuous mode
[  283.363094][ T9218] netlink: 'syz.9.1342': attribute type 6 has an invalid length.
[  283.560480][ T8921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  283.648650][ T8921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.659329][ T8921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  283.682606][ T8921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.783548][ T8921] batman_adv: batadv0: Interface activated: batadv_slave_0
[  283.807489][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  283.838250][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  283.897710][ T8921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  283.933533][ T8921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.049715][ T8921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.274284][ T8921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.443967][ T8921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.622866][ T8921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.767590][ T8921] batman_adv: batadv0: Interface activated: batadv_slave_1
[  284.895419][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  284.925943][ T3072] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  285.098822][ T9247] tipc: Started in network mode
[  285.121087][ T9247] tipc: Node identity 02c188e6a36f, cluster identity 4711
[  285.133846][ T9247] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  285.144417][ T8921] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  285.153928][ T8921] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  285.163190][ T8921] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  285.173273][ T8921] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  285.300006][ T9248] device syzkaller0 entered promiscuous mode
[  285.416626][ T9246] tipc: Resetting bearer <eth:syzkaller0>
[  285.502021][ T9246] tipc: Disabling bearer <eth:syzkaller0>
[  285.645956][ T6603] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  285.681224][ T9269] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1353'.
[  285.698085][ T6603] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  285.745655][ T9269] 8021q: adding VLAN 0 to HW filter on device bond1
[  285.799522][ T6603] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  285.840752][ T9273] 8021q: adding VLAN 0 to HW filter on device bond1
[  285.849775][ T9273] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  285.939163][ T9273] bond1: (slave vxcan3): Error -22 calling dev_set_mtu
[  286.017723][ T9269] device macvlan2 entered promiscuous mode
[  286.024141][ T9269] bond1: (slave macvlan2): Error -98 calling set_mac_address
[  286.102697][ T9084] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  286.153292][ T9084] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  286.234988][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  286.618087][ T9291] tmpfs: Bad value for 'mpol'
[  286.629515][ T9289] kvm: pic: non byte write
[  286.789597][ T9297] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1360'.
[  286.837871][ T9297] bridge0: port 2(bridge_slave_1) entered disabled state
[  286.845284][ T9297] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.030131][ T9302] loop9: detected capacity change from 0 to 512
[  287.371246][ T9302] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  287.452808][ T9302] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  289.018226][ T8475] EXT4-fs error (device loop9) in ext4_reserve_inode_write:5854: Out of memory
[  289.066799][ T8475] EXT4-fs error (device loop9): ext4_quota_off:6540: inode #3: comm syz-executor: mark_inode_dirty error
[  289.152400][ T8475] EXT4-fs error (device loop9) in ext4_reserve_inode_write:5854: Out of memory
[  289.224433][ T8475] EXT4-fs error (device loop9): ext4_quota_off:6540: inode #4: comm syz-executor: mark_inode_dirty error
[  289.440430][ T9349] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input6
[  289.845154][ T9375] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  290.164725][ T9380] loop2: detected capacity change from 0 to 40427
[  291.144203][ T9380] F2FS-fs (loop2): invalid crc value
[  291.176085][ T9380] F2FS-fs (loop2): Found nat_bits in checkpoint
[  291.223955][ T9380] F2FS-fs (loop2): Start checkpoint disabled!
[  291.257414][ T9380] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  291.919644][ T6600] attempt to access beyond end of device
[  291.919644][ T6600] loop2: rw=2049, want=40984, limit=40427
[  292.600363][ T9442] overlayfs: failed to clone upperpath
[  299.269135][ T9546] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1432'.
[  299.278435][ T9546] veth1_to_bridge: Caught tx_queue_len zero misconfig
[  299.285770][ T9546] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1432'.
[  299.880009][ T9571] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  299.996702][ T9572] loop2: detected capacity change from 0 to 4096
[  300.278001][ T9572] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512)
[  300.705762][ T9572] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  300.796101][ T9572] ntfs3: loop2: Failed to load $Extend.
[  300.877552][ T6603] tipc: Subscription rejected, illegal request
[  302.245503][ T9618] overlayfs: failed to clone upperpath
[  302.524283][    T7] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  302.588607][ T9637] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  302.874977][ T9646] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1449'.
[  302.884839][ T9646] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1449'.
[  302.897053][ T9646] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1449'.
[  302.908695][ T9646] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1449'.
[  303.755238][    T7] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  303.778608][    T7] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  304.590314][    T7] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  304.599907][    T7] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  304.611279][    T7] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  304.794973][    T7] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  304.814808][    T7] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  304.832680][    T7] usb 3-1: Product: syz
[  304.845594][    T7] usb 3-1: Manufacturer: syz
[  304.925517][    T7] cdc_wdm 3-1:1.0: skipping garbage
[  304.930882][    T7] cdc_wdm 3-1:1.0: skipping garbage
[  305.028522][ T9667] loop9: detected capacity change from 0 to 32768
[  305.072293][    T7] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  305.119580][    T7] cdc_wdm 3-1:1.0: Unknown control protocol
[  305.153932][ T9680] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1461'.
[  305.239357][ T9667] gfs2: fsid=ÔąrĐŰťđ_î
[  305.239357][ T9667] ˜b‚瀍ń§Ö]ęk;
.Ä ŒąOŽż˛ˆ:‚.Ł’t‹‰U§: Trying to join cluster "lock_nolock", "ÔąrĐŰťđ_î
[  305.239357][ T9667] ˜b‚瀍ń§Ö]ęk;
.Ä ŒąOŽż˛ˆ:‚.Ł’t‹‰U§"
[  305.261178][ T9667] gfs2: fsid=ÔąrĐŰťđ_î
[  305.261178][ T9667] ˜b‚瀍ń§Ö]ęk;
.Ä ŒąOŽż˛ˆ:‚.Ł’t‹‰U§: Now mounting FS (format 1801)...
[  305.330351][ T9667] gfs2: fsid=ÔąrĐŰťđ_î
[  305.330351][ T9667] ˜b‚瀍ń§Ö]ęk;
.Ä ŒąOŽż˛ˆ:‚.Ł’t‹‰U§.s: journal 0 mapped with 5 extents in 0ms
[  305.377660][ T9667] gfs2: fsid=ÔąrĐŰťđ_î
[  305.377660][ T9667] ˜b‚瀍ń§Ö]ęk;
.Ä ŒąOŽż˛ˆ:‚.Ł’t‹‰U§.s: first mount done, others may mount
[  305.467271][ T1326] usb 3-1: USB disconnect, device number 4
[  307.990303][ T9711] fuse: Bad value for 'fd'
[  310.157077][   T26] kauditd_printk_skb: 127 callbacks suppressed
[  310.157093][   T26] audit: type=1326 audit(2000001166.877:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bd769deb9 code=0x7ffc0000
[  310.291329][ T9752] loop9: detected capacity change from 0 to 256
[  310.301704][   T26] audit: type=1326 audit(2000001166.877:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bd769deb9 code=0x7ffc0000
[  310.387274][   T26] audit: type=1326 audit(2000001166.877:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bd769deb9 code=0x7ffc0000
[  310.452810][ T9758] device bond1 entered promiscuous mode
[  310.495043][ T9752] FAT-fs (loop9): Directory bread(block 64) failed
[  310.555300][ T9752] FAT-fs (loop9): Directory bread(block 65) failed
[  310.562165][   T26] audit: type=1326 audit(2000001166.877:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bd769deb9 code=0x7ffc0000
[  310.609345][ T9760] device bridge1 entered promiscuous mode
[  310.640758][ T9752] FAT-fs (loop9): Directory bread(block 66) failed
[  310.679536][ T9760] bond1: (slave bridge1): making interface the new active one
[  310.692819][ T9752] FAT-fs (loop9): Directory bread(block 67) failed
[  310.736934][ T9752] FAT-fs (loop9): Directory bread(block 68) failed
[  310.748797][ T9760] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  310.763685][   T26] audit: type=1326 audit(2000001166.877:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4bd769deb9 code=0x7ffc0000
[  310.799131][ T9752] FAT-fs (loop9): Directory bread(block 69) failed
[  310.841250][ T9752] FAT-fs (loop9): Directory bread(block 70) failed
[  310.876309][ T9752] FAT-fs (loop9): Directory bread(block 71) failed
[  310.900580][   T26] audit: type=1326 audit(2000001166.877:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bd769deb9 code=0x7ffc0000
[  310.950078][ T9752] FAT-fs (loop9): Directory bread(block 72) failed
[  310.989656][ T9752] FAT-fs (loop9): Directory bread(block 73) failed
[  311.111394][ T9781] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  311.130214][   T26] audit: type=1326 audit(2000001166.877:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bd769deb9 code=0x7ffc0000
[  311.188162][ T9781] batman_adv: batadv0: Removing interface: batadv_slave_1
[  311.218358][ T9752] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1480'.
[  311.368473][ T9781] bond2: (slave batadv_slave_1): Enslaving as a backup interface with an up link
[  311.393921][   T26] audit: type=1326 audit(2000001166.887:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bd769deb9 code=0x7ffc0000
[  311.416962][   T26] audit: type=1326 audit(2000001166.887:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bd769deb9 code=0x7ffc0000
[  311.440451][   T26] audit: type=1326 audit(2000001166.887:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4bd765e78e code=0x7ffc0000
[  311.587757][ T9792] loop2: detected capacity change from 0 to 16
[  311.708299][ T9792] erofs: (device loop2): mounted with root inode @ nid 36.
[  311.772178][ T9792] erofs: (device loop2): z_erofs_lz4_decompress: failed to decompress 1929 in[58, 4038] out[2639]
[  311.788108][ T9792] erofs: (device loop2): z_erofs_readpage: failed to read, err [-117]
[  312.895526][    C0] Dead loop on virtual device ipvlan1, fix it urgently!
[  313.817840][ T9810] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1497'.
[  314.524743][ T9831] netlink: 'syz.1.1501': attribute type 4 has an invalid length.
[  314.989623][ T9841] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(5)
[  314.996387][ T9841] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  315.139939][ T9841] vhci_hcd vhci_hcd.0: Device attached
[  315.944271][ T1326] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  316.024205][ T5604] usb 51-1: new low-speed USB device number 2 using vhci_hcd
[  316.314797][ T1326] usb 10-1: config 0 has no interfaces?
[  316.320971][ T1326] usb 10-1: New USB device found, idVendor=05ac, idProduct=0259, bcdDevice=f0.b2
[  316.351670][ T9817] loop2: detected capacity change from 0 to 32768
[  316.367183][ T9876] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1514'.
[  316.375357][ T1326] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  316.421956][ T1326] usb 10-1: config 0 descriptor??
[  316.422129][ T9876] device team1 entered promiscuous mode
[  316.692963][ T9817] JBD2: Ignoring recovery information on journal
[  316.706384][    T7] usb 10-1: USB disconnect, device number 2
[  316.716222][ T9843] vhci_hcd: connection closed
[  316.721101][ T6603] vhci_hcd: stop threads
[  316.761549][ T6603] vhci_hcd: release socket
[  316.771812][ T6603] vhci_hcd: disconnect device
[  316.787391][ T5604] vhci_hcd: vhci_device speed not set
[  317.593083][ T9817] JBD2: recovery failed
[  317.600803][ T9817] (syz.2.1498,9817,1):ocfs2_journal_load:1105 ERROR: Failed to load journal!
[  317.642293][ T9817] (syz.2.1498,9817,1):ocfs2_check_volume:2437 ERROR: ocfs2 journal load failed! -5
[  317.671377][ T9817] (syz.2.1498,9817,0):ocfs2_check_volume:2493 ERROR: status = -5
[  317.689871][ T9817] (syz.2.1498,9817,0):ocfs2_mount_volume:1824 ERROR: status = -5
[  317.758636][ T9817] (syz.2.1498,9817,0):ocfs2_fill_super:1177 ERROR: status = -5
[  318.035020][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  318.041457][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  318.329590][ T9913] netlink: 'syz.0.1521': attribute type 39 has an invalid length.
[  318.535192][ T9920] Bluetooth: hci0: service_discovery: too big uuid_count value 63764
[  318.570206][ T9910] crypto_alloc_aead failed rc=-2
[  319.010492][ T9931] loop3: detected capacity change from 0 to 1024
[  319.058703][ T9936] loop9: detected capacity change from 0 to 16
[  319.099100][ T9935] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1537'.
[  319.127126][ T9936] erofs: (device loop9): mounted with root inode @ nid 36.
[  319.170919][ T9935] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1537'.
[  319.471278][ T8671] hfsplus: walked past end of dir
[  319.518589][ T9950] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1532'.
[  319.533825][ T8671] hfsplus: xattr search failed
[  319.828356][ T9964] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1534'.
[  319.899116][ T9964] bond0: (slave bond_slave_1): Releasing backup interface
[  320.129813][ T9963] loop3: detected capacity change from 0 to 32768
[  320.256547][ T9963] gfs2: fsid=ÔąrĐŰťđ_î
[  320.256547][ T9963] ˜b‚瀍ń§Ö]ęk;
.Ä ŒąOŽż˛ˆ:‚.Ł’t‹‰U§: Trying to join cluster "lock_nolock", "ÔąrĐŰťđ_î
[  320.256547][ T9963] ˜b‚瀍ń§Ö]ęk;
.Ä ŒąOŽż˛ˆ:‚.Ł’t‹‰U§"
[  320.276643][ T9963] gfs2: fsid=ÔąrĐŰťđ_î
[  320.276643][ T9963] ˜b‚瀍ń§Ö]ęk;
.Ä ŒąOŽż˛ˆ:‚.Ł’t‹‰U§: Now mounting FS (format 1801)...
[  320.298387][ T9963] gfs2: fsid=ÔąrĐŰťđ_î
[  320.298387][ T9963] ˜b‚瀍ń§Ö]ęk;
.Ä ŒąOŽż˛ˆ:‚.Ł’t‹‰U§.s: journal 0 mapped with 5 extents in 0ms
[  320.420852][ T9977] loop9: detected capacity change from 0 to 256
[  320.451880][ T9963] gfs2: fsid=ÔąrĐŰťđ_î
[  320.451880][ T9963] ˜b‚瀍ń§Ö]ęk;
.Ä ŒąOŽż˛ˆ:‚.Ł’t‹‰U§.s: first mount done, others may mount
[  320.542085][ T9975] loop2: detected capacity change from 0 to 512
[  320.594171][ T9977] exFAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  320.629548][ T9975] EXT4-fs (loop2): Project quota feature not enabled. Cannot enable project quota enforcement.
[  320.665971][ T9977] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d)
[  320.852855][ T9983] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1539'.
[  321.610751][T10014] loop9: detected capacity change from 0 to 1024
[  321.788559][ T8475] hfsplus: walked past end of dir
[  321.866083][ T8475] hfsplus: xattr search failed
[  322.245315][ T9992] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.253135][ T9992] bridge0: port 1(bridge_slave_0) entered disabled state
[  324.556630][ T9992] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  325.132331][ T9992] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  325.147973][ T9992] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  325.157931][ T9992] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  325.169698][ T9992] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  325.261542][ T9996] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1542'.
[  325.420763][T10053] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1551'.
[  326.397459][T10072] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  326.476773][T10083] loop2: detected capacity change from 0 to 1764
[  326.587852][T10078] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  326.636592][T10083] input: syz0 as /devices/virtual/input/input7
[  326.702589][T10093] netlink: 'syz.0.1557': attribute type 2 has an invalid length.
[  328.045660][T10128] netlink: 'syz.0.1567': attribute type 3 has an invalid length.
[  328.066458][T10128] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1567'.
[  329.531325][T10144] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1572'.
[  329.562080][T10142] loop9: detected capacity change from 0 to 4096
[  330.722572][T10163] fuse: Bad value for 'fd'
[  331.783545][T10172] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  332.938507][T10200] loop2: detected capacity change from 0 to 1024
[  334.585213][T10200] EXT4-fs (loop2): Ignoring removed oldalloc option
[  334.603352][T10209] netlink: 'syz.0.1598': attribute type 1 has an invalid length.
[  334.647838][T10200] EXT4-fs (loop2): Ignoring removed bh option
[  334.719551][T10211] bond7: (slave gretap1): making interface the new active one
[  334.727808][T10200] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  334.806386][T10211] bond7: (slave gretap1): Enslaving as an active interface with an up link
[  334.868693][T10200] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,nobarrier,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  335.056690][   T26] kauditd_printk_skb: 58 callbacks suppressed
[  335.056711][   T26] audit: type=1804 audit(2000001191.777:265): pid=10200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1585" name="/newroot/38/file1/bus" dev="loop2" ino=18 res=1 errno=0
[  337.320516][T10257] loop3: detected capacity change from 0 to 1024
[  337.512435][T10257] hfsplus: invalid btree flag
[  337.548552][T10257] hfsplus: failed to load extents file
[  337.783510][T10257] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0
[  339.096018][T10287] loop9: detected capacity change from 0 to 1024
[  340.067103][T10287] EXT4-fs (loop9): Ignoring removed oldalloc option
[  340.114312][T10287] EXT4-fs (loop9): Ignoring removed bh option
[  340.145109][T10287] EXT4-fs (loop9): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  340.383831][T10287] EXT4-fs (loop9): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,nobarrier,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  340.559959][T10314] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1621'.
[  340.636418][   T26] audit: type=1804 audit(2000001197.357:266): pid=10287 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.9.1606" name="/newroot/87/file1/bus" dev="loop9" ino=18 res=1 errno=0
[  342.765757][T10337] loop9: detected capacity change from 0 to 1024
[  343.014549][T10337] EXT4-fs (loop9): Ignoring removed bh option
[  343.421584][T10337] EXT4-fs (loop9): mounted filesystem without journal. Opts: nodelalloc,dioread_lock,barrier=0x0000000000000004,nolazytime,debug_want_extra_isize=0x0000000000000080,lazytime,errors=remount-ro,stripe=0x0000000000000010,bh,init_itable,. Quota mode: none.
[  344.140771][T10357] EXT4-fs error (device loop9): ext4_find_dest_de:2115: inode #12: block 7: comm syz.9.1613: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0
[  344.270235][T10357] EXT4-fs (loop9): Remounting filesystem read-only
[  344.435386][ T4295] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  344.714814][ T8475] EXT4-fs error (device loop9): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /89/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  344.814475][ T4295] usb 4-1: config 0 has no interfaces?
[  344.826305][ T4295] usb 4-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[  344.977145][ T4295] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  345.151772][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  345.238463][ T4295] usb 4-1: config 0 descriptor??
[  345.488191][ T8475] EXT4-fs error (device loop9): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /89/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  345.654424][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  345.661396][ T8475] EXT4-fs error (device loop9): empty_inline_dir:1873: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0
[  345.696875][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  345.703841][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  345.719123][ T8475] EXT4-fs error (device loop9): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /89/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  345.742456][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  345.751574][ T4247] usb 4-1: USB disconnect, device number 3
[  345.752417][ T8475] EXT4-fs error (device loop9): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /89/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  345.780680][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  345.787777][ T8475] EXT4-fs error (device loop9): empty_inline_dir:1873: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0
[  345.809661][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  345.816769][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  345.833414][ T8475] EXT4-fs error (device loop9): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /89/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  345.924837][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  345.931667][ T8475] EXT4-fs error (device loop9): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /89/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  346.091114][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  346.114866][ T8475] EXT4-fs error (device loop9): empty_inline_dir:1873: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0
[  346.133619][T10382] device bridge0 entered promiscuous mode
[  346.173174][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  346.199769][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  346.230202][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  346.256160][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  346.280242][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  346.325553][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  346.354552][T10382] device macvtap1 entered promiscuous mode
[  346.379222][T10382] bridge0: port 1(macvtap1) entered blocking state
[  346.410116][T10382] bridge0: port 1(macvtap1) entered disabled state
[  346.419443][T10382] device bridge0 left promiscuous mode
[  346.445987][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  346.476576][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  347.409686][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  349.151658][ T8475] EXT4-fs error: 173 callbacks suppressed
[  349.151677][ T8475] EXT4-fs error (device loop9): empty_inline_dir:1873: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0
[  349.224943][ T8475] EXT4-fs error (device loop9): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /89/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  349.299321][ T8475] EXT4-fs: 174 callbacks suppressed
[  349.299338][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  349.332674][ T8475] EXT4-fs error (device loop9): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /89/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  349.413285][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  349.422371][ T8475] EXT4-fs error (device loop9): empty_inline_dir:1873: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0
[  349.451887][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  349.459785][ T8475] EXT4-fs error (device loop9): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /89/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  349.492856][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  349.503565][ T8475] EXT4-fs error (device loop9): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /89/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  349.557118][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  349.577343][ T8475] EXT4-fs error (device loop9): empty_inline_dir:1873: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0
[  349.642451][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  349.662864][ T8475] EXT4-fs error (device loop9): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /89/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  349.735371][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  349.742337][ T8475] EXT4-fs error (device loop9): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /89/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  349.774362][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  349.781280][ T8475] EXT4-fs error (device loop9): empty_inline_dir:1873: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0
[  349.802979][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  349.811600][ T8475] EXT4-fs (loop9): Remounting filesystem read-only
[  350.709977][ T8475] EXT4-fs warning: 79 callbacks suppressed
[  350.709999][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  350.741040][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  350.777543][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  350.793731][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  350.819427][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  350.844216][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  350.869094][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  350.896897][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  350.919175][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  350.944593][ T8475] EXT4-fs warning (device loop9): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  351.068664][ T1110] Bluetooth: hci3: command 0x0406 tx timeout
[  351.512543][ T9084] tipc: Left network mode
[  351.918375][T10449] loop3: detected capacity change from 0 to 1024
[  351.932117][T10448] device batadv_slave_0 entered promiscuous mode
[  351.943043][T10450] loop2: detected capacity change from 0 to 1024
[  352.053890][T10449] EXT4-fs (loop3): Ignoring removed bh option
[  352.104972][T10449] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodelalloc,dioread_lock,barrier=0x0000000000000004,nolazytime,debug_want_extra_isize=0x0000000000000080,lazytime,errors=remount-ro,stripe=0x0000000000000010,bh,init_itable,. Quota mode: none.
[  352.341850][ T3072] hfsplus: b-tree write err: -5, ino 8
[  353.361874][T10473] netlink: 1319 bytes leftover after parsing attributes in process `syz.0.1639'.
[  353.654775][ T8671] EXT4-fs error (device loop3): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /73/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  353.738818][ T8671] EXT4-fs (loop3): Remounting filesystem read-only
[  353.759284][ T9084] device hsr_slave_0 left promiscuous mode
[  353.794474][ T9084] device hsr_slave_1 left promiscuous mode
[  353.806237][ T8671] EXT4-fs error (device loop3): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /73/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  353.828638][T10484] fuse: Bad value for 'fd'
[  353.829746][T10484] fuse: Bad value for 'fd'
[  353.847381][ T9084] batman_adv: batadv0: Removing interface: batadv_slave_0
[  353.892441][ T9084] batman_adv: batadv0: Removing interface: batadv_slave_1
[  353.914799][ T8671] EXT4-fs (loop3): Remounting filesystem read-only
[  353.927175][ T8671] EXT4-fs error (device loop3): empty_inline_dir:1873: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0
[  353.953959][ T9084] device bridge_slave_1 left promiscuous mode
[  353.974256][ T9084] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.006979][ T8671] EXT4-fs (loop3): Remounting filesystem read-only
[  354.007117][ T9084] device bridge_slave_0 left promiscuous mode
[  354.020593][ T9084] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.029887][ T8671] EXT4-fs warning (device loop3): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  354.047211][ T8671] EXT4-fs error (device loop3): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /73/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  354.070553][ T8671] EXT4-fs (loop3): Remounting filesystem read-only
[  354.072779][ T9084] bond1 (unregistering): Released all slaves
[  354.094979][ T8671] EXT4-fs error (device loop3): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /73/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  354.124384][ T8671] EXT4-fs (loop3): Remounting filesystem read-only
[  354.147080][ T8671] EXT4-fs error (device loop3): empty_inline_dir:1873: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0
[  354.200891][ T8671] EXT4-fs (loop3): Remounting filesystem read-only
[  354.212973][ T8671] EXT4-fs warning (device loop3): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  354.238172][ T8671] EXT4-fs error (device loop3): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /73/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  354.272954][ T8671] EXT4-fs (loop3): Remounting filesystem read-only
[  354.281353][ T8671] EXT4-fs error (device loop3): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /73/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  354.315491][ T8671] EXT4-fs (loop3): Remounting filesystem read-only
[  354.322621][ T8671] EXT4-fs error (device loop3): empty_inline_dir:1873: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0
[  354.398607][ T8671] EXT4-fs (loop3): Remounting filesystem read-only
[  354.406593][ T8671] EXT4-fs warning (device loop3): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  354.423288][ T8671] EXT4-fs error (device loop3): ext4_read_inline_dir:1618: inode #12: block 7: comm syz-executor: path /73/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  354.449356][ T8671] EXT4-fs (loop3): Remounting filesystem read-only
[  354.474811][T10501] fuse: Bad value for 'fd'
[  354.493726][ T8671] EXT4-fs warning (device loop3): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  354.685778][ T8671] EXT4-fs warning (device loop3): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  354.751048][ T8671] EXT4-fs warning (device loop3): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  354.812420][ T8671] EXT4-fs warning (device loop3): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  354.979312][ T9084] team0 (unregistering): Port device team_slave_1 removed
[  355.023132][ T8671] EXT4-fs warning (device loop3): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  355.625812][ T9084] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  355.645981][ T8671] EXT4-fs warning (device loop3): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  355.663173][ T8671] EXT4-fs warning (device loop3): empty_inline_dir:1880: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  355.990184][ T9084] bond0 (unregistering): Released all slaves
[  356.018766][ T5601] Bluetooth: hci1: command 0x0409 tx timeout
[  356.798726][T10536] overlayfs: './file0' not a directory
[  356.890505][T10486] chnl_net:caif_netlink_parms(): no params data found
[  356.912991][T10525] orangefs_mount: mount request failed with -4
[  357.266216][T10486] bridge0: port 1(bridge_slave_0) entered blocking state
[  357.286276][T10486] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.294773][T10486] device bridge_slave_0 entered promiscuous mode
[  357.306184][T10486] bridge0: port 2(bridge_slave_1) entered blocking state
[  357.313493][T10486] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.324309][T10486] device bridge_slave_1 entered promiscuous mode
[  357.368575][T10486] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  357.384552][T10486] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  357.434426][T10544] loop2: detected capacity change from 0 to 8192
[  357.456755][T10486] team0: Port device team_slave_0 added
[  357.521001][T10486] team0: Port device team_slave_1 added
[  357.664992][T10486] batman_adv: batadv0: Adding interface: batadv_slave_0
[  357.723164][T10486] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  357.889626][T10486] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  357.959236][T10486] batman_adv: batadv0: Adding interface: batadv_slave_1
[  358.007122][T10486] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  358.094335][ T4192] Bluetooth: hci1: command 0x041b tx timeout
[  358.104825][T10486] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  358.153767][T10555] chnl_net:caif_netlink_parms(): no params data found
[  358.183840][T10576] netlink: 'syz.2.1661': attribute type 2 has an invalid length.
[  358.300260][T10486] device hsr_slave_0 entered promiscuous mode
[  358.324641][T10486] device hsr_slave_1 entered promiscuous mode
[  358.350203][T10486] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  358.386459][T10486] Cannot create hsr debugfs directory
[  359.361534][ T4192] Bluetooth: hci4: command 0x0409 tx timeout
[  359.383708][T10555] bridge0: port 1(bridge_slave_0) entered blocking state
[  359.396355][T10555] bridge0: port 1(bridge_slave_0) entered disabled state
[  359.412117][T10555] device bridge_slave_0 entered promiscuous mode
[  359.501412][T10555] bridge0: port 2(bridge_slave_1) entered blocking state
[  359.535324][T10555] bridge0: port 2(bridge_slave_1) entered disabled state
[  359.612386][T10555] device bridge_slave_1 entered promiscuous mode
[  360.019611][T10555] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  360.184511][ T5601] Bluetooth: hci1: command 0x040f tx timeout
[  360.248871][T10555] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  360.584955][T10555] team0: Port device team_slave_0 added
[  360.599396][T10555] team0: Port device team_slave_1 added
[  360.924496][T10555] batman_adv: batadv0: Adding interface: batadv_slave_0
[  360.931613][T10555] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  361.060270][T10555] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  361.134641][T10555] batman_adv: batadv0: Adding interface: batadv_slave_1
[  361.142240][T10555] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  361.324030][T10555] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  361.454550][ T4192] Bluetooth: hci4: command 0x041b tx timeout
[  361.520077][T10555] device hsr_slave_0 entered promiscuous mode
[  361.565732][T10555] device hsr_slave_1 entered promiscuous mode
[  361.595551][T10555] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  361.616438][T10555] Cannot create hsr debugfs directory
[  362.338786][ T1110] Bluetooth: hci1: command 0x0419 tx timeout
[  363.494530][T10642] team0: Device bond0 failed to register rx_handler
[  364.059941][T10486] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  364.186317][T10486] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  364.205097][T10664] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  364.243955][T10486] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  364.329402][T10486] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  364.597121][ T4192] Bluetooth: hci4: command 0x040f tx timeout
[  364.680445][T10674] pit: kvm: requested 20114 ns i8254 timer period limited to 200000 ns
[  364.795569][T10674] pit: kvm: requested 120685 ns i8254 timer period limited to 200000 ns
[  364.902258][T10674] pit: kvm: requested 5866 ns i8254 timer period limited to 200000 ns
[  364.911402][T10674] pit: kvm: requested 107276 ns i8254 timer period limited to 200000 ns
[  364.921737][T10674] pit: kvm: requested 12571 ns i8254 timer period limited to 200000 ns
[  364.973193][T10674] pit: kvm: requested 136609 ns i8254 timer period limited to 200000 ns
[  364.996439][T10674] pit: kvm: requested 130742 ns i8254 timer period limited to 200000 ns
[  365.024667][T10674] pit: kvm: requested 99733 ns i8254 timer period limited to 200000 ns
[  365.115874][T10686] netlink: 'syz.1.1676': attribute type 10 has an invalid length.
[  365.847769][T10486] 8021q: adding VLAN 0 to HW filter on device bond0
[  365.930410][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  365.942148][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  365.992696][T10486] 8021q: adding VLAN 0 to HW filter on device team0
[  366.047395][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  366.067811][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  366.095327][ T4573] bridge0: port 1(bridge_slave_0) entered blocking state
[  366.102837][ T4573] bridge0: port 1(bridge_slave_0) entered forwarding state
[  366.213017][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  366.250576][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  366.281071][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  366.321923][ T4573] bridge0: port 2(bridge_slave_1) entered blocking state
[  366.329206][ T4573] bridge0: port 2(bridge_slave_1) entered forwarding state
[  366.351327][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  366.378520][T10705] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  366.406388][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  366.420825][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  366.443605][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  366.499640][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  366.518731][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  366.549014][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  366.614210][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  366.633436][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  366.665435][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  366.677083][ T1326] Bluetooth: hci4: command 0x0419 tx timeout
[  366.717112][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  366.768733][T10555] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  366.803110][T10486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  366.830772][T10555] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  366.860963][T10555] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  366.883026][T10715] loop2: detected capacity change from 0 to 64
[  366.891635][T10555] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  367.459147][T10715] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  368.009279][T10728] lo speed is unknown, defaulting to 1000
[  368.015952][T10728] lo speed is unknown, defaulting to 1000
[  368.025820][T10728] lo speed is unknown, defaulting to 1000
[  368.039399][T10728] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  368.055338][T10728] infiniband syz: RDMA CMA: cma_listen_on_dev, error -98
[  368.095815][T10728] lo speed is unknown, defaulting to 1000
[  368.103930][T10728] lo speed is unknown, defaulting to 1000
[  368.114292][T10728] lo speed is unknown, defaulting to 1000
[  368.121502][T10728] lo speed is unknown, defaulting to 1000
[  368.130350][T10728] lo speed is unknown, defaulting to 1000
[  368.152131][T10729] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  368.166126][T10728] lo speed is unknown, defaulting to 1000
[  368.181284][T10728] lo speed is unknown, defaulting to 1000
[  368.193536][T10728] lo speed is unknown, defaulting to 1000
[  368.204157][T10728] lo speed is unknown, defaulting to 1000
[  368.355474][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  368.371505][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  368.423191][T10486] 8021q: adding VLAN 0 to HW filter on device batadv0
[  368.560567][T10744] 8021q: adding VLAN 0 to HW filter on device bond5
[  368.622270][T10555] 8021q: adding VLAN 0 to HW filter on device bond0
[  368.743448][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  368.757861][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  368.781111][T10555] 8021q: adding VLAN 0 to HW filter on device team0
[  368.822011][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  368.839772][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  368.872050][T10749] loop2: detected capacity change from 0 to 4096
[  368.874197][ T6598] bridge0: port 1(bridge_slave_0) entered blocking state
[  368.885598][ T6598] bridge0: port 1(bridge_slave_0) entered forwarding state
[  368.948098][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  368.961481][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  368.985548][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  369.014677][ T6598] bridge0: port 2(bridge_slave_1) entered blocking state
[  369.021896][ T6598] bridge0: port 2(bridge_slave_1) entered forwarding state
[  369.038714][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  369.095497][ T4573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  369.147454][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  369.160355][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  369.185865][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  369.250141][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  369.265332][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  369.285772][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  369.297402][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  369.331454][T10555] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  369.353357][T10555] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  369.399155][ T9084] device hsr_slave_0 left promiscuous mode
[  369.407031][ T9084] device hsr_slave_1 left promiscuous mode
[  369.417946][ T9084] batman_adv: batadv0: Removing interface: batadv_slave_0
[  369.428627][ T9084] device bridge_slave_1 left promiscuous mode
[  369.435761][ T9084] bridge0: port 2(bridge_slave_1) entered disabled state
[  369.445388][ T9084] device bridge_slave_0 left promiscuous mode
[  369.451925][ T9084] bridge0: port 1(bridge_slave_0) entered disabled state
[  369.476506][ T9084] bond2 (unregistering): (slave batadv_slave_1): Releasing backup interface
[  369.487415][ T9084] bond2 (unregistering): Released all slaves
[  369.505213][ T9084] bond1 (unregistering): (slave bridge1): Releasing active interface
[  369.568964][ T9084] bond1 (unregistering): Released all slaves
[  369.800814][ T9084] team0 (unregistering): Port device team_slave_1 removed
[  369.822396][ T9084] team0 (unregistering): Port device team_slave_0 removed
[  369.841282][ T9084] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  369.867442][ T9084] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  369.963433][ T9084] bond0 (unregistering): Released all slaves
[  370.011237][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  370.022280][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  370.035403][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  370.050440][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  370.066349][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  370.091950][T10486] device veth0_vlan entered promiscuous mode
[  370.126420][T10776] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1703'.
[  370.169069][T10782] netlink: 'syz.1.1705': attribute type 10 has an invalid length.
[  370.202049][T10782] team0: Port device dummy0 added
[  370.215849][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  370.238992][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  370.252725][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  370.261055][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  370.323679][T10486] device veth1_vlan entered promiscuous mode
[  371.055633][ T6600] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  371.143417][ T6600] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  371.201300][T10486] device veth0_macvtap entered promiscuous mode
[  371.238483][ T6600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  371.274318][ T6600] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  371.299731][T10486] device veth1_macvtap entered promiscuous mode
[  371.344537][T10799] device bridge_slave_1 left promiscuous mode
[  371.408149][T10799] bridge0: port 2(bridge_slave_1) entered disabled state
[  371.439488][T10799] device bridge_slave_0 left promiscuous mode
[  371.458002][T10799] bridge0: port 1(bridge_slave_0) entered disabled state
[  372.353171][ T6600] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  372.372677][ T6600] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  372.403597][T10486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.415173][T10486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.435968][T10486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.487535][T10486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.500773][T10486] batman_adv: batadv0: Interface activated: batadv_slave_0
[  372.509182][T10804] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  372.529161][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  372.549234][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  372.579622][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  372.604876][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  372.640630][T10555] 8021q: adding VLAN 0 to HW filter on device batadv0
[  372.676660][T10486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.704425][T10486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.726078][T10486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.751452][T10486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.763243][T10486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.777414][T10486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.791483][T10486] batman_adv: batadv0: Interface activated: batadv_slave_1
[  372.800481][T10818] Dead loop on virtual device ipvlan1, fix it urgently!
[  372.809162][T10486] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  372.819264][T10486] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  372.830883][T10486] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  372.840186][T10486] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  372.850771][T10818] Dead loop on virtual device ipvlan1, fix it urgently!
[  372.861696][T10818] Dead loop on virtual device ipvlan1, fix it urgently!
[  372.881953][T10814] device erspan0 entered promiscuous mode
[  372.929423][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  372.946794][ T6598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  373.055889][ T6603] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  373.084624][ T6603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  373.162578][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  373.191973][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  373.206907][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  373.221262][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  373.248333][ T6603] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.314940][T10830] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1717'.
[  373.355302][ T6603] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  373.568539][T10831] 9pnet: Insufficient options for proto=fd
[  374.078535][T10555] device veth0_vlan entered promiscuous mode
[  374.127849][ T6600] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  374.185488][T10834] device veth0 entered promiscuous mode
[  374.199358][T10555] device veth1_vlan entered promiscuous mode
[  374.318229][ T5240] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  374.359924][T10833] device veth0 left promiscuous mode
[  374.388508][ T5240] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  374.402469][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  374.516884][ T6603] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  374.893124][ T6603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  375.345902][T10555] device veth0_macvtap entered promiscuous mode
[  375.406848][T10555] device veth1_macvtap entered promiscuous mode
[  375.428264][T10844] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1722'.
[  375.561176][T10848] sock: sock_set_timeout: `syz.1.1723' (pid 10848) tries to set negative timeout
[  375.633321][T10555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  375.674664][T10555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  375.704399][T10555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  375.741471][T10555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  375.795710][T10861] xt_bpf: check failed: parse error
[  375.871297][T10555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  376.194454][T10555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.569640][T10555] batman_adv: batadv0: Interface activated: batadv_slave_0
[  376.583228][T10555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  376.628884][T10555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.698882][T10865] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  376.723064][T10555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  376.742191][T10555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.764531][T10555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  376.796787][T10555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.823430][T10555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  376.849651][T10555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.881451][T10555] batman_adv: batadv0: Interface activated: batadv_slave_1
[  376.899709][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  376.936458][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  376.996310][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  377.039028][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  377.079228][T10865] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  377.100367][T10555] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  377.150224][T10555] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  377.210621][T10555] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  377.242131][T10555] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  378.343936][ T5240] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  378.402365][ T5240] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  378.531215][ T6595] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  378.648978][ T6600] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  378.678293][ T6600] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  378.771014][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  379.458577][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  379.465024][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  379.850219][T10927] 8021q: adding VLAN 0 to HW filter on device bond0
[  379.927112][T10933] tipc: Can't bind to reserved service type 0
[  379.935110][T10927] team0: Port device bond0 added
[  380.653834][T10953] loop3: detected capacity change from 0 to 1024
[  380.712812][T10953] EXT4-fs (loop3): Ignoring removed bh option
[  380.947887][T10953] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[  381.526386][T10953] EXT4-fs (loop3): mounted filesystem without journal. Opts: discard,bh,nomblk_io_submit,,errors=continue. Quota mode: writeback.
[  382.687933][T10953] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1748'.
[  383.453346][T11002] VFS: Mount too revealing
[  383.483624][T11002] VFS: Mount too revealing
[  385.750429][T11033] 8021q: adding VLAN 0 to HW filter on device bond1
[  385.875836][T11040] netlink: 'syz.1.1769': attribute type 4 has an invalid length.
[  385.922673][T11039] bond1: (slave ip6gretap1): making interface the new active one
[  385.970420][T11039] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  386.039234][T11042] netlink: 'syz.1.1769': attribute type 4 has an invalid length.
[  386.185383][ T5604] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  386.235296][ T4248] lo speed is unknown, defaulting to 1000
[  386.257855][T11037] lo speed is unknown, defaulting to 1000
[  386.504968][ T5604] usb 3-1: Using ep0 maxpacket: 32
[  386.667626][ T5604] usb 3-1: unable to get BOS descriptor or descriptor too short
[  386.754236][ T5604] usb 3-1: config 3 has an invalid interface number: 217 but max is 0
[  386.885121][ T5604] usb 3-1: config 3 contains an unexpected descriptor of type 0x1, skipping
[  386.933034][ T5604] usb 3-1: config 3 has no interface number 0
[  387.874720][ T5604] usb 3-1: config 3 interface 217 altsetting 9 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  387.934248][ T5604] usb 3-1: config 3 interface 217 altsetting 9 has an invalid endpoint with address 0x0, skipping
[  387.990200][ T5604] usb 3-1: config 3 interface 217 altsetting 9 endpoint 0xB has invalid maxpacket 1024, setting to 64
[  388.026605][ T5604] usb 3-1: config 3 interface 217 altsetting 9 has a duplicate endpoint with address 0x9, skipping
[  388.078788][ T5604] usb 3-1: config 3 interface 217 altsetting 9 has a duplicate endpoint with address 0x7, skipping
[  388.120130][ T5604] usb 3-1: config 3 interface 217 altsetting 9 has a duplicate endpoint with address 0xE, skipping
[  388.155975][ T5604] usb 3-1: config 3 interface 217 altsetting 9 has an invalid endpoint with address 0x0, skipping
[  388.195661][ T5604] usb 3-1: config 3 interface 217 has no altsetting 0
[  388.481815][T11081] netlink: 'syz.3.1774': attribute type 1 has an invalid length.
[  388.560992][ T5604] usb 3-1: string descriptor 0 read error: -71
[  388.594218][ T5604] usb 3-1: New USB device found, idVendor=bb56, idProduct=d636, bcdDevice=b4.60
[  388.651692][ T5604] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  388.752675][ T5604] usb 3-1: can't set config #3, error -71
[  388.768487][ T5604] usb 3-1: USB disconnect, device number 5
[  389.168653][T11104] loop2: detected capacity change from 0 to 1024
[  389.407989][T11104] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback.
[  389.465864][T11113] block device autoloading is deprecated and will be removed.
[  389.529528][   T26] audit: type=1800 audit(2000001246.247:267): pid=11104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1781" name="bus" dev="loop2" ino=18 res=0 errno=0
[  389.632221][T11104] EXT4-fs (loop2): discard request in group:0 block:11 count:336 failed with -1
[  389.785475][ T8921] EXT4-fs (loop2): discard request in group:0 block:4 count:16 failed with -1
[  389.852703][ T8921] EXT4-fs warning (device loop2): empty_inline_dir:1862: bad inline directory (dir #12) - no `..'
[  389.927966][ T8921] EXT4-fs warning (device loop2): empty_inline_dir:1862: bad inline directory (dir #12) - no `..'
[  389.964767][ T8921] EXT4-fs warning (device loop2): empty_inline_dir:1862: bad inline directory (dir #12) - no `..'
[  390.012343][ T8921] EXT4-fs warning (device loop2): empty_inline_dir:1862: bad inline directory (dir #12) - no `..'
[  390.060023][ T8921] EXT4-fs warning (device loop2): empty_inline_dir:1862: bad inline directory (dir #12) - no `..'
[  390.230025][ T8921] EXT4-fs warning (device loop2): empty_inline_dir:1862: bad inline directory (dir #12) - no `..'
[  390.262467][ T8921] EXT4-fs warning (device loop2): empty_inline_dir:1862: bad inline directory (dir #12) - no `..'
[  391.009717][ T8921] EXT4-fs warning (device loop2): empty_inline_dir:1862: bad inline directory (dir #12) - no `..'
[  391.077635][ T8921] EXT4-fs warning (device loop2): empty_inline_dir:1862: bad inline directory (dir #12) - no `..'
[  391.145420][ T8921] EXT4-fs warning (device loop2): empty_inline_dir:1862: bad inline directory (dir #12) - no `..'
[  392.108660][ T6600] Trying to write to read-only block-device loop2
[  392.117328][ T8921] Trying to write to read-only block-device loop2
[  392.138989][ T6600] Trying to write to read-only block-device loop2
[  392.153615][ T8921] Trying to write to read-only block-device loop2
[  392.232362][ T6600] Trying to write to read-only block-device loop2
[  392.248481][ T8921] Trying to write to read-only block-device loop2
[  392.335738][ T8921] Trying to write to read-only block-device loop2
[  392.342812][ T6600] Trying to write to read-only block-device loop2
[  392.351908][ T6600] Trying to write to read-only block-device loop2
[  392.358748][ T6600] Trying to write to read-only block-device loop2
[  392.794738][ T1326] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  393.084467][ T1326] usb 7-1: Using ep0 maxpacket: 16
[  393.374266][ T1326] usb 7-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  393.378386][T11180] ubi31: attaching mtd0
[  393.414073][ T1326] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  393.452725][ T1326] usb 7-1: Product: syz
[  393.474165][ T1326] usb 7-1: Manufacturer: syz
[  393.499273][ T1326] usb 7-1: SerialNumber: syz
[  393.515489][T11180] ubi31 error: ubi_attach_mtd_dev: bad VID header (167772160) or data offsets (167772224)
[  393.551549][ T1326] usb 7-1: config 0 descriptor??
[  393.731175][T11205] lo speed is unknown, defaulting to 1000
[  394.064927][ T1326] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  394.113196][ T1326] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  394.163180][T11219] loop3: detected capacity change from 0 to 256
[  394.176115][ T1326] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  394.187955][ T1326] usb 7-1: media controller created
[  394.250714][ T1326] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  394.290276][T11219] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  394.564632][ T1326] zl10353_read_register: readreg error (reg=127, ret==0)
[  395.455918][ T1326] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  395.459550][T11215] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1803'.
[  395.524463][ T1326] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  395.694869][ T6665] Bluetooth: hci5: command 0x0409 tx timeout
[  395.713896][ T1326] usb 7-1: USB disconnect, device number 6
[  396.334469][T11215] bond0: (slave bridge0): Releasing backup interface
[  396.354444][ T1326] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  397.811400][ T4247] Bluetooth: hci5: command 0x041b tx timeout
[  397.865096][T11205] chnl_net:caif_netlink_parms(): no params data found
[  399.901640][ T1107] Bluetooth: hci5: command 0x040f tx timeout
[  399.982790][T11205] bridge0: port 1(bridge_slave_0) entered blocking state
[  400.267986][T11205] bridge0: port 1(bridge_slave_0) entered disabled state
[  400.931063][T11205] device bridge_slave_0 entered promiscuous mode
[  400.941885][T11205] bridge0: port 2(bridge_slave_1) entered blocking state
[  400.949273][T11205] bridge0: port 2(bridge_slave_1) entered disabled state
[  400.958092][T11205] device bridge_slave_1 entered promiscuous mode
[  400.983594][T11205] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  401.287243][T11205] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  402.400201][ T6665] Bluetooth: hci5: command 0x0419 tx timeout
[  402.535388][T11205] team0: Port device team_slave_0 added
[  402.615064][T11205] team0: Port device team_slave_1 added
[  402.734523][T11205] batman_adv: batadv0: Adding interface: batadv_slave_0
[  402.782648][T11205] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  403.844652][T11205] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  405.508449][T11205] batman_adv: batadv0: Adding interface: batadv_slave_1
[  406.038027][T11205] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  406.301699][T11205] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  406.341095][ T9084] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  407.144062][ T9084] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  407.187519][T11322] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1827'.
[  407.470647][ T9084] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  407.504645][ T9084] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.364734][T11205] device hsr_slave_0 entered promiscuous mode
[  408.404532][T11205] device hsr_slave_1 entered promiscuous mode
[  408.437891][T11205] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  408.534549][T11205] Cannot create hsr debugfs directory
[  408.556500][ T9084] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  408.568050][ T9084] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  409.789802][ T9084] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  409.831254][ T9084] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.223386][T11352] overlayfs: failed to get index nlink (file1/file0, err=-61)
[  410.385437][T11205] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.466098][ T9084] tipc: Left network mode
[  411.646623][T11205] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.965416][T11205] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  415.294678][   T27] INFO: task syz-executor:8082 blocked for more than 143 seconds.
[  415.302739][   T27]       Not tainted syzkaller #0
[  415.328378][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  415.357269][   T27] task:syz-executor    state:D stack:21200 pid: 8082 ppid:     1 flags:0x00004004
[  415.402525][   T27] Call Trace:
[  415.415477][   T27]  <TASK>
[  415.426277][   T27]  __schedule+0x11ef/0x43c0
[  415.443559][   T27]  ? verify_lock_unused+0x140/0x140
[  415.468529][   T27]  ? mark_lock+0x94/0x320
[  415.490641][   T27]  ? release_firmware_map_entry+0x190/0x190
[  415.496854][   T27]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  415.502904][   T27]  ? lock_chain_count+0x20/0x20
[  415.514737][   T27]  ? _raw_spin_lock_irq+0xb7/0xf0
[  415.524462][   T27]  schedule+0x11b/0x1e0
[  415.532393][   T27]  io_schedule+0x7c/0xd0
[  415.552792][   T27]  wait_on_page_bit_common+0x83b/0xe50
[  415.568337][   T27]  ? wait_on_page_bit+0x50/0x50
[  415.573334][   T27]  ? rcu_lock_release+0x20/0x20
[  415.721642][   T27]  truncate_inode_pages_range+0xa24/0xfe0
[  415.799011][   T27]  ? invalidate_inode_page+0x360/0x360
[  415.918101][   T27]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  416.178367][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[  416.198081][   T27]  ? lockdep_hardirqs_on+0x94/0x140
[  416.229245][   T27]  evict+0x4dc/0x8d0
[  416.244705][   T27]  ? proc_nr_inodes+0x320/0x320
[  416.263258][   T27]  ? do_raw_spin_unlock+0x11d/0x230
[  416.288498][   T27]  evict_inodes+0x60c/0x6a0
[  416.309139][   T27]  ? __dentry_kill+0x530/0x650
[  416.324783][   T27]  ? clear_inode+0x150/0x150
[  416.329576][   T27]  generic_shutdown_super+0x93/0x300
[  416.334996][   T27]  kill_block_super+0x7c/0xe0
[  416.339848][   T27]  deactivate_locked_super+0x93/0xf0
[  416.354040][   T27]  cleanup_mnt+0x42d/0x4e0
[  416.358544][   T27]  ? lockdep_hardirqs_on+0x94/0x140
[  416.363888][   T27]  task_work_run+0x125/0x1a0
[  416.383998][   T27]  exit_to_user_mode_loop+0x10f/0x130
[  416.389472][   T27]  exit_to_user_mode_prepare+0xee/0x180
[  416.399640][   T27]  syscall_exit_to_user_mode+0x16/0x40
[  416.405229][   T27]  do_syscall_64+0x58/0xa0
[  416.409684][   T27]  ? clear_bhb_loop+0x30/0x80
[  416.432768][   T27]  ? clear_bhb_loop+0x30/0x80
[  416.437599][   T27]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  416.443724][   T27] RIP: 0033:0x7fd576c87117
[  416.461166][   T27] RSP: 002b:00007ffea70e3f58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  416.483400][   T27] RAX: 0000000000000000 RBX: 00007fd576cef71f RCX: 00007fd576c87117
[  416.500207][   T27] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffea70e4010
[  416.520593][   T27] RBP: 00007ffea70e4010 R08: 00007ffea70e5010 R09: 00000000ffffffff
[  416.537923][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffea70e50a0
[  416.555319][   T27] R13: 00007fd576cef71f R14: 000000000003d722 R15: 00007ffea70e50e0
[  416.575845][   T27]  </TASK>
[  416.583541][   T27] 
[  416.583541][   T27] Showing all locks held in the system:
[  416.593428][T11205] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.604927][   T27] 1 lock held by khungtaskd/27:
[  416.604972][   T27]  #0: ffffffff8c31eaa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30
[  416.605092][   T27] 2 locks held by getty/3950:
[  416.605106][   T27]  #0: ffff88814c6c5098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  416.605166][   T27]  #1: ffffc90002cf62e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x5df/0x1a70
[  416.605229][   T27] 2 locks held by kworker/1:3/4234:
[  416.605243][   T27]  #0: ffff888016c72138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x761/0x1010
[  416.605303][   T27]  #1: ffffc900030afd00 ((work_completion)(&rew.rew_work)){+.+.}-{0:0}, at: process_one_work+0x79f/0x1010
[  416.605365][   T27] 3 locks held by kworker/1:4/4247:
[  416.605377][   T27]  #0: ffff888016c70938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x761/0x1010
[  416.605435][   T27]  #1: ffffc9000318fd00 (xfrm_state_gc_work){+.+.}-{0:0}, at: process_one_work+0x79f/0x1010
[  416.605493][   T27]  #2: ffffffff8c323528 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x3a5/0x750
[  416.605557][   T27] 3 locks held by kworker/0:7/5601:
[  416.605570][   T27]  #0: ffff888016c70938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x761/0x1010
[  416.605629][   T27]  #1: ffffc9000357fd00 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_one_work+0x79f/0x1010
[  416.605690][   T27]  #2: ffff8880613d8400 (&nsim_dev->port_list_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x56/0xb40
[  416.605754][   T27] 2 locks held by kworker/u4:14/6603:
[  416.605771][   T27] 1 lock held by syz-executor/8082:
[  416.605784][   T27]  #0: ffff888078e540e0 (&type->s_umount_key#56){+.+.}-{3:3}, at: deactivate_super+0xa0/0xd0
[  416.605854][   T27] 4 locks held by kworker/u4:16/9084:
[  416.605867][   T27]  #0: ffff888016dcd938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x761/0x1010
[  416.605926][   T27]  #1: ffffc90004dafd00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x79f/0x1010
[  417.034344][   T27]  #2: ffffffff8d4308d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x148/0xba0
[  417.043896][   T27]  #3: ffffffff8c323528 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x3a5/0x750
[  417.064546][   T27] 7 locks held by syz-executor/11205:
[  417.069986][   T27]  #0: ffff88807f0a2460 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x295/0xd60
[  417.089652][   T27]  #1: ffff88807d742c88 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1e5/0x4c0
[  417.099663][   T27]  #2: ffff888148036748 (kn->active#284){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x208/0x4c0
[  417.110773][   T27]  #3: ffffffff8cd79ca8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xd3/0x3a0
[  417.121522][   T27]  #4: ffff8880613de178 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xb0/0x750
[  417.138062][   T27]  #5: ffff8880613d8400 (&nsim_dev->port_list_lock){+.+.}-{3:3}, at: nsim_dev_reload_destroy+0x115/0x240
[  417.164564][   T27]  #6: ffffffff8d43c548 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x3b/0x150
[  417.183902][   T27] 1 lock held by syz.0.1845/11396:
[  417.194428][   T27]  #0: ffffffff8d43c548 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x7ee/0xf30
[  417.214214][   T27] 1 lock held by syz.3.1844/11397:
[  417.224169][   T27]  #0: ffffffff8d43c548 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3d/0x1b0
[  417.243449][   T27] 1 lock held by syz.3.1844/11401:
[  417.255091][   T27]  #0: ffffffff8d43c548 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x534/0xe30
[  417.264206][   T27] 1 lock held by syz.3.1844/11402:
[  417.269644][   T27]  #0: ffffffff8d43c548 (rtnl_mutex){+.+.}-{3:3}, at: __netlink_dump_start+0x11f/0x700
[  417.280140][   T27] 
[  417.292117][   T27] =============================================
[  417.292117][   T27] 
[  417.334067][   T27] NMI backtrace for cpu 0
[  417.338504][   T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0
[  417.345822][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  417.356005][   T27] Call Trace:
[  417.359323][   T27]  <TASK>
[  417.362376][   T27]  dump_stack_lvl+0x188/0x250
[  417.367104][   T27]  ? show_regs_print_info+0x20/0x20
[  417.372347][   T27]  ? load_image+0x400/0x400
[  417.376891][   T27]  ? tick_nohz_tick_stopped+0x7b/0xb0
[  417.382417][   T27]  ? nmi_cpu_backtrace+0x1b2/0x3d0
[  417.387583][   T27]  nmi_cpu_backtrace+0x3a2/0x3d0
[  417.392558][   T27]  ? nmi_trigger_cpumask_backtrace+0x280/0x280
[  417.398752][   T27]  ? _printk+0xda/0x130
[  417.403030][   T27]  ? load_image+0x400/0x400
[  417.407600][   T27]  ? load_image+0x400/0x400
[  417.412233][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  417.418435][   T27]  nmi_trigger_cpumask_backtrace+0x163/0x280
[  417.424458][   T27]  watchdog+0xe0f/0xe50
[  417.428747][   T27]  kthread+0x436/0x520
[  417.432852][   T27]  ? hungtask_pm_notify+0x40/0x40
[  417.437924][   T27]  ? kthread_blkcg+0xd0/0xd0
[  417.442556][   T27]  ret_from_fork+0x1f/0x30
[  417.447022][   T27]  </TASK>
[  417.451259][   T27] Sending NMI from CPU 0 to CPUs 1:
[  417.456847][    C1] NMI backtrace for cpu 1
[  417.456859][    C1] CPU: 1 PID: 4573 Comm: kworker/u4:7 Not tainted syzkaller #0
[  417.456879][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  417.456890][    C1] Workqueue: phy20 ieee80211_iface_work
[  417.456916][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60
[  417.456936][    C1] Code: 66 2e 0f 1f 84 00 00 00 00 00 53 48 89 fb e8 17 00 00 00 48 8b 3d 40 bb 10 0c 48 89 de 5b e9 77 3a 44 00 00 00 cc cc 00 00 cc <48> 8b 04 24 65 48 8b 0d 14 50 89 7e 65 8b 15 15 50 89 7e 81 e2 00
[  417.456950][    C1] RSP: 0018:ffffc9000334f8f0 EFLAGS: 00000206
[  417.456969][    C1] RAX: ffffffff8950b7b2 RBX: 0000000000000005 RCX: ffff8880296c9dc0
[  417.456982][    C1] RDX: 0000000000000000 RSI: 000000000000021c RDI: 000000000000005a
[  417.456992][    C1] RBP: 000000000000005a R08: ffffffff8d89d8af R09: 1ffffffff1b13b15
[  417.457003][    C1] R10: dffffc0000000000 R11: fffffbfff1b13b16 R12: 000000000000000b
[  417.457015][    C1] R13: 000000000000021c R14: dffffc0000000000 R15: ffff888061d0b350
[  417.457027][    C1] FS:  0000000000000000(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[  417.457040][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  417.457058][    C1] CR2: 00007f7de4549eb8 CR3: 00000000725d6000 CR4: 00000000003506e0
[  417.457072][    C1] Call Trace:
[  417.457077][    C1]  <TASK>
[  417.457082][    C1]  ieee80211_sta_get_rates+0x39b/0x6b0
[  417.457107][    C1]  ieee80211_ibss_rx_queued_mgmt+0xf5f/0x2ab0
[  417.457137][    C1]  ? ieee80211_ibss_rx_no_sta+0x730/0x730
[  417.457153][    C1]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  417.457187][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  417.457212][    C1]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  417.457238][    C1]  ? _raw_spin_unlock+0x40/0x40
[  417.457255][    C1]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  417.457280][    C1]  ? kcov_remote_start+0xea/0x4a0
[  417.457297][    C1]  ieee80211_iface_work+0x70e/0xc60
[  417.457319][    C1]  process_one_work+0x85f/0x1010
[  417.457344][    C1]  ? worker_detach_from_pool+0x240/0x240
[  417.457361][    C1]  ? lockdep_hardirqs_off+0x70/0x100
[  417.457379][    C1]  ? _raw_spin_lock_irq+0xb7/0xf0
[  417.457397][    C1]  ? _raw_spin_lock_irqsave+0x100/0x100
[  417.457418][    C1]  ? wq_worker_running+0x97/0x170
[  417.457435][    C1]  worker_thread+0xaa6/0x1290
[  417.457457][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  417.457474][    C1]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  417.457499][    C1]  kthread+0x436/0x520
[  417.457514][    C1]  ? rcu_lock_release+0x20/0x20
[  417.457529][    C1]  ? kthread_blkcg+0xd0/0xd0
[  417.457545][    C1]  ret_from_fork+0x1f/0x30
[  417.457570][    C1]  </TASK>
[  417.727164][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[  417.734074][   T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0
[  417.741318][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  417.751597][   T27] Call Trace:
[  417.752603][T11401] device syzkaller0 entered promiscuous mode
[  417.754912][   T27]  <TASK>
[  417.754922][   T27]  dump_stack_lvl+0x188/0x250
[  417.754963][   T27]  ? show_regs_print_info+0x20/0x20
[  417.754986][   T27]  ? load_image+0x400/0x400
[  417.755021][   T27]  panic+0x2e5/0x810
[  417.755042][   T27]  ? schedule_preempt_disabled+0x20/0x20
[  417.755068][   T27]  ? bpf_jit_dump+0xd0/0xd0
[  417.792675][   T27]  ? __irq_work_queue_local+0x12c/0x190
[  417.798279][   T27]  ? nmi_trigger_cpumask_backtrace+0x260/0x280
[  417.804611][   T27]  watchdog+0xe4e/0xe50
[  417.808815][   T27]  kthread+0x436/0x520
[  417.812923][   T27]  ? hungtask_pm_notify+0x40/0x40
[  417.818106][   T27]  ? kthread_blkcg+0xd0/0xd0
[  417.822769][   T27]  ret_from_fork+0x1f/0x30
[  417.827261][   T27]  </TASK>
[  417.830572][   T27] Kernel Offset: disabled
[  417.835022][   T27] Rebooting in 86400 seconds..