last executing test programs:

4m10.460041869s ago: executing program 32 (id=31):
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
r1 = syz_clone(0x81248080, 0x0, 0x4c, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
wait4(r1, 0x0, 0x2, 0x0)
syz_clone3(&(0x7f0000005140)={0x800000, 0x0, 0x0, 0x0, {0x22}, 0x0, 0x0, 0x0, &(0x7f0000005100)}, 0x58)

4m2.458777488s ago: executing program 33 (id=53):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee6, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getdents64(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0)
read$FUSE(r3, &(0x7f0000000540)={0x2020}, 0xfffffccf)

3m47.915912176s ago: executing program 34 (id=97):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x1c, &(0x7f0000000080)="f280", 0x2)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000050, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x60, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3m29.607721719s ago: executing program 7 (id=185):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901)
newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/custom1\x00', 0x0, 0x0)

3m29.146380696s ago: executing program 7 (id=189):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x1b, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0xb}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x700}, {0x85, 0x0, 0x0, 0x86}}, {}, [@jmp={0x5, 0x1, 0xb, 0xa, 0x0, 0x6}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x9}, @jmp={0x5, 0x0, 0xb, 0x0, 0x0, 0xfffffffffffffff4, 0x10}, @printk={@lx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x2a}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x1000, &(0x7f0000000cc0)=""/4096, 0x41100, 0x27}, 0x94)

3m28.678108745s ago: executing program 7 (id=193):
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x44, 0x2, 0x3, 0x301, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0x6, 0x1}}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x5, 0x1}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x7}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x11}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_CT_DIRECTION={0x5, 0x3, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x80}, 0x1, 0x0, 0x0, 0x840}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1008413, &(0x7f0000000000)={[{@noblock_validity}, {@barrier}]}, 0x0, 0x517, &(0x7f00000000c0)="$eJzs3c9vG1kdAPDvOHG2adJNFjjASuwu7KK0gtrJRrsb7WEpEoJTJaDcS0icKIoTV7HTNlFFU/EHICEESJzgwgWJPwAJVeLCESFVgjMIEAhBCweQoINsj5PUsZPQunaafD7SZN4Pj7/vOZnxvJnJTABn1pVsepym6aWImMjKc1n5J+uZnYg3IuLRwzsL9SmJNL32tySSrKz1XmnDSzHWXKThK1+M+HpyMG51a3t1vlwubWT5Ym3tRrG6tX15ZW1+ubRcWp+dnXl37r25d+amn6V7S2NZ4kJEfPD5P333Wz/+wgc//8yt31//y8VvJM02323vx/9n+NDa5ueZj3Nti2w8XbATaXh/YvR4y9zb+xMBAKCP6vulH8r28y/FRAwdsT8LAAAAvHjSz47Hf5LWubsDRrqUAwAAAC+QXESMR5IrZNf8jkcuVyhE4xrej8T5XLlSrX16qbK5vlivi5iMfG5ppVyazq5tnYx8Us/PNNJ7+bfb8rMR8UpEfGditJEvLFTKi4M++AEAAABnxFjb+P+fE83xPwAAAHDKTA66AQAAAMBzZ/wPAAAAp5/xPwAAAJxqX7p6tT6lredfL97c2lyt3Ly8WKquFtY2FwoLlY0bheVKZblxz761Q99s99GB65u3i7VStVasbm1fX6tsrteurzz5CGwAAACgf155/f5vk4jYeX80Rt8fbZSN7Kv/d/acgIE1EHhudg/ZRZLNRw6+6HcvN+d/7FOjgL4YGnQDgIEZHnQDgIHJD7oBwMAlR9R3vXjnV9n8E71tDwAA0HtTH9s7/7/Tdv4/d+iSO4dXAyeelRjOLuf/4exqnP/vcMlfR3YW4FTJ2wOAM++Zz/8fyf8QAQDAoI03piRXyA7vjUcuVyhEXGg8FiCfLK2US9MR8XJE/GYi/1I9P9NYMjlyzAAAAAAAAAAAAAAAAAAAAAAAAAAANKVpEikAAABwqkXk/pz8onkv/6mJt8bbjw+MJP+aiOwRobd+cO17t+drtY2Zevnfd8tr38/K3x7EEQwAAACgXWuc3hrHAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAvPXp4Z6E19TPuXz8XEZOd4g/Hucb8XOQj4vw/khjet1wSEUM9iL9zLyI+2il+Um/WbshO8Ueff/yYzD6FTvHHehAfzrL79e3PlU7rXy7eaMw7r3/DEU/kn1b37V/sbv+Guqz/F44Z49UHPy12jX8v4tXhztufVvykS/w3jxn/a1/d3u5Wl/4wYqrj90/yRKxibe1Gsbq1fXllbX65tFxan52deXfuvbl35qaLSyvlUvazY4xvf/xnjw/r//ku8SeP6P9bx+z/fx/cfvjhZjLfKf7FNzvE/+WPslccjJ/Lvvs+laXr9VOt9E4zvd9rP/n1a4f1f7FL/4/6/V88Zv8vffmbfzjmSwGAPqhuba/Ol8uljVObqI/ST0AzJE5g4u7Bqtej61JJcvgbpmma1tepZ2hY0j16fxLJbsmgt0wAAECv7e39D7olAAAAAAAAAAAAAAAAAAAAcHb1475i7TF3dlNJL26hDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQE/8LAAD//zea6Cs=")

3m27.949110334s ago: executing program 35 (id=193):
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x44, 0x2, 0x3, 0x301, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0x6, 0x1}}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x5, 0x1}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x7}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x11}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_CT_DIRECTION={0x5, 0x3, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x80}, 0x1, 0x0, 0x0, 0x840}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1008413, &(0x7f0000000000)={[{@noblock_validity}, {@barrier}]}, 0x0, 0x517, &(0x7f00000000c0)="$eJzs3c9vG1kdAPDvOHG2adJNFjjASuwu7KK0gtrJRrsb7WEpEoJTJaDcS0icKIoTV7HTNlFFU/EHICEESJzgwgWJPwAJVeLCESFVgjMIEAhBCweQoINsj5PUsZPQunaafD7SZN4Pj7/vOZnxvJnJTABn1pVsepym6aWImMjKc1n5J+uZnYg3IuLRwzsL9SmJNL32tySSrKz1XmnDSzHWXKThK1+M+HpyMG51a3t1vlwubWT5Ym3tRrG6tX15ZW1+ubRcWp+dnXl37r25d+amn6V7S2NZ4kJEfPD5P333Wz/+wgc//8yt31//y8VvJM02323vx/9n+NDa5ueZj3Nti2w8XbATaXh/YvR4y9zb+xMBAKCP6vulH8r28y/FRAwdsT8LAAAAvHjSz47Hf5LWubsDRrqUAwAAAC+QXESMR5IrZNf8jkcuVyhE4xrej8T5XLlSrX16qbK5vlivi5iMfG5ppVyazq5tnYx8Us/PNNJ7+bfb8rMR8UpEfGditJEvLFTKi4M++AEAAABnxFjb+P+fE83xPwAAAHDKTA66AQAAAMBzZ/wPAAAAp5/xPwAAAJxqX7p6tT6lredfL97c2lyt3Ly8WKquFtY2FwoLlY0bheVKZblxz761Q99s99GB65u3i7VStVasbm1fX6tsrteurzz5CGwAAACgf155/f5vk4jYeX80Rt8fbZSN7Kv/d/acgIE1EHhudg/ZRZLNRw6+6HcvN+d/7FOjgL4YGnQDgIEZHnQDgIHJD7oBwMAlR9R3vXjnV9n8E71tDwAA0HtTH9s7/7/Tdv4/d+iSO4dXAyeelRjOLuf/4exqnP/vcMlfR3YW4FTJ2wOAM++Zz/8fyf8QAQDAoI03piRXyA7vjUcuVyhEXGg8FiCfLK2US9MR8XJE/GYi/1I9P9NYMjlyzAAAAAAAAAAAAAAAAAAAAAAAAAAANKVpEikAAABwqkXk/pz8onkv/6mJt8bbjw+MJP+aiOwRobd+cO17t+drtY2Zevnfd8tr38/K3x7EEQwAAACgXWuc3hrHAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAvPXp4Z6E19TPuXz8XEZOd4g/Hucb8XOQj4vw/khjet1wSEUM9iL9zLyI+2il+Um/WbshO8Ueff/yYzD6FTvHHehAfzrL79e3PlU7rXy7eaMw7r3/DEU/kn1b37V/sbv+Guqz/F44Z49UHPy12jX8v4tXhztufVvykS/w3jxn/a1/d3u5Wl/4wYqrj90/yRKxibe1Gsbq1fXllbX65tFxan52deXfuvbl35qaLSyvlUvazY4xvf/xnjw/r//ku8SeP6P9bx+z/fx/cfvjhZjLfKf7FNzvE/+WPslccjJ/Lvvs+laXr9VOt9E4zvd9rP/n1a4f1f7FL/4/6/V88Zv8vffmbfzjmSwGAPqhuba/Ol8uljVObqI/ST0AzJE5g4u7Bqtej61JJcvgbpmma1tepZ2hY0j16fxLJbsmgt0wAAECv7e39D7olAAAAAAAAAAAAAAAAAAAAcHb1475i7TF3dlNJL26hDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQE/8LAAD//zea6Cs=")

2m56.595886674s ago: executing program 8 (id=333):
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYRES64=r0], 0x20, 0x4054000}, 0x4040884)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r2, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000000, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
write(r2, &(0x7f00000000c0)="8f2a0a65bd8c2c2b0304000e0580a7b6070d63e286a5cefe", 0x5ac)

2m56.244092352s ago: executing program 8 (id=338):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292", 0xc)
r1 = accept4$alg(r0, 0x0, 0x0, 0x80800)
sendmmsg(r1, &(0x7f0000001f00)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000080)="15d6903159dd60df", 0x8}], 0x1}}], 0x1, 0x20008810)
io_setup(0xff, &(0x7f0000000380)=<r2=>0x0)
io_submit(r2, 0x2000000000000225, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0xfffb, r1, &(0x7f0000000340), 0x2d}])

2m55.835575775s ago: executing program 8 (id=342):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_exit\x00', r0}, 0x18)
shmat(0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000)

2m55.542725439s ago: executing program 8 (id=345):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f00000002c0)={@host})

2m55.40287892s ago: executing program 8 (id=346):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000240)={[{@grpquota}, {@auto_da_alloc}, {@minixdf}]}, 0x1, 0x50c, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLEaGVEHsEqRsSN4pix1HsLJvQQ3rmikQlTvTIH8C5Jw7cuCC4cSkHJH5EoAaJg9GMJ6mb2o3VJHYUfz7SaObNm/r7fXH8Xuc59gtgZF2PiP2ImIiITyNiNjufy7b4qL0l1z05uLdyeHBvJRet1if/zKX1ybno+DeJa9ljFiPihw8jfpJ7Pm5jd29juVqtbGfl+WZta76xu3drvba8VlmrbJbLS4tLCx/cfr98bm19qzaRHX318R/2v/WzJK2Z7ExnO85Tu+mF4ziJ8Yj4/kUEG4KxrD0Tw06El5KPiNcj4u309T8bY+mzCQBcZa3WbLRmO8sAwFWXT+fAcvlSNhcwE/l8qdSew3sjpvPVeqN58259Z3O1PVc2F4X83fVqZSGbK5yLQi4pL6bHT8vlE+XbEfFaRPxiciotl1bq1dVh/scHAEbYtRPj/38m2+M/AHDFFYedAAAwcD3G//1B5wEADI77fwAYPcZ/ABg97fF/athpAAAD5P4fAEaP8R8ARsoPPv442VqH2fdfr362u7NR/+zWaqWxUartrJRW6ttbpbV6fS39zp7aaY9Xrde3Ft+Lnc/nvr3VaM43dvfu1Oo7m8076fd636kU0qt8sgAAhum1tx79OZeMyB9OpVt0rOVQGGpmwEXLDzsBYGjGhp0AMDRW+4LRdYZ7fNMDcEV0WaL3GcVuHxBqtVqti0sJuGA3vmT+H0ZVx/y/vwKGEWP+H0aX+X8YXa1Wrt81/6PfCwGAy80cP9Dj/f/Xs/1vsjcHfrx68ooHF5kVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXG5H6/+WsrXAZyKfL5UiXomIuSjk7q5XKwsR8WpE/GmyMJmUF4ecMwBwVvm/5bL1v27MvjvzTNWb144PJyLip7/65JefLzeb23+MmMj9a/LofPNBdr48+OwBgNMdjdPpvuNG/snBvZWjbZD5/P27EVFsxz88mIjD4/jjMZ7ui1GIiOl/57JyW65j7uIs9u9HxBe7tT8XM+kcSHvl05Pxk9ivDDR+/pn4+bSuvU9+Fl84h1xg1DxK+p+Pur3+8nE93Xd//RfTHurssv4veaiVw7QPfBr/qP8b69H/Xe83xnu/+177aOr5uvsRXx6POIp92NH/HMXP9Yj/bp/x//KVN9/uVdf6dcSN6B6/M9Z8s7Y139jdu7VeW16rrFU2y+WlxaWFD26/X55P56jne48G//jw5qu96pL2T/eIXzyl/V/vs/0P//fpj772gvjffKdb/Hy88YL4yZj4jT7jL0//ttirLom/2qP9pz3/N/uM//ive88tGw4ADE9jd29juVqtbI/kQfR38e+zH9alyHmkD5Jn4RKk0fXgO4OKNRHdq37+TvvXdDKi8xe71XqpWL16jPOYdQMug+MXfUT8d9jJAAAAAAAAAAAAAAAAXQ3iE0vDbiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABX1/8DAAD//9RMyv0=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
io_submit(0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x183)

2m54.817889547s ago: executing program 8 (id=349):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_FPU(r3, 0x41a0ae8d, &(0x7f00000006c0)={'\x00', 0x9, 0x5, 0x6, 0x0, 0x2, 0xdddd0000, 0x8000000, '\x00', 0x41c000})

2m43.235379126s ago: executing program 36 (id=409):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c", 0x15)
r1 = accept4$alg(r0, 0x0, 0x0, 0x80800)
sendmmsg(r1, &(0x7f0000001f00)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000080)="15d6903159dd60df", 0x8}], 0x1}}], 0x1, 0x20008810)
io_setup(0xff, &(0x7f0000000380)=<r2=>0x0)
io_submit(r2, 0x2000000000000225, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0xfffb, r1, &(0x7f0000000340), 0x2d}])

2m39.73351508s ago: executing program 37 (id=349):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_FPU(r3, 0x41a0ae8d, &(0x7f00000006c0)={'\x00', 0x9, 0x5, 0x6, 0x0, 0x2, 0xdddd0000, 0x8000000, '\x00', 0x41c000})

1m26.66093332s ago: executing program 2 (id=887):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2000c16, &(0x7f0000000000)={[{@usrquota}, {@acl}]}, 0xff, 0x257, &(0x7f0000000500)="$eJzs3U9oFFccB/DfzO42TbKUtL0USv9AKaUNhPRW6CW9tBAoIZRSaAsppfSiJEJM8JZ48uJBj6KSk5cg3oweJZfgRRE8Rc0hXgQNHgweVFjZnQTyTxOzmx1xPh+YzEzy5v3eMPN9ExaGDaCweiJiICJKEdEbEZWISDY2+DJbetZ2ZzoXRiJqtd8eJ4122X5m/bjuiJiOiB8iYj5N4lA5YnLur+Wni798c3Ki8vWFuT8723qSa1aWl35dPT904vLg95M3bz8cSmIgqpvOq/WSHX5XTiI+Oohib4mknPcI2IvhY5fu1HP/cUR81ch/JdLILt6p8ffmK/HduVcde/rRrU/bOVag9Wq1Sv0ZOF0DCieNiGokaV9EZNtp2teX/Q9/t9SVHh4bP9r7/9jE6H95z1RAq1Qjln6+2nGle0v+H5Sy/APvqOxDqaXfh2fv1TdWS3kPCGiLz7JV/fnf+8/UtyH/UDjyD8Ul/1Bc8g/FJf9QXPIPxSX/UFzyD8Ul/1Bc+87/mRcHNyigLTbmHwAollrHvt4abv2LyEDb5T3/AAAAAAAAAAAAAAAAAAAA2810LoysL63psbxri+tnI1Z+yppur19qfB9xxPuNn11Pkk09Jnuq8Hp/f9FkB026mPPb1x/cz7f+jc/zrT81GjF9PCL6y+Xt91+ydv/t34e7/L3yb5MF3lCyZf/HP9pbf6vns/nWH1yMuFaff/p3mn/S+KSx3nn+qdavX5P1jzxrsgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa5mUAAAD//7FLbdg=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x48241, 0x141)
pwrite64(r0, &(0x7f0000000140)="f6", 0x1, 0x8000c61)
ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r2, 0x20, 0x0, 0x8000)

1m25.932823848s ago: executing program 2 (id=893):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, 0x0}], 0x1, 0x71, 0x0, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x8040ae9f, 0xffffffffffffffff)

1m25.439660088s ago: executing program 2 (id=895):
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
write$evdev(r0, &(0x7f0000000000), 0x100000008)
ioctl$EVIOCSABS0(r0, 0x401845c0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$EVIOCRMFF(r0, 0x40044581, &(0x7f0000000000)=0x1ff)

1m24.907166212s ago: executing program 2 (id=900):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/custom1\x00', 0x0, 0x0)

1m22.919911012s ago: executing program 2 (id=904):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2000c16, &(0x7f0000000000)={[{@usrquota}, {@acl}]}, 0xff, 0x257, &(0x7f0000000500)="$eJzs3U9oFFccB/DfzO42TbKUtL0USv9AKaUNhPRW6CW9tBAoIZRSaAsppfSiJEJM8JZ48uJBj6KSk5cg3oweJZfgRRE8Rc0hXgQNHgweVFjZnQTyTxOzmx1xPh+YzEzy5v3eMPN9ExaGDaCweiJiICJKEdEbEZWISDY2+DJbetZ2ZzoXRiJqtd8eJ4122X5m/bjuiJiOiB8iYj5N4lA5YnLur+Wni798c3Ki8vWFuT8723qSa1aWl35dPT904vLg95M3bz8cSmIgqpvOq/WSHX5XTiI+Oohib4mknPcI2IvhY5fu1HP/cUR81ch/JdLILt6p8ffmK/HduVcde/rRrU/bOVag9Wq1Sv0ZOF0DCieNiGokaV9EZNtp2teX/Q9/t9SVHh4bP9r7/9jE6H95z1RAq1Qjln6+2nGle0v+H5Sy/APvqOxDqaXfh2fv1TdWS3kPCGiLz7JV/fnf+8/UtyH/UDjyD8Ul/1Bc8g/FJf9QXPIPxSX/UFzyD8Ul/1Bc+87/mRcHNyigLTbmHwAollrHvt4abv2LyEDb5T3/AAAAAAAAAAAAAAAAAAAA2810LoysL63psbxri+tnI1Z+yppur19qfB9xxPuNn11Pkk09Jnuq8Hp/f9FkB026mPPb1x/cz7f+jc/zrT81GjF9PCL6y+Xt91+ydv/t34e7/L3yb5MF3lCyZf/HP9pbf6vns/nWH1yMuFaff/p3mn/S+KSx3nn+qdavX5P1jzxrsgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa5mUAAAD//7FLbdg=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x48241, 0x141)
pwrite64(r0, &(0x7f0000000140)="f6", 0x1, 0x8000c61)
ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)

1m22.436024102s ago: executing program 2 (id=909):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r0, 0xffffffffffffffff, 0x200000000000000)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0xa, 0x3, 0x87)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

1m22.011469276s ago: executing program 38 (id=909):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r0, 0xffffffffffffffff, 0x200000000000000)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0xa, 0x3, 0x87)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

1m17.336424055s ago: executing program 9 (id=942):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$VT_RESIZE(r0, 0x5609, 0x0)

1m16.65490504s ago: executing program 9 (id=945):
syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x1004000, &(0x7f00000001c0)=ANY=[@ANYRES64=0x0, @ANYRESDEC, @ANYRES8], 0x0, 0x7c8, &(0x7f0000001400)="$eJzs3U9sHOXZAPBnjU38GSlCfChEUQiTQKUgBbNeg6nFgS7rsTOw3l3trqtEVQURcVAUBxAUtfhQmgu0Vauqpx5pr9x6a1WplXpoe0Iqh16qXpA4VbRqpapVVcnVzO46jr3+g3ESCr+fFc945pn3fd7dzTwza89sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABRqs2Vy1OlqGeNpXPJFiMRkdzbj13cun7doL1f3TDZod+IUv4vxsfjaG/R0Xuvrz6SfzsVx3s/HY/xfDIeq3cdufvJ/x8dGWy/Q0L7dXKPcaWIb+VJXbmwsrL86k1I5Bb67i92Wjs6bOG/1vLvC2kj6zSzxepCmmSdZjI7M1N+9Ox8J5nP6mnnfKebLia1dlrtNtvJ6drDydTs+HSSTp5vLjUW5qr1tL9w9olHKuXyTPLMZCuttjvNxqPPTHZqZ7N6PWssFDGV8tcjj3kiqc21n826STetLibJpcsry9O7jS4Pmtph/fGH7v7w9Q/+fnk5f0FuF1TqvzArU1OVytTM47OPP1Euj1bKlRsXlDeJ9YgYicgjbsqLlk+PYpe5k4PZccMBGOnX/6hHFo1YinORDPkai1rMRTuasZj//IexLRF9g/r/hUf/8t5O/W6s/4Mqf/T66mNR1P8TvZ9ObFf/h+Z6kF8j/Xy2W/9avBGrcSUuxEqsxHK8etMz+oRfIwfb3kKk0YgsOtGMLBajWixJ+kuSmI2ZmIlyPBdnYz46kcR8ZFGPNDpxPjrRjbR4RdWiHWlUoxvNaEcSp6MWD0cSUzEbszEdSaQxGeejGUvRiIWYi2rRyqW4XDzu05vyOvLN53/+4u8/fCefXw+a2mEgpfxgLg/62w5BW8r93uv/WvQj1P/PuwPeg8P+rQ3qPwAAAPCZVSrefc/P/8fi/mJuPqunX7ndaQEAAAAHqPjN//F8MpbP3R+l/Py/PCTy/VueGwAAAHAwSsU1dqWImIgHenODy6WGvQkAAAAA/A8qfv9/Ip9MRLxZLHD+DwAAAJ8x397uHvsfDO6x22kdKv3yr9Fuj5Wutc49VLpazeOqV+/obdeffHm9xe78sdJ49Bop2poZXb2rFBGjtfR4aXD3y/8c6k0/Kr4fG13ffLt7/Zc2JbC+xR2bh5QncHh1UwJHio6/Fyd7MScv9qYX+3H9OxJPzGf1dLLWrD9Z3BIx/9d9/aXL34hi+N9pLB4uxaXLK8uTL7y8crHI5VreyrWr/RsobrmP4vBcih7X+o9A3D98xGPFhRj9fid6/ZY3PgH9exOP7NxnaWOfb8WpXsypid504sbxj+d9Tk0+ORXV6uGRbnqu+/rahtH3s5j6hCN/Kx7sxTx4+sHeZEgWlRuyeGlrFpWNWeztsdg1i7H+C+udk2+e+8dvmqV0ercspjdlMf4xswC4XS4Vd/25XoX+r6hC/17ryev/9bqb9AL6+nu5+9abyvdygzKwaS93KdbXDLbfUOtGY0t133x4EZt62WaPfroXc7p3PDF6bEhdKQ/Zo79y+ZXf9vfoj737ox9/9cTvfrr/6vZuPNyL6U/inl9vU2PzMX+/sTgxaPTcU/2Zn2zbb6deKcVYxB1fu/pKHHntjdVHLl+98OLyi8svVSrTM+XHyuXHKzFWHCr0J2oPAEPs/hk7p/703s4Rpcd2Oau+Z/1PCibjhXg5VuJinCmuNoiIB4a3OrHhzxDOxKkoTpa3OWud2PAJL2d2Obe8HlvZGjs4rtgSO73hEbvvh8XknzfxSQGAm+zULnW4tPsRQunMLufdN9byTWfHsX0tH+aLN/XRAIDPh7T9UWmi+3ap3c5az03Nzk5Vu2fTpN2sPZu0s7mFNMka3bRdO1ttLKRJq93sNmuDN47n0k7SWWq1mu1uMt9sJ61mJztXfPJ70v/o9066WG10s1qnVU+rnTSpNRvdaq2bzGWdWtK68+l61jmbtouNO620ls1ntWo3azaSTnOpXUsnk6STpklraRCYzaWNbjaf5bONpNXOFqvtaxFRX1pMk7m0U2tnrW6z1+Cgr6wx32wvFs1Obh3+n2/14w0AnwavvbF65cLKyvKrH3NmNIqZP+4l+HaPEQC40V6r9OFblRAAAAAAAAAAAAAAALDF1sv18qX7uSJw9VB8/K0Oxb6uPjSzh5n8iTz4lif28Szfxpnnn3rqynYxT7959Oze2hn+P2XYpa5vH46482c/6C350q0a6fsRsY/N10o7xNzuPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbPXfAAAA//9pSVg8")
syz_mount_image$fuse(0x0, &(0x7f0000000c40)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000005c0)='./bus\x00')
r0 = open(&(0x7f0000000040)='.\x00', 0x20000, 0x0)
getdents64(r0, &(0x7f0000000fc0)=""/224, 0xe0)

1m15.476507935s ago: executing program 9 (id=947):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_emit_vhci(0x0, 0x7)
syz_open_dev$cec(0x0, 0x0, 0x0)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x1003, r3}, 0x38)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_setup(0x497, 0x0, 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newnexthop={0x38, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_RES_GROUP={0xc, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_BUCKETS={0x6, 0x1, 0x3fd7}]}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008018}, 0x0)

1m11.650196416s ago: executing program 9 (id=973):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file1\x00', 0x0, &(0x7f0000000200)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@usrjquota}, {@errors_remount}, {@dioread_lock}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@mblk_io_submit}, {@minixdf}, {@barrier_val}, {@nombcache}, {}]}, 0x45, 0x7b6, &(0x7f0000001140)="$eJzs3c9rG1ceAPDvyPLPZNdeWNjNngwLu4EQeZ31JruwsF72sBQaCLSnHpoYWTGpZStYcoiNaRNKoZdCW3prLzn356X02h+HXtr/oySkrROa0kNxGf2wZVtyrMSWkubzgYne07zRe995ozcvmrEUwBNrPP0nE3EsIl5PIkbrzycR0V9NZSOma+Xura/l0yWJjY1nvkuqZe6ur+WjaZvUkXrmjxHx+SsRJzK76y2vrM7PFIuFpXp+orJweaK8snry0sLMXGGusHh6cmrq1Jl/nDn9UOENN2d++Hr16K03/v/XD6Z/evkPH772RRLTcbS+rjmOgzIe4/V90p/uwm3+d9CV9czHL+6jUNMRkD3MxtChtGP66r1yLEajb6/+Ge5mywCAw/JSRGy009d2DQDwWEtq5///9LodAEC3ND4HuLu+lm8svf1Eortu/zcihobqudr1zVo6W79mN1S9DjpyN9l2ZSSJiLEDqH88It755Pn30iUO6TokQCvXrkfEhbHx3eN/suuehU79rfXTc82Z8R0rjX/QPZ+m859/tpr/ZTbnP9Fi/jPY4r37IO7//s/cPIBq2krnf/9uurftXlP8dWN99dxvqnO+/uTipWIhHdt+GxHHo38wzU/uUcfxOz/fabeuef73/ZsvvJvWnz5ulcjczA5u32Z2pjLzMDE3u3094k/ZVvGn4/9gtf+TNvPfc/X0wH3qeOpfr77dbl0afxpvY9kd/+HauBHxl5b9n2yWSfa8P3GiejhMNA6KFj6ajpF29Y9nt/o/XdL6G/8X6Ia0/0f2jn8sab5fs7zvl968W+yrG6OftSvUfPy3jr/18T+QPFtNN469qzOVytJkxEDy9O7nT21t28g3yqfxH/9z6/d/Y/xrcfw/l77+hX3uiOytb99/8PgPVxr/bEf933Eihu7N97Wrf3/9P7Vtm/2Mf/tt4IPuNwAAAAAAAAAAAAAAAAAAAAAAAADoRCYijkaSyW2mM5lcrvYb3r+PkUyxVK6cuFhaXpyN6m9lj0V/pvFVl6NN34c6Wf8+/Eb+1I783yPidxHx1uBwNZ/Ll4qzvQ4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqOtPn9/9Q3gzsK9/WihQDAoRhyYgeAJ02Szfa6CQBAtw11VHr40NoBAHRPZ+d/AODXwPkfAJ489zn/7/wzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjUubNn02Xjx/W1fJqfvbKyPF+6cnK2UJ7PLSznc/nS0uXcXKk0Vyzk8qWFti90rfZQLJUuT8Xi8tWJSqFcmSivrJ5fKC0vVs5fWpiZK5wv9HctMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYv/LK6vxMsVhYkuhJYv7LWj88Ku2R6CwR12r996i05+ASMbA1Sgz3ZnACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAz8EgAA//99gB7t")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
chdir(&(0x7f0000002340)='./bus\x00')
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000005c0), 0x1000000, &(0x7f0000000000)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
mkdir(0x0, 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000180)=""/92, 0x5c)

1m10.846599351s ago: executing program 9 (id=979):
r0 = inotify_init()
syz_clone(0xe200, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000000)="fd", 0x1}], 0x1, 0x0, 0x0, 0x804c044}, 0x881)
r1 = dup(0xffffffffffffffff)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x106, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000440)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x106}}, 0x20)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000180)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x4}}, 0x29fdf)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f00000000c0)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x5}}, 0xfd87)
close_range(r0, 0xffffffffffffffff, 0x0)

1m10.750127809s ago: executing program 3 (id=980):
sendmsg$inet(0xffffffffffffffff, 0x0, 0x40000)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bond0\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f00000002c0)="05031600d3fc140000004788031c09102c28", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

1m10.398565897s ago: executing program 3 (id=983):
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1m10.195128824s ago: executing program 3 (id=985):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='status\x00')
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r0)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)={0x2c, r1, 0x35, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x91}, 0x48010)
r2 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000000040)={0x1e, 0x0, 0x25dfdbfe, 0xdbde8f94d813f6d3}, 0xc)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000001c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r8 = open(&(0x7f00000001c0)='./bus\x00', 0x101000, 0x0)
copy_file_range(r8, 0x0, r7, 0x0, 0x3df1, 0x0)
semop(0x0, &(0x7f0000000040)=[{0x0, 0x8, 0x1800}], 0x1)
r9 = semget$private(0x0, 0x2, 0x209)
semtimedop(r9, &(0x7f0000000040)=[{0x0, 0xfffc, 0x1800}], 0x1, 0x0)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000080)={'dvmrp1\x00', 0x2})
ioctl$TUNATTACHFILTER(r10, 0x401054d5, &(0x7f0000000340)={0x2, &(0x7f00000000c0)=[{0x28, 0x0, 0x4, 0x9}, {0x6, 0x0, 0x5}]})

1m9.023370988s ago: executing program 3 (id=988):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(0x0, r0)
open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/custom1\x00', 0x0, 0x0)

1m8.686793336s ago: executing program 3 (id=990):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

1m8.243990222s ago: executing program 9 (id=994):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
r1 = socket(0x2c, 0x3, 0x0)
close(r0)
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080), 0x84, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

1m8.034744778s ago: executing program 39 (id=994):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
r1 = socket(0x2c, 0x3, 0x0)
close(r0)
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080), 0x84, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

1m7.805718277s ago: executing program 3 (id=998):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_on}]})
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f00000004c0), 0xfe, 0x57b, &(0x7f0000002440)="$eJzs3d9rW2UfAPDvSdut+/G+62CM9xWRwi6czKVr648JXsxL0eFA72doz0ppuowmHWsduF1sIN7IEEQciPd6L3gz/Af8KwY6GDKKXuhF5aQnXbYmTbplbWc+Hzjlec45yXO+Oef79Dl5EhJA3xrN/hQi/h8RXyQRhyIiybcNRr5xdG2/lQdXp7IlidXVD39P6vtl9cZzNR53IK/8LyJ+vhFxorCx3erS8lypXE4X8vpYbf7SWHVp+eTsfGkmnUkvTkxOnn59cuKtN9/oWayvnPvz6w/uvHv682MrX/1w7/CtJM7EwXxbcxxP4VpzZTRG89dkKM48tuN4DxrbTZJOOwxvz3GwNQN5ng9F1gccioE864F/v08jYhXoU8kj+V/QH0DfaIwDGvf2PboPfm7cf2ftBmhj/INr743EcP3eaP9K8sidUXa/O9KD9rM2fvzt9q1sid69DwHQ0bXrEXFqcHBj/5fk/V9ne9usP9XFYx9vQ/8H2+dONv55tdX4p7A+/okW458DLXL3SXTO/8K9HjTTVjb+e7vl+Hd90mpkIK/9pz7mG0ouzJbTrG/7b0Qcj6G9WX2z+ZzTK3dX221rHv9lS9Z+YyyYH8e9wcc62OlSrfQ0MTe7fz3ihZbj32T9/Cctzn/2epzrso2j6e2X2m3rHP+ztfpdxMstz//DGa1k8/nJsfr1MNa4Kjb64+bRX9q1v9PxZ+d//+bxjyTN87XVrbfx7fBfabtt9fjXa91f/3uSj+rlPfm6K6VabWE8Yk/y/sb1Ew8f26g39s/iP36sOf6/81wtbHr974uIj7uM/+aR71/cNP4dPv/TWzr/Wy/cfe+Tb9rN/3bX/71WLx3P13TT/3V7gE/36gEAAAAAAMDuUoiIg5EUiuvlQqFYXPt8x5HYXyhXqrUTFyqLF6ej/l3ZkRgqNGa6DzV9HmI8K3/209qTzpbTifzzsY3tkxFxOCK+HNhXrxenKuXpnQ4eAAAAAAAAAAAAAAAAAAAAdokDbb7/n/l1YKePDnjm/OQ39K+O+d/2l56u9fxYgO3l/z/0L/kP/Uv+Q/+S/9C/5D/0L/kP/Uv+Q/+S/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBT586ezZbVlQdXp7L69OWlxbnK5ZPTaXWuOL84VZyqLFwqzlQqM+W0OFWZ7/R85Url0vhELF4Zq6XV2lh1afn8yYionZ+dL82k59OhbYkKAAAAAAAAAAAAAAAAAAAAni/VpeW5UrmcLigoPFFhcHccxnYUbuSFGN4dx/NMCzvdMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAQ/8EAAD//yjlLj4=")
pwritev2(0xffffffffffffffff, &(0x7f00000010c0)=[{&(0x7f0000000f40)='t', 0x1}], 0x1, 0x7abff, 0x0, 0x3)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file2\x00', 0x282, 0x140)

1m6.819955927s ago: executing program 40 (id=998):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_on}]})
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f00000004c0), 0xfe, 0x57b, &(0x7f0000002440)="$eJzs3d9rW2UfAPDvSdut+/G+62CM9xWRwi6czKVr648JXsxL0eFA72doz0ppuowmHWsduF1sIN7IEEQciPd6L3gz/Af8KwY6GDKKXuhF5aQnXbYmTbplbWc+Hzjlec45yXO+Oef79Dl5EhJA3xrN/hQi/h8RXyQRhyIiybcNRr5xdG2/lQdXp7IlidXVD39P6vtl9cZzNR53IK/8LyJ+vhFxorCx3erS8lypXE4X8vpYbf7SWHVp+eTsfGkmnUkvTkxOnn59cuKtN9/oWayvnPvz6w/uvHv682MrX/1w7/CtJM7EwXxbcxxP4VpzZTRG89dkKM48tuN4DxrbTZJOOwxvz3GwNQN5ng9F1gccioE864F/v08jYhXoU8kj+V/QH0DfaIwDGvf2PboPfm7cf2ftBmhj/INr743EcP3eaP9K8sidUXa/O9KD9rM2fvzt9q1sid69DwHQ0bXrEXFqcHBj/5fk/V9ne9usP9XFYx9vQ/8H2+dONv55tdX4p7A+/okW458DLXL3SXTO/8K9HjTTVjb+e7vl+Hd90mpkIK/9pz7mG0ouzJbTrG/7b0Qcj6G9WX2z+ZzTK3dX221rHv9lS9Z+YyyYH8e9wcc62OlSrfQ0MTe7fz3ihZbj32T9/Cctzn/2epzrso2j6e2X2m3rHP+ztfpdxMstz//DGa1k8/nJsfr1MNa4Kjb64+bRX9q1v9PxZ+d//+bxjyTN87XVrbfx7fBfabtt9fjXa91f/3uSj+rlPfm6K6VabWE8Yk/y/sb1Ew8f26g39s/iP36sOf6/81wtbHr974uIj7uM/+aR71/cNP4dPv/TWzr/Wy/cfe+Tb9rN/3bX/71WLx3P13TT/3V7gE/36gEAAAAAAMDuUoiIg5EUiuvlQqFYXPt8x5HYXyhXqrUTFyqLF6ej/l3ZkRgqNGa6DzV9HmI8K3/209qTzpbTifzzsY3tkxFxOCK+HNhXrxenKuXpnQ4eAAAAAAAAAAAAAAAAAAAAdokDbb7/n/l1YKePDnjm/OQ39K+O+d/2l56u9fxYgO3l/z/0L/kP/Uv+Q/+S/9C/5D/0L/kP/Uv+Q/+S/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBT586ezZbVlQdXp7L69OWlxbnK5ZPTaXWuOL84VZyqLFwqzlQqM+W0OFWZ7/R85Url0vhELF4Zq6XV2lh1afn8yYionZ+dL82k59OhbYkKAAAAAAAAAAAAAAAAAAAAni/VpeW5UrmcLigoPFFhcHccxnYUbuSFGN4dx/NMCzvdMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAQ/8EAAD//yjlLj4=")
pwritev2(0xffffffffffffffff, &(0x7f00000010c0)=[{&(0x7f0000000f40)='t', 0x1}], 0x1, 0x7abff, 0x0, 0x3)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file2\x00', 0x282, 0x140)

42.95973948s ago: executing program 7 (id=999):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(0x0, r0)
open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/custom1\x00', 0x0, 0x0)

42.768846525s ago: executing program 7 (id=1185):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000ec0)='./bus\x00')
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r1, 0x0, 0x0)
r2 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50)
getdents(r2, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

42.315736152s ago: executing program 7 (id=1193):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0xa0, 0x0, 0x1, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@metacopy_on}]})
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f0000000140)=ANY=[], 0x1, 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000100)='./file7\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file2\x00', 0x0)

41.914221875s ago: executing program 41 (id=1193):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0xa0, 0x0, 0x1, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@metacopy_on}]})
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f0000000140)=ANY=[], 0x1, 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000100)='./file7\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file2\x00', 0x0)

3.763877045s ago: executing program 0 (id=1555):
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
socket$inet_tcp(0x2, 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mprotect(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x1)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x404c040)
truncate(&(0x7f00000002c0)='./file1\x00', 0x42d9)
truncate(&(0x7f0000000140)='./file1\x00', 0x2ef0)
truncate(&(0x7f0000000900)='./file1\x00', 0xbf39)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)

3.08229906s ago: executing program 0 (id=1563):
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x1208000, 0x0, 0x1, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000012c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="10"], 0x10)
getresuid(&(0x7f0000000440), &(0x7f0000000400), &(0x7f00000004c0)=<r3=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC=r3])
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)=@known='trusted.overlay.redirect\x00', 0x0, 0xc300)

2.682324863s ago: executing program 4 (id=1566):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x10, &(0x7f00000004c0)={[{@i_version}, {@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x3ff}}]}, 0x1, 0x3f7, &(0x7f0000003080)="$eJzs3U1vG0UfAPD/bt7atE+TSs+Bl4sFSERCJE3aApVAIuLCoT3RA0es2C1RnQYlRqJVxItA3EAC8QHgAHwEjnDgO8AZOEClCOVAys1o7V3HxHbapA6ukt9PGnlmZ+2Z9XjW68nsJIBjqxQRL0fESESci4ipfHuah3i/FbL9trc2lv7e2lhKotF47c8kknxb8VpJ/ngqf4GZNCL9KInHe5S7fuv2jXKtVl3L03P1lbfm1m/dfnZ5pXy9er16c+G58xcuXnzh0sLzAzvWzZXkk6e+ufzbZx9XPv/pj++ns/qezvM6j2NQSlFqvye7XRp0YUN2oiOejA6xIgAA7CnNr/1Hm9f/UzESOxdvU/Hpj0OtHAAAADAQjUbxCAAAABxdid/+AAAAcMQV8wC2tzaWijDE6Qj8xzYXI2K61f5389DKGW3f0zu26/7eQSpFxKsnrixkIQ7pPmwAAACA4+yHxdbCf93jf2k80rHfyYiYLNb2G6DSrnT3+E96Z8BF0mFzMeLFiLjbNf6XFrtMj+Sp/zWHCseSa8u16rmIOBMRMzE2kaXn9yjj3SdufNsvr3P878tfX5/Pys8ed/ZI74xO/Ps5lXK9/CDHzI7NDyIeG+3V/kl7zLdzncyDeGN5+6V+eVn7Z+1dhO725zA1vop4umf/31m5NNl7fda55vlgLj8rTHSX8cvprz/sV35n/89CVn7xtwAOX9b/J/du/+Y6ue31etf3X8Z3f135uV/evdu/9/l/PLnarOB4vu2dcr2+Nh8xnlzu3u7T1Fa8H8X7lbX/zJO9v/+L678k/+4/07E+9H688t7Zq/3y9P/hytq/sq/+v//Im5OPzvQr//76/4VmZYoXcf13b/fbQMOuJwAAAAAAAACDkTbn9iXpbDueprOzrXm+/4/JtLa6Xn/m2urbNyutOYDTMZYW8z+nOuaDzrduI2+nF3alz0fE2Yj4YupkMz27tFqrDPvgAQAA4Jg41ef3f+b3g9zsAQAAADycpoddAQAAAODQ+f0PAAAAR9qDrOtfq64V/yLogE8XETlYZCT/4D0s9Tl6kSGelAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIfwIAAP//keS8Nw==")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), 0x0, 0xfe37, 0x0)

2.503170808s ago: executing program 0 (id=1568):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x20048a, &(0x7f00000001c0)={[{@grpjquota}, {@noinit_itable}, {@abort}, {@bsdgroups}]}, 0x12, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000780)='./file2\x00', 0x101202, 0x40)

2.234647729s ago: executing program 4 (id=1571):
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)}, 0x40000)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bond0\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f00000002c0)="05031600d3fc140000004788031c0910", 0x10, 0x4, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

1.863086139s ago: executing program 5 (id=1575):
r0 = syz_open_dev$loop(&(0x7f0000000080), 0x6, 0x52300)
ioctl$BLKSSZGET(r0, 0x1268, &(0x7f00000000c0))

1.783894375s ago: executing program 0 (id=1578):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_read_part_table(0x635, &(0x7f0000000000)="$eJzs3D9oXeUbB/DvSe899yaFtr8fTl1SncViZ28NSHqpdKp061IVJFQc4lSx5Ea6mCGDg7NLEbLUumjo4KAt4iROoYNacRWkqNQiPXLuOfdPBEFsOwifz5Dzvs953vd5n5yTMSf8py2kmxTjYS+dJMdf/kvGZiYJ6df5Sapue+/czuqp01VVVUWdcz7dPPn5oetJOu2S/nSbqqo2ppOTufrB0o13i1F353Zd9ObWgTq82BzjSPL0wbI/3mZuh1TVvoP1HuXvgX/n2uBWUVwp29lTvzxYST76efXs7pmt966/2IY3ki+T+vm/U78Xk+y3cvHYhc54WD/lN+f3/bW5lLPI7HEvprPvDKMr68PtlcHa3iRwdLjz6WvP/X7sRqoT+arsLExuFLP9ymT08O3X/R+u3/7tS4O1veHlxemNJ97//xdZbid3qypH6pL/y/hPZ/kRVAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HG4NriVZDTcTtb2hr02unp298xWmeSFV/tt6Pj8qgPt9WIu3KmvG1lPfvgk3fmkov4xjiyku9LEvl+unhkPOpP6vcVmcGmwtje8v5TcefbB0WGzKjc/OzErtzHdeTfPt6N7VWM82fy7JtsS1eEm7+v78/0XnWR9uD2uf/nHotM0/HExmh5zIcnrvbzSNFPdK9u1f8zaAAAAAAAAAAAAAAAAAAAAgIeyeur0G3fb8fl+kp/eXqjHVa/5L/diqdiX/20vWTyZXO2nGK0kuf3Sb+U3h7a+az8dMEovoyQHP9w81y4p920w/URAkap8nJ3xT/wZAAD//8Wbezo=")
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x8, &(0x7f0000003600)={[{@workdir={'workdir', 0x3d, './file1/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}}]})

1.783723145s ago: executing program 4 (id=1579):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f00000000c0)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="1f", 0x1}], 0x1}, 0x200080d0)
recvmmsg(r0, &(0x7f0000000f80)=[{{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, 0x0}, 0x9}], 0x2, 0x0, 0x0)

1.620624889s ago: executing program 5 (id=1581):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_ethernet(0x96, &(0x7f00000001c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00\x00 ', 0x60, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x18, 0x8, 0x11, 0x0, 0x1ff, {[@timestamp={0x8, 0xa, 0x101, 0x7494}, @nop, @fastopen={0x22, 0x11, "801d8259015257f40b56dce7d9bd62"}, @generic={0x5, 0x10, "c874903dcdda3ba25e57912f9f2d"}, @timestamp={0x8, 0xa, 0x1, 0x6}, @mptcp=@synack={0x1e, 0x10, 0xf, 0x2, 0x80, 0xffba, 0x4}, @window={0x3, 0x3, 0x4}]}}}}}}}}, 0x0)

1.545977025s ago: executing program 1 (id=1582):
r0 = socket(0x10, 0x80003, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x6, 0x1, 0x3, 0x0, 0x8}, 0x7, 0x0, 0x5, 0xffffffff, 0x2, 0x1, 0x12, 0x19, 0xbd, 0x87, {0x7, 0x7, 0x2, 0x0, 0xe9ac, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)

1.312465174s ago: executing program 4 (id=1584):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000040)=0xfffffffc, 0x4)
syz_emit_ethernet(0x66, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaab60d2b6110272400305bff20010000000000000000000000000000020090ec31f0"], 0x0)
setsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000000000)=0x6, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

1.23026308s ago: executing program 1 (id=1585):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000000c0)=0x10000)
ioctl$TIOCPKT(r0, 0x5420, 0x0)

1.212983272s ago: executing program 6 (id=1586):
newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='.\x00', &(0x7f0000005280), 0x0)

1.12223462s ago: executing program 0 (id=1587):
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
socket$inet_tcp(0x2, 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mprotect(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x1)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x404c040)
truncate(&(0x7f00000002c0)='./file1\x00', 0x42d9)
truncate(&(0x7f0000000140)='./file1\x00', 0x2ef0)
truncate(&(0x7f0000000900)='./file1\x00', 0xbf39)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)

1.012486868s ago: executing program 1 (id=1588):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x1008002, &(0x7f00000003c0), 0x0, 0x5ee, &(0x7f0000000600)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkysHoyYMXT4aEqOFo4prZzpRuO9sfS7sLnc8nWfrmvRnem06/OzNv35sNoLQG038qEXsjYjqJ6E/mF8s6IyscXFjv3j+fnE5fSVSrb/yVRJLl5esn2c++bOOeiPjlpyT2dKysd2buyvnxqanJy9ny8OyF6eGZuSsHz10YPzt5dvLi6Eujx44eOXps5FBT+3W1IO/k9fc/7P9s7O3vvvk3Gfn+97Ekjser2YpL92OzDMZg7XeSrCzqO7bZlbVJR/Z3svQQJ51Fa3a1rlGsW3780qPzVPRHR9w/eP3x6WttbRywpapJRHW5HXkhsL0lwhxKKr8OyO/tl98HV1p+RQK0yt0TCx0AK+O/c6FvMHpqfQM77yWxtFsniYjmeubq7YqI27fGrp+5NXY9tqgfDig2fy0ini6K/6QW/wPREwO1+K/UxX96XXAq+5nmv95k/cu7isU/tM5C/PesGv/RIP7fWRL/7zZZ/+D95Hu9dfHf2+wuAQAAAAAAQGndPBERLxZ9/l9ZHP8TBeN/+iLi+CbUP7hseeXn/5U7m1ANUODuiYhXCsf/VvLRvwMdWeqx2niAruTMuanJQxHxeEQciK4d6fLIKnUc/HzP143KBrPxf/krrf92NhYwa8edzh3120yMz44/6H4DEXevRTxTOP43WTz/J7XhvvNLpwvU3g+m11nHnudvnGpUtnb8A1ul+m3E/sLz//2nViSrP59juHY9MJxfFaz07Mdf/NCo/mbjv/ARE8CGpOf/navH/0Cy9Hk9Mxuv4/BcZ7VBUXez1//dyZu1R850Z3kfjc/OXh6J6E5OdqS5dfmjG28zbEd5POTxksb/gedW7/9LCvr/eiNiftn/nfxdP6c49+R/fX80ao/rf2ifNP4nNnT+33hi9MbAj43qX9/5/0jtXH8gy9H/Bwu+ysO0uz6/IBw7i4pa3V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2A4qEbErksrQYrpSGRqK6IuIJ2JnZerSzOwLZy59cHEiLat9/38l/6bf/oXlJP/+/4Ely6PLlg9HxO6I+LKjt7Y8dPrS1ES7dx4AAAAAAAAAAAAAAAAAAAAeEn0N5v+n/uxod+uALdfZ7gYAbVMQ/7+2ox1A6zn/Q3mJfygv8Q/lJf6hvMQ/lJf4h/IS/1Be4h8AAAAAALaV3ftu/pZExPzLvbVXqjsr62pry4CtVml3A4C28YgfKC9Df6C83OMDyRrlPQ03WmvL1UyffoCNAQAAAAAAAAAAAKB09u81/x/Kyvx/KC/z/6G88vn/+9rcDqD13OMDscZM/sL5/2tuBQAAAAAAAAAAAABsppm5K+fHp6YmLz8KiZ+3tIq32r+DrU5Uq9Wr6V/Bw9KeRzyRD4V/WNqzLJHP9VvfVu17TwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOr9HwAA//87QSCw")
lsetxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0)
r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', &(0x7f0000000080), 0x18)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, 0x0)

1.012324198s ago: executing program 5 (id=1589):
syz_mount_image$iso9660(&(0x7f0000000940), &(0x7f0000000980)='./file0\x00', 0x0, &(0x7f00000009c0), 0x1, 0x921, &(0x7f0000000a00)="$eJzs3c9vHPXdB/D3OPaDnwVBgDw8UQRkExow4Dprp4RaXOp4185S21vZjkTUQ0NJqKJYpYJWAtRDKlU9FbWHqof2xrEnJC5wqfJX9NAL/wLqKTdXM2snDni9xnW8wX29rPH8+sz3+5md2flqf803fJutr69Xwx7nL/3tIJPlwXOh+cXHn3xUDr+5mf/JkbxSfJaMJqknw0mOJyOzzeXOYp+CbiRXktxKiiQPpTvelSsp/pBH7s7fSvHXsl7uv3X+qw36/AMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAdRMdtsNCaLLLSXLr1R763qAnyH9ZvlfV71+l183rfepCiHjI5udvV9/Njd1U+V/07n6e7c01WH5BnNhw8/dfS1J4eHNrffIaED8d4HH954c23t2ruDTmRA5ltL7ZVOe3FmvlVvr3Tq0+fPN85enFupz7UXWiuXV1Zbi/XZ5dbMame5Pjb7Yn1yevpcvTVxuXNpab45s9DaXPjqd6cajfP11yd+1JpZXuksnX19YmX2Ynthob00X8WUq8uYV8sT8Yft1fpqa2axXn/7+tq1c/2SLIMmdxM01S9oqjE1NTk5NTV5/pXpV15tNIa/tqDxFflaxOBPWgZr36/hsFdDG+1/FtLOUi7ljdS3/ZtNM8vpZLHH+g2b7f+Zs60d693a/m+28sfvrj6Rqv1/tjv3bK/2v0cuB/f3Xj7Ih7mRN7OWtVzLuwPP6GD/5tPKUtpZSSftLGamWlLfWFLPdM7nfBr5SS5mLiupZy7tLKSVlVzOSlbTqs6o2SynlZmsppPl1DOW2byYeiYznemcSz2tTORyOrmUpcynmZmqlLdzvXrcz+2Q452gyd0ETe0QpP3nP3c/LuOwJ+ub7T8AAABwaBXVu+/l6/+RPFNNzbUXWo1BpwUAAADso+qT/6fL0Ug59UwKr/8BAADgsCmq39gVSWo52Z3a/CWUNwEAAADgkKg+/3+2HNXKqZMpvP4HAACAw6b/Pfb7RhTjm7f/rV/tjq9uRGzc57c2115oTcx2Fl6bzPPVXQaqXxpsW9pI9fODl3KqG3Wq1h3X7i1xtIyanHhtMi/l9MaOjD1Xjp4b2yZyqhv5QjfyhR0iz5WRAHDYne7THu+m/X8p492I8RNlY5rhE9u0rA0tKwA8KPr3sdM3ovhen9f/T9z5SsFE3so7WcvVjFe/Nqi+cbBtqbUtX0MY7/NuQG1LDy/jfd4PqG3p6GW8zzsCtS3dywDAYXK6Tzu8m/Z/vM/r/5qvFALAA+VOD/b3cWLQ+wgA3EsrDQAAAAAAAAAAAAAAAAAAAAAAAAAAAPvvIO7/b8KEiW/bxKCvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByEIjmy3fKh5KEkjSRnDz6r++fmoBMYsOJ2buf9PDroPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADpuN+/8PpTt+uLsow0PJmSRXkvx40Dnup9uDTmDAttz/vzzmWS8y3D3sKUZmm8udxfLwV30/DH3x8ScflcNe6ikLKGu4p3OJjRp6b/V4tVWtee29G7985xf15oUqyQurcwvNxfnlH9wNfKr4NKmnO2zazPfXZ/7+x232/NNyT3dX71xVb/Pr9f7/dlvvXO9Orq9dmyprWm29sfqrn19/f8uqJ3IqeW4sGbu3pp+VQ4+aTmVkp9qKL4vfFY/mz7lSHf/y0SjWi/IQPVbt//++fX3t2sRb76xd7ZHT0ZxMcjUZ3X1OJ6vrybaqs25opKy1UQWV/471KW9HW0qc7LEPj1enTO0b7UO99z5U+jzuGxmd65HRk3n+Gx/p5/vUuK3iy+KfxcX8I7/d0v/HUHn8z2Q3z84yporccqb0jBzqRlZ7PrVjmT2fldwHv89P8/07x39oy/V/41gdzPVoS40H9LyoWqRjX2mRNq4+vbbZyPNYN6pHnv+Xl5PhE9/oivJynyvK/Xr+/6UYy79yU/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAg69Ijmy3fCg5k+RoksfK+Xqyvh/1DdWK/Shmz24OtPbBK27ndt7Po4POAwAAAAAAAID9caH5xceffFQO1efxR/Kd4rNktPtJ/3CSo8WfRmaby53FPgWNJFeS3NpDDuV2eeTu/K1y7vgeCgIAduXfAQAA//+0Imbz")

1.011897478s ago: executing program 6 (id=1590):
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)}, 0x40000)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bond0\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f00000002c0)="05031600d3fc140000004788031c09102c", 0x11, 0x4, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

808.001595ms ago: executing program 6 (id=1591):
r0 = inotify_init()
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10)
sendmsg$inet_sctp(r1, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000000)="fd", 0x1}], 0x1, 0x0, 0x0, 0x804c044}, 0x881)
r2 = dup(r1)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x106, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000440)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x106}}, 0x20)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, &(0x7f0000000180)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x4}}, 0x29fdf)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

757.702819ms ago: executing program 1 (id=1592):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/custom1\x00', 0x0, 0x0)

647.172038ms ago: executing program 5 (id=1593):
fsmount(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x2, 0x4, 0x8fff, 0x5}, 0x50)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@enum64={0x1, 0x0, 0x0, 0x13, 0x0, 0x4}]}, {0x0, [0x61]}}, 0x0, 0x27, 0x0, 0x1}, 0x28)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@newlink={0x38, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x50a10, 0x11223}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e21}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x20040040)
socket$nl_netfilter(0x10, 0x3, 0xc)

597.925932ms ago: executing program 6 (id=1594):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
memfd_create(&(0x7f0000000000)='-&:{-\xaa]{\x00', 0x2)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
mlock2(&(0x7f0000b16000/0x1000)=nil, 0x1000, 0x1)

465.062143ms ago: executing program 0 (id=1595):
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[], 0x48)
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r1, &(0x7f00000000c0)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r3 = socket$igmp(0x2, 0x3, 0x2)
sendto$inet(r3, &(0x7f0000000040)="255f5a03204f8e0b", 0xdd86, 0x804, &(0x7f0000000080)={0x2, 0x4e22, @multicast1}, 0x10)
r4 = socket(0x2, 0x805, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={<r5=>0x0, 0x0, &(0x7f0000000100)}, &(0x7f00000007c0)=0x10)
getsockopt$inet_sctp_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f00000000c0)=@assoc_id=r5, &(0x7f00000001c0)=0x4)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r6=>0x0]}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x84, &(0x7f0000000100)={r6, @in={{0x2, 0x4e21, @empty}}, 0xbdef, 0x1}, &(0x7f0000000000)=0x90)
r7 = fcntl$dupfd(r3, 0x0, r3)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r8, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r8, 0x5)
accept(r8, &(0x7f0000000080)=@can, 0x0)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r9, &(0x7f0000000100)="b8", 0x54000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
recvmmsg$unix(r7, &(0x7f0000005180)=[{{0x0, 0x0, &(0x7f00000045c0)=[{&(0x7f0000003540)=""/4096, 0x1000}], 0x1}}], 0x1, 0x162, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r7, 0x541b, 0x0)
getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000080)=0x14)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
syz_emit_ethernet(0x3e, 0x0, 0x0)

415.994077ms ago: executing program 4 (id=1596):
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x1208000, 0x0, 0x1, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000012c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="10"], 0x10)
getresuid(&(0x7f0000000440), &(0x7f0000000400), &(0x7f00000004c0)=<r3=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC=r3])
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)=@known='trusted.overlay.redirect\x00', 0x0, 0xc300)

402.855368ms ago: executing program 6 (id=1597):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_read_part_table(0x635, &(0x7f0000000000)="$eJzs3D9oXeUbB/DvSe899yaFtr8fTl1SncViZ28NSHqpdKp061IVJFQc4lSx5Ea6mCGDg7NLEbLUumjo4KAt4iROoYNacRWkqNQiPXLuOfdPBEFsOwifz5Dzvs953vd5n5yTMSf8py2kmxTjYS+dJMdf/kvGZiYJ6df5Sapue+/czuqp01VVVUWdcz7dPPn5oetJOu2S/nSbqqo2ppOTufrB0o13i1F353Zd9ObWgTq82BzjSPL0wbI/3mZuh1TVvoP1HuXvgX/n2uBWUVwp29lTvzxYST76efXs7pmt966/2IY3ki+T+vm/U78Xk+y3cvHYhc54WD/lN+f3/bW5lLPI7HEvprPvDKMr68PtlcHa3iRwdLjz6WvP/X7sRqoT+arsLExuFLP9ymT08O3X/R+u3/7tS4O1veHlxemNJ97//xdZbid3qypH6pL/y/hPZ/kRVAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HG4NriVZDTcTtb2hr02unp298xWmeSFV/tt6Pj8qgPt9WIu3KmvG1lPfvgk3fmkov4xjiyku9LEvl+unhkPOpP6vcVmcGmwtje8v5TcefbB0WGzKjc/OzErtzHdeTfPt6N7VWM82fy7JtsS1eEm7+v78/0XnWR9uD2uf/nHotM0/HExmh5zIcnrvbzSNFPdK9u1f8zaAAAAAAAAAAAAAAAAAAAAgIeyeur0G3fb8fl+kp/eXqjHVa/5L/diqdiX/20vWTyZXO2nGK0kuf3Sb+U3h7a+az8dMEovoyQHP9w81y4p920w/URAkap8nJ3xT/wZAAD//8Wbezo=")
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x8, &(0x7f0000003600)={[{@workdir={'workdir', 0x3d, './file1/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}}]})

391.228139ms ago: executing program 1 (id=1598):
syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="636865636b3d7374726963742c6e6f646f74732c6e6f646f74732c6e6f646f74732c6e6f646f74732c007db9b87a3b22e5cdbfd3408bf7f26c6f9e2e5a33a3de79757cd012da0fa08b018021308de4ff8e18c85136d66ca70f9e0202d9f4ae6ea8be44247a411f017b3641e72534ed28887e107245165398cb2190b1c94e503b9496f8a547d22bd1f5389f7d4c9888f5cf2358d4258a2647e5563c5bf7447ab02ee8751259a8c6ee852e305393a69052893580c4820d1ce2dcfccf9b1f8250ea0de206b8ef12366ebe20bc74087f57f579b70bd08afcf902e41a55b58f624e5ce5a03cf74baddfb64769c330584e79449ff96c074b0065a305dd039b056c50c00d1d6a"], 0x1, 0x236, &(0x7f0000000000)="$eJzs3TFrE2EYB/DHNm1DFjuLw4GLU1C/wSEVxAMhkkEnD6pLK8J1OZ3uY/gZ/Eh+jEzdTpIrTRujiyav6f1+EPInfw6ey5A3w/sm7x9+Ojv9fPGx/fEthsMsBhFNXEYcx17sR+fe1fPeIh/GTU0AALtmMinz1DOwWVWVlwcRcfRLM/2eZCAAAAAAAAAAAAD+mv3/ANA/9v/ffVWVl6Or72+32f8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAApHPZtvfbPzxSzwcA/HvWfwDoH+s/APSP9R8A+ufN23ev8qI4mWTZMGLW1O381VlTTyNGEfHiZXHyJFs4Xl41q+vp/iLN+6ddn93uD66vf7a2P4zHj7p+3j1/Xaz0R3G6jTcAAAAAAAAAAAAAAAAAAAAA/gPj7Nra8/3j8e/6Lt34fYCV8/uDeDDY2m0AAAAAAAAAAAAAAAAAAADATrv48vWsPD//UAmC0NMwWlOl/mQCAAAAAAAAAAAAAAAAAID+WR76TT0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKSz/P//zYXU9wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0w88AAAD//9vbk2A=")
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = socket$inet(0x2, 0x3, 0x2)
sendto$inet(r0, 0x0, 0x0, 0x8004, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)

260.004479ms ago: executing program 5 (id=1599):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x4, 0xfff, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0xc, 0x4, 0x7f, 0x41, 0xffffffffffffffff, 0xfffffffc}, 0x50)

129.61913ms ago: executing program 5 (id=1600):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}}, 0x24}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)=@newlink={0x40, 0x10, 0x437, 0x0, 0xffffffef, {0x0, 0x0, 0x0, r2, 0x50487, 0x8044}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e21}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x20008884)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000001c0)=[{{&(0x7f0000000240)={0xa, 0x4e22, 0x6, @local, 0xa}, 0x1c, 0x0}}], 0x1, 0x2008c0c0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {}, {0x5, 0xf}}}, 0x24}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

96.009442ms ago: executing program 6 (id=1601):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, 0x0)

92.833533ms ago: executing program 4 (id=1602):
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x300000c, 0x204031, 0xffffffffffffffff, 0xffffd000)
mremap(&(0x7f000007e000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffd000/0x1000)=nil)
remap_file_pages(&(0x7f0000770000/0x1000)=nil, 0x1000, 0x0, 0x9, 0x800)

0s ago: executing program 1 (id=1603):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_clone(0x400, 0x0, 0x0, &(0x7f0000000000), &(0x7f0000000080), 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)

kernel console output (not intermixed with test programs):

NETDEV_CHANGE): vlan0: link becomes ready
[  184.612039][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  184.627024][ T6144] device veth0_vlan entered promiscuous mode
[  184.783051][ T6144] device veth1_vlan entered promiscuous mode
[  184.895467][ T6239] device hsr_slave_0 entered promiscuous mode
[  184.910787][ T6239] device hsr_slave_1 entered promiscuous mode
[  184.917852][ T6239] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  184.925762][ T6239] Cannot create hsr debugfs directory
[  185.078919][ T6319] overlayfs: './file0' not a directory
[  185.157636][ T6144] device veth0_macvtap entered promiscuous mode
[  185.220349][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  185.238765][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  185.251730][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  185.261281][ T4272] Bluetooth: hci2: command 0x041b tx timeout
[  185.280390][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  185.295528][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  185.316499][ T6144] device veth1_macvtap entered promiscuous mode
[  185.398019][ T4483] device hsr_slave_0 left promiscuous mode
[  185.412195][ T4483] device hsr_slave_1 left promiscuous mode
[  185.427639][ T4483] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  185.442844][ T4483] batman_adv: batadv0: Removing interface: batadv_slave_0
[  185.455094][ T4483] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  185.467879][ T4483] batman_adv: batadv0: Removing interface: batadv_slave_1
[  185.483411][ T4483] device bridge_slave_1 left promiscuous mode
[  185.494189][ T4483] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.526480][ T4483] device bridge_slave_0 left promiscuous mode
[  185.536741][ T4483] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.587904][ T4483] device veth1_macvtap left promiscuous mode
[  185.594223][ T4483] device veth0_macvtap left promiscuous mode
[  185.605518][ T4483] device veth1_vlan left promiscuous mode
[  185.612614][ T4483] device veth0_vlan left promiscuous mode
[  185.658666][ T4272] Bluetooth: hci1: command 0x0419 tx timeout
[  186.054568][ T4483] team0 (unregistering): Port device team_slave_1 removed
[  186.112256][ T4483] team0 (unregistering): Port device team_slave_0 removed
[  186.153942][ T4483] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  186.197238][ T4483] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  186.633178][ T4483] bond0 (unregistering): Released all slaves
[  186.755393][ T6144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  186.770536][ T6144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.781165][ T6144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  186.791799][ T6144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.801766][ T6144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  186.812802][ T6144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.824457][ T6144] batman_adv: batadv0: Interface activated: batadv_slave_0
[  186.844969][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  186.866084][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  186.902223][ T6144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  186.915380][ T6144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.933152][ T6144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  186.949570][ T6144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.963909][ T6144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  186.976321][ T6144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.997560][ T6144] batman_adv: batadv0: Interface activated: batadv_slave_1
[  187.039861][ T5512] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  187.053727][ T5512] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  187.064949][ T6144] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  187.077951][ T6144] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  187.087065][ T6144] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  187.096813][ T6144] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  187.338431][ T4272] Bluetooth: hci2: command 0x040f tx timeout
[  187.342059][ T5342] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  187.390928][ T5342] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  187.402403][ T5399] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  187.441537][ T5399] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  187.516254][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  187.540460][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  188.045592][ T6356] capability: warning: `syz.9.477' uses 32-bit capabilities (legacy support in use)
[  188.136100][ T6239] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  188.171287][ T6239] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  188.185271][ T6239] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  188.196537][ T6239] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  188.374280][ T6239] 8021q: adding VLAN 0 to HW filter on device bond0
[  188.446317][ T6239] 8021q: adding VLAN 0 to HW filter on device team0
[  188.455653][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  188.481506][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  188.518403][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  188.534193][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  188.557036][ T5399] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.564207][ T5399] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.596287][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  188.626189][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  188.641781][ T5399] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.648938][ T5399] bridge0: port 2(bridge_slave_1) entered forwarding state
[  188.664697][ T6371] netlink: 12 bytes leftover after parsing attributes in process `syz.1.480'.
[  188.689669][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  188.700181][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  188.716386][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  188.735635][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  188.755215][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  188.804301][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  188.824963][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  188.840609][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  188.858944][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  188.867492][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  188.884853][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  188.907070][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  188.927996][ T6239] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  189.376354][ T6393] loop9: detected capacity change from 0 to 512
[  189.419016][ T4272] Bluetooth: hci2: command 0x0419 tx timeout
[  189.422518][ T4483] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  189.437275][ T6393] EXT4-fs error (device loop9): ext4_orphan_get:1400: inode #15: comm syz.9.486: casefold flag without casefold feature
[  189.457937][ T4483] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  189.508620][ T6393] EXT4-fs error (device loop9): ext4_orphan_get:1405: comm syz.9.486: couldn't read orphan inode 15 (err -117)
[  189.533763][ T6239] 8021q: adding VLAN 0 to HW filter on device batadv0
[  189.550416][ T6393] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  189.605002][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  189.620330][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  189.672675][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  189.689671][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  189.707672][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  189.724067][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  189.735172][ T6144] EXT4-fs (loop9): unmounting filesystem.
[  189.744407][ T6239] device veth0_vlan entered promiscuous mode
[  189.767233][ T6239] device veth1_vlan entered promiscuous mode
[  189.848100][ T4483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  189.860362][ T4483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  189.894109][ T6239] device veth0_macvtap entered promiscuous mode
[  189.913657][ T6239] device veth1_macvtap entered promiscuous mode
[  190.084273][ T6239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.139401][ T6239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.226522][ T6239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.341790][ T6239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.490102][ T6239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.627884][ T6239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.759895][ T6239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.770467][ T6239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.809819][ T6239] batman_adv: batadv0: Interface activated: batadv_slave_0
[  190.844443][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  190.862239][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  190.870584][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  190.885890][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  191.022211][ T6239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  191.050881][ T6239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.094792][ T6239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  191.138596][ T6239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.158248][ T6239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  191.174658][ T6239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.198506][ T6239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  191.218290][ T6239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.310220][ T6239] batman_adv: batadv0: Interface activated: batadv_slave_1
[  191.319481][ T4483] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  191.335403][ T4483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  191.408894][ T6419] netlink: 12 bytes leftover after parsing attributes in process `syz.2.491'.
[  191.572338][ T6239] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  191.707013][ T6239] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  191.873423][ T6239] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  192.011887][ T6239] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  192.325293][ T5342] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  192.356576][ T5342] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  192.384622][   T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  192.396079][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  192.408363][   T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  192.459685][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  193.266863][ T6458] loop2: detected capacity change from 0 to 512
[  193.414618][ T6458] EXT4-fs (loop2): 1 orphan inode deleted
[  193.424256][ T6458] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  193.434797][ T4379] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  193.445260][ T4379] EXT4-fs error (device loop2): ext4_release_dquot:6850: comm kworker/u4:7: Failed to release dquot type 1
[  193.448804][ T6458] ext4 filesystem being mounted at /122/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  194.556936][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  194.563302][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  194.794035][ T4280] EXT4-fs (loop2): unmounting filesystem.
[  195.301094][ T6505] loop2: detected capacity change from 0 to 16
[  195.430314][ T6505] erofs: (device loop2): mounted with root inode @ nid 36.
[  196.085102][ T6522] loop3: detected capacity change from 0 to 1024
[  196.138438][ T4281] Bluetooth: hci4: command 0x0406 tx timeout
[  196.144537][ T4272] Bluetooth: hci0: command 0x0406 tx timeout
[  196.181467][ T6522] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  196.344027][ T6522] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  196.411671][ T6522] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  196.689139][ T6534] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  196.722085][ T6534] EXT4-fs (loop3): Remounting filesystem read-only
[  197.160016][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  197.971713][ T6552] loop3: detected capacity change from 0 to 512
[  198.085905][ T6552] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  198.111682][ T6552] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  198.314197][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  198.531556][ T6573] loop3: detected capacity change from 0 to 512
[  198.632494][ T6573] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  198.714980][ T6573] ext4 filesystem being mounted at /8/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  198.769153][ T6573] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #2: comm syz.3.529: corrupted inode contents
[  199.038933][ T6573] EXT4-fs error (device loop3): ext4_dirty_inode:6119: inode #2: comm syz.3.529: mark_inode_dirty error
[  199.468448][ T6573] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #2: comm syz.3.529: corrupted inode contents
[  199.497490][ T6573] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.529: mark_inode_dirty error
[  199.932135][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  200.747655][ T6616] loop2: detected capacity change from 0 to 512
[  200.883450][ T6616] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  200.932567][ T6616] ext4 filesystem being mounted at /128/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.084021][ T4280] EXT4-fs (loop2): unmounting filesystem.
[  201.289403][ T6633] loop3: detected capacity change from 0 to 512
[  201.306843][ T6633] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  201.478868][ T6633] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF
[  202.294418][ T6645] loop2: detected capacity change from 0 to 128
[  202.414799][ T6645] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  202.497026][ T6645] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  204.191130][ T4280] EXT4-fs (loop2): unmounting filesystem.
[  204.242151][ T6682] loop9: detected capacity change from 0 to 512
[  205.414298][ T6682] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  205.453099][ T6682] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  206.459172][ T6144] EXT4-fs (loop9): unmounting filesystem.
[  206.601862][ T6693] loop2: detected capacity change from 0 to 32768
[  206.756998][ T6717] netlink: 24 bytes leftover after parsing attributes in process `syz.1.569'.
[  206.780383][ T6715] loop9: detected capacity change from 0 to 512
[  206.869515][ T6693] XFS (loop2): Mounting V5 Filesystem
[  207.493025][ T6715] EXT4-fs (loop9): 1 orphan inode deleted
[  207.508685][   T75] Quota error (device loop9): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  207.528473][ T6715] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  207.536666][   T75] EXT4-fs error (device loop9): ext4_release_dquot:6850: comm kworker/u4:4: Failed to release dquot type 1
[  207.551154][ T6715] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  207.573656][ T6693] XFS (loop2): Ending clean mount
[  207.663932][ T6724] device bridge_slave_1 left promiscuous mode
[  207.678532][ T6724] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.827253][ T6724] device bridge_slave_0 left promiscuous mode
[  207.839460][ T6724] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.862099][ T4280] XFS (loop2): Unmounting Filesystem
[  207.869412][ T6144] EXT4-fs (loop9): unmounting filesystem.
[  208.044113][ T6738] loop9: detected capacity change from 0 to 1024
[  208.076157][ T6738] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  208.292665][ T6738] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  208.307218][ T6738] ext4 filesystem being mounted at /19/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  209.178965][ T6750] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  209.299482][ T6750] EXT4-fs (loop9): Remounting filesystem read-only
[  209.489909][ T6753] batman_adv: batadv0: Adding interface: dummy0
[  209.496235][ T6753] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  209.522106][ T6753] batman_adv: batadv0: Interface activated: dummy0
[  209.757743][ T6144] EXT4-fs (loop9): unmounting filesystem.
[  209.826600][ T6760] loop3: detected capacity change from 0 to 512
[  209.873235][ T6760] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.578: iget: bad i_size value: 38620345925642
[  210.055654][ T6767] loop9: detected capacity change from 0 to 512
[  210.064456][ T6760] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.578: couldn't read orphan inode 15 (err -117)
[  210.102199][ T6760] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  210.153352][ T6775] loop2: detected capacity change from 0 to 512
[  210.172082][ T6767] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  210.182474][ T6760] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz.3.578: iget: bad i_size value: 38620345925642
[  210.248690][ T6766] overlayfs: failed to clone upperpath
[  210.259387][ T6767] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  210.339738][ T6775] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  210.368411][ T6775] ext4 filesystem being mounted at /132/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  210.404882][ T6775] EXT4-fs error (device loop2): ext4_do_update_inode:5254: inode #2: comm syz.2.570: corrupted inode contents
[  210.458515][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  210.481148][ T6144] EXT4-fs (loop9): unmounting filesystem.
[  210.508301][ T6775] EXT4-fs error (device loop2): ext4_dirty_inode:6119: inode #2: comm syz.2.570: mark_inode_dirty error
[  210.596407][ T6775] EXT4-fs error (device loop2): ext4_do_update_inode:5254: inode #2: comm syz.2.570: corrupted inode contents
[  210.832795][ T6775] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.570: mark_inode_dirty error
[  210.869675][ T6798] loop9: detected capacity change from 0 to 512
[  211.502529][ T6798] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[  211.528664][ T6798] EXT4-fs (loop9): invalid journal inode
[  211.543748][ T6798] EXT4-fs (loop9): can't get journal size
[  211.584624][ T6798] EXT4-fs (loop9): 1 truncate cleaned up
[  211.597290][ T6798] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  212.529704][ T4280] EXT4-fs (loop2): unmounting filesystem.
[  212.681930][ T6144] EXT4-fs (loop9): unmounting filesystem.
[  213.755037][ T6821] batman_adv: batadv0: Adding interface: dummy0
[  213.761434][ T6821] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.786879][ T6821] batman_adv: batadv0: Interface activated: dummy0
[  213.861458][ T6823] netlink: 24 bytes leftover after parsing attributes in process `syz.9.587'.
[  213.993596][ T6823] device bridge_slave_1 left promiscuous mode
[  214.009202][ T6823] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.037996][ T6823] device bridge_slave_0 left promiscuous mode
[  214.063848][ T6823] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.256349][   T27] audit: type=1326 audit(1754709471.855:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6851 comm="syz.9.598" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa68c78ebe9 code=0x0
[  215.382876][ T6862] loop2: detected capacity change from 0 to 1024
[  215.420631][ T6862] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  215.549626][ T6862] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  215.563512][ T6862] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  216.946411][ T6881] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  217.218295][ T6881] EXT4-fs (loop2): Remounting filesystem read-only
[  217.546411][ T4280] EXT4-fs (loop2): unmounting filesystem.
[  217.777477][ T6898] netlink: 8 bytes leftover after parsing attributes in process `syz.2.608'.
[  218.368839][ T6918] loop3: detected capacity change from 0 to 512
[  218.485778][ T6918] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  218.518760][ T6918] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  218.551256][ T6926] netlink: 12 bytes leftover after parsing attributes in process `syz.6.617'.
[  218.826307][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  219.092159][ T6943] "syz.6.623" (6943) uses obsolete ecb(arc4) skcipher
[  219.112260][ T6944] loop9: detected capacity change from 0 to 512
[  219.138062][ T6944] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  219.185907][ T6944] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  219.249219][ T6944] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  219.281886][ T6944] System zones: 0-2, 18-18, 34-35
[  219.306579][ T6944] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  219.512402][ T6144] EXT4-fs (loop9): unmounting filesystem.
[  220.311944][ T6983] "syz.1.636" (6983) uses obsolete ecb(arc4) skcipher
[  220.530487][ T6991] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT
[  220.646667][ T6961] loop9: detected capacity change from 0 to 32768
[  220.824734][ T6961] XFS (loop9): Mounting V5 Filesystem
[  220.949416][ T6961] XFS (loop9): Ending clean mount
[  221.025112][   T27] audit: type=1800 audit(1754709477.685:24): pid=6961 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.628" name="file1" dev="loop9" ino=6150 res=0 errno=0
[  221.157948][ T6144] XFS (loop9): Unmounting Filesystem
[  221.402945][ T7028] IPv6: addrconf: prefix option has invalid lifetime
[  221.738389][ T4272] Bluetooth: hci3: command 0x0406 tx timeout
[  221.955916][ T7044] ipt_CLUSTERIP: Please specify destination IP
[  221.974049][ T7049] loop9: detected capacity change from 0 to 1024
[  222.003518][ T7049] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  222.094901][ T7049] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  222.159951][ T7049] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.486117][ T7059] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  223.759491][ T7059] EXT4-fs (loop9): Remounting filesystem read-only
[  223.844969][ T6144] EXT4-fs (loop9): unmounting filesystem.
[  224.281044][ T7070] loop9: detected capacity change from 0 to 512
[  224.323913][ T7070] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  224.709674][ T7079] loop9: detected capacity change from 0 to 512
[  224.756400][ T7079] EXT4-fs error (device loop9): ext4_orphan_get:1400: inode #15: comm syz.9.664: iget: bad i_size value: 38620345925642
[  224.832368][ T7079] EXT4-fs error (device loop9): ext4_orphan_get:1405: comm syz.9.664: couldn't read orphan inode 15 (err -117)
[  224.896720][ T7064] loop2: detected capacity change from 0 to 32768
[  224.933490][ T7079] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  225.001339][ T7064] XFS (loop2): Mounting V5 Filesystem
[  225.134350][ T7064] XFS (loop2): Ending clean mount
[  225.167238][ T7096] 9p: Unknown access argument 18446744073709551615: -34
[  225.214348][   T27] audit: type=1800 audit(1754709481.875:25): pid=7064 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.661" name="file1" dev="loop2" ino=6150 res=0 errno=0
[  225.318740][ T4280] XFS (loop2): Unmounting Filesystem
[  225.319252][ T6144] EXT4-fs (loop9): unmounting filesystem.
[  225.570019][ T7108] fuse: Bad value for 'fd'
[  225.947914][ T7122] loop2: detected capacity change from 0 to 512
[  225.983493][ T7122] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  226.586192][ T7139] loop2: detected capacity change from 0 to 764
[  226.651507][ T7139] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  226.795913][ T7144] loop3: detected capacity change from 0 to 256
[  226.879852][ T7144] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF
[  227.263066][ T7161] netlink: 180 bytes leftover after parsing attributes in process `syz.6.686'.
[  227.417689][ T7165] loop3: detected capacity change from 0 to 512
[  227.439624][ T7165] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  229.455446][ T7190] loop3: detected capacity change from 0 to 512
[  229.512663][ T7194] loop9: detected capacity change from 0 to 256
[  229.579966][ T7190] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  229.638415][ T7190] ext4 filesystem being mounted at /39/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  229.643866][ T7194] FAT-fs (loop9): error, fat_free_clusters: deleting FAT entry beyond EOF
[  229.685742][ T7190] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #2: comm syz.3.694: corrupted inode contents
[  229.718455][ T7190] EXT4-fs error (device loop3): ext4_dirty_inode:6119: inode #2: comm syz.3.694: mark_inode_dirty error
[  229.745996][ T7190] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #2: comm syz.3.694: corrupted inode contents
[  229.769320][ T7190] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.694: mark_inode_dirty error
[  229.889072][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  230.025481][ T7215] loop9: detected capacity change from 0 to 764
[  230.062118][ T7215] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  233.800971][ T7283] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  234.087011][ T7285] loop3: detected capacity change from 0 to 512
[  234.178705][ T7285] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  234.230828][ T7285] ext4 filesystem being mounted at /44/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  234.451655][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  234.885381][ T7322] loop3: detected capacity change from 0 to 512
[  234.939886][ T7322] FAT-fs (loop3): Unrecognized mount option "ÿÿu¢vókF�IëœMVNÂõõ‰¶t¥ør?å!-÷ÿ0G†^âðd»2ˆ:˜Nþ9Ýo`?5Ü_e°¯°~'¾'é{þ8Û�àoí°| _�g‰dXò؇�³ì„覊ÇѶ�g×@ëï2=X=“ÊÐèA~*1¤öÄÕ¾D›ÉFEËÒ:iE5Ì01777777777777777777777" or missing value
[  235.338680][ T7338] loop2: detected capacity change from 0 to 512
[  235.571342][ T7338] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  235.580732][ T7338] ext4 filesystem being mounted at /159/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.498916][ T7352] overlayfs: failed to clone upperpath
[  237.114445][ T4280] EXT4-fs (loop2): unmounting filesystem.
[  237.621141][ T7391] loop2: detected capacity change from 0 to 764
[  237.691842][ T7391] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  237.841670][ T7398] loop3: detected capacity change from 0 to 512
[  237.880617][ T7398] EXT4-fs: Ignoring removed nomblk_io_submit option
[  237.897609][ T7401] sctp: [Deprecated]: syz.6.756 (pid 7401) Use of int in max_burst socket option deprecated.
[  237.897609][ T7401] Use struct sctp_assoc_value instead
[  237.913057][ T7398] EXT4-fs: Ignoring removed i_version option
[  237.962158][ T7398] EXT4-fs (loop3): 1 orphan inode deleted
[  237.991491][ T7398] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  238.047174][ T7398] EXT4-fs error (device loop3): ext4_add_entry:2486: inode #2: comm syz.3.755: Directory hole found for htree leaf block 0
[  238.227105][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  239.789336][ T7432] loop9: detected capacity change from 0 to 512
[  239.887042][ T7432] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  239.963919][ T7432] ext4 filesystem being mounted at /52/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.134735][ T7448] loop2: detected capacity change from 0 to 764
[  240.220336][ T6144] EXT4-fs (loop9): unmounting filesystem.
[  240.224610][ T7448] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  240.714736][ T7470] loop3: detected capacity change from 0 to 1024
[  240.806630][ T7470] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  240.934989][ T7470] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  240.968292][ T7470] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  241.261381][ T7490] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  241.372274][ T7489] loop2: detected capacity change from 0 to 512
[  241.579857][ T7489] EXT4-fs (loop2): Test dummy encryption mode enabled
[  241.628430][ T7489] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  241.746259][ T7489] EXT4-fs error (device loop2): ext4_orphan_get:1426: comm syz.2.785: bad orphan inode 131083
[  241.793404][ T7490] EXT4-fs (loop3): Remounting filesystem read-only
[  241.855640][ T7489] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  241.921306][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  242.094668][ T7505] overlayfs: failed to clone upperpath
[  242.185894][ T7489] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  242.416624][ T7489] fscrypt (loop2): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  242.586333][ T4280] EXT4-fs (loop2): unmounting filesystem.
[  242.725676][ T7538] loop3: detected capacity change from 0 to 512
[  242.810594][ T7538] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  242.876465][ T7538] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  242.897302][ T7544] loop9: detected capacity change from 0 to 1024
[  242.948383][ T7538] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.019766][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  243.162183][ T7544] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  243.222287][ T7544] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.327060][ T7544] EXT4-fs error (device loop9): ext4_map_blocks:745: inode #15: block 3: comm syz.9.798: lblock 3 mapped to illegal pblock 3 (length 3)
[  243.410897][ T7544] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  243.467430][ T7544] EXT4-fs (loop9): This should not happen!! Data will be lost
[  243.467430][ T7544] 
[  243.486488][ T7568] overlayfs: failed to clone upperpath
[  243.574992][ T4379] EXT4-fs error (device loop9): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:7: lblock 8 mapped to illegal pblock 8 (length 8)
[  243.634170][ T4379] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  243.667717][ T4379] EXT4-fs (loop9): This should not happen!! Data will be lost
[  243.667717][ T4379] 
[  243.751331][ T6144] EXT4-fs (loop9): unmounting filesystem.
[  244.586914][ T7599] loop2: detected capacity change from 0 to 512
[  244.624676][ T7601] loop9: detected capacity change from 0 to 128
[  244.651653][ T7599] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  244.707979][ T7601] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  244.731750][ T7601] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  244.780774][ T7599] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  244.814273][ T7599] ext4 filesystem being mounted at /171/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  245.083385][ T4280] EXT4-fs (loop2): unmounting filesystem.
[  245.202911][ T6144] EXT4-fs (loop9): unmounting filesystem.
[  245.385195][ T7616] loop9: detected capacity change from 0 to 764
[  245.487582][ T7616] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  246.459737][ T7655] loop3: detected capacity change from 0 to 1024
[  246.491145][ T7655] EXT4-fs: Ignoring removed nobh option
[  246.504803][ T7655] EXT4-fs: Ignoring removed bh option
[  246.543340][ T7655] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  246.647759][ T7655] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  246.844985][   T27] audit: type=1800 audit(1754709503.505:26): pid=7655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.830" name="file1" dev="loop3" ino=15 res=0 errno=0
[  246.886578][ T7655] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3841: comm syz.3.830: Allocating blocks 497-513 which overlap fs metadata
[  247.042628][ T6239] EXT4-fs error (device loop3): mb_free_blocks:1815: group 0, inode 21: block 433:freeing already freed block (bit 27); block bitmap corrupt.
[  247.081316][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  247.235949][ T7679] loop3: detected capacity change from 0 to 1024
[  247.307477][ T7679] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  247.343716][ T7679] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.471230][ T7679] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 3: comm syz.3.834: lblock 3 mapped to illegal pblock 3 (length 3)
[  247.537151][ T7679] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  247.613995][ T7679] EXT4-fs (loop3): This should not happen!! Data will be lost
[  247.613995][ T7679] 
[  247.780832][    T9] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:0: lblock 8 mapped to illegal pblock 8 (length 8)
[  247.827483][    T9] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  247.881802][    T9] EXT4-fs (loop3): This should not happen!! Data will be lost
[  247.881802][    T9] 
[  247.929961][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  248.518769][ T7728] loop3: detected capacity change from 0 to 512
[  248.550156][ T7728] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  248.631053][ T7728] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  248.662646][ T7728] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  248.797471][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  248.993392][ T7747] loop3: detected capacity change from 0 to 764
[  249.038462][ T7747] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  250.084714][ T7779] loop3: detected capacity change from 0 to 512
[  250.120528][ T7779] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  250.176600][ T7779] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  250.192262][ T7779] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.362582][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  250.933676][ T7804] loop3: detected capacity change from 0 to 512
[  251.205171][ T7804] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  251.214837][ T7804] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.379598][ T7814] overlayfs: conflicting options: metacopy=on,redirect_dir=follow
[  252.815786][ T7826] sctp: [Deprecated]: syz.2.882 (pid 7826) Use of int in max_burst socket option deprecated.
[  252.815786][ T7826] Use struct sctp_assoc_value instead
[  252.956286][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  253.207188][ T7842] loop3: detected capacity change from 0 to 128
[  253.306837][ T7842] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  253.360589][ T7855] loop2: detected capacity change from 0 to 128
[  253.389067][ T7842] ext4 filesystem being mounted at /68/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  253.466313][ T7855] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  253.615066][ T7855] ext4 filesystem being mounted at /179/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  253.715587][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  253.890201][ T7870] loop9: detected capacity change from 0 to 1024
[  253.899765][ T4280] EXT4-fs (loop2): unmounting filesystem.
[  254.044829][ T7870] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  254.070298][ T7870] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  254.139859][   T27] audit: type=1800 audit(1754709510.805:27): pid=7870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.891" name="file1" dev="loop9" ino=15 res=0 errno=0
[  254.167809][ T7870] EXT4-fs error (device loop9): ext4_map_blocks:745: inode #15: comm syz.9.891: lblock 0 mapped to illegal pblock 0 (length 1)
[  254.430858][ T6144] EXT4-fs (loop9): unmounting filesystem.
[  254.718456][ T7895] loop9: detected capacity change from 0 to 512
[  254.830530][ T7895] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  254.870036][ T7895] ext4 filesystem being mounted at /72/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  255.508022][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  255.515078][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  256.836026][ T6144] EXT4-fs (loop9): unmounting filesystem.
[  257.181645][ T7926] loop3: detected capacity change from 0 to 128
[  257.555219][    T9] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.664421][ T7940] overlayfs: statfs failed on './file0'
[  257.677683][    T9] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.692561][ T7940] overlayfs: failed to resolve './file1': -2
[  257.808400][    T9] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.122156][    T9] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.981534][ T7962] loop9: detected capacity change from 0 to 128
[  259.063135][ T7969] loop3: detected capacity change from 0 to 764
[  259.080066][ T7969] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  259.089783][ T7962] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  259.093156][ T7969] overlayfs: failed to resolve './file1': -2
[  259.100153][ T7962] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  259.578719][ T6144] EXT4-fs (loop9): unmounting filesystem.
[  259.972877][ T4272] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  259.982739][ T4272] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  259.990664][ T4272] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  260.026271][ T4272] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  260.052249][ T4272] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  260.060281][ T4272] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  261.593179][ T8032] loop3: detected capacity change from 0 to 764
[  261.745202][ T8032] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  261.771650][ T8032] overlayfs: failed to resolve './file1': -2
[  261.950952][ T8040] loop9: detected capacity change from 0 to 128
[  262.108119][ T8045] loop3: detected capacity change from 0 to 1024
[  262.138383][ T4281] Bluetooth: hci4: command 0x0409 tx timeout
[  262.153061][ T8045] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  262.295066][ T8045] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  262.438931][ T8045] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  262.681622][ T8007] chnl_net:caif_netlink_parms(): no params data found
[  262.777157][ T8066] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  263.234577][ T8066] EXT4-fs (loop3): Remounting filesystem read-only
[  263.341117][ T8074] loop9: detected capacity change from 0 to 764
[  263.377965][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  263.438674][ T8074] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  263.532548][ T8074] overlayfs: failed to resolve './file1': -2
[  263.561012][ T8071] overlayfs: failed to clone upperpath
[  264.218290][ T4281] Bluetooth: hci4: command 0x041b tx timeout
[  264.336159][ T8083] loop3: detected capacity change from 0 to 128
[  264.348993][    T9] device hsr_slave_0 left promiscuous mode
[  264.394813][    T9] device hsr_slave_1 left promiscuous mode
[  264.439714][    T9] batman_adv: batadv0: Interface deactivated: dummy0
[  264.449167][    T9] batman_adv: batadv0: Removing interface: dummy0
[  264.466841][ T8083] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  264.498982][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  264.506544][ T8083] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  264.523171][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  264.546625][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  264.566221][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  264.608988][    T9] device bridge_slave_1 left promiscuous mode
[  264.638481][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.667087][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  264.676008][    T9] device bridge_slave_0 left promiscuous mode
[  264.737599][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.949992][    T9] device veth1_macvtap left promiscuous mode
[  264.969538][    T9] device veth0_macvtap left promiscuous mode
[  264.991494][    T9] device veth1_vlan left promiscuous mode
[  265.025994][    T9] device veth0_vlan left promiscuous mode
[  265.180179][ T8110] overlayfs: failed to resolve './file0': -2
[  266.298887][ T4283] Bluetooth: hci4: command 0x040f tx timeout
[  266.402296][ T8123] overlayfs: failed to clone upperpath
[  267.195727][ T8141] overlayfs: failed to clone upperpath
[  267.516417][    T9] team0 (unregistering): Port device team_slave_1 removed
[  267.558113][    T9] team0 (unregistering): Port device team_slave_0 removed
[  267.597605][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  267.639314][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  268.027127][    T9] bond0 (unregistering): Released all slaves
[  268.350351][ T8007] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.357511][ T8007] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.380783][ T4283] Bluetooth: hci4: command 0x0419 tx timeout
[  268.401590][ T8007] device bridge_slave_0 entered promiscuous mode
[  268.436808][ T8007] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.495430][ T8163] loop9: detected capacity change from 0 to 2048
[  268.504136][ T8007] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.548567][ T8007] device bridge_slave_1 entered promiscuous mode
[  268.561098][ T8163] EXT4-fs: Ignoring removed mblk_io_submit option
[  268.625223][ T8163] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  268.667933][ T8007] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.733808][ T8007] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.768376][ T8170] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  268.816200][ T8176] 9p: Unknown access argument 18446744073709551615: -34
[  268.882883][ T8007] team0: Port device team_slave_0 added
[  268.895972][ T8170] EXT4-fs (loop9): Remounting filesystem read-only
[  268.971066][ T6144] EXT4-fs error (device loop9): ext4_readdir:263: inode #11: block 34: comm syz-executor: path /85/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1025, size=2048 fake=0
[  268.993122][ T8007] team0: Port device team_slave_1 added
[  269.008839][ T6144] EXT4-fs (loop9): Remounting filesystem read-only
[  269.018314][ T6144] EXT4-fs error (device loop9): ext4_empty_dir:3177: inode #11: block 34: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=4096, inode=0, rec_len=1025, size=2048 fake=0
[  269.118680][ T6144] EXT4-fs (loop9): Remounting filesystem read-only
[  269.125927][ T6144] EXT4-fs error (device loop9): ext4_readdir:263: inode #11: block 34: comm syz-executor: path /85/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1025, size=2048 fake=0
[  269.147310][ T8180] overlayfs: failed to clone upperpath
[  269.161540][ T8007] batman_adv: batadv0: Adding interface: batadv_slave_0
[  269.178431][ T8007] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.228410][ T6144] EXT4-fs (loop9): Remounting filesystem read-only
[  269.235210][ T6144] EXT4-fs error (device loop9): ext4_empty_dir:3177: inode #11: block 34: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=4096, inode=0, rec_len=1025, size=2048 fake=0
[  269.257362][ T8007] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  269.300921][ T8007] batman_adv: batadv0: Adding interface: batadv_slave_1
[  269.344679][ T8007] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.371473][ T6144] EXT4-fs (loop9): Remounting filesystem read-only
[  269.386873][ T6144] EXT4-fs error (device loop9): ext4_readdir:263: inode #11: block 34: comm syz-executor: path /85/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1025, size=2048 fake=0
[  269.443391][ T8007] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  269.469926][ T6144] EXT4-fs (loop9): Remounting filesystem read-only
[  269.476700][ T6144] EXT4-fs error (device loop9): ext4_empty_dir:3177: inode #11: block 34: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=4096, inode=0, rec_len=1025, size=2048 fake=0
[  269.550638][ T6144] EXT4-fs (loop9): Remounting filesystem read-only
[  269.587847][ T6144] EXT4-fs error (device loop9): ext4_readdir:263: inode #11: block 34: comm syz-executor: path /85/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1025, size=2048 fake=0
[  269.678291][ T6144] EXT4-fs (loop9): Remounting filesystem read-only
[  269.699800][ T8007] device hsr_slave_0 entered promiscuous mode
[  269.702799][ T6144] EXT4-fs error (device loop9): ext4_empty_dir:3177: inode #11: block 34: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=4096, inode=0, rec_len=1025, size=2048 fake=0
[  269.739976][ T8007] device hsr_slave_1 entered promiscuous mode
[  269.767118][ T6144] EXT4-fs (loop9): Remounting filesystem read-only
[  269.807894][ T6144] EXT4-fs error (device loop9): ext4_readdir:263: inode #11: block 34: comm syz-executor: path /85/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1025, size=2048 fake=0
[  271.370554][ T8217] overlayfs: failed to resolve './file1': -2
[  272.497721][ T5399] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.774292][ T4283] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  272.785009][ T4283] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  272.803562][ T4283] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  272.816911][ T4283] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  272.824582][ T4283] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  272.832429][ T4283] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  272.835979][ T5399] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.065645][ T5399] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.198317][ T5399] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.418029][ T8007] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  273.547064][ T8007] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  273.649696][ T4281] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  273.659159][ T4281] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  273.666687][ T8007] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  273.667629][ T4281] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  273.691956][ T4281] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  273.700745][ T4281] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  273.708911][ T4281] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  273.796420][ T8007] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  273.908609][ T8230] chnl_net:caif_netlink_parms(): no params data found
[  274.754879][ T8230] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.768572][ T8230] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.788718][ T8230] device bridge_slave_0 entered promiscuous mode
[  274.799515][ T8230] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.806707][ T8230] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.814960][ T8230] device bridge_slave_1 entered promiscuous mode
[  274.858786][ T4283] Bluetooth: hci1: command 0x0409 tx timeout
[  274.991654][ T8230] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  275.012160][ T8007] 8021q: adding VLAN 0 to HW filter on device bond0
[  275.030131][ T8230] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  275.113189][ T8007] 8021q: adding VLAN 0 to HW filter on device team0
[  275.155500][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  275.176963][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  275.243006][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  275.272959][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  275.281775][ T4926] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.288909][ T4926] bridge0: port 1(bridge_slave_0) entered forwarding state
[  275.306321][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  275.321426][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  275.338745][ T4926] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.345858][ T4926] bridge0: port 2(bridge_slave_1) entered forwarding state
[  275.371858][ T8255] chnl_net:caif_netlink_parms(): no params data found
[  275.402562][ T8230] team0: Port device team_slave_0 added
[  275.442809][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  275.458943][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  275.475547][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  275.513363][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  275.531001][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  275.575982][ T8230] team0: Port device team_slave_1 added
[  275.689646][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  275.715387][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  275.732177][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  275.739115][ T4283] Bluetooth: hci2: command 0x0409 tx timeout
[  275.757337][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  275.807106][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  275.910547][ T8230] batman_adv: batadv0: Adding interface: batadv_slave_0
[  275.934405][ T8230] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  275.972843][ T8230] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  276.074831][ T8007] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  276.090453][ T8230] batman_adv: batadv0: Adding interface: batadv_slave_1
[  276.107228][ T8230] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  276.178104][ T8230] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  276.461584][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  276.474098][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  276.546855][ T5399] device hsr_slave_0 left promiscuous mode
[  276.557431][ T5399] device hsr_slave_1 left promiscuous mode
[  276.572478][ T5399] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  276.589674][ T5399] batman_adv: batadv0: Removing interface: batadv_slave_0
[  276.597728][ T5399] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  276.629201][ T5399] batman_adv: batadv0: Removing interface: batadv_slave_1
[  276.657849][ T5399] device veth1_macvtap left promiscuous mode
[  276.664933][ T5399] device veth0_macvtap left promiscuous mode
[  276.671284][ T5399] device veth1_vlan left promiscuous mode
[  276.677336][ T5399] device veth0_vlan left promiscuous mode
[  276.945981][ T4283] Bluetooth: hci1: command 0x041b tx timeout
[  277.654680][ T8344] 9pnet_fd: Insufficient options for proto=fd
[  277.721089][ T5399] team0 (unregistering): Port device team_slave_1 removed
[  277.825070][ T4281] Bluetooth: hci2: command 0x041b tx timeout
[  277.839719][ T5399] team0 (unregistering): Port device team_slave_0 removed
[  277.949228][ T5399] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  278.019575][ T5399] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  278.066800][ T8361] 9pnet_fd: Insufficient options for proto=fd
[  278.646440][ T5399] bond0 (unregistering): Released all slaves
[  278.733559][ T8230] device hsr_slave_0 entered promiscuous mode
[  278.759549][ T8230] device hsr_slave_1 entered promiscuous mode
[  278.777352][ T8230] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  278.792915][ T8230] Cannot create hsr debugfs directory
[  278.800416][ T8255] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.807501][ T8255] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.816055][ T8255] device bridge_slave_0 entered promiscuous mode
[  278.880159][ T8255] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.887308][ T8255] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.903711][ T8255] device bridge_slave_1 entered promiscuous mode
[  279.018573][ T4281] Bluetooth: hci1: command 0x040f tx timeout
[  279.040065][ T8255] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  279.099594][ T8255] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  279.190162][ T8255] team0: Port device team_slave_0 added
[  279.217549][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  279.227021][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  279.368991][ T8255] team0: Port device team_slave_1 added
[  279.377639][ T8007] 8021q: adding VLAN 0 to HW filter on device batadv0
[  279.546748][ T8255] batman_adv: batadv0: Adding interface: batadv_slave_0
[  279.558662][ T8255] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.615189][ T8255] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  279.628133][ T8255] batman_adv: batadv0: Adding interface: batadv_slave_1
[  279.642324][ T8255] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.669934][ T8255] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  279.817556][ T8255] device hsr_slave_0 entered promiscuous mode
[  279.828640][ T8255] device hsr_slave_1 entered promiscuous mode
[  279.838563][ T8255] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  279.846148][ T8255] Cannot create hsr debugfs directory
[  279.898258][ T4281] Bluetooth: hci2: command 0x040f tx timeout
[  280.277680][ T8230] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  280.290121][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  280.301530][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  280.315616][ T8230] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  280.479587][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  280.488049][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  280.497800][ T8230] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  280.518095][ T8007] device veth0_vlan entered promiscuous mode
[  280.601835][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  280.616045][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  280.661481][ T8230] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  280.757205][ T8007] device veth1_vlan entered promiscuous mode
[  280.795286][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  280.804728][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  280.846758][ T5399] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.878838][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  280.895517][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  280.922940][ T8007] device veth0_macvtap entered promiscuous mode
[  280.968861][ T5399] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.991840][ T8007] device veth1_macvtap entered promiscuous mode
[  281.025001][ T8230] 8021q: adding VLAN 0 to HW filter on device bond0
[  281.056934][ T5399] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.073913][ T8007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  281.091176][ T8007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.108534][ T4281] Bluetooth: hci1: command 0x0419 tx timeout
[  281.116891][ T8007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  281.136461][ T8007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.147471][ T8007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  281.164360][ T8007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.176258][ T8007] batman_adv: batadv0: Interface activated: batadv_slave_0
[  281.198233][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  281.209633][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  281.217687][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  281.227714][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  281.236569][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  281.245475][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  281.279961][ T5399] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.305691][ T8230] 8021q: adding VLAN 0 to HW filter on device team0
[  281.313993][ T8007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  281.325466][ T8007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.342149][ T8007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  281.355981][ T8007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.367054][ T8007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  281.377872][ T8007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.392333][ T8007] batman_adv: batadv0: Interface activated: batadv_slave_1
[  281.406172][ T8007] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  281.415475][ T8007] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  281.424982][ T8007] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  281.434458][ T8007] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  281.444965][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  281.454437][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  281.463406][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  281.472884][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  281.481873][ T4482] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.489078][ T4482] bridge0: port 1(bridge_slave_0) entered forwarding state
[  281.504465][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  281.515605][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  281.524867][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  281.535824][ T4351] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.542965][ T4351] bridge0: port 2(bridge_slave_1) entered forwarding state
[  281.593875][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  281.604888][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  281.615194][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  281.626722][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  281.636711][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  281.645985][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  281.675432][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  281.685947][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  281.695250][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  281.704439][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  281.713233][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  281.755926][ T8230] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  281.899872][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  281.908024][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  281.920680][ T4482] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  281.937489][ T4482] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  281.949632][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  281.961943][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  281.978555][ T4281] Bluetooth: hci2: command 0x0419 tx timeout
[  282.452946][ T8454] 9pnet_fd: Insufficient options for proto=fd
[  282.543439][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  282.580941][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  282.634820][ T8230] 8021q: adding VLAN 0 to HW filter on device batadv0
[  282.798070][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  282.812813][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  282.827697][ T8464] loop4: detected capacity change from 0 to 512
[  282.866765][ T8468] sctp: [Deprecated]: syz.1.1055 (pid 8468) Use of int in max_burst socket option deprecated.
[  282.866765][ T8468] Use struct sctp_assoc_value instead
[  282.909871][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  282.937035][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  282.969140][ T8230] device veth0_vlan entered promiscuous mode
[  283.021454][ T8464] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  283.030979][ T8464] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  283.085189][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  283.119036][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  283.142546][ T8230] device veth1_vlan entered promiscuous mode
[  283.187313][ T8007] EXT4-fs (loop4): unmounting filesystem.
[  283.309324][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  283.337779][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  283.496282][ T8230] device veth0_macvtap entered promiscuous mode
[  283.518657][ T8230] device veth1_macvtap entered promiscuous mode
[  283.636617][ T8230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  283.668344][ T8230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.684091][ T8230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  283.765837][ T8230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.795676][ T8230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  283.817239][ T8495] sctp: [Deprecated]: syz.1.1064 (pid 8495) Use of int in max_burst socket option deprecated.
[  283.817239][ T8495] Use struct sctp_assoc_value instead
[  283.842815][ T8230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.853214][ T8230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  283.864433][ T8230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.881256][ T8230] batman_adv: batadv0: Interface activated: batadv_slave_0
[  284.256465][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  284.323237][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  284.450575][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  284.504383][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  284.525452][ T8230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.553535][ T8230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.568006][ T8230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.584696][ T8230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.595521][ T8230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.614074][ T8230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.625140][ T8230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.645900][ T8230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.657291][ T8230] batman_adv: batadv0: Interface activated: batadv_slave_1
[  284.706770][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  284.719114][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  284.751548][ T8230] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  284.786847][ T8230] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  284.806619][ T8230] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  284.832888][ T8230] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  284.981623][ T8255] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  285.023608][ T8255] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  285.060486][ T8255] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  285.093555][ T8255] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  285.170013][ T8526] sctp: [Deprecated]: syz.6.1077 (pid 8526) Use of int in max_burst socket option deprecated.
[  285.170013][ T8526] Use struct sctp_assoc_value instead
[  285.365701][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  285.389539][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  285.562865][ T7808] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  285.655422][ T5399] device hsr_slave_0 left promiscuous mode
[  285.665202][ T5399] device hsr_slave_1 left promiscuous mode
[  285.673761][ T5399] batman_adv: batadv0: Removing interface: batadv_slave_0
[  285.681747][ T5399] batman_adv: batadv0: Removing interface: batadv_slave_1
[  285.690455][ T5399] device bridge_slave_1 left promiscuous mode
[  285.698211][ T5399] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.706770][ T5399] device bridge_slave_0 left promiscuous mode
[  285.765955][ T5399] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.834598][ T5399] device hsr_slave_0 left promiscuous mode
[  285.868701][ T5399] device hsr_slave_1 left promiscuous mode
[  285.909050][ T5399] batman_adv: batadv0: Interface deactivated: dummy0
[  285.945431][ T5399] batman_adv: batadv0: Removing interface: dummy0
[  285.982484][ T5399] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  286.008286][ T5399] batman_adv: batadv0: Removing interface: batadv_slave_0
[  286.016191][ T5399] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  286.023847][ T5399] batman_adv: batadv0: Removing interface: batadv_slave_1
[  286.031716][ T5399] device bridge_slave_1 left promiscuous mode
[  286.038512][ T5399] bridge0: port 2(bridge_slave_1) entered disabled state
[  286.049592][ T5399] device bridge_slave_0 left promiscuous mode
[  286.055883][ T5399] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.097690][ T5399] device veth1_macvtap left promiscuous mode
[  286.105488][ T5399] device veth0_macvtap left promiscuous mode
[  286.113333][ T5399] device veth1_vlan left promiscuous mode
[  286.119252][ T5399] device veth0_vlan left promiscuous mode
[  286.453350][ T8569] 9pnet_fd: Insufficient options for proto=fd
[  286.961536][ T5399] team0 (unregistering): Port device team_slave_1 removed
[  287.012945][ T5399] team0 (unregistering): Port device team_slave_0 removed
[  287.034840][ T8591] 9pnet_fd: Insufficient options for proto=fd
[  287.081778][ T5399] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  287.131824][ T5399] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  287.774289][ T5399] bond0 (unregistering): Released all slaves
[  287.842652][ T8614] 9pnet_fd: Insufficient options for proto=fd
[  288.346792][ T5399] team0 (unregistering): Port device team_slave_1 removed
[  288.399185][ T5399] team0 (unregistering): Port device team_slave_0 removed
[  288.442138][ T5399] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  288.511890][ T5399] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  289.219607][ T5399] bond0 (unregistering): Released all slaves
[  289.318548][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.326646][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.381516][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  289.505270][ T8255] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.596789][ T8638] overlayfs: failed to clone upperpath
[  289.611842][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  289.638927][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  289.675806][ T8255] 8021q: adding VLAN 0 to HW filter on device team0
[  289.707112][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  289.734635][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  289.782686][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.789859][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.821275][ T8647] sctp: [Deprecated]: syz.6.1125 (pid 8647) Use of int in max_burst socket option deprecated.
[  289.821275][ T8647] Use struct sctp_assoc_value instead
[  289.826252][ T8648] loop4: detected capacity change from 0 to 764
[  289.863423][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  289.896351][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  289.926618][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  289.990722][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.997966][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  290.001859][ T8648] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  290.058737][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  290.084990][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  290.119095][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  290.130245][ T8657] loop0: detected capacity change from 0 to 512
[  290.163097][ T8657] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  290.205097][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  290.285204][ T8255] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  290.354896][ T8255] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  290.381771][ T8657] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.1129: bad orphan inode 16
[  290.395306][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  290.422539][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  290.492862][ T8657] ext4_test_bit(bit=15, block=4) = 0
[  290.593250][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  290.603187][ T8657] EXT4-fs (loop0): 1 orphan inode deleted
[  290.722324][ T8657] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  290.789003][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  291.023574][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  291.042202][ T8657] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 1969368878 > max in inode 13
[  291.100519][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  291.109660][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  291.118071][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  291.286279][ T8674] overlayfs: failed to clone upperpath
[  291.315181][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  291.491188][ T8680] overlayfs: failed to clone upperpath
[  291.878866][ T8695] loop0: detected capacity change from 0 to 512
[  291.923365][ T8695] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  292.058511][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  292.066068][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  292.089732][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  292.150068][ T8255] 8021q: adding VLAN 0 to HW filter on device batadv0
[  293.016331][ T8719] loop0: detected capacity change from 0 to 2364
[  293.127517][ T8726] overlayfs: failed to clone upperpath
[  293.574860][ T8744] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1162'.
[  293.616410][ T8747] overlayfs: failed to clone upperpath
[  293.659496][ T8748] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1162'.
[  293.768820][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  293.784710][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  293.846633][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  293.859635][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  293.862985][ T8757] sctp: [Deprecated]: syz.6.1157 (pid 8757) Use of int in max_burst socket option deprecated.
[  293.862985][ T8757] Use struct sctp_assoc_value instead
[  293.881118][ T8255] device veth0_vlan entered promiscuous mode
[  293.903712][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  294.046940][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  294.112348][ T8255] device veth1_vlan entered promiscuous mode
[  294.370471][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  294.776695][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  294.832020][ T8772] overlayfs: failed to clone upperpath
[  294.843288][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  294.902293][ T8255] device veth0_macvtap entered promiscuous mode
[  294.932770][ T8255] device veth1_macvtap entered promiscuous mode
[  294.990049][ T8255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  295.026648][ T8255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.068185][ T8255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  295.133578][ T8255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.158205][ T8255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  295.171607][ T8785] loop4: detected capacity change from 0 to 128
[  295.187952][ T8255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.219535][ T8255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  295.237751][ T8791] sctp: [Deprecated]: syz.6.1170 (pid 8791) Use of int in max_burst socket option deprecated.
[  295.237751][ T8791] Use struct sctp_assoc_value instead
[  295.273584][ T8255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.284302][ T8785] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  295.295039][ T8785] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  295.340449][ T8255] batman_adv: batadv0: Interface activated: batadv_slave_0
[  295.349269][ T4929] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  295.359125][ T4929] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  295.367404][ T4929] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  295.396809][ T4929] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  295.421290][ T8255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.442215][ T8255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.471691][ T8255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.524079][ T8255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.546565][ T8255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.584913][ T8255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.606818][ T8255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.652422][ T8255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.671230][ T8255] batman_adv: batadv0: Interface activated: batadv_slave_1
[  295.683815][ T4697] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  295.695497][ T4697] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  295.718121][ T8255] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  295.733012][ T8255] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  295.746564][ T8255] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  295.760936][ T8255] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  295.808438][ T8007] EXT4-fs (loop4): unmounting filesystem.
[  296.613659][ T4929] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  296.622623][ T7343] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  296.662493][ T7343] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  296.678264][ T4929] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  296.701209][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  296.719800][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  296.952597][ T8834] sctp: [Deprecated]: syz.4.1183 (pid 8834) Use of int in max_burst socket option deprecated.
[  296.952597][ T8834] Use struct sctp_assoc_value instead
[  297.257856][ T8844] loop4: detected capacity change from 0 to 2364
[  297.607662][   T41] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.843178][   T41] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.995994][ T8876] loop0: detected capacity change from 0 to 512
[  297.999743][   T41] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.017671][ T8873] overlayfs: missing 'lowerdir'
[  298.144631][   T41] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.703262][ T4283] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  298.713693][ T4283] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  298.722087][ T4283] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  298.768250][ T4283] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  298.776961][ T4283] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  298.785010][ T4283] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  299.087298][ T8912] loop4: detected capacity change from 0 to 764
[  299.152043][ T8912] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  299.195043][ T8912] overlayfs: missing 'lowerdir'
[  299.711491][ T8897] chnl_net:caif_netlink_parms(): no params data found
[  299.782857][ T8943] loop4: detected capacity change from 0 to 128
[  300.271354][ T8897] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.285219][ T8897] bridge0: port 1(bridge_slave_0) entered disabled state
[  300.301041][ T8897] device bridge_slave_0 entered promiscuous mode
[  300.348333][ T8897] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.355596][ T8897] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.448319][ T8897] device bridge_slave_1 entered promiscuous mode
[  300.731877][ T8897] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  300.775011][   T41] device hsr_slave_0 left promiscuous mode
[  300.777669][ T8969] loop0: detected capacity change from 0 to 8192
[  300.815452][   T41] device hsr_slave_1 left promiscuous mode
[  300.858645][ T4281] Bluetooth: hci2: command 0x0409 tx timeout
[  300.878653][   T41] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  300.974621][   T41] batman_adv: batadv0: Removing interface: batadv_slave_0
[  301.045562][   T41] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  301.098459][   T41] batman_adv: batadv0: Removing interface: batadv_slave_1
[  301.139657][   T41] device bridge_slave_1 left promiscuous mode
[  301.164009][   T41] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.225688][   T41] device bridge_slave_0 left promiscuous mode
[  301.258338][   T41] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.396820][ T8992] loop0: detected capacity change from 0 to 512
[  301.447360][   T41] device veth1_macvtap left promiscuous mode
[  301.458404][   T41] device veth0_macvtap left promiscuous mode
[  301.477319][   T41] device veth1_vlan left promiscuous mode
[  301.513550][ T8992] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.1236: casefold flag without casefold feature
[  301.531597][   T41] device veth0_vlan left promiscuous mode
[  301.551958][ T8992] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1236: couldn't read orphan inode 15 (err -117)
[  301.598444][ T8992] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  301.681065][ T8992] overlayfs: failed to resolve './file1': -2
[  301.929051][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  302.212102][ T9004] 9pnet_fd: Insufficient options for proto=fd
[  302.511330][ T9009] loop4: detected capacity change from 0 to 512
[  302.538113][ T9009] EXT4-fs: Ignoring removed bh option
[  302.611124][ T9009] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  302.658269][ T9009] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  302.724455][ T9009] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  302.775934][ T9009] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  302.836954][ T9017] loop0: detected capacity change from 0 to 2364
[  302.855859][ T9009] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  302.938329][ T4281] Bluetooth: hci2: command 0x041b tx timeout
[  303.016575][ T8007] EXT4-fs (loop4): unmounting filesystem.
[  303.411523][ T9033] loop0: detected capacity change from 0 to 128
[  303.449732][ T9033] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  303.514161][ T9033] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  303.556314][ T9033] FAT-fs (loop0): Filesystem has been set read-only
[  303.607859][ T9033] syz.0.1250: attempt to access beyond end of device
[  303.607859][ T9033] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  303.658541][ T9033] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  303.692717][ T9033] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  303.764982][ T9033] syz.0.1250: attempt to access beyond end of device
[  303.764982][ T9033] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  303.896921][   T27] audit: type=1800 audit(1754709560.555:28): pid=9033 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1250" name="file2" dev="loop0" ino=1048752 res=0 errno=0
[  304.029951][ T9033] syz.0.1250 (9033) used greatest stack depth: 20320 bytes left
[  304.054107][   T41] team0 (unregistering): Port device team_slave_1 removed
[  304.241113][   T41] team0 (unregistering): Port device team_slave_0 removed
[  304.306065][ T9057] loop4: detected capacity change from 0 to 1024
[  304.360172][   T41] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  304.400495][ T9057] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  304.443686][ T9057] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  304.637483][   T41] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  304.712488][ T9065] loop0: detected capacity change from 0 to 512
[  304.799157][ T9065] ext4: Unknown parameter 'nouser_xattr'
[  304.830628][ T8634] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  304.908895][   T75] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: block 1: comm kworker/u4:4: lblock 1 mapped to illegal pblock 1 (length 15)
[  304.933757][ T9065] loop0: detected capacity change from 0 to 1024
[  304.950536][   T75] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 117
[  304.968978][ T9065] EXT4-fs: Ignoring removed bh option
[  304.974479][   T75] EXT4-fs (loop4): This should not happen!! Data will be lost
[  304.974479][   T75] 
[  304.995787][   T75] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  305.018511][ T4281] Bluetooth: hci2: command 0x040f tx timeout
[  305.027248][   T75] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 4 with error 28
[  305.061585][   T75] EXT4-fs (loop4): This should not happen!! Data will be lost
[  305.061585][   T75] 
[  305.108851][   T75] EXT4-fs (loop4): Total free blocks count 0
[  305.114895][   T75] EXT4-fs (loop4): Free/Dirty block details
[  305.131216][   T75] EXT4-fs (loop4): free_blocks=4293918720
[  305.132411][ T9065] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  305.145115][   T75] EXT4-fs (loop4): dirty_blocks=32
[  305.151048][   T75] EXT4-fs (loop4): Block reservation details
[  305.470907][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  305.839450][ T9087] loop0: detected capacity change from 0 to 512
[  305.863077][ T9087] EXT4-fs: Ignoring removed i_version option
[  305.887284][ T9087] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  305.943379][ T9087] EXT4-fs (loop0): 1 truncate cleaned up
[  305.970884][ T9087] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  306.113248][   T41] bond0 (unregistering): Released all slaves
[  306.182795][ T8897] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  306.332365][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  306.340226][ T8897] team0: Port device team_slave_0 added
[  306.359057][ T8897] team0: Port device team_slave_1 added
[  306.497659][ T8897] batman_adv: batadv0: Adding interface: batadv_slave_0
[  306.522784][ T8897] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  306.592977][ T9105] loop4: detected capacity change from 0 to 1024
[  306.637198][ T8897] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  306.663524][ T9105] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  306.734071][ T8897] batman_adv: batadv0: Adding interface: batadv_slave_1
[  306.772130][ T8897] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  306.862389][ T8897] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  306.915135][ T8007] EXT4-fs (loop4): unmounting filesystem.
[  307.000481][ T8897] device hsr_slave_0 entered promiscuous mode
[  307.026574][ T8897] device hsr_slave_1 entered promiscuous mode
[  307.048586][ T8897] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  307.065053][ T8897] Cannot create hsr debugfs directory
[  307.098342][ T4281] Bluetooth: hci2: command 0x0419 tx timeout
[  307.656671][ T9146] loop0: detected capacity change from 0 to 512
[  307.695544][ T9146] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  307.723034][ T9146] EXT4-fs warning (device loop0): __ext4fs_dirhash:270: inode #12: comm syz.0.1283: Siphash requires key
[  307.916874][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  308.056075][ T8897] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  308.086559][ T9153] loop0: detected capacity change from 0 to 512
[  308.102878][ T8897] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  308.186056][ T8897] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  308.201598][ T9153] EXT4-fs error (device loop0): ext4_do_update_inode:5254: inode #16: comm syz.0.1285: corrupted inode contents
[  308.230491][ T8897] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  308.309112][ T9153] EXT4-fs error (device loop0): ext4_dirty_inode:6119: inode #16: comm syz.0.1285: mark_inode_dirty error
[  308.351063][ T9153] EXT4-fs error (device loop0): ext4_do_update_inode:5254: inode #16: comm syz.0.1285: corrupted inode contents
[  308.400870][ T9153] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm syz.0.1285: mark_inode_dirty error
[  308.438330][ T9153] EXT4-fs error (device loop0): ext4_do_update_inode:5254: inode #16: comm syz.0.1285: corrupted inode contents
[  308.500451][ T9153] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  308.535059][ T9153] EXT4-fs error (device loop0): ext4_do_update_inode:5254: inode #16: comm syz.0.1285: corrupted inode contents
[  308.564100][ T9153] EXT4-fs error (device loop0): ext4_truncate:4312: inode #16: comm syz.0.1285: mark_inode_dirty error
[  308.572677][ T8897] 8021q: adding VLAN 0 to HW filter on device bond0
[  308.619452][ T9153] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  308.657001][ T7343] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  308.675010][ T7343] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  308.675298][ T9153] EXT4-fs (loop0): 1 truncate cleaned up
[  308.689249][ T4366] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  308.720252][ T4366] EXT4-fs error (device loop0): ext4_release_dquot:6850: comm kworker/u4:6: Failed to release dquot type 1
[  308.728281][ T9153] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  308.745457][ T8897] 8021q: adding VLAN 0 to HW filter on device team0
[  308.778293][ T9153] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  308.793870][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  308.816729][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  308.882271][ T5342] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.889573][ T5342] bridge0: port 1(bridge_slave_0) entered forwarding state
[  308.898418][ T9153] EXT4-fs error (device loop0): ext4_lookup:1858: inode #12: comm syz.0.1285: iget: bad i_size value: 1407374883557376
[  308.928071][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  308.956852][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  308.987262][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  309.007447][ T5342] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.014612][ T5342] bridge0: port 2(bridge_slave_1) entered forwarding state
[  309.057713][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  309.083228][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  309.107077][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  309.126307][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  309.155020][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  309.195940][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  309.225410][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  309.271927][ T8897] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  309.317238][ T8897] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  309.353183][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  309.367044][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  309.396189][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  309.422983][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  309.450253][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  309.482813][ T5342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  309.841702][ T9201] loop0: detected capacity change from 0 to 128
[  310.316589][ T4366] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  310.343542][ T4366] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  310.356635][ T9221] loop0: detected capacity change from 0 to 512
[  310.393831][ T9221] EXT4-fs: Ignoring removed i_version option
[  310.412849][ T8897] 8021q: adding VLAN 0 to HW filter on device batadv0
[  310.478762][ T9221] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  310.544032][ T9228] xt_TPROXY: Can be used only with -p tcp or -p udp
[  310.610350][ T9232] sctp: [Deprecated]: syz.6.1303 (pid 9232) Use of int in max_burst socket option deprecated.
[  310.610350][ T9232] Use struct sctp_assoc_value instead
[  310.740294][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  310.952013][ T9243] loop0: detected capacity change from 0 to 128
[  311.021620][ T9245] loop4: detected capacity change from 0 to 128
[  311.400749][ T9260] loop0: detected capacity change from 0 to 128
[  311.454673][ T9260] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  311.493981][ T9260] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  311.793550][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  311.928771][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  311.953261][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  312.078113][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  312.086587][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  312.124124][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  312.135698][ T9283] loop4: detected capacity change from 0 to 128
[  312.150686][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  312.235068][ T8897] device veth0_vlan entered promiscuous mode
[  312.280820][ T8897] device veth1_vlan entered promiscuous mode
[  312.302725][ T9288] 9pnet_fd: Insufficient options for proto=fd
[  312.360906][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  312.403856][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  312.443354][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  312.519702][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  312.540324][ T8897] device veth0_macvtap entered promiscuous mode
[  312.575013][ T8897] device veth1_macvtap entered promiscuous mode
[  312.661216][ T8897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  312.699762][ T8897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.718453][ T8897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  312.753988][ T8897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.775852][ T8897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  312.796823][ T8897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.808018][ T8897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  312.838457][ T8897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.860461][ T8897] batman_adv: batadv0: Interface activated: batadv_slave_0
[  312.882893][ T7343] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  312.894016][ T7343] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  312.905855][ T7343] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  312.925444][ T7343] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  312.969434][ T8897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.007148][ T8897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.054064][ T8897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.085820][ T8897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.128276][ T8897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.133790][ T9315] loop4: detected capacity change from 0 to 1024
[  313.153340][ T8897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.198322][ T8897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.221165][ T9315] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  313.229400][ T8897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.241747][ T8897] batman_adv: batadv0: Interface activated: batadv_slave_1
[  313.251600][ T7343] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  313.291718][ T7343] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  313.340236][ T9327] loop0: detected capacity change from 0 to 512
[  313.368237][ T8897] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  313.384187][ T8897] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  313.403774][ T8897] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  313.406362][ T9327] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  313.421888][ T8897] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  313.555378][ T9327] ext4 filesystem being mounted at /46/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  313.667552][ T8007] EXT4-fs (loop4): unmounting filesystem.
[  313.697388][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  313.845463][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.872397][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  313.920936][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  313.921213][ T9337] loop4: detected capacity change from 0 to 128
[  313.955007][   T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.983565][   T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  313.988183][ T9340] 9pnet_fd: Insufficient options for proto=fd
[  314.034415][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  314.563925][ T9361] loop5: detected capacity change from 0 to 1024
[  314.620470][ T9365] loop4: detected capacity change from 0 to 764
[  314.637173][ T9361] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  314.694114][ T9365] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  314.762073][ T9365] overlayfs: missing 'workdir'
[  314.940563][ T8897] EXT4-fs (loop5): unmounting filesystem.
[  315.556630][ T9388] 9pnet_fd: Insufficient options for proto=fd
[  316.467668][ T9407] loop5: detected capacity change from 0 to 764
[  316.555152][ T9412] loop4: detected capacity change from 0 to 512
[  316.569047][ T9407] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  316.592386][ T9412] EXT4-fs: Ignoring removed i_version option
[  316.671187][ T9407] overlayfs: missing 'workdir'
[  316.676949][ T9412] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  316.873288][ T9419] overlayfs: failed to clone upperpath
[  316.942652][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  316.949079][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  316.997856][ T8007] EXT4-fs (loop4): unmounting filesystem.
[  317.453657][ T9444] loop0: detected capacity change from 0 to 512
[  317.488013][ T9450] loop4: detected capacity change from 0 to 128
[  317.495694][ T9444] EXT4-fs: Ignoring removed orlov option
[  317.524625][ T9444] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  317.604553][ T9444] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  317.605492][ T9450] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  317.623067][ T9450] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  317.653219][ T9444] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2195: inode #15: comm syz.0.1368: corrupted in-inode xattr
[  317.674092][ T9444] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1368: couldn't read orphan inode 15 (err -117)
[  317.716872][ T9444] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  317.861481][ T8007] EXT4-fs (loop4): unmounting filesystem.
[  317.890714][ T9461] overlayfs: missing 'workdir'
[  318.012094][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  318.253760][ T9472] binfmt_misc: register: failed to install interpreter file ./file0
[  318.907085][ T9494] loop0: detected capacity change from 0 to 2048
[  318.976531][ T9494]  loop0: p1 < > p3
[  318.994424][ T9494] loop0: p3 size 134217728 extends beyond EOD, truncated
[  319.247900][ T9501] loop5: detected capacity change from 0 to 764
[  319.282254][ T9501] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  319.680635][ T9516] loop4: detected capacity change from 0 to 512
[  319.867610][ T9516] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #16: comm syz.4.1391: corrupted inode contents
[  319.909707][ T9516] EXT4-fs error (device loop4): ext4_dirty_inode:6119: inode #16: comm syz.4.1391: mark_inode_dirty error
[  319.928528][ T9516] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #16: comm syz.4.1391: corrupted inode contents
[  319.975291][ T9516] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.1391: mark_inode_dirty error
[  320.012279][ T9516] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #16: comm syz.4.1391: corrupted inode contents
[  320.059870][ T9516] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  320.102981][ T9516] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #16: comm syz.4.1391: corrupted inode contents
[  320.146497][ T9516] EXT4-fs error (device loop4): ext4_truncate:4312: inode #16: comm syz.4.1391: mark_inode_dirty error
[  320.158625][ T9516] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  320.176711][ T9516] EXT4-fs (loop4): 1 truncate cleaned up
[  320.191578][   T75] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  320.210211][   T75] EXT4-fs error (device loop4): ext4_release_dquot:6850: comm kworker/u4:4: Failed to release dquot type 1
[  320.242361][ T9516] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  320.288431][ T9516] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  320.300489][ T9545] loop0: detected capacity change from 0 to 1024
[  320.340579][ T9545] EXT4-fs: Ignoring removed nomblk_io_submit option
[  320.423860][ T9516] EXT4-fs error (device loop4): ext4_lookup:1858: inode #15: comm syz.4.1391: iget: bad i_size value: 360287970189639690
[  320.454847][ T9545] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  320.554422][ T9550] overlayfs: failed to clone upperpath
[  320.589496][ T8007] EXT4-fs (loop4): unmounting filesystem.
[  320.691224][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  321.232239][ T9565] loop4: detected capacity change from 0 to 2048
[  321.313334][ T9565]  loop4: p1 < > p3
[  321.321259][ T9565] loop4: p3 size 134217728 extends beyond EOD, truncated
[  321.853766][ T9587] overlayfs: failed to clone upperpath
[  322.050599][ T8634] udevd[8634]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  322.072668][ T9595] loop0: detected capacity change from 0 to 512
[  322.106319][ T9372] udevd[9372]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  322.142966][ T9604] loop5: detected capacity change from 0 to 2048
[  322.213172][ T9604]  loop5: p1 < > p3
[  322.223306][ T9604] loop5: p3 size 134217728 extends beyond EOD, truncated
[  322.382743][ T9598] kvm: emulating exchange as write
[  322.496928][ T9613] loop4: detected capacity change from 0 to 1024
[  322.634844][ T9613] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  322.648572][ T9613] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  322.899034][   T41] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: block 1: comm kworker/u4:2: lblock 1 mapped to illegal pblock 1 (length 3)
[  322.953236][   T41] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 3 with error 117
[  322.993654][   T41] EXT4-fs (loop4): This should not happen!! Data will be lost
[  322.993654][   T41] 
[  323.075157][ T8007] EXT4-fs (loop4): unmounting filesystem.
[  323.262122][ T9639] loop0: detected capacity change from 0 to 764
[  323.299940][ T9639] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  323.720813][ T9658] loop5: detected capacity change from 0 to 1024
[  323.781456][ T9658] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  323.829196][ T9658] ext4 filesystem being mounted at /16/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  324.044586][   T11] EXT4-fs error (device loop5): ext4_map_blocks:745: inode #15: block 1: comm kworker/u4:1: lblock 1 mapped to illegal pblock 1 (length 3)
[  324.071235][   T11] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 3 with error 117
[  324.132887][   T11] EXT4-fs (loop5): This should not happen!! Data will be lost
[  324.132887][   T11] 
[  324.184245][ T8897] EXT4-fs (loop5): unmounting filesystem.
[  324.488710][ T9696] overlayfs: failed to clone upperpath
[  324.669944][ T9700] loop5: detected capacity change from 0 to 128
[  324.836605][ T9700] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  324.880798][ T9700] ext4 filesystem being mounted at /18/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  325.162388][ T9713] loop4: detected capacity change from 0 to 1024
[  325.617920][ T9713] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  325.648351][ T9713] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  325.734144][   T75] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: block 1: comm kworker/u4:4: lblock 1 mapped to illegal pblock 1 (length 3)
[  325.751590][ T9721] autofs4:pid:9721:autofs_fill_super: called with bogus options
[  325.785258][ T8897] EXT4-fs (loop5): unmounting filesystem.
[  325.808887][   T75] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 3 with error 117
[  325.890199][   T75] EXT4-fs (loop4): This should not happen!! Data will be lost
[  325.890199][   T75] 
[  325.923298][ T8007] EXT4-fs (loop4): unmounting filesystem.
[  326.071303][ T9733] loop4: detected capacity change from 0 to 512
[  326.155994][ T9736] overlayfs: failed to clone upperpath
[  326.295706][ T9743] loop0: detected capacity change from 0 to 512
[  326.346666][ T9743] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  326.373814][ T9743] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  326.405224][ T9743] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended
[  326.475276][ T9743] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  326.486205][ T9743] System zones: 0-2, 18-18, 34-34
[  326.517717][ T9755] loop5: detected capacity change from 0 to 1024
[  326.529758][ T9743] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1461: couldn't read orphan inode 15 (err -116)
[  326.567073][ T9743] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  326.638076][ T9755] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  326.744444][ T9743] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1461: bg 0: block 80: padding at end of block bitmap is not set
[  326.799090][ T9760] loop4: detected capacity change from 0 to 256
[  326.864749][ T9760] FAT-fs (loop4): Directory bread(block 64) failed
[  326.889456][ T9760] FAT-fs (loop4): Directory bread(block 65) failed
[  326.924502][ T8897] EXT4-fs (loop5): unmounting filesystem.
[  326.927828][ T9760] FAT-fs (loop4): Directory bread(block 66) failed
[  326.938278][ T9760] FAT-fs (loop4): Directory bread(block 67) failed
[  326.945216][ T9760] FAT-fs (loop4): Directory bread(block 68) failed
[  326.972616][ T9760] FAT-fs (loop4): Directory bread(block 69) failed
[  326.988370][ T9760] FAT-fs (loop4): Directory bread(block 70) failed
[  327.030676][ T9760] FAT-fs (loop4): Directory bread(block 71) failed
[  327.031867][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  327.047482][ T9760] FAT-fs (loop4): Directory bread(block 72) failed
[  327.058948][ T9760] FAT-fs (loop4): Directory bread(block 73) failed
[  327.131037][ T9768] autofs4:pid:9768:autofs_fill_super: called with bogus options
[  327.563823][ T9781] loop0: detected capacity change from 0 to 764
[  327.625435][ T9781] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  328.201432][ T9800] loop0: detected capacity change from 0 to 512
[  328.244420][ T9800] EXT4-fs: Ignoring removed i_version option
[  328.281312][ T9800] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  328.511868][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  328.655954][ T9810] loop0: detected capacity change from 0 to 128
[  328.685073][ T9810] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  328.752853][ T9810] ext4 filesystem being mounted at /77/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  328.805992][ T9813] autofs4:pid:9813:autofs_fill_super: called with bogus options
[  329.031113][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  329.402343][ T9832] loop0: detected capacity change from 0 to 764
[  329.421195][ T9833] loop4: detected capacity change from 0 to 512
[  329.439846][ T9833] EXT4-fs: Ignoring removed i_version option
[  329.446663][ T9832] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  329.490551][ T9833] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  329.710096][ T8007] EXT4-fs (loop4): unmounting filesystem.
[  330.053652][ T9856] fuse: Bad value for 'fd'
[  330.096598][ T9859] loop4: detected capacity change from 0 to 1024
[  330.201227][ T9859] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  330.273294][ T9859] ext4 filesystem being mounted at /93/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  330.415868][ T9868] loop0: detected capacity change from 0 to 128
[  330.482230][ T9868] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  330.504590][ T9868] ext4 filesystem being mounted at /82/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  330.553153][ T4351] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: block 1: comm kworker/u4:5: lblock 1 mapped to illegal pblock 1 (length 3)
[  330.573073][ T9870] loop5: detected capacity change from 0 to 2048
[  330.616818][ T4351] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 3 with error 117
[  330.659742][ T9870]  loop5: p1 < > p3
[  330.674355][ T9870] loop5: p3 size 134217728 extends beyond EOD, truncated
[  330.688672][ T4351] EXT4-fs (loop4): This should not happen!! Data will be lost
[  330.688672][ T4351] 
[  330.792119][ T8007] EXT4-fs (loop4): unmounting filesystem.
[  330.977120][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  331.111096][ T9888] 9pnet_fd: Insufficient options for proto=fd
[  331.207294][ T9891] loop0: detected capacity change from 0 to 764
[  331.248276][ T9891] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  331.392494][ T9509] udevd[9509]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  331.415299][ T9372] udevd[9372]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  331.677125][ T9910] loop4: detected capacity change from 0 to 1024
[  331.756985][ T9910] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  331.806679][ T9910] ext4 filesystem being mounted at /96/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  331.915159][ T9899] loop5: detected capacity change from 0 to 512
[  332.033861][ T9899] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  332.151872][ T9899] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  332.235812][ T9899] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.1505: corrupted in-inode xattr
[  332.290404][ T4366] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: block 1: comm kworker/u4:6: lblock 1 mapped to illegal pblock 1 (length 3)
[  332.356562][ T9899] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.1505: couldn't read orphan inode 15 (err -117)
[  332.373788][ T4366] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 3 with error 117
[  332.469314][ T9899] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  332.472707][ T4366] EXT4-fs (loop4): This should not happen!! Data will be lost
[  332.472707][ T4366] 
[  332.506685][ T8007] EXT4-fs (loop4): unmounting filesystem.
[  333.792192][ T9976] loop4: detected capacity change from 0 to 2048
[  333.909399][ T9976]  loop4: p1 < > p3
[  333.916513][ T9976] loop4: p3 size 134217728 extends beyond EOD, truncated
[  334.146531][ T8897] EXT4-fs (loop5): unmounting filesystem.
[  334.216773][ T9997] loop0: detected capacity change from 0 to 128
[  334.279961][T10001] loop5: detected capacity change from 0 to 128
[  334.295951][ T9997] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  334.368308][T10001] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  334.389528][ T9997] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  334.428450][T10001] ext4 filesystem being mounted at /30/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  334.553814][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  334.750088][ T8897] EXT4-fs (loop5): unmounting filesystem.
[  334.788218][T10015] loop0: detected capacity change from 0 to 1024
[  334.864785][T10015] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  334.933953][T10015] ext4 filesystem being mounted at /93/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  334.984880][T10022] loop5: detected capacity change from 0 to 1024
[  335.003627][T10022] EXT4-fs: Ignoring removed oldalloc option
[  335.052676][T10022] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  335.214762][ T8897] EXT4-fs (loop5): unmounting filesystem.
[  335.266411][ T4351] EXT4-fs error (device loop0): ext4_map_blocks:745: inode #15: block 1: comm kworker/u4:5: lblock 1 mapped to illegal pblock 1 (length 3)
[  335.322800][ T4351] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 3 with error 117
[  335.366986][ T4351] EXT4-fs (loop0): This should not happen!! Data will be lost
[  335.366986][ T4351] 
[  335.402216][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  335.863617][T10060] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1550'.
[  336.187646][T10075] loop0: detected capacity change from 0 to 1024
[  336.314758][T10075] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  336.334790][T10075] ext4 filesystem being mounted at /96/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  336.574617][T10093] loop4: detected capacity change from 0 to 2048
[  336.639360][T10093]  loop4: p1 < > p3
[  336.645316][T10093] loop4: p3 size 134217728 extends beyond EOD, truncated
[  336.795225][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  336.830760][T10106] loop5: detected capacity change from 0 to 128
[  336.876278][T10106] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  336.938512][T10106] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  337.196970][ T8897] EXT4-fs (loop5): unmounting filesystem.
[  337.292683][T10121] loop4: detected capacity change from 0 to 512
[  337.361320][T10124] loop0: detected capacity change from 0 to 512
[  337.374847][T10121] EXT4-fs: Ignoring removed i_version option
[  337.436711][T10121] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  337.483375][T10124] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  337.521159][ T9509] udevd[9509]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  337.542556][ T9372] udevd[9372]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  337.614344][ T8007] EXT4-fs (loop4): unmounting filesystem.
[  337.635394][T10124] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  337.743394][T10124] ext4 filesystem being mounted at /98/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  337.989172][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  338.091730][T10156] autofs4:pid:10156:autofs_fill_super: called with bogus options
[  338.284580][T10160] loop0: detected capacity change from 0 to 2048
[  338.342638][T10160]  loop0: p1 < > p3
[  338.352680][T10160] loop0: p3 size 134217728 extends beyond EOD, truncated
[  338.844102][T10184] loop0: detected capacity change from 0 to 1024
[  338.906434][T10187] loop5: detected capacity change from 0 to 1764
[  338.923069][T10184] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  338.938601][T10184] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  339.204533][T10201] autofs4:pid:10201:autofs_fill_super: called with bogus options
[  339.297747][T10203] syz.5.1593[10203] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  339.297856][T10203] syz.5.1593[10203] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  339.372496][ T8230] EXT4-fs (loop0): unmounting filesystem.
[  339.647447][T10219] raw_sendmsg: syz.1.1598 forgot to set AF_INET. Fix it!
[  339.812089][T10227] mmap: syz.4.1602 (10227) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  339.865031][T10227] 
[  339.867418][T10227] ======================================================
[  339.874454][T10227] WARNING: possible circular locking dependency detected
[  339.881501][T10227] 6.1.147-syzkaller #0 Not tainted
[  339.886648][T10227] ------------------------------------------------------
[  339.893673][T10227] syz.4.1602/10227 is trying to acquire lock:
[  339.899766][T10227] ffff88807d1c6de0 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}, at: process_measurement+0x33c/0x1a10
[  339.910533][T10227] 
[  339.910533][T10227] but task is already holding lock:
[  339.917908][T10227] ffff888028c435d8 (&mm->mmap_lock){++++}-{3:3}, at: __se_sys_remap_file_pages+0x17d/0x770
[  339.927948][T10227] 
[  339.927948][T10227] which lock already depends on the new lock.
[  339.927948][T10227] 
[  339.938360][T10227] 
[  339.938360][T10227] the existing dependency chain (in reverse order) is:
[  339.947382][T10227] 
[  339.947382][T10227] -> #1 (&mm->mmap_lock){++++}-{3:3}:
[  339.954963][T10227]        down_read_killable+0x4c/0x340
[  339.960461][T10227]        mmap_read_lock_killable+0x1d/0x60
[  339.966307][T10227]        lock_mm_and_find_vma+0x2b1/0x2f0
[  339.972078][T10227]        do_user_addr_fault+0x2db/0xb10
[  339.977644][T10227]        exc_page_fault+0x60/0x100
[  339.982788][T10227]        asm_exc_page_fault+0x22/0x30
[  339.988167][T10227]        fault_in_readable+0x13e/0x1f0
[  339.993634][T10227]        fault_in_iov_iter_readable+0xbb/0x2e0
[  339.999794][T10227]        generic_perform_write+0x1d2/0x560
[  340.005619][T10227]        __generic_file_write_iter+0x172/0x430
[  340.011774][T10227]        generic_file_write_iter+0xab/0x2e0
[  340.017675][T10227]        vfs_write+0x44c/0x960
[  340.022437][T10227]        ksys_write+0x143/0x240
[  340.027283][T10227]        do_syscall_64+0x4c/0xa0
[  340.032220][T10227]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  340.038639][T10227] 
[  340.038639][T10227] -> #0 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}:
[  340.047342][T10227]        __lock_acquire+0x2cf8/0x7c50
[  340.052719][T10227]        lock_acquire+0x1b4/0x490
[  340.057740][T10227]        down_write+0x36/0x60
[  340.062416][T10227]        process_measurement+0x33c/0x1a10
[  340.068140][T10227]        ima_file_mmap+0x104/0x150
[  340.073291][T10227]        __se_sys_remap_file_pages+0x53e/0x770
[  340.079460][T10227]        do_syscall_64+0x4c/0xa0
[  340.084425][T10227]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  340.090855][T10227] 
[  340.090855][T10227] other info that might help us debug this:
[  340.090855][T10227] 
[  340.101079][T10227]  Possible unsafe locking scenario:
[  340.101079][T10227] 
[  340.108522][T10227]        CPU0                    CPU1
[  340.113880][T10227]        ----                    ----
[  340.119248][T10227]   lock(&mm->mmap_lock);
[  340.123577][T10227]                                lock(&sb->s_type->i_mutex_key#12);
[  340.131560][T10227]                                lock(&mm->mmap_lock);
[  340.138418][T10227]   lock(&sb->s_type->i_mutex_key#12);
[  340.143903][T10227] 
[  340.143903][T10227]  *** DEADLOCK ***
[  340.143903][T10227] 
[  340.152060][T10227] 1 lock held by syz.4.1602/10227:
[  340.157173][T10227]  #0: ffff888028c435d8 (&mm->mmap_lock){++++}-{3:3}, at: __se_sys_remap_file_pages+0x17d/0x770
[  340.167618][T10227] 
[  340.167618][T10227] stack backtrace:
[  340.173518][T10227] CPU: 1 PID: 10227 Comm: syz.4.1602 Not tainted 6.1.147-syzkaller #0
[  340.181668][T10227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  340.191730][T10227] Call Trace:
[  340.195012][T10227]  <TASK>
[  340.197941][T10227]  dump_stack_lvl+0x168/0x22e
[  340.202630][T10227]  ? load_image+0x3b0/0x3b0
[  340.207137][T10227]  ? show_regs_print_info+0x12/0x12
[  340.212337][T10227]  ? print_circular_bug+0x12b/0x1a0
[  340.217542][T10227]  check_noncircular+0x274/0x310
[  340.222481][T10227]  ? add_chain_block+0x940/0x940
[  340.227423][T10227]  ? lockdep_lock+0xdc/0x1e0
[  340.232013][T10227]  ? _find_first_zero_bit+0xcf/0x100
[  340.237304][T10227]  __lock_acquire+0x2cf8/0x7c50
[  340.242170][T10227]  ? ima_match_policy+0x104/0x2100
[  340.247292][T10227]  ? verify_lock_unused+0x140/0x140
[  340.252517][T10227]  ? ima_match_policy+0x207a/0x2100
[  340.257725][T10227]  lock_acquire+0x1b4/0x490
[  340.262233][T10227]  ? process_measurement+0x33c/0x1a10
[  340.267615][T10227]  ? __might_sleep+0xd0/0xd0
[  340.272245][T10227]  ? read_lock_is_recursive+0x10/0x10
[  340.277620][T10227]  ? ima_get_action+0x71/0xa0
[  340.282303][T10227]  down_write+0x36/0x60
[  340.286461][T10227]  ? process_measurement+0x33c/0x1a10
[  340.291845][T10227]  process_measurement+0x33c/0x1a10
[  340.297138][T10227]  ? ima_file_mmap+0x150/0x150
[  340.301911][T10227]  ? aa_file_perm+0x117/0xec0
[  340.306604][T10227]  ? mtree_load+0xeb/0xa40
[  340.311041][T10227]  ? mtree_load+0x90a/0xa40
[  340.315649][T10227]  ? aa_get_current_label+0x110/0x1d0
[  340.321022][T10227]  ? apparmor_current_getsecid_subj+0xb1/0x110
[  340.327178][T10227]  ima_file_mmap+0x104/0x150
[  340.331769][T10227]  ? ima_file_free+0x3e0/0x3e0
[  340.336531][T10227]  ? common_file_perm+0x171/0x1c0
[  340.341582][T10227]  ? bpf_lsm_mmap_file+0x5/0x10
[  340.346449][T10227]  ? security_mmap_file+0x11b/0x180
[  340.351664][T10227]  __se_sys_remap_file_pages+0x53e/0x770
[  340.357300][T10227]  ? __se_sys_futex+0x14a/0x440
[  340.362182][T10227]  ? __x64_sys_remap_file_pages+0xc0/0xc0
[  340.367902][T10227]  ? lock_chain_count+0x20/0x20
[  340.372773][T10227]  ? lockdep_hardirqs_on+0x94/0x140
[  340.377978][T10227]  ? __x64_sys_remap_file_pages+0x1c/0xc0
[  340.383703][T10227]  do_syscall_64+0x4c/0xa0
[  340.388119][T10227]  ? clear_bhb_loop+0x60/0xb0
[  340.392807][T10227]  ? clear_bhb_loop+0x60/0xb0
[  340.397480][T10227]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  340.403386][T10227] RIP: 0033:0x7fabcaf8ebe9
[  340.407819][T10227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.427434][T10227] RSP: 002b:00007fabcbd13038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8
[  340.435855][T10227] RAX: ffffffffffffffda RBX: 00007fabcb1b5fa0 RCX: 00007fabcaf8ebe9
[  340.443827][T10227] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000200000770000
[  340.451830][T10227] RBP: 00007fabcb011e19 R08: 0000000000000800 R09: 0000000000000000
[  340.459802][T10227] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000
[  340.467788][T10227] R13: 00007fabcb1b6038 R14: 00007fabcb1b5fa0 R15: 00007ffffcb38148
[  340.475772][T10227]  </TASK>