last executing test programs:

6m48.29197908s ago: executing program 1 (id=2):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)={0x78, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @local}}, @IPSET_ATTR_TIMEOUT={0x8}, @IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x78}}, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x11, 0x0, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
pipe(0x0)
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0xf3a, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
eventfd(0xfffffc00)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x4, 0xf, 0x80000006}, 0x0, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r3, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x2a0471a, &(0x7f0000000280)={[{@init_itable}]}, 0x82, 0x48f, &(0x7f0000000840)="$eJzs3M1vVFUfAODfvf3gffmsigpItEqMjR8tLags3Gg0cYHRRBeoq9oWQijU0JpYQqAagxsTQ6JrdWniX+DOjVFXJiaudG9IiLIBjYsx9869Mp12mKFOZwrzPMnQc+acO+ecnnvuPfccpgH0rOHsnyRia0T8EhE7qtHlGYarP65dOTv155WzU0lUKq/+nuT5rl45O1VmLY/bUkRG0oj0g6QoZLn5xTMnJmdnZ04X8bGFk2+PzS+eeeL4ycljM8dmTk0cOnTwwPjTT0082ZZ2Zu26uufc3N7dL75+8aWpIxff+v6rrL5bi/TadqzJ4Mq3hrOG/1HJ1ac9HP//T8VtNNtqwkl/FyvCTemLiKy7BrLxX6lUztek7YgX3m9y+JZ1rh6wjrJ706ZV3i/ui0uVhpIbpgK3giS6XQOgO8r7ffb8W746OP3ousvPVh+AsnZfK17VlP5IizwDdc+37TQcEUeW/vose0U71iEAAJr4aOrTw/H4avO/NO6pybe92EMZiog7IuLOiLgrInZGxN0Red57I2JXK4XWbBDUbw2tnP+kl9beuuay+d8zxd7W8vlfOfuLob4iti1v/0By9PjszP7idzISA5uy+PgNyvjm+Z8+bpRWO//LXln55VywqMel/roFuunJhcl8UtoGl9+L2NMff1cqlbr2J1H2UhIRuyNiz8199PYycPzRL/c2ytS8/Ss+7ro27DNVvoh4pNr/S1HX/lKycn9ycNv1/cmx/8XszP6x8qxY6YcfL7zSqPzW278+sv7fvPz8L1I+XywCQ2/W7tfOR4Ody60Ny7jw64cNn2nWev4PJq/l16Ny2/XdyYWF0+MRg8nhPL7s/Ynrx5bxMn/W/pF9WUrZ/vLINL/GRdH/90XE3mK/7P6IeKCo+4MR8VBE7GvY+ojvnmucthH6f7qm/5OoP/93nav+LPt/8aYDfSe+/bpR+a31/8E8NFK8k1//mmi1gmv/zQEAAMCtI81XbpJ09N9wmo6OVv9j787YnM7OzS88dnTunVPT1RWeoRhIy5WuHTXroePJUvGJ1fhEsVZcph8o1o0/6Ys8Pjo1Nzvd5bZDr9vSYPxnfuvrdu2AdbfaPtrEKl9oA24/9eM/XR49/3InKwN0lO9rQ+9qMv7TTtUD6Dz3f+hdq43/83VxewFwe3L/h95l/EPvMv6hd9WN/774uVs1ATpoDV/nFxCYXzwT6YaoRkuB1v8exHoH3tgY1Wgh0O0rEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHv8EwAA//9gP+wr")
socket$inet6_tcp(0xa, 0x1, 0x0)

6m42.005805349s ago: executing program 1 (id=7):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)={0x78, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @local}}, @IPSET_ATTR_TIMEOUT={0x8}, @IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x78}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0400000004000000040000000000010008080000dca9680e7571be03", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000003ffffffff00"/28], 0x48)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x11, 0x0, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
pipe(0x0)
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0xf3a, 0x0)
eventfd(0xfffffc00)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x4, 0xf, 0x80000006}, 0x0, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r3, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x2a0471a, &(0x7f0000000280)={[{@init_itable}]}, 0x82, 0x48f, &(0x7f0000000840)="$eJzs3M1vVFUfAODfvf3gffmsigpItEqMjR8tLags3Gg0cYHRRBeoq9oWQijU0JpYQqAagxsTQ6JrdWniX+DOjVFXJiaudG9IiLIBjYsx9869Mp12mKFOZwrzPMnQc+acO+ecnnvuPfccpgH0rOHsnyRia0T8EhE7qtHlGYarP65dOTv155WzU0lUKq/+nuT5rl45O1VmLY/bUkRG0oj0g6QoZLn5xTMnJmdnZ04X8bGFk2+PzS+eeeL4ycljM8dmTk0cOnTwwPjTT0082ZZ2Zu26uufc3N7dL75+8aWpIxff+v6rrL5bi/TadqzJ4Mq3hrOG/1HJ1ac9HP//T8VtNNtqwkl/FyvCTemLiKy7BrLxX6lUztek7YgX3m9y+JZ1rh6wjrJ706ZV3i/ui0uVhpIbpgK3giS6XQOgO8r7ffb8W746OP3ousvPVh+AsnZfK17VlP5IizwDdc+37TQcEUeW/vose0U71iEAAJr4aOrTw/H4avO/NO6pybe92EMZiog7IuLOiLgrInZGxN0Red57I2JXK4XWbBDUbw2tnP+kl9beuuay+d8zxd7W8vlfOfuLob4iti1v/0By9PjszP7idzISA5uy+PgNyvjm+Z8+bpRWO//LXln55VywqMel/roFuunJhcl8UtoGl9+L2NMff1cqlbr2J1H2UhIRuyNiz8199PYycPzRL/c2ytS8/Ss+7ro27DNVvoh4pNr/S1HX/lKycn9ycNv1/cmx/8XszP6x8qxY6YcfL7zSqPzW278+sv7fvPz8L1I+XywCQ2/W7tfOR4Ody60Ny7jw64cNn2nWev4PJq/l16Ny2/XdyYWF0+MRg8nhPL7s/Ynrx5bxMn/W/pF9WUrZ/vLINL/GRdH/90XE3mK/7P6IeKCo+4MR8VBE7GvY+ojvnmucthH6f7qm/5OoP/93nav+LPt/8aYDfSe+/bpR+a31/8E8NFK8k1//mmi1gmv/zQEAAMCtI81XbpJ09N9wmo6OVv9j787YnM7OzS88dnTunVPT1RWeoRhIy5WuHTXroePJUvGJ1fhEsVZcph8o1o0/6Ys8Pjo1Nzvd5bZDr9vSYPxnfuvrdu2AdbfaPtrEKl9oA24/9eM/XR49/3InKwN0lO9rQ+9qMv7TTtUD6Dz3f+hdq43/83VxewFwe3L/h95l/EPvMv6hd9WN/774uVs1ATpoDV/nFxCYXzwT6YaoRkuB1v8exHoH3tgY1Wgh0O0rEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHv8EwAA//9gP+wr")
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@can={{0x3, 0x1, 0x1}, 0x7, 0x2, 0x0, 0x0, "0c27171fa349580f"}, 0x10}, 0x1, 0x0, 0x0, 0x24044040}, 0x4)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f00000001c0)=0x20000088)
renameat2(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x2)

6m40.7060547s ago: executing program 1 (id=9):
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup(0x4685, 0x0)
timer_create(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100))
syz_mount_image$iso9660(&(0x7f0000000780), &(0x7f0000000000)='./file0\x00', 0x120488f, &(0x7f0000001f80)=ANY=[], 0x81, 0x65b, &(0x7f00000007c0)="$eJzs3V1rG+n5x/HfyLKs+A/hT1uWEPJwJ+mCQ1NFkjcOIoV2OhrZs5U0YkZubSgs6cZeQuRsm6TQ+GTJSR9g+wb2bE+W0hdR6HHfRQ8LS3tW6MmUebJsS7LkRLF3t9+PiefWzDVzX/eMMhdjSSMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABZTrNarVlqe93NLTOZ0wz8zgnL060t6nbauD2mqy+O9CtZ8T+Vy7qUzrr0neHid+JfN3UlfXRF5XhS1v7/vfP/D75dLOTrn5DQ61AkzbDNUpakMc9f7j95OBjsPJtzIl8BKswQtO52vdD3Ova6a7zQN421terdjVZoWl5J4XbYdzvGCdxC3w/MinPb1BqNVeNWtv3N7nrTbrv5zPvfr1era+b9pWzP3n2/EjobXrvtddeTmHhxHHPffPrzNMS1O8bsPh7srE5LMg6qzRJUnxZUr9brtVq9Xlu717h3v1otjsyoHqORiLk/afE1M7+TN/CGCnH9/7sltVVWV5vakhn746ipQL46E5Zn8vr/7l33xH4P1/+8yl8aLr6spP5fSx9dm1T/J+RiZJIVxi2xJsx/vZ/neql9PdFDDTTQjp7NZ7vX55fh2/1Zl4qSp1C+PHVka12uTDbHqKE1ramqD7ShlkIZteSpLVehthWqL1ed5JgEcmUnrdiKHN2WUU0NNbQqI1cVbcvXprpaV1O2/h1F0a4eJ/t99YQclQfVZgmqnxA0qf7/4pM066n13xL1/xstP3/NEgOcuyi7/j+l628nGwAAAAAA8DZYyV/freS1+6uSIrW8tls977QAAAAAAMAcJa/8X4kni3HrqqwJ1//R2ecGAAAAAADmw0o+Y2dJWk7e1G8NPwk1y5sAFs4gRQAAAAAA8IaS1/+vlaQouffadVmnuv4HAAAAAABfA78/dI/9Yn6P3Sh/Wb8gKewtWX/555KCRetVb+u71p4dL7H3spiRdwD0W5eti9mNepNJSVLyyHGvWFfToOwmmFa++pe70+71bwXHEigt5H++mJbAWjF7pE91I425UU6nj/YLSpakvSy3vLZbcfz2g5ps+2Kh7271f/308W+k4GCcu48HO5UPPx48SnJ5Fc96tRfn8cmRdArTcnmhbF9cHTviC2rlXf6h21m2kn6r+fgXZO8VDnc02/h/q5tpzM3ldLq8r2xPJOMvx+OvVZJDNhx9PKrP/jQcfe34yMcdiAlZlJMsbqUxt1ZupZM8vyyL7y1I9crxY1CKn4LDfVE/nMX0fWH9a2RfTMki3hercRZ/jTc0fCYcyWL1dFmMHBEAOC+7wyqU3MR89B77x+vu65zlplf3Hx3t5cVnUfqBwwWpmL02cWIvZcVn9JVk2yopObEWLx+cZfdu5Gf0alZXyppwRq++QXWL+/rz8DuQsrRH6sp/oih6UEv6/eNBv2lV/Txe4fOJ/Ybt+kI8wrsv9n6Z3AA/9tHORztP6/XVtep71eq9uhaTYWQTag8AYIzp37EzNcJ67+Cq+tE/3k1bRyretw7eUlDRh/pYAz3SnfwrBK6P3+ryobch3Bm9ao1jL0jHY2u6M/GqLqmlaezPtks/TIOS34vKVzlaqYfbXX2rxwAAgLN2s5E1JtThWer/neS6W9LK5UPX3QfX7Mdq+fFvCJ5Uc2tntg8AAPhf4wZfWsv931lB4PU+qDUaNbu/4ZrAd35iAq+57hqv23cDZ8PurrumF/h93/HbphdoyWu6oQk3ez0/6JuWH5ieH3pbpuW1XZN99Xvoduxu33PCXtu1Q9c4frdvO33T9ELH9DZ/3PbCDTdIVg57ruO1PMfue37XhP5m4LgVY0LXPRToNd1u32t5cbNreoHXsYNt81O/vdlxTdMNncDr9f10g3lfXrflB51ksxVFp/6iQwAAvomev9x/8nAw2Hk2qZFc0U+JGTZK4zaY98UrzgAAfDWMVumJymeSEAAAAAAAAAAAAAAAAAAAAAAAGDH9I32nbCyO+7CgdDDnVxdn2o6leSd2mkbh9Vf/2wkxFw7m5Lv/cMyrcxip0kZx/lu+cJqPjc6h8YPddI9OjIkXjl20dHAsivP/7xA3nn4xYVEURdHJqy8d3YelkwZ4tFGU9Kz0BofgfM5HAM7OfwMAAP//3JZAiA==")
r4 = open(0x0, 0x0, 0x112)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
getdents(r4, &(0x7f0000001fc0)=""/184, 0xb8)
socket(0x10, 0x3, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x1c9, 0x12)

6m35.319742965s ago: executing program 1 (id=12):
openat$udambuf(0xffffffffffffff9c, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

6m20.101149363s ago: executing program 32 (id=12):
openat$udambuf(0xffffffffffffff9c, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

20.767809001s ago: executing program 2 (id=656):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
read$FUSE(r0, &(0x7f0000000640)={0x2020}, 0x2020)
ioctl$DRM_IOCTL_AGP_INFO(r0, 0x80386433, &(0x7f00000000c0)=""/128)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r1, &(0x7f0000000500)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x5, 0x0, 0x10, 0x0, @in6={0xa, 0x4e22, 0x80000001, @remote, 0x6}, @in6={0xa, 0x4e24, 0x3, @mcast1}}}, 0x118)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes192\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000007c0)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x8, 0x12)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x101800, 0x0)
prctl$PR_SET_IO_FLUSHER(0x41, 0x1)
syz_io_uring_setup(0x239, &(0x7f0000000280)={0x0, 0x0, 0x10100, 0x1, 0x3}, &(0x7f0000000300), &(0x7f0000000240), &(0x7f0000000000))
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x6)
ioctl$KVM_SET_CPUID2(r7, 0x4008ae90, &(0x7f00000001c0)={0x1, 0x0, [{0x7, 0x0, 0xb, 0x1, 0xb, 0xfffffefe, 0x6b89}]})
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000019f7ff0f0000000001000201180100002020732500000000002020207b0af8ff00000000bfa100000000000007010000f6ffffffb702000008000000b703000000000000850000008d00000095"], &(0x7f0000000000)='GPL\x00', 0x1, 0xfe4, &(0x7f0000001e00)=""/4068, 0x41000, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)

20.652062731s ago: executing program 5 (id=29):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)={0x78, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @local}}, @IPSET_ATTR_TIMEOUT={0x8}, @IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x78}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0400000004000000040000000000010008080000dca9680e7571be03", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000003ffffffff00"/28], 0x48)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x11, 0x0, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
pipe(0x0)
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0xf3a, 0x0)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x4, 0xf, 0x80000006}, 0x0, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r3, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x2a0471a, &(0x7f0000000280)={[{@init_itable}]}, 0x82, 0x48f, &(0x7f0000000840)="$eJzs3M1vVFUfAODfvf3gffmsigpItEqMjR8tLags3Gg0cYHRRBeoq9oWQijU0JpYQqAagxsTQ6JrdWniX+DOjVFXJiaudG9IiLIBjYsx9869Mp12mKFOZwrzPMnQc+acO+ecnnvuPfccpgH0rOHsnyRia0T8EhE7qtHlGYarP65dOTv155WzU0lUKq/+nuT5rl45O1VmLY/bUkRG0oj0g6QoZLn5xTMnJmdnZ04X8bGFk2+PzS+eeeL4ycljM8dmTk0cOnTwwPjTT0082ZZ2Zu26uufc3N7dL75+8aWpIxff+v6rrL5bi/TadqzJ4Mq3hrOG/1HJ1ac9HP//T8VtNNtqwkl/FyvCTemLiKy7BrLxX6lUztek7YgX3m9y+JZ1rh6wjrJ706ZV3i/ui0uVhpIbpgK3giS6XQOgO8r7ffb8W746OP3ousvPVh+AsnZfK17VlP5IizwDdc+37TQcEUeW/vose0U71iEAAJr4aOrTw/H4avO/NO6pybe92EMZiog7IuLOiLgrInZGxN0Red57I2JXK4XWbBDUbw2tnP+kl9beuuay+d8zxd7W8vlfOfuLob4iti1v/0By9PjszP7idzISA5uy+PgNyvjm+Z8+bpRWO//LXln55VywqMel/roFuunJhcl8UtoGl9+L2NMff1cqlbr2J1H2UhIRuyNiz8199PYycPzRL/c2ytS8/Ss+7ro27DNVvoh4pNr/S1HX/lKycn9ycNv1/cmx/8XszP6x8qxY6YcfL7zSqPzW278+sv7fvPz8L1I+XywCQ2/W7tfOR4Ody60Ny7jw64cNn2nWev4PJq/l16Ny2/XdyYWF0+MRg8nhPL7s/Ynrx5bxMn/W/pF9WUrZ/vLINL/GRdH/90XE3mK/7P6IeKCo+4MR8VBE7GvY+ojvnmucthH6f7qm/5OoP/93nav+LPt/8aYDfSe+/bpR+a31/8E8NFK8k1//mmi1gmv/zQEAAMCtI81XbpJ09N9wmo6OVv9j787YnM7OzS88dnTunVPT1RWeoRhIy5WuHTXroePJUvGJ1fhEsVZcph8o1o0/6Ys8Pjo1Nzvd5bZDr9vSYPxnfuvrdu2AdbfaPtrEKl9oA24/9eM/XR49/3InKwN0lO9rQ+9qMv7TTtUD6Dz3f+hdq43/83VxewFwe3L/h95l/EPvMv6hd9WN/774uVs1ATpoDV/nFxCYXzwT6YaoRkuB1v8exHoH3tgY1Wgh0O0rEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHv8EwAA//9gP+wr")
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@can={{0x3, 0x1, 0x1}, 0x7, 0x2, 0x0, 0x0, "0c27171fa349580f"}, 0x10}, 0x1, 0x0, 0x0, 0x24044040}, 0x4)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f00000001c0)=0x20000088)
renameat2(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x2)

18.610932954s ago: executing program 5 (id=659):
syz_mount_image$msdos(&(0x7f0000000e80), &(0x7f00000004c0)='./file0\x00', 0x80c406, &(0x7f0000001740)=ANY=[], 0x5, 0x2b1, &(0x7f0000000100)="$eJzs3E1rE0EYwPEn2TabVvpyEvTig170stR4VKFRWhADStoV9SBs6VZDYlJ2gyYimLOnfo7i0ZsgfoHe/QDeiiA99eRKk826iemLISY1/f8g7Mw8O5uZnQSeCWx2H2+9LG741oZTlWRaJSnSkH2ReSlIWyI8pprlVNQutzPSkGsLr/berzx5ej+byy3lVZezqzcyqjp76fPrtx8uf6mee/Rx1jRlZ/7Z7o/Mt53zOxd2f66+KPha8LVcqaqja5VK1Vkrubpe8IuW6sOS6/iuFsq+63XEN0qVzc26OuX1melNz/V9dcp1TUpdqxVNh6Mqq2VZOjN9UE7LGZL66x72dj7vZHuGztSdG2+el3UMEZn6Y03t7dGMCAAAjNLh+X8yOqed/ye783+RY/L/d+FZs58Gnv8bEuX/RbeZ/1e9ujrPnUI8/8eR7MXO/H/xRL2S/25A6FeiEavc6Qh5XnaqdyfyfwAAAAAAAAAAAAAAAAAAAAAA/gf7QTAXBMHcwTEpIkFYN0XEiNV7dOUJ8TEQX/8g9jLDBT5i/TEGYg/upUW+N2p2zU40j6348r3c0oI2xR7826vVbCOKX2/FtTM+KdNhPNMznpKrV1rxg9jdB7l4fKtmT8l611iNjlpjkLcBAAAAAICxZmlkPmpMS7S/tyw1pTve3L83CxMi0v59oGt/PyEXJ4Y4EQAAAAAAcCi//qbolEquN5yCMcT36rsg0l/3m4E5kGEYIhJrMcOlip+TXxEZ3JRTcuyU9UQXNMVtj3a4C/c123f39Cn51J2wcGtgFwwSIq2WyXDNur4FAAAAAMbL7/3AqEcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDZNYy/Lhv1HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDT4lcAAAD//4aMsuk=")
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file4/../file0\x00', 0x187042, 0x1d)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r2 = fanotify_init(0xf00, 0x0)
fanotify_mark(r2, 0x1, 0x5000003a, r1, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
renameat2(r3, &(0x7f0000000140)='./file0\x00', r3, &(0x7f0000000040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1)

17.087299601s ago: executing program 2 (id=662):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$assume_authority(0x10, r1)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r2=>0x0})
syz_usb_connect(0x0, 0x3d, &(0x7f00000000c0)={{0x12, 0x1, 0x340, 0x53, 0x4a, 0xe7, 0x8, 0xbfd, 0x115, 0x5255, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2b, 0x1, 0x81, 0x8, 0x60, 0x6, "", [{{0x9, 0x4, 0xdb, 0x7, 0x2, 0x2f, 0x1e, 0xfe, 0x3, [], [{{0x9, 0x5, 0x0, 0x1, 0x40, 0x6e, 0x40, 0x6}}, {{0x9, 0x5, 0x3, 0x1, 0x8, 0x5, 0x5, 0x4, [@generic={0x7, 0x5, "dca62b9be1"}]}}]}}]}}]}}, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r2})

16.745514363s ago: executing program 5 (id=664):
r0 = syz_mount_image$nilfs2(&(0x7f0000000080), &(0x7f0000000040)='./file2\x00', 0x1200400, &(0x7f0000000000)=ANY=[], 0x1, 0xa93, &(0x7f0000002740)="$eJzs3U1sXEcBAOB5a68dJ4FsSkJNEtqEn7b82Y1jwk8ETdVciJqKW6WIS5SmJSINiFYqoEokOXGjVRWu/IgTHCJASO0FRT1xqUQjcak4FA4ciIJUiQMUkkW2Z9Zvx7t669/d9X6fNJ6dN2935j2/ffv+ZiYAI6u2+Hd+froI4fobr536x0N/n1qY8lhrjsbi3/FSqh5CKGJ6PPu8d8eW4rvvvXy+U1yEucW/KR2eutN6764QwpVwONwMjXDg+q1X35p78szV09eOvF0/cXtzlh4AAEbL12+emN//1z8d3Pv+jQdOhsnW9HR83ojp3fG4/2Q88E/H/7XQni5KoWwim288hlo231iH+crl1LP5xruUP5F9br2Vf7BtvsmK8sdK0zotNwyztB03QlGbaUvXajMzS+fkYfG8fqKYuXzx0rMv9KmiwIb714MhhMPCakOz2fzh4gocgLpsfrjdLKdfGpnl3v6huaffeyCAJfn9whWu5FcW1qf1aeM9lD8Zwp3Ha53fDxtgq7d/5Q9X+b+8Gss/+5dNrQejYbv+fqXlSt+j3TGd30fIn19a7fc/fd5Y/DOefX6VbvcRhuX+Qrd6jm1xPdaqW/3z7WK7+kqM03r4apZf/v7k/9Nh+R8Dnf17xK7/Hx6AOmzrUB+AOgg9h2a/d0DAwFp+bm5JM0r5+XN9ef5kRf6OivypivydFfm7KvJhlP3uxR+HV4rl8/z8nH6118PSdbYPxPiDq6xPfj1yteXnz/2u1nrLz58nhkH2+rmnL3zxmbO3lp7/L1rb/724vR+O6Ub8bt2MM6Trhfl19daz/432cmpd5rsvq0/ab9Qm0/zNpRL3tc9X7Fv+nFDaz6yox3T7+/Z0m+9Q+3yNbL6pGHZk9c2PT3Zm70vHH2m/mtbXeLa89Ww5JrJ6pP3K3hjn9YC1SNtjt+f/0/Y5HerFsxcvXXg0ptN2+sex+uTC9KPlD/311tQdWJ9e2/9Mh/b2P7tb0+u18n5hz/L0orxfaGTT55aSrdvkafqxmE6/c98cm1qcPnP+25ee2eiFhxH3wvd/8K1zly5d+K4X6cWU1eKFF/3eMwGbbfbF578zW4QQLj5/7rkLz124fOz48WNzc8e/dGx+dvG4frZ8dA9sJ8s/+v2uCQAAAAAAAAAAANCrl06fuvXnN7/wzlL7/+X2f6n9f3ryN7X//1HW/j9vJ5/awad2gHs75C+Ou/d6qRKTy+3dy/3zLoQPZfXdl5WzP3vfh2PcGscvtv9P7e3zfl1Tfe7Ppuf996b5su4EVvSXMpH1QZKPF/ixGF+L8S8C9FEx1XlyjNv6tw4r+7dO23rqn0K/FMMp/d/S1pD6MUntv7v165T2/3u3oI5svK1oTtjvZQQ6++fA9/9dOhLve11GIAzNer54w3ax/tBsGsUDGAy99bd7ZcPKy8f/TNc9U3z5D1/bsRDSbHceb99f5v2XwnoM+viTyh+E8T+LDatEa/y7nvZ/HXpXb+vnuffRFf7z09vvlIoNB3rd/17NFj31A72vusyy92P5afkfDr2V3/x5Vn5+Q6hH/83K39lj+SuW/9Dayv9fLD+ttkc+3rH8PSvLX6pxUWsfOTG/bpzu/+XXjZO72fKnvj17Xf7Wfbw1DtR4L5YPo6z7OLO9jmA7mPoy/m+H+6NrlT+H8fmYTjvC9JxD/ou82vqn5yvS78D+7POLit+3YRmnuJtRH//3yzGu+j6k8X/T9tjokK6V0vUO67a24gXQT+8O/P2/IQtXBqAOwoCGqQGoQ3toNpvV15I28Rbh5l5No0q/13+/7z73u/x+r/8q+fi/+aF7Pv5vLTuByMf/zd+fj/+b5+fj6+X5+fi/+frMx//N8+/PPje/gj1dkf+RivwDFfkHl/OnOuUfqnj/Ryvyj4T226V5/gMV73+wIv++ivyxivxPVOR/siL/oYr8RyryP1WRv92l9iijuvwwyvL2eb7/MDrS/Z9u3/99FfnA8PrJjaNPnP3tNxpL7f8nWudr6T7eyZiux3Pn78V0ft87lNILeW/G9N+y/EG/3gGjJO8/I/99f7giHxhe6Tkv328YQUXnHnt67beq23E+w+XTMf5MjD8b48/FeCbGszE+GuO5Laofm+OJ3/z+xCvF8vn+niy/1+fJi1r7mX3eT9SxHuuTXx9Y7fPseT9+q7Xe8tfYHAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBvaot/5+enixCuv/HaqafPXJxdmPJYa47G4t/xUqreel8Ij8Z4LMY/iy/uvvfy+XJ8L8ZFmAtFKFrTw1N3WiXtCiFcCYfDzdAIB67fevWtuSfPXD197cjbvzpxe/PWAAAAAGx//w8AAP//2c8bwA==")
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
preadv(r5, &(0x7f0000000900)=[{&(0x7f0000000380)=""/47, 0x2f}], 0x1, 0x200000, 0xfffffffe)
kcmp$KCMP_EPOLL_TFD(r2, r2, 0x7, r3, &(0x7f0000000000)={r5, r0, 0x7449})
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x67)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r7=>0x0})
connect$can_bcm(r6, &(0x7f0000001ff0)={0x1d, r7}, 0x10)
sendmsg$can_raw(r6, &(0x7f0000001fc8)={0x0, 0x0, &(0x7f0000000ff0)={&(0x7f000000a000)=@canfd={{0x1}, 0x2, 0x0, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5ee00000000000000004e2f9663a918fa1efd9b0b"}, 0xfe68}, 0xee}, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080), 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f00000000c0)='./bus\x00', 0xd680, 0x0, 0xbe, 0x0, &(0x7f00000007c0))
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x24042, 0x0)
r8 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x27c})
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
unlinkat(0xffffffffffffffff, &(0x7f0000000380)='./file3\x00', 0x0)

15.231457627s ago: executing program 3 (id=668):
r0 = syz_mount_image$nilfs2(&(0x7f0000000080), &(0x7f0000000040)='./file2\x00', 0x1200400, &(0x7f0000000000)=ANY=[], 0x1, 0xa93, &(0x7f0000002740)="$eJzs3U1sXEcBAOB5a68dJ4FsSkJNEtqEn7b82Y1jwk8ETdVciJqKW6WIS5SmJSINiFYqoEokOXGjVRWu/IgTHCJASO0FRT1xqUQjcak4FA4ciIJUiQMUkkW2Z9Zvx7t669/d9X6fNJ6dN2935j2/ffv+ZiYAI6u2+Hd+froI4fobr536x0N/n1qY8lhrjsbi3/FSqh5CKGJ6PPu8d8eW4rvvvXy+U1yEucW/KR2eutN6764QwpVwONwMjXDg+q1X35p78szV09eOvF0/cXtzlh4AAEbL12+emN//1z8d3Pv+jQdOhsnW9HR83ojp3fG4/2Q88E/H/7XQni5KoWwim288hlo231iH+crl1LP5xruUP5F9br2Vf7BtvsmK8sdK0zotNwyztB03QlGbaUvXajMzS+fkYfG8fqKYuXzx0rMv9KmiwIb714MhhMPCakOz2fzh4gocgLpsfrjdLKdfGpnl3v6huaffeyCAJfn9whWu5FcW1qf1aeM9lD8Zwp3Ha53fDxtgq7d/5Q9X+b+8Gss/+5dNrQejYbv+fqXlSt+j3TGd30fIn19a7fc/fd5Y/DOefX6VbvcRhuX+Qrd6jm1xPdaqW/3z7WK7+kqM03r4apZf/v7k/9Nh+R8Dnf17xK7/Hx6AOmzrUB+AOgg9h2a/d0DAwFp+bm5JM0r5+XN9ef5kRf6OivypivydFfm7KvJhlP3uxR+HV4rl8/z8nH6118PSdbYPxPiDq6xPfj1yteXnz/2u1nrLz58nhkH2+rmnL3zxmbO3lp7/L1rb/724vR+O6Ub8bt2MM6Trhfl19daz/432cmpd5rsvq0/ab9Qm0/zNpRL3tc9X7Fv+nFDaz6yox3T7+/Z0m+9Q+3yNbL6pGHZk9c2PT3Zm70vHH2m/mtbXeLa89Ww5JrJ6pP3K3hjn9YC1SNtjt+f/0/Y5HerFsxcvXXg0ptN2+sex+uTC9KPlD/311tQdWJ9e2/9Mh/b2P7tb0+u18n5hz/L0orxfaGTT55aSrdvkafqxmE6/c98cm1qcPnP+25ee2eiFhxH3wvd/8K1zly5d+K4X6cWU1eKFF/3eMwGbbfbF578zW4QQLj5/7rkLz124fOz48WNzc8e/dGx+dvG4frZ8dA9sJ8s/+v2uCQAAAAAAAAAAANCrl06fuvXnN7/wzlL7/+X2f6n9f3ryN7X//1HW/j9vJ5/awad2gHs75C+Ou/d6qRKTy+3dy/3zLoQPZfXdl5WzP3vfh2PcGscvtv9P7e3zfl1Tfe7Ppuf996b5su4EVvSXMpH1QZKPF/ixGF+L8S8C9FEx1XlyjNv6tw4r+7dO23rqn0K/FMMp/d/S1pD6MUntv7v165T2/3u3oI5svK1oTtjvZQQ6++fA9/9dOhLve11GIAzNer54w3ax/tBsGsUDGAy99bd7ZcPKy8f/TNc9U3z5D1/bsRDSbHceb99f5v2XwnoM+viTyh+E8T+LDatEa/y7nvZ/HXpXb+vnuffRFf7z09vvlIoNB3rd/17NFj31A72vusyy92P5afkfDr2V3/x5Vn5+Q6hH/83K39lj+SuW/9Dayv9fLD+ttkc+3rH8PSvLX6pxUWsfOTG/bpzu/+XXjZO72fKnvj17Xf7Wfbw1DtR4L5YPo6z7OLO9jmA7mPoy/m+H+6NrlT+H8fmYTjvC9JxD/ou82vqn5yvS78D+7POLit+3YRmnuJtRH//3yzGu+j6k8X/T9tjokK6V0vUO67a24gXQT+8O/P2/IQtXBqAOwoCGqQGoQ3toNpvV15I28Rbh5l5No0q/13+/7z73u/x+r/8q+fi/+aF7Pv5vLTuByMf/zd+fj/+b5+fj6+X5+fi/+frMx//N8+/PPje/gj1dkf+RivwDFfkHl/OnOuUfqnj/Ryvyj4T226V5/gMV73+wIv++ivyxivxPVOR/siL/oYr8RyryP1WRv92l9iijuvwwyvL2eb7/MDrS/Z9u3/99FfnA8PrJjaNPnP3tNxpL7f8nWudr6T7eyZiux3Pn78V0ft87lNILeW/G9N+y/EG/3gGjJO8/I/99f7giHxhe6Tkv328YQUXnHnt67beq23E+w+XTMf5MjD8b48/FeCbGszE+GuO5Laofm+OJ3/z+xCvF8vn+niy/1+fJi1r7mX3eT9SxHuuTXx9Y7fPseT9+q7Xe8tfYHAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBvaot/5+enixCuv/HaqafPXJxdmPJYa47G4t/xUqreel8Ij8Z4LMY/iy/uvvfy+XJ8L8ZFmAtFKFrTw1N3WiXtCiFcCYfDzdAIB67fevWtuSfPXD197cjbvzpxe/PWAAAAAGx//w8AAP//2c8bwA==")
socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
kcmp$KCMP_EPOLL_TFD(r1, r1, 0x7, r2, &(0x7f0000000000)={r4, r0, 0x7449})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f00000000c0)='./bus\x00', 0xd680, 0x0, 0xbe, 0x0, &(0x7f00000007c0))

14.128018895s ago: executing program 2 (id=670):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x290, 0x0, 0xb, 0xd0e0011, 0x120, 0xc6, 0x1f8, 0x1d8, 0x190, 0x1f8, 0x1d8, 0x3, 0x0, {[{{@ip={@rand_addr, @broadcast, 0x0, 0x0, 'nr0\x00', '\x00', {}, {}, 0x1}, 0x0, 0xd8, 0x120, 0x7000000, {}, [@common=@icmp={{0x28}, {0x0, "0010"}}, @common=@unspec=@connlimit={{0x40}}]}, @unspec=@CT0={0x48}}, {{@ip={@remote, @multicast1, 0x0, 0x0, 'bridge_slave_1\x00', 'virt_wifi0\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x20000, 'syz1\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2f0)
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg(r3, 0x0, 0x10040800)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000200)={0x28f, 0xfff, 0x1})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000000)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
r6 = socket$kcm(0x29, 0x7, 0x0)
sendmsg$kcm(r6, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000380)="db4babf161480d605b3585cb9efc2e75c1bf4cb02ff6e62c716a38c3", 0x1c}, {&(0x7f00000003c0)="6aa571f28d2debcb1bba3378cf4c02e25b6b3bda3579ecfbe7fbe4a728751249351980f116064dd731868a8363c19891ef881e", 0x33}], 0x2, &(0x7f0000000740)=[{0xa0, 0x111, 0x0, "1155d96b2f4ec8534826c2c0a9b69727a80bff82b66563726cae5719569803c0bdf3b670353196799347b7846e18ed8395c8abf931e70b862d6b00377328b1660aa3e57728289179c1823afc4847fc815ad8218799f457bfaa6e848789345772bbe5a41a6aca14040c91a20fbc8ed6cf98f77a72797b516a8f23cf843e42f8512f56d4515aba56fdcb5d54"}, {0xe8, 0x0, 0x7f, "4bb57c897a4ddf3cd868a3d6efa20e222851ecdd547f2ff3c739705a085afab7a56e766e01fac4eda61a453eb428ced9004e32fea1b30d331144094ecc9a832409c7795a74449629714bccf600c88f2c3f272c99fd10413e03bd37bf27b24361d808909f91263e61de169dbe322108cd83cee8e8c0affb26a81fdeb0883876c93168c41cc312b4af0d3c054df4923bed7018e60a943edca5eaccd171e2c333da327d41f851ddfb5d4ce4308f12db1b5661781d4b57e6be83446577284ee2b5d7f692fb78840c24b531bdd5831f1cb9e068eed9e3"}, {0x58, 0x107, 0x9, "294cbccc228eaad9dc2ea80a74ffe9abab4f7df2ad3fc76b2d66f518b4a3f3de4a2ec910a675b0f1d6975b55b043974fead636c06d457edd6ef2ef2cf5b0b97c1d"}, {0x110, 0x3a, 0xfffffffb, "0f590c46b83f13365f72e68bd309fed3d616cb0ebc59c52b39c19529e6fd0188a9c890f4123797ae7fb5f26c0b2485d098df19966bb6533d65ba02dcb9305bdf09e3b088fa50c2333e156b30236dd69fd5ea6e6218eef9f53821ac89632f914d91d03db62342e4ec9c3ceb1015970b7877e0826e7e36d46cfc8e32095126da044dc288e8110a0bb907c55b13758d4dd40201662a4540da4f61049aaf134995993ee3589caa09201d55bb213ba34b5d3dbc583a84802b4c1645f2397ea08340703f5aa04bd7a2e00484a6fdc2c75fc370b66e31d0b6327ce8f2e5b3ef1c947098fd2ccb1c70c3ef4b4ba3bdf8ee58f2347738dd8ba7a981a545f5"}, {0x98, 0x101, 0x7, "9121f04753c35848360c09157482d2889823ce3706e4b12883253854a728718665ba252380a112f37dde280749962d16c95ded1437fa02d1a9e38d29a7888227b99308401aba3931cf8169cb39113dab3f9fbf38a240102f1dc9871cde89123d3b193d2bf4d9d4b9bd74739a9c5d6bc1da2c095e471081823a86e2d76f78a8129abe5e01"}, {0xe0, 0x115, 0x40, "49e9139b5899eb9a7454a3ea9334236ef7c90fc33822b496d6bc68734ac71cce66db71e43919ced6eab187638ab1ea7572f1443220da3116248a5011e2221dd3260a2022fcd684f9201443f400c94a4c2718aa993449cc717360f9e8c14c0f81f36656ebc3cfafe2ad2015c8b79654966c0f975b882b919236b36a9640ea5044d14eee13d6fd9c3477de177e145e2d7dd716157c76ce4fdf8f793dedf79b07bcb42ecacc983193e98bd934d94be0e617ed001e5b59b5d771c4981082da61059f0b6e43bbdcd41976a2ec7b79"}, {0x48, 0x108, 0xf58, "1b9c5e33a998cf96014476ed8903bab6befd1d622d517ef971da8913397d8ca7bf577bb7880e13c8eefbc4bb08d658a4a333edf573fd701d"}, {0x108, 0x108, 0x6, "78d402973b5df1be48e4e4ab17c5670afa44887d3f104bc80d202529e36df62afe430d2069ac475e41c053e3823cff8e9dd46b0a2edd32c428e857e9fa866de845f566f48f8d02680c9ecff9e0ba09fa37cc19e9b98a1383aba6e40b532d0b5dd220f21bd4c2b826dd4dc2aa32167724aaf1e03628e7b25272bad3c064943a4fcdec462fe4af53ff08622abe6b7300123b1ac3b7777fa479156f562981417d0dab11286c8dc16fa5645028690d52716ee191f5e596c0fcb6977e341d4f83ac01effbf7cef019b98bdd035cb14f0871704386a52ffd89bc24c518007c8198dfc646b390431bdbe6861183160b267035e9fe033aaf"}, {0x30, 0x13c, 0x9, "3c10dd45be92c1f3e7d88e67d202e73fd2559a1cb222b89e698c3902a658b0"}], 0x5e8}, 0x4000)
ioctl$DRM_IOCTL_MODE_CURSOR(r4, 0xc01c64a3, &(0x7f0000001880)={0x2, r5, 0xfff, 0x3ff, 0x80000001, 0x944, 0x80000})
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCINQ(r3, 0x541b, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
openat$zero(0xffffffffffffff9c, 0x0, 0x660bbb32c8e0e6fb, 0x0)
futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0)

8.149775217s ago: executing program 3 (id=672):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000400)={0x0, 0xfffffffffffffff4, 0xfa00, {0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x2}}, 0x20)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r2, &(0x7f0000000cc0)={0x18, 0x110, 0xfa00, {r1, 0x7fffdfff, 0x12, 0x0, 0x0, @in={0x2, 0x4e23, @broadcast}, @ib={0x1b, 0x3e8, 0x1, {"fd31999600"}, 0x4, 0x4f, 0x8}}}, 0x118)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1ff, 0x0)
r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x50480, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_128={{0x303}, '\x00', "4f3f014ec77688bb79b4a963b6232e45", "090000bf"}, 0x4)
setsockopt$MRT6_FLUSH(r4, 0x29, 0xd4, &(0x7f0000000140)=0xc, 0x4)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r6, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0)
setsockopt$inet_int(r6, 0x0, 0x7, &(0x7f0000000140)=0x6, 0x4)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x32, &(0x7f0000001200)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x24, 0x66, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@rr={0x7, 0x3, 0xc4}]}}, {0x1, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000000)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000340)={0x3, r7, 0xfffffffa, 0x4, 0xb, 0x1fd, 0x1})
syz_open_dev$dri(&(0x7f0000000040), 0xba3, 0x40400)
getresuid(&(0x7f0000000240), &(0x7f0000000280), &(0x7f0000000300))
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000000840)=ANY=[@ANYBLOB="66643da2e3c684fe9f2181e6c685fcf1d1270fd0e00f5b83225821cb7ec35c58a42a7c2620a9a862f2037c630200000000000000e368678bb7c56fcc28a15ed19dca64defea68181ffec7ebc369e764f10b354444917d457348fe54b1f514e345a3b438e1a868d5cc14e9676eb0ed97fc505762506c5e7effabb380b76a4bdab7ad71d2e9451a48e7b0768cbce567fb6f7b9d8e16dce91fdaae93cf04128238f484e377d8e04762edbf8de2a15fe1681bdb1fb7b4f42bf16a2f26e3da6b1dcd8bfa637e0a59dfc35783f28bcf6514d7b26d91fa46ddbd384f6c45ae1bc861878599b42121e3d1942e357d3e1e5d848df90f4768eed6b7c2d11650eff441c26757c527c38373428009538e0166742de8d8c51c2356d4dce072e41c2e2b3d9693d6884f41780d393baaaf4e064a286f19a56eb951b334cf920384f60b6a80c89af7b0583a13a881c6cde2da43b21c4590ba6992e631340acbe733d7c440c75610cad954ef4eddf2d0b178c3748af5c1517c3b1a085d9118a437583baf05f4204eb7514010bec9aa69862f08bacab4678", @ANYRESHEX=r8, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYRES16=r2])
read$FUSE(r8, &(0x7f00000021c0)={0x2020, 0x0, <r9=>0x0, <r10=>0x0, <r11=>0x0}, 0x2020)
write$FUSE_INIT(r8, &(0x7f0000000080)={0x50, 0x0, r9, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2}}, 0x50)
syz_fuse_handle_req(r8, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r8, &(0x7f00000063c0)="99529ca7d265e2dba44891e35e7d5dab7921b730436ecd4e999a25bcf86a25f8f029c0dd50373e90b7cf7779b12ecd4423c5b13cfac186975cd723976f3c747612913029d42517c189364bc59d8ebad53ed1b86f8f66c99b1f9b5b40d78cef1f14f81815d53bdca7fef40607358db69eb8c0b1f6b0942ab4b1ee7ca8deb4eddef06381a3d1c52d6147fc5109c7c607591497a6b2477f60cc881d3219c96bffb34aadec3fa97250713cce17cd536721bf9c40a019531ed0bbad139e26a3d4d39b68ab1bf37cb1a4bd197a8789cb1940cd86d9e56713bc36c7cffd07a311f5bc2e91f16d152eb480645e85ec9b3bf09c7fa140dced0afd55d7b99e90a96e7748e2d0dc09672ac199ce529e631efe1783769819c182ca106f6184bcbb387ed246c43562d74c36ac3a7ec2f0e11f70bad0007c03bb9c0d2dacc2148cce4a4aea327c7319016ad146b52bfae0357f9e892e9bec61a13c93551cfa3d4f4bfa7585c93bb0bef01a9114f3dc54179cf9a57fe88f5cff3403e33c9d09e3e9c2e10f1f16894e1b59e3cad47c1f202cf7b756f2851fc96d09459c9a8d34c19e6a3525cd5001aac5181f57286d0e1e88ce5092c7c76b6abdaebf2c499aa47587b48eb12a2b72548c190b0324ebedb81a63333b6edb25550f859c5ccc404a944ff7f61af8800888192fbd4c8e0e417d1d181b4b335a6f52e0a7dae18397e81e3f747cab7be902ed903bdd6a622f178f9b4244718ee1206237257374d2fd1466ab6135ef7ef4a114ae170eafe9cd78cf9ffc36974cbc4b8003072bed78765a0b9f1240f24dec6a9e46db9bb498d40f727c0cbf8f4a6a49539bd0805caf65d80130d7fb60a69dc7ed890874a17530c042cf33a977d331435d68ef33885f638c777ad49564ca77d8b81ddd853a21cd55d95b627310dd633a4f005853a5506cd8f744c367f3cb6998b0fa97de6bb35b166b0c6408c4e0a38ed26235a88520c38ca97ac8a6dc81e6dc6483d383fa09f198997b8eea1c68c9e3320683c9a02dd89ddc34c241e7294ccc88d6b35762892e8746e558bfbc2251949f2ecb763dad5b975eaf36e2864be6a41d3e20514d32f5d4b6350dc7e3cc3a85428ea98efb3b1edc2a2ec1e618452949cc7e2ba1251990168fee342d4f304b7a7af9162bcbe6b09c75d7420d2c547b4e3cee1836df6eddd5dff73a4e308fcd8eaa7a33e6980a6f8ead03257a37d72d3b265d02fa42f57db877654ed513e31c35e1af0bd28511d6b57cfe07b27cbe9767a534b426dfc3dd257d5899444f34cbf4dc74b9eab2e7e3e1e1a8a6ac5e4359d653506b299a5b7c67b92dc462f1216655f952362a3387ad9966b606d98e8d1b544dc27dc6bc78fd18a446736e25c51143db9886b6c09812d5825b5d9e0932f218ff8bea4d9e1c4df9c9d4eb19336d48163a921c4ff1f0beef26b01b7e8c0d23fb59b84e229eaabb791f2cffc9aa4db75162cbfe4c9ae8d76a5b6bc4bff20e3f8f125b9aadb3e728d7f78d61fd55f46b7f59511b876e6563256686e44f25cf38d393a9b762bada272eba8df28e4086c4cd2fe3c9fab97756fb145373e6ca1991bb1ee6589e49c821ff29f047970819f88f724bd077cd3f0ae463d99b3e53078431e3f9bebabc5289a65479359efe3909186aac60a29f561de8c590988c913c9e693ab8106e8287f6565eee6735f7c88cad7124d1c8d9ff347e97912824088ee954de01c6d8a06447f06899607eadbfd078bc3df506252005749378dbd7399c9eca60b81dc0d88dedec31e5cf6e7b6d6d411958df8f9e0bf4443e8d3bdfe49d05f811d17088024d0629fc8ab8e05e309bf55e8e60d342623765f4e8d2dc4a90291cd4354ff9568c8170e6ea56e028bcf2719595253adb8c84050bb9ce4927a1c1f4560da87d109ceda90bbe45a1717763d8025f1ff40f157185ddf17079da272ae10c4f34162caf4b0d31221a57b3059fd449c87554d968a54b2eebd760dc3263c40d9eedf5905d5699d29706ea6e9e81ff2bf92489a06deffe7e978661f37a88450783e23f107c2bfce000dfc91c5fca49e46d9ea978f215a45984699f0d2503b30a741e13be56b7abe3e5663c0825c3cb04ead44ce97719c4ee6f4cdd3c452775ad7163d5c9034583cc2dbc2b0c04917a3e1aa3d0a8bb6fcf94d7922eb1d543c09185827aeb1b72ae7103ef2c014af2ff4b47fca40fb0e66ddf0264476d7a84e9b8dc551d4c407bdbac6757f7a25bd404b45bec1091696203cc438860131ad5f2fd80e3c45629864dd9f7d302b66fb8fb86735c9a6dcf8b135a273dd2ae9473bc905081be9fcb8f91b1ddba1ac692798dac0b9ccffe0319a779f5e10c65f294b22fe475283b023f9cd890e92c5447b1bc1528255c5af383bc1fb6e72cb9a67215a9e25cde63c89baa8c7125c7e8b748b728d07d9cb66778404f54e6a9e3ae1ae82f3d0ce77199f23f94a01b71b805b476fedbebeb52c83a1b857f23ba438c56a6c4c2a5909f721e6e3d240e4a16455e92220d13022ce7ec0b1365ba4e67aa6ecb324f8826579e12cebdfc0d8af63e83b5e5624d5b791f99093f9a27f7baea9fd10111209c0857a04f07408111063ef34026aee27a3d51b40e53883f9094402534bdd21cc49d7f5593e99cb204cd805bee4add0f82cf4b6dc5da14d6b79fbc68c9ccf7fb5fe774f8879e13079b024a8ad24bf123c420d630837a84ba05abf0ae4dc3fc04f25c7f74ff91d0d609c958642a48551e51b5c0074a56a7da10ce153b08cabea636f8489d8e7b655758a41d7f7474c9d76bf4d54d789bfceaffef139854065de6a94b0275a9626aab99ae838364b1a491e55017e4212b6b01f7a41bc9c215ecd17c49a8610db28c699259c58b81a0e84c45fd8e719c05c48501c49e8a6515044d247f58e4cd0bf22fd6ae31f45339d1f801196d426c52269b1aaffaf18e2a03760bb231cb7cefa6d72f1d7eb6a3bbd65d0914221b8fbf531dbd562eb4a1b28983ac7d83d4813b10b34c9525ba644f61a2c4800d4fe96a7bca63da1041ed73cc57fb9d42f9dfc8ca41d80292bbb311c89b0a0fcee1d88a025a7416863342aea00e6f049cb2ddebd17c5c617ff562a8af0c965cbe8341431a30ea239e4a62aa2b19757a3b0de04229a9907f8610c27b26591405845bf8b5b83706ed18d910c4f68777378366ff565617b19168a04560a32ce5ad64aaef9f4377118c4335b24826cdcde78fb4bdb11498553f56d8dfeb3a482c70cc6580c399b92339cbdb3464fcc7b00e9839fd0d2b8b6db90c56b33593a0048bf7983421f29b1285c81a239045b96a9b0cacd70d6d9853206471f06915efc8d3ec4c50fb13601abc73247a656066fd7b329159b3ce9e3302b4c0d6aec58cb0946a8ee8e7f55f1af604f1edb4d887fa6292dc0ce57705c1a25dc62650c127d11a364b397aefc2fcc3a164bdc53165a461b01de9180c1461b309c75af0911b4cc1b8aa05652b62119c87b4b235c573aa15b1516cddf61efd6a7f8c953fbaaee9c0e800e8f519e1494de850ddb976864088fe0cf90bbc54395078ea2501e8baa84d6807e184105bc2a140b663416496886422643bbf764d406af06e7d086678828defda0b648b25666b7b5ea29e927141740d5be0e61bf25d40b8404ffd3c67bb855b11d4faf82b7b8051615c101c3deb0601a0fa9ecd8b4a95082ccbc8222b0982802dd8430e653d6eea2786dc3a91397135faffdc65a5bae048f5c463b1a6648becce961d39d063d28d1ad6dafcea0b0878379adb16cc0d4cea572abeacd9a168a4fe2e338092b5bc93ecf02ac6ccda03e5b23adf511fdf7a79442093233b79c67d3fdd3c36c96a8f67aa79e4743d99cf963ae6161877f73656eb0314d889f4b8649bbce8a759f90eac6c006197b54b2bbac7c9b237f1e3dc099c62a65481960e6ad697fc66316ac084ba99c60f58bf44ff45f3b2006cbc4196a25f124dfaf247e863a855ef6070deb45219a922dcf2be9bd01c340e1ca5ed7c3ddac9f7a677c5d00610991d21e0751ac8044585b39f3fec5b672a11a9bce32196c2003d01ea50b0f0403e16df188ecbbb74f295f01398363ddfecdb63a49347c912c125670205d7b6be999688df85bb7d5ac12b62b4fdc4eadcc2a9a7897028404f697b007603a0ad588c772952d6670ee870771774ad157c0b9cccd4b2192d835606198ea0c65036ae4e406cdc539ff3aa81fa20b7ab58d6f3abdb69cc1f503d593f7025d2035e7f21db76336efc2843a0dc9bd2eb8794718134ee68fc57d4d2bcc18969d08177f442b87433b48540c661940cf9e2462c53efa310c7e47487deab2ae15b1978ef05aa1e14110943f649d82486f710a39854409e74edcaf06b4a92d3580b9cdabf83c6351657698d3d5af7514f382e75d1c912cded577258603fc9ed002e010747cddf7885d34afc9a84d82696c6660cb5ecafb68b564908fc49c4db6a187d037241a26b1141cf20f2e968a53366db0f60b79cd98cf3c897c50b7b9728e6e7100f99e4d5ed2428dbd285516ca6660777a39b4b2617c1be5b0232d60b9c8099f5daedbf190109439c40b46090985200d6c0501313f3fa4d244864575c275faca47aeff32c7b3e3c59392618562a7c2d4b3af85a37a8847f595352024cb63d3a9085c2a502c6a3248f43c5fc828e636cb634b2d393d853ae2dc9605985cf85c060860a90256c7b574c1e01c320687a2bb0b2d51cc2950c485f2ffa5db0ad7aaf753f543de7f86efb775c6bac2989a33757a28836fd27f9347229a0004bd2e546994c69c678fe5717f613f905d945c072004c3a80e0e54215e19ff9972521890d4e705e429f16fc35fe5a15f2e6b75cd719d38f76b087b62e4b5dcdb35f4baa2bab167150bafb6c69e260ca51004bc826d46b77c3f67eaa08497294868e6d91b7b867e4da62052f4f891677256cfbaf19cf32bad99a7da69d8a66537686f89a58d78c7eeaa99cd38009a1a32582bedc5c718e57b19cd405ae659a89909356a07fcef89384d160fa5ae6683cc379642aea4f0c915f72d679bd521399cb16112f2abdede3001400b4a64d2173e153a68631183679b56b8f389ba889784133453a7e892fd3b092f5040870a3cfd6f982990143e7c0882b4ff4c5d049192d36925a25ae4be441aa30dc7e74398b340c45b52c73ed3b0cd640e3cc9fd4be24e7355f386106f65895f1ee850b2a781d1d1d322ca5a3b0fdb78ce1eda048ece94af25437969c99c58c08f1446ca5541e03987a20fd75283e3e116dc4c9222ab7522e4ccf6da14aef49cac9a6a2cd4aba1c54d49e6da4179a66b84e384cd3da53908579b28c11d525ebdc4dc69074cef8a9ecd3aab98f2858769d656b46141c3a4e69a5ed6c0a732c9ec1fce080eaebf537fa5e17236a44ba9c931f555d193e475ffafd20c53ccbab607c1a15fd06742a64691205eb0d00f7f40e4dd8efb279cf09b2522aac0729a631aacb92d5cfa2ce6bb07385b981890b5916755d5cc3a51c8c36bd2987068cc24fcf73840895469bbb9aff1059601f771afedf0a48d5921103920515b27d7e607951982feba197df8c61600feb3622b9eea13a4db4068728cb98cca76cfae197f6258758490bf41673ee29acd91fd296ec863c646e0ca6a0f0e9de146c663ba13d962964d7c32804fd12a14c1ca7212ad48bdfab469c6570dca562220ecbe7b6b163ed4c9361c5c10bed5c92861b8786ada20a99245d282e4454187ec02adfe354e30647cb10661c85168f7958e3ce69ab48c9455214707a63c9b1167f0845a6bfcce2a96cd53eab430f13cd527f1666290719a47c517cfa22fec2e9916af8aa93c78e567993d7fb8ee60fc4b903b8c67a3658302c5e5f35250c30427e4c055b6c54705bc599861f80b7200d361965ff98c88cc698a2615cadeac4bdfd3d613377cea52d2bbcb7e6b78ac31d4b2c33eaf0b2ed40b963e3cb25c7dfea3ebfe7b4aff2aaaaf184dc80ab649a108e2c830ce7eaea58a263392aa9cd13d7f7bd607dc7c804b19dfa41b3e5a5155201a87311e22062c93896e70f3a5c4b03521300b61cc311ebd5beb9838d0ed207c6bfc99e4392508e95804b10b36024f32e1fe1138e9ee7773f797b2bc6be7416f4e9691ef4c2a8d06af6c8b84bd1e6fd1ba3d3183475ef6c139ccf8dcf37671fbb96a2ab5e0e042f7c4728cf30bcc1a0de28a5024276ceaa194b4926e7f6a97b78bac36e47f832d56a96cd266434d37bcf2c2f57877717d91b1854972f832354acc207a2ee8caace7504e0e6197dd7e64a01c4c67bb2de8acc0cccc6c6bff0b0cbfe345542c5a795dfa48cc0990ab5702574d36494bc44c20f5b324f7c984d986cc8cb40cb2550076d96a069b6688d22171beed2dc5b6ff3ede8fff4c4a9de6d3817357a7ca7d24d87300b4545ebbac8cf7f09ec637a4f4d6bd07673709b6c363a75ccef585610c5f15de7851b5ab53e02a757bfc3caeb9a9a8996beffdc0cfd1201b6cd99cb035584e51a6c15a5d2e17d2f8aa6b41e26809392fac6caed1e02a53dcea8a413203608780dab33315a76eba24d540e4c5b9790420834bc8d4e47bc65ae52a54c0ff308427a8d7aff746aa6589d17514e40fee5d0b3533cf4ad2c5f9d96db9f50bd69ed8c92b860e199a35cf268c66ed13516a3b4b024f62d4b2a656067eece95575bdb4907efc488a9821bc3a9c81dd11b2128b7a01aa7a9ce6e73de3b4e9beced70206f91575baddbcbe5722337953c8016a0f4b62120d776c43b7d1a879b692107954f45acdf8967dcaa994aad4922d4fe093e16c2d0090906f5036af99e50bb09b04e9c9b3b5085abf621297ce203010249cede92e9b66b446b86b43eaaae228dfdd3b4408c12b404bb727f7e969e7da04fc59900112bf8d38af0416dc616e75f167aa1352215f07115a6f4eb6bb5fff6f5c2fc9ab906392036b44090e65fdaf017dc53bc94e0807d679d793df18cc44e6c846d414cef1569530f7692daf91eaaf4ae89fe2522f2c9cf33b6ca508ebcd006bc1a61f0c800553aff9dc7d57200b25ecb83e1e0b8cd29520b63aa649d3f71a62570eee56e03223ddf31f0c04fa686b7f6dd054e7a259d9ba335c2c5b2c508897506c0db7f01878dec1411c33f0af61b81dbcf9ff8bdc0c50044963a79f3ee1462150c6bd03a32dbdfef8d72f0b8b3a395ffb0cc85792e7bc867feb5e312cb64e29e193388e9f173c162f4a1320a6f99ea3795fb77d982605959909a1aa11076fcc779ea6b80ec1bf0edfc2569ec04d15a0bdeebccf3c75393dca5e81663532f8ced12d08e4c2ae6e2954d427c7bf053dc4718f56f453bc88d74045bd2f9747aae9b5298a0de927f1d6b1308f4e1483487f083e71ed09298deb52bb10079b13def7453eb432498069edb5ade70c5c54913684d934a3febf78753ac13300a91f467ff3f6e2f00898f015d08f7739047b321b3eaee5ad8aa7adbf7833f014d8c576a491af9fca6843b327ed513821cb3951b2e67a275225d7af6b382e2f955adaacba5d1fdea2223202dee132b91d5cf381b51da94145255f584a70c5e8d11e06a44afa6599bf3ed0cb61703eba254333af53afac60e54cf6397f9f7302249ab644f0b576c713b15007be1f4f9bb213660bca8a70251472b86669d361ef968f542e81ddbe8f4d2e9cabe8d7bf6a31f14a2cc272963553a424c105e7750437ec5bf316e30ce60b4b0c27ccc1eb27e60f6472fef27654da49905ff9c01b28695310ecd8701aedff25a83da4b7c41995f902bdf249769dcb53a3efa894710dd66ba8745ae2253cc6b75a038183a0bee21226d48239320efad6727093e4f94bbc2fdcc216200d903c32bb9f16dd17d5dac423ae0696f3decc576b8f1fdce63d0532370af7d1e2fa2ca5c5d17bd88f5e3abb4792dac8689ca13752f83d753b06b037bf5a80a3748983790352775685b0414c9d74849fd217e388f904278ddb6b0abdda941b61579c796e2bb77a9bc363b18642c401faa502a31011544111b6eedaa369976c814773d83220a75f31026d6ad0b8b4298ea6062234db232bc435e096e84f740e55bb14d46ae04af0500aa5bb218aff6c76aa8a8e3140a1b0d6638538fd7f30fa8d992e53abf8af2fbc16b9e8a668c1aac72cea1a746ee5f7f3392a4ec8f1d19f2f426b6069b1cd347cbc38bceba96ce5da49198083403143c740c04639cd1089abb34fe812d85921c47437604f684bca44a1eaa965c0a6e1c1fd1f70ee932af3455b36184cc15934cdb3f28959d37d8fc10696f8ec1e4b0c3d1b9ff74a01b796d1bb68954a3768c8bcec741b3b69da892f8922142b16b2cabb469a9906b34216243fac80374c10e178c5fd36440f8d7a8588a9c2510d86ffa8cb68ce8c330d2111c94724e522f04573dad43bce252eb505d29ca9379a6b281519d38b7174f3ae8f185544f3003c936a7e6b23ca97a313aac6a061caa45fda73522f3061767bb4e33dbe4bde390eb0f07225a8aef939cb6ab2ada10c02527281abad394cd4ea9f59467a08b72047cdb75d7b2b98e5b4542554a60f953ac7a4b980f42518eec05ff2c044549cab0cf33eef36dfbabcbc0300009d898862d2194cfcdd9a713c30bbe52291105193656ea5eb830873ac956469d31689cc3c69edb5cb9a6e31ce3e6fb50ddd4e52ef9fdeacfc0db21e1e83e0d8d0a64f17cacb4dc208a893e7fd8ffa86cfc554dfba3d9fd281115eccb4b9d909f2fbf3fbb66bedd7b5db3f6d4f076f5d8fb54f8832896f8ef6f624162f1dd589be7a8e87dd5065708a8b0bfb18a5c2299f5605ac8a11c1add55b2018e6099380a70bee3e0727ca6ec58928fe6eb3147b47401e8d822eebade713b58335787669e5e0de5d328a1067df4cd9124665bb02ee8adfd1b3618374ef167df1f0fe79456f78aee3da4c1bf397e4637b0cf41a0f4a2910efd02b17bf5f3c15b0084b36fa7d4e85a53e5be366b428244eeba7499c3e54397227928e2ff6e583f332d6f7e8cf4d058f379b58a7d03a4bfa454bb4b6d543804b8970e6a9fe8886179eb418a8ce9e509e8433571f7d32378f2e983fa418c8c91760ec9fb20968e7fc23b7c4ac71693b2576ac0f8ce2020ff1e7a7ff24301b48b544fb29a1ca4f2502daded865e488a16dd33ec67b2eee3025cdc5ef90f253c4b5e0a61d51e495b675c5a1d55b4ba3812c5f44cd08487e61d36b0c2dc32d27333a5ee8a0906bfbcd388bd9389d1509912c0471c7b706a5aff880569a3fb11ac5f14d780deb4c1b1afe30fb6b8daf87b27a4ceb869d587a97f2f5af8d819aa47bbf207db68a6ecbbefb1e109ed0bfbbf3b54fba9e79de8fad9c3bcd3e74b8b92ccea3ff5c558c6cd72d78a711fc39df603bd4aa1439dd302258edd2204e52d7f435c6f552b612fbc321bea971195cd4d8bb033e2a779e239164d7eea6d8fd233b0b9b776246564cfcf44b31a83031a2413bf98a398c9f93da243cef9ce73d81bade8ad551fb0ffa75bc874c11d23ac9d7752f22a0f54c3870f3314a83e64332db810da1ebb288e10c4eb9be9ec037317b8f813e68160a887da3f5c0389510a0734b69ef275e19973b169d340610cf2112e9964cc0566b9b690c3feb36c8526491d3a563f0bead2abbcf0665e048aa3f929351b2f89876580633a403250ae3b5244c8c0e996bf888938dfc8920348d88e272e6eadc7c0387ca1dae228bd620ce3975d43b58758d9412d304a227245587065f58c4573ba2557f1d8333ba007709b1239d682f03405b22135757178fb701bbde81d2f8faaa7666c025d8a8bb426dc4b8e61aed79b3b3d3a9b01ee9142772d869677ede166e7a8be8ab84cdd6946b1478ce77ba307213971cfb24c86c344310f279e38d22254bf4caf83c02e715cb0550e615dc9f8dd2400fa749e3527493c15fb454c158e4c0603ae6e962b7890058ec7c10f0618ee274a15bca6ca9fe5bc5f9e7797c0950299912be9c58463c07d667d4bffe8aa590ae43db08512b40f3d265026bef2facdd508984e5f6d2ac7ef573397f14ed2e2ccdcbe5796e60ae64d173814906d1da5a5bfe8a2a4c5d6bb0b3315b878b4877d0c045f6e6cfa0dfc1ea4de7abe26f2b2d8c93299ed1d83f1b7853c756bfa346cd53b008fec169883983fe0f2405777dd85e17b2e4e8b23432c0dc4c386d67b6597184d0b4b95877362304638484cc0951400f66ee8391dd44417c58b3d46a8345a8049fcd70f7b5f4a6f912e2b18760947c74ef2b732b342878d7e7cc99902de87db36469555fbbfe76189f108d6ab31f4727fe4e22d075afaf6cc726ab17a5e1b4ab6c8f29a459da3c4266b5ad8ff55906a190f8b19a3bb92a50df49647c03d5d6106ec07e9300038d059a75b54ac31683ef8e5eee946e1c84d016ee1e7800a92c0a3823b62e0417fe86b191951f65abc0c38c1e0e8f1121a04b62a8a720790560f922804b1b7e7eaa497e1bede6e3d0dcf0312dbf221561958fa1e85a8f99e6fc82f919e78c17d1beda16cfef25fb5d00f7c32df9a51eac76000c988ffdf011564aa0e319764b16a5a7c728a470ff70772fb76c9ada26a0ac073fcbfa12501c2454b19e02d928e3939a40bfff76c002533b3849cdf8016728445131e5f1e292b7d3dc06bb3a3cfff6fabae0b7341694a8938c1d2497cd70b76c337c9a312e96c8f736d7625a535e1906eba53d199221ca60202a65be0f7e530aca10e61fa39c7601d65954e5ed4cab94345c6b89c7f8a0de5c61a7945e1564731b6715331d13263b2961a163382f7c4934d847033860e402f3aadb4f3e6cf47a97a2031401da4d2c8de8c80cdad71b97b4deb2075a02282f958ac6772354e67f097ca693778224b80892490015e7d697fb9107f75cea708178ffec93fb1d44e8493bad1d42c918e661219ea819e0200759037a5a585c0fe074fd407536fe58013f42612c41bfc66e16870d7a9c00ee93a3122b253fecbf5de3837641f4a1376af0f053463413c26c29f9a346318565276856b963da30ba6ab8c4c8ef6cfddc432328586d9d9829895835759bcde0851ae0c838a3927ea63fe5ba793fae94da61cab00fc05f3a265a2da1221bb2b66775ed7ba856b41011652d4984991e56249360ddfc997245ac1547a1c16382d42df383a8d1c852643b24895c422712e79c436fdfffece4ed1c50922d4f25296aaf6b204522086d188bee254f8303b60537ead1195ac5dd301286f0042dd68aa05a70e4beb779aa0b61a316f736b72c9ab7ed860a0908a078f4b8a53f2df0abf993f689de4b02b9138ca5047fb0bfc9ba3b92bff033e36fc9553260b008cef3d147c62d1d3944fd1eaff79bc5a922ec2190907bfda1b51c2c7fb867db1f8e13a37b5e3ae0165e93350b958a239ec1f2b78561cff854b975307b5b5dd23b040602a5a36bd79947ee04c7d0e5e30f9c4c79f7b4e6eada98bfc6c357cdf8939213423f1b21ba26cfc2b2756ea3eb992372db0ab8a7c37d8ae96bf3ed6be873c1891550ef741812032e1ae938326c399ee43a3061602dda006f1b6b620bebb6a5752bee77e8acf9921ebf4d4c8af7eb5e937c65697c0664c594e31a62377a25605051996c474ca322ce8e0e6ef8a7988be", 0x2000, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="9002000000000000f9ffffffffffffff03000000000000000100000000000000070000000000000004c600000000000004000000fd090000000000000000000000000000000000000500000000000000630c00000000000002000000", @ANYRES32=r10, @ANYRES32=r11, @ANYRES32=r10, @ANYRES32=0x0, @ANYBLOB="7b0000000900000000000000040000000000000005000000000000000200000003000000666400000000000004000000000000000200"], 0x0, 0x0, 0x0})
r12 = socket(0x28, 0x4, 0x1f9)
getsockopt$inet_IP_XFRM_POLICY(r12, 0x0, 0x11, &(0x7f0000000300)={{{@in=@loopback, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0}}, {{@in6=@dev}, 0x0, @in=@local}}, &(0x7f0000000400)=0xe8)
lchown(&(0x7f00000001c0)='./file0\x00', r13, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

8.028341611s ago: executing program 2 (id=673):
openat$udambuf(0xffffffffffffff9c, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000280)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r5, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

7.874054728s ago: executing program 0 (id=675):
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x2, 0x3, 0x3}, 0x18, 0x0)
landlock_restrict_self(r0, 0x7)
landlock_restrict_self(r0, 0x9)
syz_open_procfs(0x0, &(0x7f0000000680)='cmdline\x00')

7.843465679s ago: executing program 5 (id=676):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0xb, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00'})
bind$packet(r0, 0x0, 0x0)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RGETLOCK(r2, &(0x7f0000000200)=ANY=[], 0xffffff6a)
splice(r1, 0x0, r0, 0x0, 0xfffd, 0x0)

7.53021525s ago: executing program 0 (id=677):
syz_usb_connect$lan78xx(0x3, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2)
socket$nl_route(0x10, 0x3, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000380)={'syz1\x00', {0x0, 0x7fff, 0x2, 0x2}, 0x51, [0x3ff, 0x2, 0x10000, 0x0, 0x7ca6, 0x9, 0xc2ad, 0x4, 0x9, 0x9, 0x5, 0x9, 0x8, 0x200, 0x5, 0x3, 0x7, 0x5, 0xfffffff9, 0x6, 0x3, 0xfff, 0x100, 0x4152, 0x8b3, 0x9, 0x861, 0x7, 0x5, 0x0, 0x3c, 0x4, 0x1005, 0x4, 0x8, 0x1ff, 0x8, 0x8, 0xd5bb, 0x3, 0x1, 0x9de9, 0x8, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x0, 0x1, 0x3ff, 0x6, 0x2e, 0x800, 0x846c, 0x3, 0x6, 0x31b, 0x8, 0xa, 0x1, 0x7, 0xffffffff, 0x3], [0x4a, 0x19a78cbf, 0xe936, 0x8, 0xf6, 0xfffffff7, 0x2, 0x7d, 0x10001, 0x8, 0x3ff, 0x1, 0x7, 0x8f, 0x1, 0x2, 0x1ff, 0x200, 0x6f8, 0x7, 0xd, 0x7, 0x100788, 0x6, 0x0, 0x0, 0x8, 0x3, 0x5, 0x2, 0xa, 0x7, 0x80, 0x5aa, 0xfffff000, 0x400, 0x8, 0x7, 0x6, 0x6, 0x5, 0x3, 0x86, 0x22e2, 0x4, 0xffffffff, 0x7, 0x1fd, 0x6, 0x10001, 0x9e, 0x1, 0x9, 0x101, 0xfffffffa, 0x0, 0x2, 0x2, 0x6, 0x1ff, 0x8, 0x3, 0x6, 0x3], [0x2, 0x94da, 0xffffffff, 0x7, 0xc0000, 0x4, 0x4, 0xfffffffa, 0x6, 0x7, 0xea, 0x7, 0x6, 0x400, 0xfffeffff, 0xfc000000, 0x8, 0x8, 0xd1, 0x8000002, 0xb66, 0x3, 0x4, 0x52c, 0x4, 0x10001, 0xfffffff8, 0x2, 0x9, 0x1, 0x7, 0xe86, 0x8, 0x20000100, 0x7, 0x1, 0x746a6ffd, 0x3, 0x4, 0x0, 0x1, 0x45a6c325, 0x8, 0x10000, 0x1000, 0x2, 0x5, 0x0, 0x2, 0x2, 0x1, 0x8, 0x2, 0x2, 0x81, 0x200, 0x3ff, 0xffffffcc, 0x6, 0xa000000, 0x8, 0xfff, 0x4000, 0x2], [0x8, 0x7, 0xffffffff, 0xfffffffc, 0x8000, 0x2, 0x74d6, 0x1ff, 0xfffffffe, 0x0, 0x5e, 0x0, 0x8, 0x8, 0x5, 0x8, 0xfb, 0xf25, 0xd, 0x1ff, 0x2, 0x95, 0x9, 0x9, 0x1, 0xc, 0xffff6f9e, 0x4, 0xfffffff7, 0x10000, 0x7, 0x52a, 0x5, 0xc1a0, 0x4, 0x8, 0x3, 0x9, 0x5, 0xb7af, 0x3, 0x4, 0x0, 0x1ff8, 0x2, 0x7, 0x6, 0x7ffffffd, 0x8, 0x7, 0x7fffffff, 0xd, 0x40, 0x3ff, 0xc, 0x1ff, 0x9, 0x6, 0x0, 0x1000, 0x9, 0x2, 0x9, 0x4]}, 0x45c)
r1 = syz_open_dev$vim2m(&(0x7f0000000140), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f00000003c0)={0x1, @pix={0x7ff, 0x3, 0x33565348, 0x3, 0x2, 0x10001, 0x7, 0x100, 0x1, 0x2, 0x2, 0x6}})
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCXONC(r2, 0x540a, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x3)

7.443193691s ago: executing program 4 (id=678):
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x2, 0x3, 0x3}, 0x18, 0x0)
landlock_restrict_self(r0, 0x7)
landlock_restrict_self(r0, 0x9)
syz_open_procfs(0x0, &(0x7f0000000680)='cmdline\x00') (fail_nth: 1)

7.343800919s ago: executing program 4 (id=679):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
fchdir(r1)
ioprio_set$uid(0x3, 0x0, 0x0)
r2 = open(&(0x7f0000000580)='./file1\x00', 0x80342, 0x1df2a23c5997fa5f)
sendfile(r2, r2, 0x0, 0x7f03)

7.163733436s ago: executing program 4 (id=680):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newlink={0x2c, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8, 0x3, 0xb}]}]}, 0x2c}}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000080)={0xc})
ioctl$IOMMU_VFIO_CHECK_EXTENSION(r4, 0x3b65, 0x9)
ioctl$IOMMU_IOAS_UNMAP$ALL(r4, 0x3b86, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r5 = io_uring_setup(0x14cf, 0x0)
ptrace$getregset(0x4204, r1, 0x1, 0x0)
io_uring_enter(r5, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'wg2\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r7, {0x0, 0xfff3}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4c840)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@newtfilter={0x3c, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x5, 0xfff3}, {0x0, 0xfff3}, {0x9, 0x300}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8035}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20041891}, 0x0)

5.51144272s ago: executing program 4 (id=681):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000fc0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000f80)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_DELFLOWTABLE={0x5c, 0x18, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HOOK={0xc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x4}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWSET={0x50c, 0x9, 0xa, 0x308, 0x0, 0x0, {0x5, 0x0, 0x1}, [@NFTA_SET_DATA_TYPE={0x8}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x7}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x2}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_DESC={0x4cc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x7fffffff}, @NFTA_SET_DESC_CONCAT={0x114, 0x2, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6d75}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x10}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x70d1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}]}, {0x44, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7fff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x12f7}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x55b}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1ff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xa}]}, {0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x80000000}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}]}, {0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}]}, {0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5a6a}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}]}]}, @NFTA_SET_DESC_CONCAT={0x164, 0x2, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffff8000}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7fff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xb4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xaa9}]}, {0x44, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7f}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xaa3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xc292}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5fa0}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x800}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffffffff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}]}, {0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffff}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x83f1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6091}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7f6a9e8a}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7ff}, @NFTA_SET_FIELD_LEN={0x8}]}, {0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7fffffff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xea0}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x100}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}]}]}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x95}, @NFTA_SET_DESC_CONCAT={0xa0, 0x2, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}]}, {0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5f96}]}, {0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x390}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7f}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffffffff}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}]}]}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_DESC_CONCAT={0x198, 0x2, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x670}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x400}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}]}, {0x44, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8000}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xb8f}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xf83}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x80000000}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x800}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffffffff}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x80000001}]}, {0x44, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffffffff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x10}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x800}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x211c}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffffffff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffffffff}, @NFTA_SET_FIELD_LEN={0x8}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x81}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}]}, {0x3c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7f}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1b}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x11eb}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xac7}]}]}]}]}, @NFT_MSG_DELRULE={0x218, 0x8, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_RULE_USERDATA={0x7a, 0x7, 0x1, 0x0, "8f768bece014d7d7525ed3cec53c8a4c356ffa8cb2a7d38a50e59df657ee0ec8fff74bce696dcae8f8fcf5c34c4a862a40613cca2d5440ba67ccd68d21eefcc36c399a81a9ed830c355913c9a92248320e897655b30aa352067f5c6c7722fb58eecd8b542694e90eeb3c857508b4936cce83632df3c7"}, @NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0x10}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x2063}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x7ff}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0x12}, @NFTA_NG_TYPE={0x8}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0x4}]}}}]}, @NFTA_RULE_EXPRESSIONS={0x140, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @masq={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_MASQ_REG_PROTO_MIN={0x8, 0x2, 0x1, 0x0, 0xd}, @NFTA_MASQ_REG_PROTO_MIN={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_MASQ_REG_PROTO_MIN={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_MASQ_FLAGS={0x8, 0x1, 0x1, 0x0, 0x30}]}}}, {0x54, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_REDIR_FLAGS={0x8, 0x3, 0x1, 0x0, 0x56}, @NFTA_REDIR_REG_PROTO_MAX={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_REDIR_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_REDIR_REG_PROTO_MAX={0x8, 0x2, 0x1, 0x0, 0x35}, @NFTA_REDIR_FLAGS={0x8}, @NFTA_REDIR_REG_PROTO_MAX={0x8, 0x2, 0x1, 0x0, 0xd}, @NFTA_REDIR_REG_PROTO_MAX={0x8, 0x2, 0x1, 0x0, 0x14}, @NFTA_REDIR_REG_PROTO_MAX={0x8, 0x2, 0x1, 0x0, 0x2}]}}}, {0x3c, 0x1, 0x0, 0x1, @queue={{0xa}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_QUEUE_FLAGS={0x6}, @NFTA_QUEUE_SREG_QNUM={0x8, 0x4, 0x1, 0x0, 0x13}, @NFTA_QUEUE_SREG_QNUM={0x8, 0x4, 0x1, 0x0, 0x13}, @NFTA_QUEUE_FLAGS={0x6, 0x3, 0x1, 0x0, 0x2}, @NFTA_QUEUE_NUM={0x6, 0x1, 0x1, 0x0, 0x3}]}}}, {0x68, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x58, 0x2, 0x0, 0x1, [@NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0x2c}, @NFTA_INNER_EXPR={0x10, 0x5, 0x0, 0x1, @payload={{0xc}, @void}}, @NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0xf3}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x16}, @NFTA_INNER_EXPR={0x14, 0x5, 0x0, 0x1, @immediate={{0xe}, @void}}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0x3e}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0x22}]}}}, {0x10, 0x1, 0x0, 0x1, @inner={{0xa}, @void}}]}]}, @NFT_MSG_DELCHAIN={0x28, 0x5, 0xa, 0x5, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x90, 0x5, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x70, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x1a563099}, @NFTA_HOOK_DEV={0x14, 0x3, 'hsr0\x00'}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x36dc23c}, @NFTA_HOOK_DEV={0x14, 0x3, 'macvlan1\x00'}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x1cfb919}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x2023b2ea}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x51003443}, @NFTA_HOOK_DEV={0x14, 0x3, 'ip_vti0\x00'}]}]}, @NFT_MSG_NEWSETELEM={0x134, 0xc, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0xf4, 0x3, 0x0, 0x1, [{0xf0, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_DATA={0xec, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0xe7, 0x1, "021228ff740ac57df301c6df8ee290fcc121e11441ffe8f0ed8771a31054bd43216605f56977f02827533d218da2e5067b4d25f15211c2262b0a45e3197b88629ba0a2c66688f320c9b217d8347727b67732639596c51b2863323c59b48d3b1a4c5a0ebfb9e02039ce98d99844c2a9a5892bc3be9181d51a9f32857c7ba77d9baba3f53b6c03f90707a232806c3d03f80adfae61d3d2b48e01ff01f74ee80fa64168491d649fbb97fb474f6bbb410a08832e2aa7e12d8e612a6ce51286f764bfa20a9058b393e6fcda81528da01b0cbe9b33985e98f5eab283a4dd3cc218301d83bc47"}]}]}]}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x994}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)

5.451238627s ago: executing program 3 (id=682):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./bus\x00', 0x308280a, &(0x7f0000000200), 0x1, 0x186, &(0x7f00000006c0)="$eJzs201O6lAYxvGnlHvhcr/v9SuOTEyMA6UKJISZTJy5AWcEKiEWNeIEYmJcijtxJ24ABm7AGkpjBI3WNrbG/n8J9E3I03Ma8rbnDCoAqbXjfRsylPcq13UvViTt70nKJjw5AO/K9Y93LoD0MWl9IKVGddN7/l8b0s3teXPof/IB1w+jemZSGNLwUf5b0Pyl4R2Xs9P5gqTvQdYvV5P8mqbzP944fmEm/zNwfnL966vT+V+Sfkv6I+mvpH+S/kuakzT/zPitmfGXAo4PAAAAAEAQ491nMWo+wgnGu+eDjmNvhcx/8fPbIfNf/XwpYr4cMp/z88XmsdMKeQ4grEzC/W++2v8bL+azEfsfSLNef3DYcBz7lCLuYjfHX0CRdGH6N4InPyV5VwIQB+use2L1+oPNTrfRttv2UaVaq1Ur5VLN8pblVpTNOYAPzXx46Cc9EwAAAAAAAAAAAAAAENaCpMWkJwEAAAAgFnG8aZT0NQIAAAAAAAAAAAAA8NndBwAA///SJkQ4")
syz_mount_image$exfat(0x0, &(0x7f0000000300)='./bus\x00', 0x448c, 0x0, 0x0, 0x0, &(0x7f0000000300))
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$cramfs(&(0x7f0000000040), &(0x7f00000001c0)='./file2\x00', 0x8000, &(0x7f00000000c0)=ANY=[], 0xfd, 0x155, &(0x7f0000000200)="$eJzsj09LImEcxz+zo6OuuuvCLuxeloU9rGuY4wjdOmgkBdlA4KVrThRoikJ4zM4degFzia6Dp15A1slQiKKXMTchgmDimWn6c+sFPJ/LPL/P9zdfnmd5cZolo33imaV2q9O1ej2r8WfDrFWjoY8Bcf/U6nRVoBH48zLsiG8E3IGv45dpUde05rfaTbHmliELVJKwvRtFF1UD+Czc97v/YrdI8H/2b4KLH2KvaRm8Ero3isrXwOmAdwL/hPvmOz+fAX07fEI+N/PUMmj+1LeTOFfrk/FqPvfbOjKqv05TP1XqlogVkd8WxvnrwtC5mU5qa2bNnJYMY6GkF3VF5MDBMZGV1D5s+vtzQ0cN+jTRUYdD5dGzFXD83B0paSDJvdmKBVfay8CDZ7sjMSRe3nUWhwwofVv9QlQJdXDQ3k0SiUQikUgkEolEIpF8iKcAAAD//+UcUZw=")
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x101000, 0x108)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
unshare(0x20000100)
rename(&(0x7f0000000000)='./bus/\x00', &(0x7f0000000040)='./file0\x00')

5.448385112s ago: executing program 5 (id=683):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x400, &(0x7f0000000180), 0x2, 0x786, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbLNJ37Tv27zwwms9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnq2Wm9e/XHVP8C7B2mpmhYjHiQym9102+ymmzSbbdnPByZ5npnZfOc7z8w8T3aG3QD61mj6IxNxOCI+SCIO1ecnEZGtlQYiTq6vt7qyXEinJNbWXvstqa1ze2W5EE2vSR2oVx6LiO/ejTiS2Ry3srg0ky+VivP1+nh19sJ4ZXHp6PnZ/HRxujh3fGJy8tiJZ08c371c//hx6eCND19+6suTf73z/2vvf5/EyThYX9acx24ZjdH6Psmmu/AuL8Vbux2up5JebwA7kp6a+9bP8jicpOWBXm8SANBl6Sh0DQDoM4n+HwD6TON9gNsry4XG1Nt3JPbWzRcjYv96/o37m+tLBur37PbX7oMO307uujOSRMTILsQfjYjPvn7jajpFl+5DArTy9uWIODsyuvn6n2x6ZmG7nu5gndF76hvxf8o+YHTgfr5Jxz/PtRr/ZTbGP9Fi/DPU4tzdibbn/4bM9V0I01Y6/nuh6dm21ab860b21Wv/ro35ssm586Viem37T0SMRXYorU9sEWPs1t+32i1rHv/9/tGbn6fx09931shcHxi6+zVT+Wr+QXJudvNyxOMDrfJPNto/aTP+Pd1hjFeef+/TdsvS/NN8G9Pm/Ltr7UrEky3b/84TbcmWzyeO1w6H8cZB0cJXP38y3C5+c/un0+rK8loScXX3M20tbf/hrfMfSZqf16xsP8YPVw59225Zi/wLjf+F1rU+/geT12vlwfq8S/lqdX4iYjB5dfP8Y3de26g31k/zH3ui9fm/1fGfjk7Odpj/wI1fv9h5/t2V5j+1rfbffuHa6sy+dvE7a//JWmmsPqeT61+nG/gg+w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWJiIORZHIb5Uwml1v/Du//xXCmVK5Uj5wrL8xNRe27skcim2l81OWhps9Dnah/Hn6jfuye+jMR8d+I+HjoX7V6rlAuTfU6eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Dm+/9Tvwz1eusAgK7Z3+sNAAD2nP4fAPqP/h8A+o/+HwD6j/4fAPqP/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAuO33qVDqt/bmyXEjrUxcXF2bKF49OFSszudmFQq5Qnr+Qmy6Xp0vFXKE8e7+/VyqXL0zG3MKl8WqxUh2vLC6dmS0vzFXPnJ/NTxfPFLN7khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9lcWkmXyoV5xUegcJAvdUelu3ZUSHTSGKvgg52K4uHYGd2r9DDixIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI+SfAAAA///WoyFe")
r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x11c)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020662a, &(0x7f0000000300)={0x6, 0xebc, 0x0, 0xfffffffb})
recvmsg(r0, &(0x7f0000000500)={&(0x7f00000000c0), 0x80, &(0x7f0000000480)=[{&(0x7f0000000240)=""/252, 0xfc}, {&(0x7f0000000340)=""/252, 0xfc}, {&(0x7f0000000440)=""/23, 0x17}], 0x3, &(0x7f00000004c0)=""/13, 0xd}, 0x40000040)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
fallocate(0xffffffffffffffff, 0x10, 0x0, 0x8800000)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff}, './file1\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r1, 0xc0bc5310, &(0x7f0000000540))

5.217374893s ago: executing program 0 (id=684):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x400, &(0x7f0000000180), 0x2, 0x786, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbLNJ37Tv27zwwms9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnq2Wm9e/XHVP8C7B2mpmhYjHiQym9102+ymmzSbbdnPByZ5npnZfOc7z8w8T3aG3QD61mj6IxNxOCI+SCIO1ecnEZGtlQYiTq6vt7qyXEinJNbWXvstqa1ze2W5EE2vSR2oVx6LiO/ejTiS2Ry3srg0ky+VivP1+nh19sJ4ZXHp6PnZ/HRxujh3fGJy8tiJZ08c371c//hx6eCND19+6suTf73z/2vvf5/EyThYX9acx24ZjdH6Psmmu/AuL8Vbux2up5JebwA7kp6a+9bP8jicpOWBXm8SANBl6Sh0DQDoM4n+HwD6TON9gNsry4XG1Nt3JPbWzRcjYv96/o37m+tLBur37PbX7oMO307uujOSRMTILsQfjYjPvn7jajpFl+5DArTy9uWIODsyuvn6n2x6ZmG7nu5gndF76hvxf8o+YHTgfr5Jxz/PtRr/ZTbGP9Fi/DPU4tzdibbn/4bM9V0I01Y6/nuh6dm21ab860b21Wv/ro35ssm586Viem37T0SMRXYorU9sEWPs1t+32i1rHv/9/tGbn6fx09931shcHxi6+zVT+Wr+QXJudvNyxOMDrfJPNto/aTP+Pd1hjFeef+/TdsvS/NN8G9Pm/Ltr7UrEky3b/84TbcmWzyeO1w6H8cZB0cJXP38y3C5+c/un0+rK8loScXX3M20tbf/hrfMfSZqf16xsP8YPVw59225Zi/wLjf+F1rU+/geT12vlwfq8S/lqdX4iYjB5dfP8Y3de26g31k/zH3ui9fm/1fGfjk7Odpj/wI1fv9h5/t2V5j+1rfbffuHa6sy+dvE7a//JWmmsPqeT61+nG/gg+w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWJiIORZHIb5Uwml1v/Du//xXCmVK5Uj5wrL8xNRe27skcim2l81OWhps9Dnah/Hn6jfuye+jMR8d+I+HjoX7V6rlAuTfU6eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Dm+/9Tvwz1eusAgK7Z3+sNAAD2nP4fAPqP/h8A+o/+HwD6j/4fAPqP/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAuO33qVDqt/bmyXEjrUxcXF2bKF49OFSszudmFQq5Qnr+Qmy6Xp0vFXKE8e7+/VyqXL0zG3MKl8WqxUh2vLC6dmS0vzFXPnJ/NTxfPFLN7khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9lcWkmXyoV5xUegcJAvdUelu3ZUSHTSGKvgg52K4uHYGd2r9DDixIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI+SfAAAA///WoyFe")
r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x11c)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020662a, &(0x7f0000000300)={0x6, 0xebc, 0x0, 0xfffffffb})
recvmsg(r0, &(0x7f0000000500)={&(0x7f00000000c0), 0x80, &(0x7f0000000480)=[{&(0x7f0000000240)=""/252, 0xfc}, {&(0x7f0000000340)=""/252, 0xfc}, {&(0x7f0000000440)=""/23, 0x17}], 0x3, &(0x7f00000004c0)=""/13, 0xd}, 0x40000040)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
fallocate(0xffffffffffffffff, 0x10, 0x0, 0x8800000)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff}, './file1\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r1, 0xc0bc5310, &(0x7f0000000540))

5.214403595s ago: executing program 4 (id=685):
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
epoll_pwait2(r0, &(0x7f0000000080)=[{}, {}, {}], 0x3, &(0x7f0000000140), &(0x7f0000000180)={[0x2]}, 0x8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x400c004)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x440a}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000001f0900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DREG={0x8}, @NFTA_IMMEDIATE_DATA={0x10, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x88}}, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0xd2b3f6c3991ff19e, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
r5 = socket(0xa, 0x2, 0x0)
setsockopt$inet_int(r5, 0x0, 0xb, &(0x7f00000000c0)=0x1002, 0x4)
sendto$inet(r5, 0x0, 0xffe5, 0xe000, &(0x7f0000000000)={0x2, 0x4e20}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000fdc01a40f30c74933bbc0000000109021b0001000000000904000001a7a00f000905", @ANYBLOB="f3ff0f397e77d7011cd83c42684e4c1c0b53e9317b36458ec0813eaa6963026d678b540abbb3ffff671609a1a37c1942924bb2503b962ee4cc3cee88377577338aae916e68ae7df69b101e076ef8cfecb7053cbcd4cd262d60f31fe728fe9ef7aea9113ec7e7ffed620b131edd0c3ee2c2e528c6bbc27c7ad99c399d451b4f3784855e7b35d30ffc6e2e21f0f506da5fd70985acee1131695ed964afec181e5563705318804de233189e52faceaec230ea5dc320db7c6dff1d83de6d09f287eaafe004619f8b61d3881572b11e7fe4f0d9501eae26d4fe568f1de90c00383b00bde9ad2a5ee0af"], 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, 0x0)
fanotify_init(0x8, 0x401)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000440)={'syztnl2\x00', &(0x7f00000003c0)={'syztnl1\x00', <r6=>0x0, 0x20, 0x40, 0x4, 0x18, {{0xa, 0x4, 0x2, 0x9, 0x28, 0x65, 0x0, 0xf, 0x29, 0x0, @private=0xa010101, @local, {[@lsrr={0x83, 0x13, 0xae, [@local, @remote, @empty, @rand_addr=0x64010101]}]}}}}})
r7 = openat$null(0xffffffffffffff9c, &(0x7f0000000480), 0x101000, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x13, 0x2, 0x8, 0x400, 0x208, r0, 0x7a5, '\x00', r6, r7, 0x4, 0x0, 0x3}, 0x50)

5.010782612s ago: executing program 3 (id=686):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$tipc(0xffffffffffffffff, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004400), 0x400000000000203, 0x0)
r3 = socket$inet(0x2, 0x3, 0xff)
shutdown(r3, 0x1)
sendto$inet(r3, 0x0, 0x14, 0x40000, &(0x7f0000000180)={0x2, 0x4e21, @loopback}, 0x10)

4.914135888s ago: executing program 0 (id=687):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000880)=""/202, 0xca, 0x200000200009, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000a00)={0xffffffffffffffff, 0x0, 0x10}, 0xc)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
ioctl$FIBMAP(r5, 0x1, &(0x7f0000000080)=0x6d)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r4, 0x1, 0x70bd28, 0x25dfdbfb, {{}, {}, {0xc, 0x14, 'syz0\x00'}}}, 0x28}, 0x1, 0x0, 0x0, 0xc090}, 0x84)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x4814)

4.827029041s ago: executing program 5 (id=688):
openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x2afc0, 0x1c1, 0x6}, 0x18)
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000940)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000008c0)=[0x0], &(0x7f00000190c0), 0x0, 0x1, 0x0, 0x0, r1})
write$binfmt_register(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000b80)='./file0\x00', 0x800744, &(0x7f0000000300)={[{@data_err_ignore}, {@oldalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nobh}, {@errors_remount}, {@nodiscard}, {@grpid}]}, 0x1, 0x47a, &(0x7f00000006c0)="$eJzs28uPFMUfAPBv9z6AH4/lh/gAUVeJyUbjLrugcvCi0cQYjCZ6wOM6O5ANA2vY1QgSWYzxZGJI9Ew8Gv0LvBkTo55MuHryZEiIcgE8remebpgdZni4M8yy8/kkPVPVXT1VNdWP6qqZAPrWaPaSRGyKiN8jYqQeXZ5gtP525dKpytVLpypJLC299VeSp7t86VSlTFrut7GIjKUR6adJkcly8ydOHpmu1arHi/jEwtH3JuZPnHzmg6PTh6uHq8em9u/ft3fy+eemnu1IPbN6Xd758dyuHa++c/b1ysGz7/7yXVbeTcX2xnp0ymhW8b+Xcs3bnux0Zj22uSGcDPawINyRgYjImmsoP/9HYiCuN95IvPJJTwsHdFV2b1rXfvPiErCGJdHrEgC9Ud7os+ffcrlLXY9V4eKL9QegrN5XiqW+ZTDSIs1Q0/NtJ41GxMHFf85lS3RpHAIAoNHnla8ODEfER1e/fS3re4xERDke9ED++kf+uqWYQ9kaEf+PiG0RcV9EbI+I+4u0D0bEQyssz439n/TCCj/yprL+3wvF3Nby/l/Z+4utA0Vsc17/oeTQbK26J9bl38lYDK3L4pM3yeOHl89/0W5bY/8vW7L8y75gUY4Lg00DdDPTC9N5p7QDLp6J2DnYqv7JtZmAJCJ2RMTOO/voLWVg9qlvdrVL1Lr+l8/dVg4dmGda+jqr3mJW/8Voqn8paZyfnL1hfnJifdSqeybqR0Urv/722Zvt8r91+3fXxWr9vaH9m5NsTRrna+c7m/9/PP7T4eTtfJ55uFj34fTCwvHJiOHkQB5ftn7q+r5lvEyfHf9ju1uf/9uKfbL6PxwR2UH8SEQ8GhGPFWV/PCKeiIjdN6njzy/duv6R9qj9z0TMtLz+XTv+m9r/zgMDR376vl3+t9f++/LQWLEmv/7dQqviZJeL5gKu5LsDAACAe0Wa/wY+ScevhdN0fLz+G/7t8b+0Nje/8PShufePzcT5LfXxz7Qc6RopxkNrs7XqZLJYfGJ9fHSqGCsux0v3FuPGXw5syOPjlbnaTI/rDv1uY5vzP/PnQK9LB3TZhpZrp4bvekGAHmieR0+XR0+/ES4GsFb5vzb0r/L8b/O83/g/GGCNcf+H/tXq/D/dFDcXAGuT+z/0L+c/9Kn0xxXs7KkA7nXu/9CXVvK//i4G1q+OYvQmsFobJQ9ElIF0VZRHoEuBXl+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOuPfAAAA//+Pc+dq")

3.166266386s ago: executing program 3 (id=689):
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup(0x4685, 0x0)
timer_create(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100))
syz_mount_image$iso9660(&(0x7f0000000780), &(0x7f0000000000)='./file0\x00', 0x120488f, &(0x7f0000001f80)=ANY=[], 0x81, 0x65b, &(0x7f00000007c0)="$eJzs3V1rG+n5x/HfyLKs+A/hT1uWEPJwJ+mCQ1NFkjcOIoV2OhrZs5U0YkZubSgs6cZeQuRsm6TQ+GTJSR9g+wb2bE+W0hdR6HHfRQ8LS3tW6MmUebJsS7LkRLF3t9+PiefWzDVzX/eMMhdjSSMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABZTrNarVlqe93NLTOZ0wz8zgnL060t6nbauD2mqy+O9CtZ8T+Vy7qUzrr0neHid+JfN3UlfXRF5XhS1v7/vfP/D75dLOTrn5DQ61AkzbDNUpakMc9f7j95OBjsPJtzIl8BKswQtO52vdD3Ova6a7zQN421terdjVZoWl5J4XbYdzvGCdxC3w/MinPb1BqNVeNWtv3N7nrTbrv5zPvfr1era+b9pWzP3n2/EjobXrvtddeTmHhxHHPffPrzNMS1O8bsPh7srE5LMg6qzRJUnxZUr9brtVq9Xlu717h3v1otjsyoHqORiLk/afE1M7+TN/CGCnH9/7sltVVWV5vakhn746ipQL46E5Zn8vr/7l33xH4P1/+8yl8aLr6spP5fSx9dm1T/J+RiZJIVxi2xJsx/vZ/neql9PdFDDTTQjp7NZ7vX55fh2/1Zl4qSp1C+PHVka12uTDbHqKE1ramqD7ShlkIZteSpLVehthWqL1ed5JgEcmUnrdiKHN2WUU0NNbQqI1cVbcvXprpaV1O2/h1F0a4eJ/t99YQclQfVZgmqnxA0qf7/4pM066n13xL1/xstP3/NEgOcuyi7/j+l628nGwAAAAAA8DZYyV/freS1+6uSIrW8tls977QAAAAAAMAcJa/8X4kni3HrqqwJ1//R2ecGAAAAAADmw0o+Y2dJWk7e1G8NPwk1y5sAFs4gRQAAAAAA8IaS1/+vlaQouffadVmnuv4HAAAAAABfA78/dI/9Yn6P3Sh/Wb8gKewtWX/555KCRetVb+u71p4dL7H3spiRdwD0W5eti9mNepNJSVLyyHGvWFfToOwmmFa++pe70+71bwXHEigt5H++mJbAWjF7pE91I425UU6nj/YLSpakvSy3vLZbcfz2g5ps+2Kh7271f/308W+k4GCcu48HO5UPPx48SnJ5Fc96tRfn8cmRdArTcnmhbF9cHTviC2rlXf6h21m2kn6r+fgXZO8VDnc02/h/q5tpzM3ldLq8r2xPJOMvx+OvVZJDNhx9PKrP/jQcfe34yMcdiAlZlJMsbqUxt1ZupZM8vyyL7y1I9crxY1CKn4LDfVE/nMX0fWH9a2RfTMki3hercRZ/jTc0fCYcyWL1dFmMHBEAOC+7wyqU3MR89B77x+vu65zlplf3Hx3t5cVnUfqBwwWpmL02cWIvZcVn9JVk2yopObEWLx+cZfdu5Gf0alZXyppwRq++QXWL+/rz8DuQsrRH6sp/oih6UEv6/eNBv2lV/Txe4fOJ/Ybt+kI8wrsv9n6Z3AA/9tHORztP6/XVtep71eq9uhaTYWQTag8AYIzp37EzNcJ67+Cq+tE/3k1bRyretw7eUlDRh/pYAz3SnfwrBK6P3+ryobch3Bm9ao1jL0jHY2u6M/GqLqmlaezPtks/TIOS34vKVzlaqYfbXX2rxwAAgLN2s5E1JtThWer/neS6W9LK5UPX3QfX7Mdq+fFvCJ5Uc2tntg8AAPhf4wZfWsv931lB4PU+qDUaNbu/4ZrAd35iAq+57hqv23cDZ8PurrumF/h93/HbphdoyWu6oQk3ez0/6JuWH5ieH3pbpuW1XZN99Xvoduxu33PCXtu1Q9c4frdvO33T9ELH9DZ/3PbCDTdIVg57ruO1PMfue37XhP5m4LgVY0LXPRToNd1u32t5cbNreoHXsYNt81O/vdlxTdMNncDr9f10g3lfXrflB51ksxVFp/6iQwAAvomev9x/8nAw2Hk2qZFc0U+JGTZK4zaY98UrzgAAfDWMVumJymeSEAAAAAAAAAAAAAAAAAAAAAAAGDH9I32nbCyO+7CgdDDnVxdn2o6leSd2mkbh9Vf/2wkxFw7m5Lv/cMyrcxip0kZx/lu+cJqPjc6h8YPddI9OjIkXjl20dHAsivP/7xA3nn4xYVEURdHJqy8d3YelkwZ4tFGU9Kz0BofgfM5HAM7OfwMAAP//3JZAiA==") (fail_nth: 2)
r4 = open(0x0, 0x0, 0x112)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
getdents(r4, &(0x7f0000001fc0)=""/184, 0xb8)
socket(0x10, 0x3, 0x0)
write$cgroup_int(r3, 0x0, 0x0)

2.275612537s ago: executing program 0 (id=690):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
fchdir(r1)
ioprio_set$uid(0x3, 0x0, 0x0)
r2 = open(&(0x7f0000000580)='./file1\x00', 0x80342, 0x1df2a23c5997fa5f)
sendfile(r2, r2, 0x0, 0x7f03)

2.030229146s ago: executing program 2 (id=691):
syz_mount_image$nilfs2(&(0x7f0000000080), &(0x7f0000000040)='./file2\x00', 0x1200400, &(0x7f0000000000)=ANY=[], 0x1, 0xa93, &(0x7f0000002740)="$eJzs3U1sXEcBAOB5a68dJ4FsSkJNEtqEn7b82Y1jwk8ETdVciJqKW6WIS5SmJSINiFYqoEokOXGjVRWu/IgTHCJASO0FRT1xqUQjcak4FA4ciIJUiQMUkkW2Z9Zvx7t669/d9X6fNJ6dN2935j2/ffv+ZiYAI6u2+Hd+froI4fobr536x0N/n1qY8lhrjsbi3/FSqh5CKGJ6PPu8d8eW4rvvvXy+U1yEucW/KR2eutN6764QwpVwONwMjXDg+q1X35p78szV09eOvF0/cXtzlh4AAEbL12+emN//1z8d3Pv+jQdOhsnW9HR83ojp3fG4/2Q88E/H/7XQni5KoWwim288hlo231iH+crl1LP5xruUP5F9br2Vf7BtvsmK8sdK0zotNwyztB03QlGbaUvXajMzS+fkYfG8fqKYuXzx0rMv9KmiwIb714MhhMPCakOz2fzh4gocgLpsfrjdLKdfGpnl3v6huaffeyCAJfn9whWu5FcW1qf1aeM9lD8Zwp3Ha53fDxtgq7d/5Q9X+b+8Gss/+5dNrQejYbv+fqXlSt+j3TGd30fIn19a7fc/fd5Y/DOefX6VbvcRhuX+Qrd6jm1xPdaqW/3z7WK7+kqM03r4apZf/v7k/9Nh+R8Dnf17xK7/Hx6AOmzrUB+AOgg9h2a/d0DAwFp+bm5JM0r5+XN9ef5kRf6OivypivydFfm7KvJhlP3uxR+HV4rl8/z8nH6118PSdbYPxPiDq6xPfj1yteXnz/2u1nrLz58nhkH2+rmnL3zxmbO3lp7/L1rb/724vR+O6Ub8bt2MM6Trhfl19daz/432cmpd5rsvq0/ab9Qm0/zNpRL3tc9X7Fv+nFDaz6yox3T7+/Z0m+9Q+3yNbL6pGHZk9c2PT3Zm70vHH2m/mtbXeLa89Ww5JrJ6pP3K3hjn9YC1SNtjt+f/0/Y5HerFsxcvXXg0ptN2+sex+uTC9KPlD/311tQdWJ9e2/9Mh/b2P7tb0+u18n5hz/L0orxfaGTT55aSrdvkafqxmE6/c98cm1qcPnP+25ee2eiFhxH3wvd/8K1zly5d+K4X6cWU1eKFF/3eMwGbbfbF578zW4QQLj5/7rkLz124fOz48WNzc8e/dGx+dvG4frZ8dA9sJ8s/+v2uCQAAAAAAAAAAANCrl06fuvXnN7/wzlL7/+X2f6n9f3ryN7X//1HW/j9vJ5/awad2gHs75C+Ou/d6qRKTy+3dy/3zLoQPZfXdl5WzP3vfh2PcGscvtv9P7e3zfl1Tfe7Ppuf996b5su4EVvSXMpH1QZKPF/ixGF+L8S8C9FEx1XlyjNv6tw4r+7dO23rqn0K/FMMp/d/S1pD6MUntv7v165T2/3u3oI5svK1oTtjvZQQ6++fA9/9dOhLve11GIAzNer54w3ax/tBsGsUDGAy99bd7ZcPKy8f/TNc9U3z5D1/bsRDSbHceb99f5v2XwnoM+viTyh+E8T+LDatEa/y7nvZ/HXpXb+vnuffRFf7z09vvlIoNB3rd/17NFj31A72vusyy92P5afkfDr2V3/x5Vn5+Q6hH/83K39lj+SuW/9Dayv9fLD+ttkc+3rH8PSvLX6pxUWsfOTG/bpzu/+XXjZO72fKnvj17Xf7Wfbw1DtR4L5YPo6z7OLO9jmA7mPoy/m+H+6NrlT+H8fmYTjvC9JxD/ou82vqn5yvS78D+7POLit+3YRmnuJtRH//3yzGu+j6k8X/T9tjokK6V0vUO67a24gXQT+8O/P2/IQtXBqAOwoCGqQGoQ3toNpvV15I28Rbh5l5No0q/13+/7z73u/x+r/8q+fi/+aF7Pv5vLTuByMf/zd+fj/+b5+fj6+X5+fi/+frMx//N8+/PPje/gj1dkf+RivwDFfkHl/OnOuUfqnj/Ryvyj4T226V5/gMV73+wIv++ivyxivxPVOR/siL/oYr8RyryP1WRv92l9iijuvwwyvL2eb7/MDrS/Z9u3/99FfnA8PrJjaNPnP3tNxpL7f8nWudr6T7eyZiux3Pn78V0ft87lNILeW/G9N+y/EG/3gGjJO8/I/99f7giHxhe6Tkv328YQUXnHnt67beq23E+w+XTMf5MjD8b48/FeCbGszE+GuO5Laofm+OJ3/z+xCvF8vn+niy/1+fJi1r7mX3eT9SxHuuTXx9Y7fPseT9+q7Xe8tfYHAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBvaot/5+enixCuv/HaqafPXJxdmPJYa47G4t/xUqreel8Ij8Z4LMY/iy/uvvfy+XJ8L8ZFmAtFKFrTw1N3WiXtCiFcCYfDzdAIB67fevWtuSfPXD197cjbvzpxe/PWAAAAAGx//w8AAP//2c8bwA==")
socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
preadv(r3, &(0x7f0000000900)=[{&(0x7f0000000380)=""/47, 0x2f}], 0x1, 0x200000, 0xfffffffe)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x67)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r5=>0x0})
connect$can_bcm(r4, &(0x7f0000001ff0)={0x1d, r5}, 0x10)
sendmsg$can_raw(r4, &(0x7f0000001fc8)={0x0, 0x0, &(0x7f0000000ff0)={&(0x7f000000a000)=@canfd={{0x1}, 0x2, 0x0, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5ee00000000000000004e2f9663a918fa1efd9b0b"}, 0xfe68}, 0xee}, 0x0)

1.579833852s ago: executing program 3 (id=692):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)={0x78, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @local}}, @IPSET_ATTR_TIMEOUT={0x8}, @IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x78}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0400000004000000040000000000010008080000dca9680e7571be03", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000003ffffffff00"/28], 0x48)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x11, 0x0, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
pipe(0x0)
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0xf3a, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
eventfd(0xfffffc00)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x4, 0xf, 0x80000006}, 0x0, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r3, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x2a0471a, &(0x7f0000000280)={[{@init_itable}]}, 0x82, 0x48f, &(0x7f0000000840)="$eJzs3M1vVFUfAODfvf3gffmsigpItEqMjR8tLags3Gg0cYHRRBeoq9oWQijU0JpYQqAagxsTQ6JrdWniX+DOjVFXJiaudG9IiLIBjYsx9869Mp12mKFOZwrzPMnQc+acO+ecnnvuPfccpgH0rOHsnyRia0T8EhE7qtHlGYarP65dOTv155WzU0lUKq/+nuT5rl45O1VmLY/bUkRG0oj0g6QoZLn5xTMnJmdnZ04X8bGFk2+PzS+eeeL4ycljM8dmTk0cOnTwwPjTT0082ZZ2Zu26uufc3N7dL75+8aWpIxff+v6rrL5bi/TadqzJ4Mq3hrOG/1HJ1ac9HP//T8VtNNtqwkl/FyvCTemLiKy7BrLxX6lUztek7YgX3m9y+JZ1rh6wjrJ706ZV3i/ui0uVhpIbpgK3giS6XQOgO8r7ffb8W746OP3ousvPVh+AsnZfK17VlP5IizwDdc+37TQcEUeW/vose0U71iEAAJr4aOrTw/H4avO/NO6pybe92EMZiog7IuLOiLgrInZGxN0Red57I2JXK4XWbBDUbw2tnP+kl9beuuay+d8zxd7W8vlfOfuLob4iti1v/0By9PjszP7idzISA5uy+PgNyvjm+Z8+bpRWO//LXln55VywqMel/roFuunJhcl8UtoGl9+L2NMff1cqlbr2J1H2UhIRuyNiz8199PYycPzRL/c2ytS8/Ss+7ro27DNVvoh4pNr/S1HX/lKycn9ycNv1/cmx/8XszP6x8qxY6YcfL7zSqPzW278+sv7fvPz8L1I+XywCQ2/W7tfOR4Ody60Ny7jw64cNn2nWev4PJq/l16Ny2/XdyYWF0+MRg8nhPL7s/Ynrx5bxMn/W/pF9WUrZ/vLINL/GRdH/90XE3mK/7P6IeKCo+4MR8VBE7GvY+ojvnmucthH6f7qm/5OoP/93nav+LPt/8aYDfSe+/bpR+a31/8E8NFK8k1//mmi1gmv/zQEAAMCtI81XbpJ09N9wmo6OVv9j787YnM7OzS88dnTunVPT1RWeoRhIy5WuHTXroePJUvGJ1fhEsVZcph8o1o0/6Ys8Pjo1Nzvd5bZDr9vSYPxnfuvrdu2AdbfaPtrEKl9oA24/9eM/XR49/3InKwN0lO9rQ+9qMv7TTtUD6Dz3f+hdq43/83VxewFwe3L/h95l/EPvMv6hd9WN/774uVs1ATpoDV/nFxCYXzwT6YaoRkuB1v8exHoH3tgY1Wgh0O0rEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHv8EwAA//9gP+wr")
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f00000000c0)={@private1, 0x20001, 0x0, 0x0, 0x0, 0xfffd, 0x80}, 0x20)
open(&(0x7f0000000100)='./file0\x00', 0x80400, 0x2)
renameat2(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x2)

1.443205709s ago: executing program 0 (id=693):
openat$udambuf(0xffffffffffffff9c, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) (fail_nth: 1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)

116.454976ms ago: executing program 4 (id=694):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0xb, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00'})
bind$packet(r0, 0x0, 0x0)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RGETLOCK(r2, &(0x7f0000000200)=ANY=[], 0xffffff6a)
splice(r1, 0x0, r0, 0x0, 0xfffd, 0x0)

0s ago: executing program 2 (id=695):
openat$udambuf(0xffffffffffffff9c, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f00000000c0)={0x5, 0x1, 0x9, 0xfb, 0x8, 0x3, 0x8, 0xe, 0x3, 0xd, 0x96, 0x9, 0x47, 0xe}, 0xe)
sched_setscheduler(0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
fcntl$getownex(r1, 0x10, &(0x7f0000000000)={0x0, <r2=>0x0})
ptrace$ARCH_GET_FS(0x1e, r2, &(0x7f0000000040), 0x1003)
setrlimit(0x7, &(0x7f0000000080)={0x3})

kernel console output (not intermixed with test programs):

000000000001
[  283.331620][ T7109] R13: 00007f8b69eb6038 R14: 00007f8b69eb5fa0 R15: 00007ffc2df475b8
[  283.331654][ T7109]  </TASK>
[  283.509499][ T5613] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.739009][ T6812] bridge0: port 1(bridge_slave_0) entered blocking state
[  283.739334][ T6812] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.739790][ T6812] bridge_slave_0: entered allmulticast mode
[  283.774026][ T6812] bridge_slave_0: entered promiscuous mode
[  283.801389][ T6812] bridge0: port 2(bridge_slave_1) entered blocking state
[  283.813459][ T6812] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.813715][ T6812] bridge_slave_1: entered allmulticast mode
[  283.839024][ T6812] bridge_slave_1: entered promiscuous mode
[  284.168509][ T6812] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  284.225828][ T6812] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  284.235960][ T7117] loop0: detected capacity change from 0 to 32768
[  284.236905][ T7117] =======================================================
[  284.236905][ T7117] WARNING: The mand mount option has been deprecated and
[  284.236905][ T7117]          and is ignored by this kernel. Remove the mand
[  284.236905][ T7117]          option from the mount to silence this warning.
[  284.236905][ T7117] =======================================================
[  284.425415][ T7117] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  284.505580][ T5273] 8021q: adding VLAN 0 to HW filter on device eth5
[  284.719614][ T7117] syz.0.266 (7117) used greatest stack depth: 18976 bytes left
[  284.908445][ T6812] team0: Port device team_slave_0 added
[  285.042568][ T6812] team0: Port device team_slave_1 added
[  285.236273][ T7135] sg_write: data in/out 422876/114 bytes for SCSI command 0x0-- guessing data in;
[  285.236273][ T7135]    program syz.3.272 not setting count and/or reply_len properly
[  285.452842][ T7136] futex_wake_op: syz.3.272 tries to shift op by 144; fix this program
[  286.541935][ T6812] batman_adv: batadv0: Adding interface: batadv_slave_0
[  286.541954][ T6812] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  286.541995][ T6812] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  286.599905][ T6812] batman_adv: batadv0: Adding interface: batadv_slave_1
[  286.599919][ T6812] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  286.599939][ T6812] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  286.771209][ T7144] loop3: detected capacity change from 0 to 2048
[  286.783671][ T7144] udf: Unknown parameter '0x000000000000000000000000000000000003'
[  288.666617][ T5613] ocfs2: Unmounting device (7,0) on (node local)
[  288.796224][ T6812] hsr_slave_0: entered promiscuous mode
[  288.798475][ T6812] hsr_slave_1: entered promiscuous mode
[  288.800204][ T6812] debugfs: 'hsr0' already exists in 'hsr'
[  288.800227][ T6812] Cannot create hsr debugfs directory
[  291.803814][ T7186] loop4: detected capacity change from 0 to 2048
[  291.982609][ T5273] 8021q: adding VLAN 0 to HW filter on device eth6
[  292.126756][ T7186] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  292.640513][ T7202] loop2: detected capacity change from 0 to 128
[  292.747412][ T7202] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  292.924383][   T44] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  293.019503][   T44] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 34 with error 28
[  293.019537][   T44] EXT4-fs (loop4): This should not happen!! Data will be lost
[  293.019537][   T44] 
[  293.019553][   T44] EXT4-fs (loop4): Total free blocks count 0
[  293.019568][   T44] EXT4-fs (loop4): Free/Dirty block details
[  293.019606][   T44] EXT4-fs (loop4): free_blocks=4096
[  293.019639][   T44] EXT4-fs (loop4): dirty_blocks=48
[  293.019653][   T44] EXT4-fs (loop4): Block reservation details
[  293.019666][   T44] EXT4-fs (loop4): i_reserved_data_blocks=3
[  293.122786][ T5610] EXT4-fs warning (device loop4): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost
[  293.149309][ T5610] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.835711][ T7224] loop2: detected capacity change from 0 to 2048
[  293.958623][ T7224] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  294.159381][ T5634] udevd[5634]: incorrect nilfs2 checksum on /dev/loop2
[  294.561831][ T7231] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  295.046708][ T7233] loop0: detected capacity change from 0 to 512
[  295.290306][ T7233] EXT4-fs (loop0): 1 truncate cleaned up
[  295.507573][ T7233] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.155339][ T7241] NILFS error (device loop2): nilfs_lookup: deleted inode referenced: 12
[  296.798451][ T7241] Remounting filesystem read-only
[  296.827597][ T7239] NILFS error (device loop2): nilfs_lookup: deleted inode referenced: 12
[  296.847362][ T6812] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  296.980640][ T6812] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  296.990384][ T6812] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  297.055884][ T5613] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.237627][ T6812] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  297.253448][ T6812] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  297.518219][ T7251] loop0: detected capacity change from 0 to 512
[  297.529775][ T6812] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  297.545277][ T7251] EXT4-fs (loop0): 1 truncate cleaned up
[  297.547030][ T7251] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  297.566077][ T6812] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  297.738878][ T6812] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  297.834544][ T5613] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.534584][ T7276] FAULT_INJECTION: forcing a failure.
[  298.534584][ T7276] name failslab, interval 1, probability 0, space 0, times 0
[  298.534642][ T7276] CPU: 0 UID: 0 PID: 7276 Comm: syz.0.292 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  298.534675][ T7276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  298.534687][ T7276] Call Trace:
[  298.534696][ T7276]  <TASK>
[  298.534705][ T7276]  dump_stack_lvl+0xe8/0x150
[  298.534737][ T7276]  should_fail_ex+0x46b/0x600
[  298.534764][ T7276]  should_failslab+0xa8/0x100
[  298.534794][ T7276]  kmem_cache_alloc_noprof+0x87/0x680
[  298.534819][ T7276]  ? do_getname+0x2e/0x250
[  298.534854][ T7276]  do_getname+0x2e/0x250
[  298.534882][ T7276]  ? getname_flags+0x11/0x20
[  298.534933][ T7276]  do_sys_openat2+0xca/0x200
[  298.534955][ T7276]  ? __pfx___schedule+0x10/0x10
[  298.534983][ T7276]  ? __pfx_do_sys_openat2+0x10/0x10
[  298.535006][ T7276]  ? ksys_write+0x248/0x270
[  298.535035][ T7276]  ? preempt_schedule_notrace_thunk+0x16/0x30
[  298.535065][ T7276]  __x64_sys_openat+0x138/0x170
[  298.535090][ T7276]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.535113][ T7276]  do_syscall_64+0x15f/0xf80
[  298.535145][ T7276]  ? clear_bhb_loop+0x40/0x90
[  298.535172][ T7276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.535194][ T7276] RIP: 0033:0x7f3319b5cdd9
[  298.535214][ T7276] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  298.535232][ T7276] RSP: 002b:00007f3317d74028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  298.535254][ T7276] RAX: ffffffffffffffda RBX: 00007f3319dd6180 RCX: 00007f3319b5cdd9
[  298.535270][ T7276] RDX: 0000000000000000 RSI: 0000200000000640 RDI: ffffffffffffff9c
[  298.535284][ T7276] RBP: 00007f3317d74090 R08: 0000000000000000 R09: 0000000000000000
[  298.535297][ T7276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  298.535309][ T7276] R13: 00007f3319dd6218 R14: 00007f3319dd6180 R15: 00007ffc89783578
[  298.535342][ T7276]  </TASK>
[  299.230965][ T6812] 8021q: adding VLAN 0 to HW filter on device bond0
[  299.745981][ T6812] 8021q: adding VLAN 0 to HW filter on device team0
[  299.785374][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.787125][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  299.869659][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  299.872487][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  299.938916][ T7273] loop3: detected capacity change from 0 to 128
[  300.039959][ T7273] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  300.191126][ T7280] netlink: 204 bytes leftover after parsing attributes in process `syz.0.295'.
[  301.631764][ T7310] loop4: detected capacity change from 0 to 512
[  301.702836][ T7310] EXT4-fs (loop4): 1 truncate cleaned up
[  301.721358][ T7310] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  302.009299][ T5610] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.426392][ T7350] loop3: detected capacity change from 0 to 128
[  303.428848][ T7350] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  303.507109][   T38] audit: type=1800 audit(1777521655.227:2): pid=7350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.308" name="file1" dev="loop3" ino=1048608 res=0 errno=0
[  305.867478][ T6812] 8021q: adding VLAN 0 to HW filter on device batadv0
[  307.408413][ T6812] veth0_vlan: entered promiscuous mode
[  307.450823][ T6812] veth1_vlan: entered promiscuous mode
[  308.898858][ T7397] loop2: detected capacity change from 0 to 512
[  309.556885][ T7397] EXT4-fs (loop2): 1 truncate cleaned up
[  309.569301][ T7397] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  309.730095][ T6812] veth0_macvtap: entered promiscuous mode
[  309.906878][ T6812] veth1_macvtap: entered promiscuous mode
[  309.911739][ T5612] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.156283][ T6812] batman_adv: batadv0: Interface activated: batadv_slave_0
[  312.714630][   T38] audit: type=1326 audit(1777521663.607:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7421 comm="syz.4.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b69c3cdd9 code=0x7ffc0000
[  312.830082][   T38] audit: type=1326 audit(1777521663.607:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7421 comm="syz.4.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b69c3cdd9 code=0x7ffc0000
[  312.830132][   T38] audit: type=1326 audit(1777521663.627:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7421 comm="syz.4.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f8b69c3cdd9 code=0x7ffc0000
[  312.830171][   T38] audit: type=1326 audit(1777521663.627:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7421 comm="syz.4.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b69c3cdd9 code=0x7ffc0000
[  312.830229][   T38] audit: type=1326 audit(1777521663.627:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7421 comm="syz.4.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b69c3cdd9 code=0x7ffc0000
[  314.635373][ T7443] FAULT_INJECTION: forcing a failure.
[  314.635373][ T7443] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  314.635406][ T7443] CPU: 1 UID: 0 PID: 7443 Comm: syz.4.327 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  314.635427][ T7443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  314.635439][ T7443] Call Trace:
[  314.635446][ T7443]  <TASK>
[  314.635453][ T7443]  dump_stack_lvl+0xe8/0x150
[  314.635484][ T7443]  should_fail_ex+0x46b/0x600
[  314.635509][ T7443]  _copy_from_user+0x2d/0xb0
[  314.635534][ T7443]  do_sock_getsockopt+0x200/0x7e0
[  314.635566][ T7443]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  314.635606][ T7443]  ? __fget_files+0x3a6/0x420
[  314.635626][ T7443]  ? __fget_files+0x2a/0x420
[  314.635653][ T7443]  __x64_sys_getsockopt+0x1aa/0x250
[  314.635684][ T7443]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.635706][ T7443]  do_syscall_64+0x15f/0xf80
[  314.635733][ T7443]  ? trace_irq_disable+0x3b/0x140
[  314.635759][ T7443]  ? clear_bhb_loop+0x40/0x90
[  314.635782][ T7443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.635801][ T7443] RIP: 0033:0x7f8b69c3cdd9
[  314.635819][ T7443] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  314.635835][ T7443] RSP: 002b:00007f8b67e54028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  314.635854][ T7443] RAX: ffffffffffffffda RBX: 00007f8b69eb6180 RCX: 00007f8b69c3cdd9
[  314.635868][ T7443] RDX: 000000000000001a RSI: 0000000000000029 RDI: 0000000000000006
[  314.635879][ T7443] RBP: 00007f8b67e54090 R08: 0000200000000100 R09: 0000000000000000
[  314.635891][ T7443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.635901][ T7443] R13: 00007f8b69eb6218 R14: 00007f8b69eb6180 R15: 00007ffc2df475b8
[  314.635930][ T7443]  </TASK>
[  315.562853][ T5621] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  315.618477][ T5621] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  315.619694][ T5621] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  315.638228][ T5621] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  315.639027][ T5621] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  315.694733][ T5623] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  315.975376][ T5623] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  315.975407][ T5623] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  315.975427][ T5623] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  315.978613][ T5623] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.14
[  315.978642][ T5623] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  315.978665][ T5623] usb 1-1: Product: syz
[  315.978681][ T5623] usb 1-1: Manufacturer: syz
[  315.978697][ T5623] usb 1-1: SerialNumber: syz
[  316.117362][ T5623] usb 1-1: config 0 descriptor??
[  316.162046][ T5623] dm9601 1-1:0.0: probe with driver dm9601 failed with error -22
[  316.370061][ T5623] usb 1-1: USB disconnect, device number 5
[  318.099489][ T5619] Bluetooth: hci2: command tx timeout
[  318.266311][ T1335] ieee802154 phy0 wpan0: encryption failed: -22
[  318.266406][ T1335] ieee802154 phy1 wpan1: encryption failed: -22
[  319.607306][ T7476] loop0: detected capacity change from 0 to 64
[  320.933640][ T5619] Bluetooth: hci2: command tx timeout
[  321.826320][ T7479] loop3: detected capacity change from 0 to 512
[  322.195161][ T7479] EXT4-fs (loop3): 1 truncate cleaned up
[  322.226775][ T7479] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  322.731666][ T7483] loop4: detected capacity change from 0 to 2048
[  322.905935][ T7483] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  322.949183][ T5614] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.003784][ T5619] Bluetooth: hci2: command tx timeout
[  323.094710][ T5610] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.465353][ T7496] loop3: detected capacity change from 0 to 128
[  325.086998][ T5619] Bluetooth: hci2: command tx timeout
[  325.311890][ T7515] loop3: detected capacity change from 0 to 512
[  325.504490][ T7515] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  325.504694][ T7515] ext4 filesystem being mounted at /78/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  326.234575][ T5614] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.425727][ T7528] loop3: detected capacity change from 0 to 128
[  326.451694][ T7528] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  326.478998][ T7528] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  327.410425][ T7540] loop4: detected capacity change from 0 to 2048
[  327.451742][ T7540] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.777314][ T5610] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.254145][ T7558] loop3: detected capacity change from 0 to 128
[  328.362473][ T1023] bridge_slave_1: left allmulticast mode
[  328.362506][ T1023] bridge_slave_1: left promiscuous mode
[  328.362771][ T1023] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.507548][ T1023] bridge_slave_0: left allmulticast mode
[  328.507587][ T1023] bridge_slave_0: left promiscuous mode
[  328.507894][ T1023] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.139989][ T7573] loop3: detected capacity change from 0 to 2048
[  329.234786][ T7573] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  329.376828][ T5853] udevd[5853]: incorrect nilfs2 checksum on /dev/loop3
[  329.430389][ T7575] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  329.720127][ T7576] NILFS error (device loop3): nilfs_lookup: deleted inode referenced: 12
[  329.837213][ T7576] Remounting filesystem read-only
[  331.502455][ T1023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  331.583926][ T1023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  331.639804][ T1023] bond0 (unregistering): Released all slaves
[  331.988727][ T7588] loop3: detected capacity change from 0 to 512
[  332.184590][ T7591] loop0: detected capacity change from 0 to 4096
[  332.213726][ T7591] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  332.230736][ T7588] EXT4-fs (loop3): 1 truncate cleaned up
[  332.276111][ T7591] NILFS (loop0): invalid segment: Checksum error in segment payload
[  332.276133][ T7591] NILFS (loop0): unable to fall back to spare super block
[  332.276141][ T7591] NILFS (loop0): error -22 while searching super root
[  332.298463][ T7588] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  333.251045][ T5273] 8021q: adding VLAN 0 to HW filter on device eth5
[  333.905885][ T7609] loop4: detected capacity change from 0 to 128
[  333.985455][ T5614] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.166584][ T7609] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  334.274941][ T1023] hsr_slave_0: left promiscuous mode
[  334.319331][ T1023] hsr_slave_1: left promiscuous mode
[  334.320344][ T1023] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  334.320366][ T1023] batman_adv: batadv0: Removing interface: batadv_slave_0
[  334.397554][ T1023] batman_adv: batadv0: Removing interface: batadv_slave_1
[  335.533777][ T1023] veth1_macvtap: left promiscuous mode
[  335.533839][ T1023] veth0_macvtap: left promiscuous mode
[  335.534047][ T1023] veth1_vlan: left promiscuous mode
[  335.539941][ T1023] veth0_vlan: left promiscuous mode
[  335.885893][ T7637] loop2: detected capacity change from 0 to 512
[  336.056135][ T7637] EXT4-fs (loop2): 1 truncate cleaned up
[  336.116849][ T7637] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  337.226096][ T5612] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.468907][ T1023] team0 (unregistering): Port device team_slave_1 removed
[  339.556754][ T1023] team0 (unregistering): Port device team_slave_0 removed
[  340.591974][ T5273] 8021q: adding VLAN 0 to HW filter on device eth6
[  341.510952][ T7684] loop3: detected capacity change from 0 to 128
[  341.542779][ T7444] bridge0: port 1(bridge_slave_0) entered blocking state
[  341.556624][ T7444] bridge0: port 1(bridge_slave_0) entered disabled state
[  341.556870][ T7444] bridge_slave_0: entered allmulticast mode
[  341.604588][ T7444] bridge_slave_0: entered promiscuous mode
[  341.690560][ T7686] loop0: detected capacity change from 0 to 512
[  341.719603][ T7444] bridge0: port 2(bridge_slave_1) entered blocking state
[  341.720598][ T7444] bridge0: port 2(bridge_slave_1) entered disabled state
[  341.753963][ T7444] bridge_slave_1: entered allmulticast mode
[  341.775462][ T7444] bridge_slave_1: entered promiscuous mode
[  342.709872][ T7686] EXT4-fs (loop0): 1 truncate cleaned up
[  342.931634][ T7686] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  343.396540][ T7444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  343.406103][ T7444] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  343.608811][ T5613] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.893323][ T7444] team0: Port device team_slave_0 added
[  343.932795][ T7444] team0: Port device team_slave_1 added
[  344.214468][ T7444] batman_adv: batadv0: Adding interface: batadv_slave_0
[  344.214484][ T7444] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  344.214509][ T7444] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  344.307881][ T7444] batman_adv: batadv0: Adding interface: batadv_slave_1
[  344.307899][ T7444] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  344.307929][ T7444] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  344.879314][ T7444] hsr_slave_0: entered promiscuous mode
[  344.894459][ T7444] hsr_slave_1: entered promiscuous mode
[  344.899321][ T7444] debugfs: 'hsr0' already exists in 'hsr'
[  344.899341][ T7444] Cannot create hsr debugfs directory
[  346.554957][ T5273] 8021q: adding VLAN 0 to HW filter on device eth7
[  346.868686][ T7727] FAULT_INJECTION: forcing a failure.
[  346.868686][ T7727] name failslab, interval 1, probability 0, space 0, times 0
[  346.868718][ T7727] CPU: 0 UID: 0 PID: 7727 Comm: syz.4.389 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  346.868740][ T7727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  346.868751][ T7727] Call Trace:
[  346.868758][ T7727]  <TASK>
[  346.868766][ T7727]  dump_stack_lvl+0xe8/0x150
[  346.868795][ T7727]  should_fail_ex+0x46b/0x600
[  346.868820][ T7727]  should_failslab+0xa8/0x100
[  346.868847][ T7727]  __kmalloc_noprof+0xdf/0x7b0
[  346.868871][ T7727]  ? kfree+0x4d/0x6c0
[  346.868890][ T7727]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  346.868923][ T7727]  tomoyo_realpath_from_path+0xe3/0x5d0
[  346.868964][ T7727]  ? tomoyo_domain+0xd7/0x130
[  346.868996][ T7727]  ? tomoyo_path_number_perm+0x219/0x630
[  346.869018][ T7727]  tomoyo_path_number_perm+0x246/0x630
[  346.869043][ T7727]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  346.869064][ T7727]  ? __lock_acquire+0x6b5/0x2d10
[  346.869094][ T7727]  ? do_raw_spin_lock+0x12b/0x2f0
[  346.869147][ T7727]  ? __fget_files+0x2a/0x420
[  346.869170][ T7727]  ? __fget_files+0x2a/0x420
[  346.869190][ T7727]  ? __fget_files+0x3a6/0x420
[  346.869210][ T7727]  ? __fget_files+0x2a/0x420
[  346.869237][ T7727]  security_file_ioctl+0xc3/0x2a0
[  346.869260][ T7727]  __se_sys_ioctl+0x47/0x170
[  346.869285][ T7727]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.869307][ T7727]  do_syscall_64+0x15f/0xf80
[  346.869334][ T7727]  ? trace_irq_disable+0x3b/0x140
[  346.869359][ T7727]  ? clear_bhb_loop+0x40/0x90
[  346.869383][ T7727]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.869402][ T7727] RIP: 0033:0x7f8b69c3cdd9
[  346.869420][ T7727] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  346.869436][ T7727] RSP: 002b:00007f8b67e96028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  346.869457][ T7727] RAX: ffffffffffffffda RBX: 00007f8b69eb5fa0 RCX: 00007f8b69c3cdd9
[  346.869471][ T7727] RDX: 0000000000000003 RSI: 000000000000540a RDI: 0000000000000003
[  346.869482][ T7727] RBP: 00007f8b67e96090 R08: 0000000000000000 R09: 0000000000000000
[  346.869494][ T7727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  346.869504][ T7727] R13: 00007f8b69eb6038 R14: 00007f8b69eb5fa0 R15: 00007ffc2df475b8
[  346.869531][ T7727]  </TASK>
[  346.872222][ T7727] ERROR: Out of memory at tomoyo_realpath_from_path.
[  347.465552][ T7732] FAULT_INJECTION: forcing a failure.
[  347.465552][ T7732] name failslab, interval 1, probability 0, space 0, times 0
[  347.465583][ T7732] CPU: 0 UID: 0 PID: 7732 Comm: syz.4.390 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  347.465606][ T7732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  347.465617][ T7732] Call Trace:
[  347.465624][ T7732]  <TASK>
[  347.465631][ T7732]  dump_stack_lvl+0xe8/0x150
[  347.465660][ T7732]  should_fail_ex+0x46b/0x600
[  347.465698][ T7732]  should_failslab+0xa8/0x100
[  347.465728][ T7732]  __kmalloc_noprof+0xdf/0x7b0
[  347.465751][ T7732]  ? kfree+0x4d/0x6c0
[  347.465772][ T7732]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  347.465810][ T7732]  tomoyo_realpath_from_path+0xe3/0x5d0
[  347.465842][ T7732]  ? tomoyo_domain+0xd7/0x130
[  347.465876][ T7732]  ? tomoyo_path_number_perm+0x219/0x630
[  347.465901][ T7732]  tomoyo_path_number_perm+0x246/0x630
[  347.465928][ T7732]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  347.465951][ T7732]  ? __lock_acquire+0x6b5/0x2d10
[  347.465984][ T7732]  ? do_raw_spin_lock+0x12b/0x2f0
[  347.466041][ T7732]  ? __fget_files+0x2a/0x420
[  347.466077][ T7732]  ? __fget_files+0x2a/0x420
[  347.466096][ T7732]  ? __fget_files+0x3a6/0x420
[  347.466132][ T7732]  ? __fget_files+0x2a/0x420
[  347.466158][ T7732]  security_file_ioctl+0xc3/0x2a0
[  347.466183][ T7732]  __se_sys_ioctl+0x47/0x170
[  347.466211][ T7732]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.466234][ T7732]  do_syscall_64+0x15f/0xf80
[  347.466264][ T7732]  ? trace_irq_disable+0x3b/0x140
[  347.466291][ T7732]  ? clear_bhb_loop+0x40/0x90
[  347.466317][ T7732]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.466338][ T7732] RIP: 0033:0x7f8b69c3cdd9
[  347.466356][ T7732] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  347.466373][ T7732] RSP: 002b:00007f8b67e96028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  347.466392][ T7732] RAX: ffffffffffffffda RBX: 00007f8b69eb5fa0 RCX: 00007f8b69c3cdd9
[  347.466406][ T7732] RDX: 0000000000000000 RSI: 00000000c040aed5 RDI: 0000000000000005
[  347.466416][ T7732] RBP: 00007f8b67e96090 R08: 0000000000000000 R09: 0000000000000000
[  347.466428][ T7732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  347.466438][ T7732] R13: 00007f8b69eb6038 R14: 00007f8b69eb5fa0 R15: 00007ffc2df475b8
[  347.466469][ T7732]  </TASK>
[  347.470048][ T7732] ERROR: Out of memory at tomoyo_realpath_from_path.
[  348.238659][ T7742] loop4: detected capacity change from 0 to 1024
[  348.247927][ T7742] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  348.299656][ T7742] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.616430][ T7748] loop3: detected capacity change from 0 to 512
[  348.877732][ T7748] EXT4-fs (loop3): 1 truncate cleaned up
[  348.928825][ T7748] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  349.412008][ T5614] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.753856][ T5610] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.861144][ T7760] loop3: detected capacity change from 0 to 512
[  349.873467][ T7760] EXT4-fs: Ignoring removed bh option
[  349.873543][ T7760] EXT4-fs: Ignoring removed mblk_io_submit option
[  349.923224][ T7760] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c118, mo2=0002]
[  349.923361][ T7760] System zones: 1-12
[  349.954557][ T7760] EXT4-fs error (device loop3): ext4_iget_extra_inode:5128: inode #15: comm syz.3.397: corrupted in-inode xattr: e_value size too large
[  349.954781][ T7760] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  349.966596][    C0] EXT4-fs (loop3): error count since last fsck: 1
[  349.966617][    C0] EXT4-fs (loop3): initial error at time 1777521701: ext4_iget_extra_inode:5128: inode 15
[  349.966647][    C0] EXT4-fs (loop3): last error at time 1777521701: ext4_iget_extra_inode:5128: inode 15
[  349.987375][ T7760] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.397: couldn't read orphan inode 15 (err -117)
[  349.987461][ T7760] loop3: lost filesystem error report for type 5 error -117
[  350.047644][ T7760] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  350.330573][ T7767] loop4: detected capacity change from 0 to 2048
[  350.378126][ T7767] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  350.411597][ T7760] bridge_slave_0: default FDB implementation only supports local addresses
[  350.566806][ T7760] EXT4-fs error (device loop3): ext4_iget_extra_inode:5128: inode #15: comm syz.3.397: corrupted in-inode xattr: e_value size too large
[  350.654694][ T7774] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  350.664534][ T5634] udevd[5634]: incorrect nilfs2 checksum on /dev/loop4
[  350.762795][ T5853] udevd[5853]: incorrect nilfs2 checksum on /dev/loop4
[  350.805225][ T5853] udevd[5853]: incorrect nilfs2 checksum on /dev/loop4
[  351.309800][ T5614] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.357229][ T7782] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12
[  351.422037][ T7794] fuse: fd is not a fuse device
[  351.489109][ T7782] Remounting filesystem read-only
[  351.489905][ T7787] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12
[  351.842162][ T7808] loop3: detected capacity change from 0 to 64
[  352.579155][ T7821] loop2: detected capacity change from 0 to 128
[  353.269192][ T7836] loop4: detected capacity change from 0 to 512
[  353.351110][ T7836] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  353.351149][ T7836] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  353.400732][ T7836] EXT4-fs (loop4): warning: maximal mount count reached, running e2fsck is recommended
[  353.429919][ T7836] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.411: inode #15: comm syz.4.411: iget: illegal inode #
[  353.429948][ T7836] loop4: lost filesystem error report for type 5 error -117
[  353.433101][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  353.433129][    C1] EXT4-fs (loop4): initial error at time 1777521705: ext4_orphan_get:1397
[  353.433151][    C1] EXT4-fs (loop4): last error at time 1777521705: ext4_orphan_get:1397
[  353.440992][ T7836] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.411: couldn't read orphan inode 15 (err -117)
[  353.441066][ T7836] loop4: lost filesystem error report for type 5 error -117
[  353.675283][ T7845] loop3: detected capacity change from 0 to 128
[  353.703553][ T7836] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  353.956676][ T5610] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.966133][ T7845] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  354.187699][   T38] audit: type=1800 audit(1777521705.857:8): pid=7845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.413" name="file1" dev="loop3" ino=1048613 res=0 errno=0
[  354.312496][ T7444] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  354.494443][ T7444] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  354.553439][ T7854] loop2: detected capacity change from 0 to 512
[  354.573622][ T7854] EXT4-fs: Ignoring removed oldalloc option
[  354.749233][ T7854] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.415: Parent and EA inode have the same ino 15
[  354.749264][ T7854] loop2: lost filesystem error report for type 5 error -117
[  354.755399][    C0] EXT4-fs (loop2): initial error at time 1777521706: ext4_xattr_inode_iget:437
[  354.755426][    C0] EXT4-fs (loop2): last error at time 1777521706: ext4_xattr_inode_iget:437
[  354.796041][ T7865] FAULT_INJECTION: forcing a failure.
[  354.796041][ T7865] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  354.796067][ T7865] CPU: 1 UID: 0 PID: 7865 Comm: syz.3.416 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  354.796086][ T7865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  354.796096][ T7865] Call Trace:
[  354.796101][ T7865]  <TASK>
[  354.796108][ T7865]  dump_stack_lvl+0xe8/0x150
[  354.796134][ T7865]  should_fail_ex+0x46b/0x600
[  354.796156][ T7865]  strncpy_from_user+0x36/0x2b0
[  354.796184][ T7865]  __se_sys_memfd_create+0x257/0x420
[  354.796202][ T7865]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.796219][ T7865]  do_syscall_64+0x15f/0xf80
[  354.796240][ T7865]  ? trace_irq_disable+0x3b/0x140
[  354.796260][ T7865]  ? clear_bhb_loop+0x40/0x90
[  354.796277][ T7865]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.796292][ T7865] RIP: 0033:0x7fb05c66cdd9
[  354.796306][ T7865] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  354.796318][ T7865] RSP: 002b:00007fb05a8c5e08 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  354.796333][ T7865] RAX: ffffffffffffffda RBX: 00000000000096d4 RCX: 00007fb05c66cdd9
[  354.796343][ T7865] RDX: 00007fb05a8c5ee0 RSI: 0000000000000000 RDI: 00007fb05c702f49
[  354.796353][ T7865] RBP: 00002000000097c0 R08: 00000000ffffffff R09: 0000000000000000
[  354.796361][ T7865] R10: 0000000000000001 R11: 0000000000000202 R12: 0000200000009740
[  354.796370][ T7865] R13: 00007fb05a8c5ee0 R14: 00007fb05a8c5ea0 R15: 0000200000009780
[  354.796392][ T7865]  </TASK>
[  355.033199][ T7854] EXT4-fs (loop2): Remounting filesystem read-only
[  355.033466][ T7854] EXT4-fs warning (device loop2): ext4_evict_inode:287: xattr delete (err -30)
[  355.033586][ T7854] EXT4-fs (loop2): 1 orphan inode deleted
[  355.140393][ T7854] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  355.860118][ T5612] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.087884][ T7877] loop2: detected capacity change from 0 to 128
[  356.143763][ T7878] loop3: detected capacity change from 0 to 4096
[  356.166226][ T7878] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  356.185740][ T7878] NILFS (loop3): invalid segment: Checksum error in segment payload
[  356.185761][ T7878] NILFS (loop3): unable to fall back to spare super block
[  356.185774][ T7878] NILFS (loop3): error -22 while searching super root
[  356.356983][ T7444] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  356.429199][ T7444] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  356.445921][ T7444] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  356.783230][ T7444] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  357.070347][ T7444] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  357.233981][ T7444] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  357.492034][ T7910] loop3: detected capacity change from 0 to 128
[  357.841127][ T7915] loop4: detected capacity change from 0 to 2048
[  357.870645][ T7915] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  357.980326][ T7444] 8021q: adding VLAN 0 to HW filter on device bond0
[  358.013165][ T7918] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  358.046680][ T5853] udevd[5853]: incorrect nilfs2 checksum on /dev/loop4
[  358.118332][ T7444] 8021q: adding VLAN 0 to HW filter on device team0
[  358.196757][ T5812] bridge0: port 1(bridge_slave_0) entered blocking state
[  358.200239][ T5812] bridge0: port 1(bridge_slave_0) entered forwarding state
[  358.235745][ T5812] bridge0: port 2(bridge_slave_1) entered blocking state
[  358.235971][ T5812] bridge0: port 2(bridge_slave_1) entered forwarding state
[  358.450571][ T7923] loop0: detected capacity change from 0 to 256
[  358.549812][ T7924] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12
[  358.574344][ T7924] Remounting filesystem read-only
[  359.094993][ T7923] vfat: Bad value for 'nonumtail'
[  361.382820][ T7944] loop3: detected capacity change from 0 to 2048
[  361.430337][ T7944] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  361.503157][ T5853] udevd[5853]: incorrect nilfs2 checksum on /dev/loop3
[  361.551193][ T7949] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  361.844658][ T7952] loop4: detected capacity change from 0 to 128
[  362.156454][ T7956] NILFS error (device loop3): nilfs_lookup: deleted inode referenced: 12
[  362.847721][ T7956] Remounting filesystem read-only
[  362.857867][ T7954] NILFS error (device loop3): nilfs_lookup: deleted inode referenced: 12
[  363.020376][ T7960] loop0: detected capacity change from 0 to 128
[  363.760153][ T7971] loop2: detected capacity change from 0 to 512
[  363.812265][ T7971] EXT4-fs (loop2): 1 truncate cleaned up
[  363.814457][ T7971] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  364.071763][ T7444] 8021q: adding VLAN 0 to HW filter on device batadv0
[  364.255658][ T7973] loop4: detected capacity change from 0 to 4096
[  364.424907][ T7973] ntfs3(loop4): Primary boot: invalid bytes per sector 3.
[  364.484004][ T5612] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.530832][ T7973] ntfs3(loop4): try to read out of volume at offset 0x1ffe00
[  365.098594][ T7996] loop3: detected capacity change from 0 to 2048
[  365.580505][ T7999] loop4: detected capacity change from 0 to 2048
[  365.602922][ T7999] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  365.759997][ T5853] udevd[5853]: incorrect nilfs2 checksum on /dev/loop4
[  365.905187][ T7444] veth0_vlan: entered promiscuous mode
[  365.940524][ T5853] udevd[5853]: incorrect nilfs2 checksum on /dev/loop4
[  365.980509][ T7444] veth1_vlan: entered promiscuous mode
[  365.982357][ T8003] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  366.051487][ T7996] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  366.168219][ T7992] loop0: detected capacity change from 0 to 131072
[  366.191489][ T7992] F2FS-fs (loop0): invalid crc value
[  366.191612][ T8005] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  366.202754][ T7992] F2FS-fs (loop0): Wrong cp_pack_start_sum: 1
[  366.204328][ T7992] F2FS-fs (loop0): Failed to get valid F2FS checkpoint
[  366.261138][ T8008] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12
[  366.286122][ T8008] Remounting filesystem read-only
[  366.367525][ T7444] veth0_macvtap: entered promiscuous mode
[  366.389197][ T7444] veth1_macvtap: entered promiscuous mode
[  366.434248][ T7444] batman_adv: batadv0: Interface activated: batadv_slave_0
[  366.468264][ T7444] batman_adv: batadv0: Interface activated: batadv_slave_1
[  366.512950][ T1348] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  366.513225][ T1348] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  366.514437][ T1348] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  366.514472][ T1348] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  366.824043][ T8006] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 34 with error 28
[  366.824074][ T8006] EXT4-fs (loop3): This should not happen!! Data will be lost
[  366.824074][ T8006] 
[  366.824089][ T8006] EXT4-fs (loop3): Total free blocks count 0
[  366.824102][ T8006] EXT4-fs (loop3): Free/Dirty block details
[  366.824123][ T8006] EXT4-fs (loop3): free_blocks=4096
[  366.824145][ T8006] EXT4-fs (loop3): dirty_blocks=48
[  366.824157][ T8006] EXT4-fs (loop3): Block reservation details
[  366.824168][ T8006] EXT4-fs (loop3): i_reserved_data_blocks=3
[  366.955192][ T8013] loop0: detected capacity change from 0 to 128
[  367.289400][ T5614] EXT4-fs warning (device loop3): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost
[  367.302338][ T5614] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.369734][ T8015] loop2: detected capacity change from 0 to 2048
[  367.811573][ T8015] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  367.907995][ T8020] loop0: detected capacity change from 0 to 128
[  367.921230][ T8020] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  368.008973][ T5634] udevd[5634]: incorrect nilfs2 checksum on /dev/loop2
[  368.189833][ T8023] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  368.777878][ T8026] loop4: detected capacity change from 0 to 2048
[  369.054780][ T8029] NILFS error (device loop2): nilfs_lookup: deleted inode referenced: 12
[  369.243093][ T8029] Remounting filesystem read-only
[  369.274183][ T8029] NILFS error (device loop2): nilfs_lookup: deleted inode referenced: 12
[  369.647840][ T8026] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  369.992069][ T8035] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  370.096997][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  370.097016][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  372.023967][ T8043] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12
[  372.173197][ T8043] Remounting filesystem read-only
[  372.950512][ T8040] loop3: detected capacity change from 0 to 512
[  373.204468][ T8040] EXT4-fs (loop3): 1 truncate cleaned up
[  373.232186][ T8040] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  373.395884][ T8054] loop2: detected capacity change from 0 to 2048
[  373.401245][ T8054] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  373.515203][ T8058] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  373.538057][ T5614] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.692886][ T8059] NILFS error (device loop2): nilfs_lookup: deleted inode referenced: 12
[  373.705474][ T8059] Remounting filesystem read-only
[  376.010079][ T8074] loop0: detected capacity change from 0 to 256
[  376.020952][ T8074] vfat: Bad value for 'nonumtail'
[  377.903986][ T5621] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  377.983454][ T5621] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  378.012869][ T5621] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  378.111099][ T5621] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  378.132542][ T5621] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  378.628961][ T1335] ieee802154 phy0 wpan0: encryption failed: -22
[  378.629053][ T1335] ieee802154 phy1 wpan1: encryption failed: -22
[  378.862130][ T8087] loop3: detected capacity change from 0 to 512
[  378.911290][ T8087] EXT4-fs (loop3): 1 truncate cleaned up
[  378.916265][ T8087] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.156324][ T5614] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.436652][ T8094] loop3: detected capacity change from 0 to 2048
[  379.468699][ T8094] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  379.501341][ T8096] loop0: detected capacity change from 0 to 128
[  379.606038][ T8097] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  380.001087][ T8100] NILFS error (device loop3): nilfs_lookup: deleted inode referenced: 12
[  380.143539][ T8100] Remounting filesystem read-only
[  380.819192][ T5619] Bluetooth: hci5: command tx timeout
[  381.245087][ T8107] loop3: detected capacity change from 0 to 2048
[  381.270507][ T8107] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  381.438388][ T8111] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  381.468316][ T5853] udevd[5853]: incorrect nilfs2 checksum on /dev/loop3
[  381.489694][   T12] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  381.909288][ T8119] loop4: detected capacity change from 0 to 64
[  381.951342][ T8119] loop4: detected capacity change from 0 to 8
[  382.862357][ T5619] Bluetooth: hci5: command tx timeout
[  382.964995][ T8128] FAULT_INJECTION: forcing a failure.
[  382.964995][ T8128] name failslab, interval 1, probability 0, space 0, times 0
[  382.965039][ T8128] CPU: 1 UID: 0 PID: 8128 Comm: syz.4.473 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  382.965060][ T8128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  382.965076][ T8128] Call Trace:
[  382.965083][ T8128]  <TASK>
[  382.965091][ T8128]  dump_stack_lvl+0xe8/0x150
[  382.965119][ T8128]  should_fail_ex+0x46b/0x600
[  382.965143][ T8128]  should_failslab+0xa8/0x100
[  382.965169][ T8128]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  382.965193][ T8128]  ? __alloc_skb+0x1d0/0x7d0
[  382.965214][ T8128]  ? lockdep_hardirqs_on+0x7a/0x110
[  382.965244][ T8128]  __alloc_skb+0x1d0/0x7d0
[  382.965265][ T8128]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[  382.965297][ T8128]  netlink_sendmsg+0x5d4/0xb40
[  382.965329][ T8128]  ? __pfx_netlink_sendmsg+0x10/0x10
[  382.965355][ T8128]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  382.965386][ T8128]  ? aa_sock_msg_perm+0x122/0x200
[  382.965412][ T8128]  ? __pfx_netlink_sendmsg+0x10/0x10
[  382.965440][ T8128]  sock_sendmsg_nosec+0x112/0x150
[  382.965462][ T8128]  ____sys_sendmsg+0x55c/0x870
[  382.965493][ T8128]  ? __pfx_____sys_sendmsg+0x10/0x10
[  382.965526][ T8128]  ? import_iovec+0x73/0xa0
[  382.965551][ T8128]  ___sys_sendmsg+0x2a5/0x360
[  382.965575][ T8128]  ? __lock_acquire+0x6b5/0x2d10
[  382.965606][ T8128]  ? __pfx____sys_sendmsg+0x10/0x10
[  382.965661][ T8128]  ? __fget_files+0x2a/0x420
[  382.965679][ T8128]  ? __fget_files+0x3a6/0x420
[  382.965708][ T8128]  __x64_sys_sendmsg+0x1c3/0x2a0
[  382.965735][ T8128]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  382.965769][ T8128]  ? __pfx_ksys_write+0x10/0x10
[  382.965801][ T8128]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.965822][ T8128]  do_syscall_64+0x15f/0xf80
[  382.965846][ T8128]  ? trace_irq_disable+0x3b/0x140
[  382.965871][ T8128]  ? clear_bhb_loop+0x40/0x90
[  382.965895][ T8128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.965913][ T8128] RIP: 0033:0x7f8b69c3cdd9
[  382.965931][ T8128] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  382.965946][ T8128] RSP: 002b:00007f8b67e96028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  382.965966][ T8128] RAX: ffffffffffffffda RBX: 00007f8b69eb5fa0 RCX: 00007f8b69c3cdd9
[  382.965979][ T8128] RDX: 0000000020004014 RSI: 0000200000000200 RDI: 0000000000000003
[  382.966004][ T8128] RBP: 00007f8b67e96090 R08: 0000000000000000 R09: 0000000000000000
[  382.966016][ T8128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  382.966026][ T8128] R13: 00007f8b69eb6038 R14: 00007f8b69eb5fa0 R15: 00007ffc2df475b8
[  382.966055][ T8128]  </TASK>
[  383.339962][ T8132] loop3: detected capacity change from 0 to 64
[  383.342137][   T12] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.451651][ T8132] FAULT_INJECTION: forcing a failure.
[  383.451651][ T8132] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  383.451684][ T8132] CPU: 1 UID: 0 PID: 8132 Comm: syz.3.475 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  383.451708][ T8132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  383.451721][ T8132] Call Trace:
[  383.451729][ T8132]  <TASK>
[  383.451738][ T8132]  dump_stack_lvl+0xe8/0x150
[  383.451770][ T8132]  should_fail_ex+0x46b/0x600
[  383.451799][ T8132]  _copy_to_user+0x31/0xb0
[  383.451828][ T8132]  simple_read_from_buffer+0xe1/0x170
[  383.451857][ T8132]  proc_fail_nth_read+0x1be/0x230
[  383.451885][ T8132]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  383.451913][ T8132]  ? rw_verify_area+0x2ac/0x4e0
[  383.451939][ T8132]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  383.451972][ T8132]  vfs_read+0x212/0xa80
[  383.452008][ T8132]  ? __pfx_vfs_read+0x10/0x10
[  383.452037][ T8132]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  383.452078][ T8132]  ? lockdep_hardirqs_on+0x7a/0x110
[  383.452115][ T8132]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  383.452142][ T8132]  ? mutex_lock_nested+0x152/0x1d0
[  383.452162][ T8132]  ? fdget_pos+0x252/0x320
[  383.452190][ T8132]  ksys_read+0x156/0x270
[  383.452216][ T8132]  ? __pfx_ksys_read+0x10/0x10
[  383.452247][ T8132]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.452267][ T8132]  do_syscall_64+0x15f/0xf80
[  383.452292][ T8132]  ? trace_irq_disable+0x3b/0x140
[  383.452316][ T8132]  ? clear_bhb_loop+0x40/0x90
[  383.452339][ T8132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.452358][ T8132] RIP: 0033:0x7fb05c62d60e
[  383.452375][ T8132] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  383.452390][ T8132] RSP: 002b:00007fb05a8c5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  383.452409][ T8132] RAX: ffffffffffffffda RBX: 00007fb05a8c66c0 RCX: 00007fb05c62d60e
[  383.452423][ T8132] RDX: 000000000000000f RSI: 00007fb05a8c60a0 RDI: 0000000000000005
[  383.452434][ T8132] RBP: 00007fb05a8c6090 R08: 0000000000000000 R09: 0000000000000000
[  383.452445][ T8132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  383.452456][ T8132] R13: 00007fb05c8e6038 R14: 00007fb05c8e5fa0 R15: 00007ffe629b7eb8
[  383.452484][ T8132]  </TASK>
[  383.758926][ T8134] loop4: detected capacity change from 0 to 128
[  384.026432][ T8137] netlink: 40 bytes leftover after parsing attributes in process `syz.3.477'.
[  384.370926][   T12] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.454634][ T8144] loop0: detected capacity change from 0 to 2048
[  384.537440][ T8136] netlink: 48 bytes leftover after parsing attributes in process `syz.3.477'.
[  384.543220][ T8144] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  384.577637][ T8146] netlink: 8 bytes leftover after parsing attributes in process `syz.4.481'.
[  384.625211][ T8148] FAULT_INJECTION: forcing a failure.
[  384.625211][ T8148] name failslab, interval 1, probability 0, space 0, times 0
[  384.625242][ T8148] CPU: 1 UID: 0 PID: 8148 Comm: syz.2.482 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  384.625264][ T8148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  384.625275][ T8148] Call Trace:
[  384.625282][ T8148]  <TASK>
[  384.625290][ T8148]  dump_stack_lvl+0xe8/0x150
[  384.625319][ T8148]  should_fail_ex+0x46b/0x600
[  384.625345][ T8148]  should_failslab+0xa8/0x100
[  384.625374][ T8148]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  384.625398][ T8148]  ? __alloc_skb+0x1d0/0x7d0
[  384.625420][ T8148]  ? lockdep_hardirqs_on+0x7a/0x110
[  384.625454][ T8148]  __alloc_skb+0x1d0/0x7d0
[  384.625477][ T8148]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[  384.625510][ T8148]  netlink_sendmsg+0x5d4/0xb40
[  384.625539][ T8148]  ? __pfx_netlink_sendmsg+0x10/0x10
[  384.625561][ T8148]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  384.625587][ T8148]  ? aa_sock_msg_perm+0x122/0x200
[  384.625608][ T8148]  ? __pfx_netlink_sendmsg+0x10/0x10
[  384.625628][ T8148]  sock_sendmsg_nosec+0x112/0x150
[  384.625646][ T8148]  ____sys_sendmsg+0x55c/0x870
[  384.625672][ T8148]  ? __pfx_____sys_sendmsg+0x10/0x10
[  384.625702][ T8148]  ? import_iovec+0x73/0xa0
[  384.625725][ T8148]  ___sys_sendmsg+0x2a5/0x360
[  384.625747][ T8148]  ? __lock_acquire+0x6b5/0x2d10
[  384.625788][ T8148]  ? __pfx____sys_sendmsg+0x10/0x10
[  384.625843][ T8148]  ? __fget_files+0x2a/0x420
[  384.625859][ T8148]  ? __fget_files+0x3a6/0x420
[  384.625881][ T8148]  __x64_sys_sendmsg+0x1c3/0x2a0
[  384.625903][ T8148]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  384.625929][ T8148]  ? __pfx_ksys_write+0x10/0x10
[  384.625953][ T8148]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.625973][ T8148]  do_syscall_64+0x15f/0xf80
[  384.625993][ T8148]  ? trace_irq_disable+0x3b/0x140
[  384.626013][ T8148]  ? clear_bhb_loop+0x40/0x90
[  384.626031][ T8148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.626045][ T8148] RIP: 0033:0x7f49b1b6cdd9
[  384.626059][ T8148] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  384.626071][ T8148] RSP: 002b:00007f49afdbe028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  384.626090][ T8148] RAX: ffffffffffffffda RBX: 00007f49b1de5fa0 RCX: 00007f49b1b6cdd9
[  384.626101][ T8148] RDX: 0000000000000880 RSI: 0000200000000500 RDI: 0000000000000003
[  384.626110][ T8148] RBP: 00007f49afdbe090 R08: 0000000000000000 R09: 0000000000000000
[  384.626119][ T8148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  384.626127][ T8148] R13: 00007f49b1de6038 R14: 00007f49b1de5fa0 R15: 00007ffdf5e59c98
[  384.626150][ T8148]  </TASK>
[  384.926308][ T5619] Bluetooth: hci5: command tx timeout
[  384.992778][ T8151] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  385.008845][ T5853] udevd[5853]: incorrect nilfs2 checksum on /dev/loop0
[  385.330478][ T8160] loop0: detected capacity change from 0 to 128
[  386.118737][ T8165] loop2: detected capacity change from 0 to 128
[  386.142370][ T8165] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  386.173734][   T12] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.217878][ T1023] FAT-fs (loop2): error, invalid FAT chain (i_pos 548, last_block 8)
[  386.217906][ T1023] FAT-fs (loop2): Filesystem has been set read-only
[  386.218173][ T1023] FAT-fs (loop2): error, corrupted file size (i_pos 548, 522)
[  386.342511][ T8152] veth1_to_batadv: entered promiscuous mode
[  386.413883][ T8152] macsec1: entered promiscuous mode
[  386.420447][ T8152] macsec1: entered allmulticast mode
[  386.420465][ T8152] veth1_to_batadv: entered allmulticast mode
[  386.468649][ T8168] FAULT_INJECTION: forcing a failure.
[  386.468649][ T8168] name failslab, interval 1, probability 0, space 0, times 0
[  386.468675][ T8168] CPU: 0 UID: 0 PID: 8168 Comm: syz.3.488 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  386.468694][ T8168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  386.468704][ T8168] Call Trace:
[  386.468710][ T8168]  <TASK>
[  386.468717][ T8168]  dump_stack_lvl+0xe8/0x150
[  386.468743][ T8168]  should_fail_ex+0x46b/0x600
[  386.468763][ T8168]  should_failslab+0xa8/0x100
[  386.468785][ T8168]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  386.468804][ T8168]  ? __alloc_skb+0x1d0/0x7d0
[  386.468822][ T8168]  ? lockdep_hardirqs_on+0x7a/0x110
[  386.468846][ T8168]  __alloc_skb+0x1d0/0x7d0
[  386.468867][ T8168]  netlink_sendmsg+0x5d4/0xb40
[  386.468904][ T8168]  ? __pfx_netlink_sendmsg+0x10/0x10
[  386.468925][ T8168]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  386.468951][ T8168]  ? aa_sock_msg_perm+0x122/0x200
[  386.468972][ T8168]  ? __pfx_netlink_sendmsg+0x10/0x10
[  386.468990][ T8168]  sock_sendmsg_nosec+0x112/0x150
[  386.469006][ T8168]  ____sys_sendmsg+0x55c/0x870
[  386.469031][ T8168]  ? __pfx_____sys_sendmsg+0x10/0x10
[  386.469057][ T8168]  ? import_iovec+0x73/0xa0
[  386.469077][ T8168]  ___sys_sendmsg+0x2a5/0x360
[  386.469097][ T8168]  ? __lock_acquire+0x6b5/0x2d10
[  386.469123][ T8168]  ? __pfx____sys_sendmsg+0x10/0x10
[  386.469166][ T8168]  ? __fget_files+0x2a/0x420
[  386.469181][ T8168]  ? __fget_files+0x3a6/0x420
[  386.469202][ T8168]  __x64_sys_sendmsg+0x1c3/0x2a0
[  386.469227][ T8168]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  386.469254][ T8168]  ? __pfx_ksys_write+0x10/0x10
[  386.469278][ T8168]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  386.469294][ T8168]  do_syscall_64+0x15f/0xf80
[  386.469315][ T8168]  ? trace_irq_disable+0x3b/0x140
[  386.469335][ T8168]  ? clear_bhb_loop+0x40/0x90
[  386.469354][ T8168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  386.469369][ T8168] RIP: 0033:0x7fb05c66cdd9
[  386.469384][ T8168] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  386.469398][ T8168] RSP: 002b:00007fb05a8c6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  386.469414][ T8168] RAX: ffffffffffffffda RBX: 00007fb05c8e5fa0 RCX: 00007fb05c66cdd9
[  386.469427][ T8168] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  386.469437][ T8168] RBP: 00007fb05a8c6090 R08: 0000000000000000 R09: 0000000000000000
[  386.469446][ T8168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  386.469456][ T8168] R13: 00007fb05c8e6038 R14: 00007fb05c8e5fa0 R15: 00007ffe629b7eb8
[  386.469480][ T8168]  </TASK>
[  386.858834][ T8171] loop2: detected capacity change from 0 to 2048
[  386.916527][ T8173] loop4: detected capacity change from 0 to 2048
[  386.940049][ T8173] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  387.003863][ T5619] Bluetooth: hci5: command tx timeout
[  387.006991][ T8181] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  387.011270][ T8171] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  388.205275][ T8189] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12
[  388.978574][ T8189] Remounting filesystem read-only
[  389.403252][ T8180] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  389.448531][ T8198] loop0: detected capacity change from 0 to 128
[  391.899009][ T5612] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.010861][ T8210] loop4: detected capacity change from 0 to 2048
[  392.021553][ T8210] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  392.049155][ T8211] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  392.079685][ T8208] loop3: detected capacity change from 0 to 2048
[  392.113569][ T5853] udevd[5853]: incorrect nilfs2 checksum on /dev/loop3
[  392.179028][ T8208] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  392.358920][ T8213] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  392.491704][ T8214] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12
[  392.672418][ T8214] Remounting filesystem read-only
[  393.542028][ T8222] netlink: 28 bytes leftover after parsing attributes in process `syz.4.499'.
[  394.176607][ T5740] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  394.653152][ T5740] usb 5-1: Using ep0 maxpacket: 8
[  394.655462][ T5740] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  394.655485][ T5740] usb 5-1: config 179 has no interface number 0
[  394.655525][ T5740] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  394.655550][ T5740] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  394.655575][ T5740] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  394.655600][ T5740] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  394.655624][ T5740] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  394.655674][ T5740] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  394.655695][ T5740] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  394.806263][ T8222] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  394.929165][ T8232] loop3: detected capacity change from 0 to 2048
[  394.966038][ T8232] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  395.040119][ T8234] loop2: detected capacity change from 0 to 2048
[  395.071658][ T8234] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  395.181926][ T8239] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  395.447301][   T12] bridge_slave_1: left allmulticast mode
[  395.447465][   T12] bridge_slave_1: left promiscuous mode
[  395.447975][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  396.062807][ T5616] udevd[5616]: incorrect nilfs2 checksum on /dev/loop2
[  396.158193][ T5634] udevd[5634]: incorrect nilfs2 checksum on /dev/loop2
[  396.704518][ T8237] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  396.724038][ T8237] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  397.614668][ T8249] NILFS error (device loop3): nilfs_lookup: deleted inode referenced: 12
[  397.922181][ T8252] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  397.938438][   T12] bridge_slave_0: left allmulticast mode
[  397.938852][   T12] bridge_slave_0: left promiscuous mode
[  397.939192][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  398.799077][ T8249] Remounting filesystem read-only
[  400.287718][   T10] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input5
[  400.370061][ T8263] loop2: detected capacity change from 0 to 128
[  400.422165][ T8264] netlink: 'syz.3.506': attribute type 1 has an invalid length.
[  400.718881][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880381f8000: rx timeout, send abort
[  401.222046][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880381f8400: rx timeout, send abort
[  401.222228][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880381f8000: abort rx timeout. Force session deactivation
[  401.376515][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  401.453957][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  401.540795][   T12] bond0 (unregistering): Released all slaves
[  401.561980][ T8276] FAULT_INJECTION: forcing a failure.
[  401.561980][ T8276] name failslab, interval 1, probability 0, space 0, times 0
[  401.562324][ T8276] CPU: 0 UID: 0 PID: 8276 Comm: syz.2.508 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  401.562346][ T8276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  401.562358][ T8276] Call Trace:
[  401.562365][ T8276]  <TASK>
[  401.562372][ T8276]  dump_stack_lvl+0xe8/0x150
[  401.562402][ T8276]  should_fail_ex+0x46b/0x600
[  401.562430][ T8276]  should_failslab+0xa8/0x100
[  401.562458][ T8276]  __kmalloc_noprof+0xdf/0x7b0
[  401.562482][ T8276]  ? tomoyo_encode+0x28b/0x550
[  401.562513][ T8276]  tomoyo_encode+0x28b/0x550
[  401.562544][ T8276]  tomoyo_realpath_from_path+0x58d/0x5d0
[  401.562571][ T8276]  ? tomoyo_domain+0xd7/0x130
[  401.562602][ T8276]  ? tomoyo_path_number_perm+0x219/0x630
[  401.562624][ T8276]  tomoyo_path_number_perm+0x246/0x630
[  401.562647][ T8276]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  401.562668][ T8276]  ? __lock_acquire+0x6b5/0x2d10
[  401.562699][ T8276]  ? do_raw_spin_lock+0x12b/0x2f0
[  401.562752][ T8276]  ? __fget_files+0x2a/0x420
[  401.562776][ T8276]  ? __fget_files+0x2a/0x420
[  401.562794][ T8276]  ? __fget_files+0x3a6/0x420
[  401.562814][ T8276]  ? __fget_files+0x2a/0x420
[  401.562838][ T8276]  security_file_ioctl+0xc3/0x2a0
[  401.562861][ T8276]  __se_sys_ioctl+0x47/0x170
[  401.562888][ T8276]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.562909][ T8276]  do_syscall_64+0x15f/0xf80
[  401.562937][ T8276]  ? clear_bhb_loop+0x40/0x90
[  401.562961][ T8276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.562981][ T8276] RIP: 0033:0x7f49b1b6cdd9
[  401.562998][ T8276] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  401.563015][ T8276] RSP: 002b:00007f49afd9d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  401.563034][ T8276] RAX: ffffffffffffffda RBX: 00007f49b1de6090 RCX: 00007f49b1b6cdd9
[  401.563048][ T8276] RDX: 00002000000005c0 RSI: 00000000c0502100 RDI: 0000000000000003
[  401.563060][ T8276] RBP: 00007f49afd9d090 R08: 0000000000000000 R09: 0000000000000000
[  401.563071][ T8276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  401.563082][ T8276] R13: 00007f49b1de6128 R14: 00007f49b1de6090 R15: 00007ffdf5e59c98
[  401.563118][ T8276]  </TASK>
[  401.578624][ T8276] ERROR: Out of memory at tomoyo_realpath_from_path.
[  401.722125][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880381f8400: abort rx timeout. Force session deactivation
[  402.094670][ T8279] loop0: detected capacity change from 0 to 128
[  402.245316][    C0] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  402.245366][    C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  402.295237][ T5626] usb 5-1: USB disconnect, device number 3
[  402.408535][ T5273] 8021q: adding VLAN 0 to HW filter on device eth5
[  402.480966][ T8264] loop3: detected capacity change from 0 to 32768
[  402.656569][ T8264] 
[  402.656569][ T8264]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  402.656569][ T8264] 
[  403.549805][ T8264] ialloc: diAlloc returned -5!
[  403.765012][ T8296] loop4: detected capacity change from 0 to 2048
[  404.010344][ T8296] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  404.641555][ T5616] udevd[5616]: incorrect nilfs2 checksum on /dev/loop4
[  404.675127][ T8301] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  406.011019][ T8307] loop0: detected capacity change from 0 to 128
[  406.022425][ T8309] loop2: detected capacity change from 0 to 2048
[  406.032145][ T5614] 
[  406.032145][ T5614]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  406.032145][ T5614] 
[  406.050303][ T8309] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  406.051912][ T8307] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  406.199340][ T5614] 
[  406.199340][ T5614]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  406.199340][ T5614] 
[  406.222447][ T8307] FAT-fs (loop0): error, invalid FAT chain (i_pos 548, last_block 8)
[  406.222474][ T8307] FAT-fs (loop0): Filesystem has been set read-only
[  406.222678][ T8307] FAT-fs (loop0): error, corrupted file size (i_pos 548, 522)
[  406.355364][ T5853] udevd[5853]: incorrect nilfs2 checksum on /dev/loop2
[  406.360463][ T8315] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  406.940753][ T8317] NILFS error (device loop2): nilfs_lookup: deleted inode referenced: 12
[  407.478507][ T8317] Remounting filesystem read-only
[  407.497942][ T8317] NILFS error (device loop2): nilfs_lookup: deleted inode referenced: 12
[  407.798433][ T8076] bridge0: port 1(bridge_slave_0) entered blocking state
[  407.799708][ T8076] bridge0: port 1(bridge_slave_0) entered disabled state
[  407.799952][ T8076] bridge_slave_0: entered allmulticast mode
[  407.881544][ T8076] bridge_slave_0: entered promiscuous mode
[  407.907321][ T8076] bridge0: port 2(bridge_slave_1) entered blocking state
[  407.907670][ T8076] bridge0: port 2(bridge_slave_1) entered disabled state
[  407.907965][ T8076] bridge_slave_1: entered allmulticast mode
[  407.941034][ T8076] bridge_slave_1: entered promiscuous mode
[  408.234495][ T8321] loop0: detected capacity change from 0 to 32768
[  408.235487][ T8321] btrfs: Deprecated parameter 'usebackuproot'
[  408.235726][ T8321] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  408.242283][ T8321] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.518 (8321)
[  408.601443][ T8321] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  408.601476][ T8321] BTRFS info (device loop0): using crc32c checksum algorithm
[  409.385724][ T8337] loop2: detected capacity change from 0 to 128
[  409.398961][ T8337] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  409.462030][ T8337] FAULT_INJECTION: forcing a failure.
[  409.462030][ T8337] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  409.462058][ T8337] CPU: 1 UID: 0 PID: 8337 Comm: syz.2.521 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  409.462076][ T8337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  409.462085][ T8337] Call Trace:
[  409.462091][ T8337]  <TASK>
[  409.462097][ T8337]  dump_stack_lvl+0xe8/0x150
[  409.462121][ T8337]  should_fail_ex+0x46b/0x600
[  409.462145][ T8337]  strncpy_from_user+0x36/0x2b0
[  409.462173][ T8337]  do_getname+0x77/0x250
[  409.462198][ T8337]  do_sys_openat2+0xca/0x200
[  409.462215][ T8337]  ? __pfx_do_sys_openat2+0x10/0x10
[  409.462231][ T8337]  ? ksys_write+0x248/0x270
[  409.462252][ T8337]  ? __pfx_ksys_write+0x10/0x10
[  409.462273][ T8337]  __x64_sys_openat+0x138/0x170
[  409.462290][ T8337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.462306][ T8337]  do_syscall_64+0x15f/0xf80
[  409.462339][ T8337]  ? trace_irq_disable+0x3b/0x140
[  409.462359][ T8337]  ? clear_bhb_loop+0x40/0x90
[  409.462377][ T8337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.462392][ T8337] RIP: 0033:0x7f49b1b6cdd9
[  409.462407][ T8337] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  409.462420][ T8337] RSP: 002b:00007f49afdbe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  409.462436][ T8337] RAX: ffffffffffffffda RBX: 00007f49b1de5fa0 RCX: 00007f49b1b6cdd9
[  409.462447][ T8337] RDX: 000000000004cd42 RSI: 0000200000000200 RDI: ffffffffffffff9c
[  409.462457][ T8337] RBP: 00007f49afdbe090 R08: 0000000000000000 R09: 0000000000000000
[  409.462467][ T8337] R10: 000000000000006e R11: 0000000000000246 R12: 0000000000000001
[  409.462478][ T8337] R13: 00007f49b1de6038 R14: 00007f49b1de5fa0 R15: 00007ffdf5e59c98
[  409.462506][ T8337]  </TASK>
[  409.472660][ T1505] FAT-fs (loop2): error, invalid FAT chain (i_pos 548, last_block 8)
[  409.472679][ T1505] FAT-fs (loop2): Filesystem has been set read-only
[  409.472813][ T1505] FAT-fs (loop2): error, corrupted file size (i_pos 548, 522)
[  409.495258][ T4428] BTRFS warning (device loop0): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  409.495623][ T8321] BTRFS error (device loop0): failed to load root extent
[  409.495726][ T8321] BTRFS warning (device loop0): try to load backup roots slot 1
[  409.570748][ T4428] BTRFS warning (device loop0): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  409.571116][ T8321] BTRFS warning (device loop0): couldn't read tree root
[  409.571172][ T8321] BTRFS warning (device loop0): try to load backup roots slot 2
[  409.590125][ T4428] BTRFS error (device loop0): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  409.590464][ T8321] BTRFS warning (device loop0): couldn't read tree root
[  409.590518][ T8321] BTRFS warning (device loop0): try to load backup roots slot 3
[  409.675366][ T8321] BTRFS info (device loop0): rebuilding free space tree
[  410.049834][ T8321] BTRFS info (device loop0): checking UUID tree
[  410.221245][ T8321] BTRFS info (device loop0): allowing degraded mounts
[  410.221272][ T8321] BTRFS info (device loop0): enabling ssd optimizations
[  410.221295][ T8321] BTRFS info (device loop0): using spread ssd allocation scheme
[  410.221314][ T8321] BTRFS info (device loop0): turning on async discard
[  410.221331][ T8321] BTRFS info (device loop0): enabling free space tree
[  410.221352][ T8321] BTRFS info (device loop0): force clearing of disk cache
[  410.221369][ T8321] BTRFS info (device loop0): enabling auto defrag
[  410.221387][ T8321] BTRFS info (device loop0): trying to use backup root at mount time
[  410.221417][ T8321] BTRFS info (device loop0): force zlib compression, level 3
[  412.543712][ T8360] loop2: detected capacity change from 0 to 2048
[  412.800573][ T8368] FAULT_INJECTION: forcing a failure.
[  412.800573][ T8368] name failslab, interval 1, probability 0, space 0, times 0
[  412.800606][ T8368] CPU: 1 UID: 0 PID: 8368 Comm: syz.4.526 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  412.800629][ T8368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  412.800640][ T8368] Call Trace:
[  412.800647][ T8368]  <TASK>
[  412.800655][ T8368]  dump_stack_lvl+0xe8/0x150
[  412.800685][ T8368]  should_fail_ex+0x46b/0x600
[  412.800711][ T8368]  should_failslab+0xa8/0x100
[  412.800738][ T8368]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  412.800762][ T8368]  ? __alloc_skb+0x1d0/0x7d0
[  412.800782][ T8368]  ? lockdep_hardirqs_on+0x7a/0x110
[  412.800813][ T8368]  __alloc_skb+0x1d0/0x7d0
[  412.800840][ T8368]  tcp_send_active_reset+0x8a/0x5a0
[  412.800867][ T8368]  ? preempt_schedule_thunk+0x16/0x30
[  412.800891][ T8368]  tcp_disconnect+0x191/0x1f10
[  412.800918][ T8368]  __inet_stream_connect+0x32b/0xdd0
[  412.800953][ T8368]  ? lockdep_hardirqs_on+0x7a/0x110
[  412.800977][ T8368]  ? irqentry_exit+0x218/0x730
[  412.800999][ T8368]  ? trace_irq_disable+0x3b/0x140
[  412.801029][ T8368]  ? __pfx___inet_stream_connect+0x10/0x10
[  412.801065][ T8368]  ? __local_bh_enable_ip+0x1c2/0x2b0
[  412.801093][ T8368]  inet_stream_connect+0x66/0xa0
[  412.801123][ T8368]  __sys_connect+0x315/0x450
[  412.801153][ T8368]  ? __pfx___sys_connect+0x10/0x10
[  412.801186][ T8368]  ? __pfx_ksys_write+0x10/0x10
[  412.801215][ T8368]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  412.801235][ T8368]  __x64_sys_connect+0x7a/0x90
[  412.801258][ T8368]  do_syscall_64+0x15f/0xf80
[  412.801283][ T8368]  ? trace_irq_disable+0x3b/0x140
[  412.801308][ T8368]  ? clear_bhb_loop+0x40/0x90
[  412.801331][ T8368]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  412.801351][ T8368] RIP: 0033:0x7f8b69c3cdd9
[  412.801369][ T8368] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  412.801385][ T8368] RSP: 002b:00007f8b67e54028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  412.801404][ T8368] RAX: ffffffffffffffda RBX: 00007f8b69eb6180 RCX: 00007f8b69c3cdd9
[  412.801419][ T8368] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000003
[  412.801431][ T8368] RBP: 00007f8b67e54090 R08: 0000000000000000 R09: 0000000000000000
[  412.801442][ T8368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  412.801453][ T8368] R13: 00007f8b69eb6218 R14: 00007f8b69eb6180 R15: 00007ffc2df475b8
[  412.801483][ T8368]  </TASK>
[  412.994946][ T8360] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  413.128218][ T8360] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  413.174950][ T8360] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 34 with error 28
[  413.174983][ T8360] EXT4-fs (loop2): This should not happen!! Data will be lost
[  413.174983][ T8360] 
[  413.175000][ T8360] EXT4-fs (loop2): Total free blocks count 0
[  413.175016][ T8360] EXT4-fs (loop2): Free/Dirty block details
[  413.175031][ T8360] EXT4-fs (loop2): free_blocks=4096
[  413.175047][ T8360] EXT4-fs (loop2): dirty_blocks=48
[  413.175060][ T8360] EXT4-fs (loop2): Block reservation details
[  413.175073][ T8360] EXT4-fs (loop2): i_reserved_data_blocks=3
[  413.445602][ T8076] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  413.500773][ T5612] EXT4-fs warning (device loop2): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost
[  413.560849][ T5612] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.578434][ T8076] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  413.750456][ T5613] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  415.284158][ T8397] netlink: 104 bytes leftover after parsing attributes in process `syz.2.532'.
[  415.572066][ T8076] team0: Port device team_slave_0 added
[  415.686821][   T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  416.400276][   T10] usb 3-1: Using ep0 maxpacket: 8
[  416.410872][   T10] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1536, setting to 64
[  416.410907][   T10] usb 3-1: config 0 interface 0 has no altsetting 0
[  416.431560][   T10] usb 3-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[  416.431589][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  416.431610][   T10] usb 3-1: Product: syz
[  416.431624][   T10] usb 3-1: Manufacturer: syz
[  416.431639][   T10] usb 3-1: SerialNumber: syz
[  416.583748][   T10] usb 3-1: config 0 descriptor??
[  416.642066][   T10] snd_usb_toneport 3-1:0.0: Line 6 TonePort UX2 found
[  416.714043][ T8405] loop4: detected capacity change from 0 to 2048
[  416.741678][ T8405] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  416.828336][   T12] hsr_slave_0: left promiscuous mode
[  416.851491][   T10] snd_usb_toneport 3-1:0.0: Line 6 TonePort UX2 now disconnected
[  416.880616][   T10] snd_usb_toneport 3-1:0.0: probe with driver snd_usb_toneport failed with error -22
[  416.886899][ T8410] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  416.903047][   T12] hsr_slave_1: left promiscuous mode
[  416.918360][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  416.918387][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  416.947392][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  416.947419][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  419.255337][   T12] veth1_macvtap: left promiscuous mode
[  419.290784][   T12] veth0_macvtap: left promiscuous mode
[  419.291935][   T12] veth1_vlan: left promiscuous mode
[  419.292050][   T12] veth0_vlan: left promiscuous mode
[  419.656491][ T8421] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  420.700341][ T8426] loop4: detected capacity change from 0 to 2048
[  420.706844][ T8426] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  420.731019][ T8427] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  421.915028][ T8431] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12
[  422.042784][ T8431] Remounting filesystem read-only
[  423.138650][   T12] team0 (unregistering): Port device team_slave_1 removed
[  423.173728][   T12] team0 (unregistering): Port device team_slave_0 removed
[  424.395258][ T8076] team0: Port device team_slave_1 added
[  424.431062][ T5273] 8021q: adding VLAN 0 to HW filter on device eth6
[  424.479180][ T1258] usb 3-1: USB disconnect, device number 2
[  424.765019][ T8076] batman_adv: batadv0: Adding interface: batadv_slave_0
[  424.765035][ T8076] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  424.765061][ T8076] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  425.743238][ T8076] batman_adv: batadv0: Adding interface: batadv_slave_1
[  425.743277][ T8076] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  425.743377][ T8076] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  426.162475][ T8458] loop2: detected capacity change from 0 to 128
[  426.344941][ T8461] loop3: detected capacity change from 0 to 1024
[  426.345820][ T8461] EXT4-fs: inline encryption not supported
[  426.349736][ T8461] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  427.545447][ T8453] syz.4.545 (8453) used greatest stack depth: 17672 bytes left
[  427.835194][ T8076] hsr_slave_0: entered promiscuous mode
[  427.838982][ T8076] hsr_slave_1: entered promiscuous mode
[  427.856769][ T8076] debugfs: 'hsr0' already exists in 'hsr'
[  427.856792][ T8076] Cannot create hsr debugfs directory
[  427.957162][ T8461] EXT4-fs error (device loop3): ext4_map_blocks:791: inode #3: block 2: comm syz.3.547: lblock 2 mapped to illegal pblock 2 (length 1)
[  427.957222][ T8461] loop3: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  427.965052][    C0] EXT4-fs (loop3): initial error at time 1777521779: ext4_map_blocks:791: inode 3: block 2
[  427.965133][    C0] EXT4-fs (loop3): last error at time 1777521779: ext4_map_blocks:791: inode 3: block 2
[  428.069183][ T8461] EXT4-fs (loop3): Remounting filesystem read-only
[  428.069205][ T8461] Quota error (device loop3): qtree_write_dquot: dquota write failed
[  428.069256][ T8461] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  428.069357][ T8461] EXT4-fs (loop3): 1 orphan inode deleted
[  428.104270][ T8461] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  429.360423][ T5614] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  429.683901][   T10] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  429.851109][   T10] usb 5-1: New USB device found, idVendor=1b80, idProduct=e396, bcdDevice=a7.b1
[  429.851137][   T10] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  429.851156][   T10] usb 5-1: Manufacturer: syz
[  429.914547][   T10] usb 5-1: config 0 descriptor??
[  430.253147][   T10] usb 5-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  430.273297][   T10] dvb_usb_af9015 5-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[  430.355215][   T10] usb 5-1: USB disconnect, device number 4
[  430.613509][ T5881] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  430.796896][ T5881] usb 3-1: Using ep0 maxpacket: 8
[  430.803494][ T5881] usb 3-1: config index 0 descriptor too short (expected 30, got 18)
[  430.805561][ T5881] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  430.805586][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  430.805605][ T5881] usb 3-1: Product: syz
[  430.805617][ T5881] usb 3-1: Manufacturer: syz
[  430.805630][ T5881] usb 3-1: SerialNumber: syz
[  430.871855][ T5881] usb 3-1: config 0 descriptor??
[  430.961434][ T5881] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  430.961508][ T5881] usb 3-1: setting power ON
[  430.981606][ T5881] dvb-usb: bulk message failed: -22 (2/0)
[  431.045077][ T5881] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  431.047137][ T5881] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  431.047229][ T5881] usb 3-1: media controller created
[  431.142144][ T8501] dvb-usb: bulk message failed: -22 (3/0)
[  431.142168][ T8501] dvb-usb: bulk message failed: -22 (3/0)
[  431.600261][ T8513] netlink: 'syz.2.555': attribute type 1 has an invalid length.
[  432.392711][ T5881] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  432.432033][ T5881] usb 3-1: selecting invalid altsetting 6
[  432.432056][ T5881] usb 3-1: digital interface selection failed (-22)
[  432.432082][ T5881] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  432.544000][ T5881] usb 3-1: setting power OFF
[  432.544281][ T5881] dvb-usb: bulk message failed: -22 (2/0)
[  432.544330][ T5881] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  432.544367][ T5881] (NULL device *): no alternate interface
[  432.863179][ T8192] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  433.020017][ T8192] usb 5-1: New USB device found, idVendor=1b80, idProduct=e396, bcdDevice=a7.b1
[  433.020050][ T8192] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  433.020073][ T8192] usb 5-1: Manufacturer: syz
[  433.108447][ T8192] usb 5-1: config 0 descriptor??
[  433.376877][ T8192] usb 5-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  433.379702][ T8192] dvb_usb_af9015 5-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[  433.429310][ T8192] usb 5-1: USB disconnect, device number 5
[  433.824697][ T5881] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  433.880626][ T5881] usb 3-1: USB disconnect, device number 3
[  434.427092][ T8526] loop3: detected capacity change from 0 to 2048
[  434.469997][ T5619] Bluetooth: hci1: unknown advertising packet type: 0x75
[  434.470033][ T5619] Bluetooth: hci1: unknown advertising packet type: 0x6f
[  434.470074][ T5619] Bluetooth: hci1: Malformed LE Event: 0x02
[  434.518674][ T8526] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  434.715456][ T8526] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  434.925038][ T5621] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  435.006895][ T5621] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  435.009477][ T5621] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  435.034223][ T5621] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  435.035516][ T5621] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  435.159291][ T5614] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  437.166911][ T5619] Bluetooth: hci2: command tx timeout
[  438.328764][ T3375] bridge_slave_1: left allmulticast mode
[  438.328799][ T3375] bridge_slave_1: left promiscuous mode
[  438.329368][ T3375] bridge0: port 2(bridge_slave_1) entered disabled state
[  438.689544][ T3375] bridge_slave_0: left allmulticast mode
[  438.689576][ T3375] bridge_slave_0: left promiscuous mode
[  438.689823][ T3375] bridge0: port 1(bridge_slave_0) entered disabled state
[  438.788931][ T8597] trusted_key: encrypted_key: master key parameter is missing
[  439.243199][ T5619] Bluetooth: hci2: command tx timeout
[  439.356009][ T3375] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  439.477207][ T3375] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  439.630485][ T3375] bond0 (unregistering): Released all slaves
[  440.056434][ T1335] ieee802154 phy0 wpan0: encryption failed: -22
[  440.056533][ T1335] ieee802154 phy1 wpan1: encryption failed: -22
[  441.115399][ T3375] hsr_slave_0: left promiscuous mode
[  441.149319][ T3375] hsr_slave_1: left promiscuous mode
[  441.149487][ T8623] loop3: detected capacity change from 0 to 512
[  441.150333][ T3375] batman_adv: batadv0: Removing interface: batadv_slave_0
[  441.190471][ T3375] batman_adv: batadv0: Removing interface: batadv_slave_1
[  441.333868][ T5619] Bluetooth: hci2: command tx timeout
[  442.269445][ T8631] loop2: detected capacity change from 0 to 2048
[  442.274008][ T8640] netlink: 104 bytes leftover after parsing attributes in process `syz.0.573'.
[  442.336190][ T8631] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  442.509811][ T8646] loop4: detected capacity change from 0 to 512
[  442.531478][ T8646] EXT4-fs (loop4): 1 truncate cleaned up
[  442.533244][ T8646] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  442.676831][ T5610] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  442.739726][ T1007] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  442.812127][ T5612] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  442.885068][ T1007] usb 1-1: Using ep0 maxpacket: 8
[  442.911203][ T1007] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1536, setting to 64
[  442.911234][ T1007] usb 1-1: config 0 interface 0 has no altsetting 0
[  442.931907][ T1007] usb 1-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[  442.931936][ T1007] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  442.931959][ T1007] usb 1-1: Product: syz
[  442.931975][ T1007] usb 1-1: Manufacturer: syz
[  442.931990][ T1007] usb 1-1: SerialNumber: syz
[  443.032288][ T1007] usb 1-1: config 0 descriptor??
[  443.197830][ T1007] snd_usb_toneport 1-1:0.0: Line 6 TonePort UX2 found
[  443.284939][ T8666] FAULT_INJECTION: forcing a failure.
[  443.284939][ T8666] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  443.285239][ T8666] CPU: 0 UID: 0 PID: 8666 Comm: syz.2.576 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  443.285266][ T8666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  443.285280][ T8666] Call Trace:
[  443.285289][ T8666]  <TASK>
[  443.285301][ T8666]  dump_stack_lvl+0xe8/0x150
[  443.285338][ T8666]  should_fail_ex+0x46b/0x600
[  443.285368][ T8666]  _copy_from_user+0x2d/0xb0
[  443.285397][ T8666]  memdup_user+0x5e/0xd0
[  443.285421][ T8666]  strndup_user+0x68/0xd0
[  443.285445][ T8666]  __se_sys_mount+0x9d/0x420
[  443.285471][ T8666]  ? ksys_write+0x248/0x270
[  443.285502][ T8666]  ? __pfx___se_sys_mount+0x10/0x10
[  443.285532][ T8666]  ? __x64_sys_mount+0x20/0xc0
[  443.285556][ T8666]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  443.285582][ T8666]  do_syscall_64+0x15f/0xf80
[  443.285613][ T8666]  ? trace_irq_disable+0x3b/0x140
[  443.285643][ T8666]  ? clear_bhb_loop+0x40/0x90
[  443.285671][ T8666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  443.285694][ T8666] RIP: 0033:0x7f49b1b6cdd9
[  443.285715][ T8666] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  443.285735][ T8666] RSP: 002b:00007f49afd7c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  443.285758][ T8666] RAX: ffffffffffffffda RBX: 00007f49b1de6180 RCX: 00007f49b1b6cdd9
[  443.285775][ T8666] RDX: 00002000000001c0 RSI: 00002000000000c0 RDI: 0000200000000040
[  443.285791][ T8666] RBP: 00007f49afd7c090 R08: 0000200000000200 R09: 0000000000000000
[  443.285806][ T8666] R10: 0000000000000091 R11: 0000000000000246 R12: 0000000000000001
[  443.285819][ T8666] R13: 00007f49b1de6218 R14: 00007f49b1de6180 R15: 00007ffdf5e59c98
[  443.285855][ T8666]  </TASK>
[  443.403218][ T5619] Bluetooth: hci2: command tx timeout
[  443.790914][ T1007] snd_usb_toneport 1-1:0.0: Line 6 TonePort UX2 now disconnected
[  443.813439][ T1007] snd_usb_toneport 1-1:0.0: probe with driver snd_usb_toneport failed with error -22
[  445.459840][ T8679] loop2: detected capacity change from 0 to 256
[  445.475829][ T8679] vfat: Bad value for 'nonumtail'
[  445.495005][ T3375] team0 (unregistering): Port device team_slave_1 removed
[  445.630836][ T8681] loop4: detected capacity change from 0 to 8
[  445.640928][ T8681] squashfs: Unknown parameter '01777777777777777777777ÿÿÿÿÿÿÿÿ0177777777777777777777701777777777777777777777ÿÿ00000000000000000000000184467440737095516150xffffffffffffffff1844674407370955161501777777777777777777777ÿÿÿÿ'
[  445.672999][ T8682] netlink: 8 bytes leftover after parsing attributes in process `syz.4.580'.
[  445.872333][ T8688] loop4: detected capacity change from 0 to 2048
[  446.155721][ T3375] team0 (unregistering): Port device team_slave_0 removed
[  446.181129][ T8688] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  446.273784][ T5634] udevd[5634]: incorrect nilfs2 checksum on /dev/loop4
[  446.449541][ T8689] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  447.340837][ T8694] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12
[  447.685432][ T8694] Remounting filesystem read-only
[  447.703452][ T8694] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12
[  448.120570][ T8697] loop2: detected capacity change from 0 to 128
[  448.457849][ T8702] loop4: detected capacity change from 0 to 128
[  448.788482][ T8702] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  449.838826][ T5617] usb 1-1: USB disconnect, device number 6
[  450.041837][   T10] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  450.213103][   T10] usb 5-1: Using ep0 maxpacket: 8
[  450.215896][   T10] usb 5-1: unable to get BOS descriptor or descriptor too short
[  450.217656][   T10] usb 5-1: config 129 has an invalid interface number: 219 but max is 0
[  450.217684][   T10] usb 5-1: config 129 has no interface number 0
[  450.217731][   T10] usb 5-1: config 129 interface 219 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[  450.217758][   T10] usb 5-1: config 129 interface 219 altsetting 7 has an endpoint descriptor with address 0xDC, changing to 0x8C
[  450.217787][   T10] usb 5-1: config 129 interface 219 altsetting 7 endpoint 0x8C has invalid maxpacket 39723, setting to 1024
[  450.217818][   T10] usb 5-1: config 129 interface 219 altsetting 7 bulk endpoint 0x8C has invalid maxpacket 1024
[  450.217845][   T10] usb 5-1: config 129 interface 219 altsetting 7 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  450.217875][   T10] usb 5-1: config 129 interface 219 has no altsetting 0
[  450.220958][   T10] usb 5-1: New USB device found, idVendor=0bfd, idProduct=0115, bcdDevice=52.55
[  450.220983][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.221003][   T10] usb 5-1: Product: syz
[  450.221016][   T10] usb 5-1: Manufacturer: syz
[  450.221030][   T10] usb 5-1: SerialNumber: syz
[  451.688955][ T8713] loop2: detected capacity change from 0 to 2048
[  451.773116][ T8713] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  451.809284][ T8704] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  452.251490][ T8719] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  452.265822][ T5634] udevd[5634]: incorrect nilfs2 checksum on /dev/loop2
[  452.308095][ T8704] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  452.526283][   T38] audit: type=1326 audit(1777521804.307:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8703 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b69c3cdd9 code=0x7ffc0000
[  452.526898][   T38] audit: type=1326 audit(1777521804.307:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8703 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b69c3cdd9 code=0x7ffc0000
[  452.627240][   T38] audit: type=1326 audit(1777521804.317:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8703 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b69c3cdd9 code=0x7ffc0000
[  452.627297][   T38] audit: type=1326 audit(1777521804.347:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8703 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=468 compat=0 ip=0x7f8b69c3cdd9 code=0x7ffc0000
[  452.630182][   T38] audit: type=1326 audit(1777521804.407:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8703 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b69c3cdd9 code=0x7ffc0000
[  452.630868][   T38] audit: type=1326 audit(1777521804.407:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8703 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b69c3cdd9 code=0x7ffc0000
[  452.651744][   T38] audit: type=1326 audit(1777521804.407:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8703 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b69c3cdd9 code=0x7ffc0000
[  452.652839][   T38] audit: type=1326 audit(1777521804.427:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8703 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f8b69c3cdd9 code=0x7ffc0000
[  452.652908][   T38] audit: type=1326 audit(1777521804.427:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8703 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b69c3cdd9 code=0x7ffc0000
[  452.653200][   T38] audit: type=1326 audit(1777521804.427:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8703 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b69c3cdd9 code=0x7ffc0000
[  453.169942][ T8725] loop3: detected capacity change from 0 to 256
[  453.174577][ T8725] vfat: Bad value for 'nonumtail'
[  453.209374][ T8724] loop0: detected capacity change from 0 to 128
[  453.275112][   T10] kvaser_usb 5-1:129.219: error -ENODEV: Cannot get usb endpoint(s)
[  453.312884][   T10] usb 5-1: USB disconnect, device number 6
[  453.729470][ T8729] loop2: detected capacity change from 0 to 512
[  453.797232][ T8729] EXT4-fs (loop2): 1 truncate cleaned up
[  453.802870][ T8729] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  453.973219][ T8738] netlink: 48 bytes leftover after parsing attributes in process `syz.0.593'.
[  453.974281][ T8738] netlink: 40 bytes leftover after parsing attributes in process `syz.0.593'.
[  453.978464][ T5612] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  455.368233][ T8537] bridge0: port 1(bridge_slave_0) entered blocking state
[  455.368655][ T8537] bridge0: port 1(bridge_slave_0) entered disabled state
[  455.368928][ T8537] bridge_slave_0: entered allmulticast mode
[  455.372517][ T8537] bridge_slave_0: entered promiscuous mode
[  455.377278][ T8537] bridge0: port 2(bridge_slave_1) entered blocking state
[  455.377707][ T8537] bridge0: port 2(bridge_slave_1) entered disabled state
[  455.378343][ T8537] bridge_slave_1: entered allmulticast mode
[  455.381556][ T8537] bridge_slave_1: entered promiscuous mode
[  455.517977][ T8537] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  455.538762][ T8537] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  455.602935][ T8537] team0: Port device team_slave_0 added
[  455.610901][ T8537] team0: Port device team_slave_1 added
[  455.705236][ T8537] batman_adv: batadv0: Adding interface: batadv_slave_0
[  455.705252][ T8537] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  455.705284][ T8537] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  455.763235][ T8537] batman_adv: batadv0: Adding interface: batadv_slave_1
[  455.763251][ T8537] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  455.763277][ T8537] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  457.687620][ T8780] loop3: detected capacity change from 0 to 128
[  458.055044][ T8537] hsr_slave_0: entered promiscuous mode
[  458.103607][ T8537] hsr_slave_1: entered promiscuous mode
[  458.131871][ T8783] loop0: detected capacity change from 0 to 2048
[  458.136175][ T8537] debugfs: 'hsr0' already exists in 'hsr'
[  458.136226][ T8537] Cannot create hsr debugfs directory
[  458.190301][ T8783] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  458.235265][ T8786] loop4: detected capacity change from 0 to 256
[  458.236102][ T8786] vfat: Bad value for 'nonumtail'
[  458.339888][ T8788] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  461.191296][ T8801] netlink: 40 bytes leftover after parsing attributes in process `syz.0.606'.
[  461.238309][ T8800] netlink: 48 bytes leftover after parsing attributes in process `syz.0.606'.
[  464.182862][ T8817] loop4: detected capacity change from 0 to 512
[  464.315750][ T8817] EXT4-fs (loop4): 1 truncate cleaned up
[  464.418382][ T8817] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  465.172376][ T8823] FAULT_INJECTION: forcing a failure.
[  465.172376][ T8823] name failslab, interval 1, probability 0, space 0, times 0
[  465.172433][ T8823] CPU: 1 UID: 0 PID: 8823 Comm: syz.0.612 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  465.172473][ T8823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  465.172485][ T8823] Call Trace:
[  465.172493][ T8823]  <TASK>
[  465.172501][ T8823]  dump_stack_lvl+0xe8/0x150
[  465.172530][ T8823]  should_fail_ex+0x46b/0x600
[  465.172555][ T8823]  should_failslab+0xa8/0x100
[  465.172583][ T8823]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  465.172608][ T8823]  ? __alloc_skb+0x1d0/0x7d0
[  465.172630][ T8823]  ? __local_bh_enable_ip+0x1c2/0x2b0
[  465.172660][ T8823]  __alloc_skb+0x1d0/0x7d0
[  465.172687][ T8823]  netlink_sendmsg+0x5d4/0xb40
[  465.172721][ T8823]  ? __pfx_netlink_sendmsg+0x10/0x10
[  465.172749][ T8823]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  465.172782][ T8823]  ? aa_sock_msg_perm+0x122/0x200
[  465.172807][ T8823]  ? __pfx_netlink_sendmsg+0x10/0x10
[  465.172839][ T8823]  sock_sendmsg_nosec+0x112/0x150
[  465.172862][ T8823]  ____sys_sendmsg+0x55c/0x870
[  465.172893][ T8823]  ? __pfx_____sys_sendmsg+0x10/0x10
[  465.172928][ T8823]  ? import_iovec+0x73/0xa0
[  465.172965][ T8823]  ___sys_sendmsg+0x2a5/0x360
[  465.172990][ T8823]  ? __lock_acquire+0x6b5/0x2d10
[  465.173023][ T8823]  ? __pfx____sys_sendmsg+0x10/0x10
[  465.173080][ T8823]  ? __fget_files+0x2a/0x420
[  465.173100][ T8823]  ? __fget_files+0x3a6/0x420
[  465.173129][ T8823]  __x64_sys_sendmsg+0x1c3/0x2a0
[  465.173158][ T8823]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  465.173192][ T8823]  ? rcu_is_watching+0x15/0xb0
[  465.173219][ T8823]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.173241][ T8823]  do_syscall_64+0x15f/0xf80
[  465.173269][ T8823]  ? clear_bhb_loop+0x40/0x90
[  465.173292][ T8823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.173311][ T8823] RIP: 0033:0x7f3319b5cdd9
[  465.173329][ T8823] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  465.173345][ T8823] RSP: 002b:00007f3317d74028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  465.173365][ T8823] RAX: ffffffffffffffda RBX: 00007f3319dd6180 RCX: 00007f3319b5cdd9
[  465.173379][ T8823] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000005
[  465.173390][ T8823] RBP: 00007f3317d74090 R08: 0000000000000000 R09: 0000000000000000
[  465.173402][ T8823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  465.173413][ T8823] R13: 00007f3319dd6218 R14: 00007f3319dd6180 R15: 00007ffc89783578
[  465.173442][ T8823]  </TASK>
[  465.881652][ T8819] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 465: padding at end of block bitmap is not set
[  466.435267][ T5610] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  466.630056][ T1258] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  466.677520][ T8830] loop4: detected capacity change from 0 to 128
[  466.786731][ T1258] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  466.786764][ T1258] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  466.786798][ T1258] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  466.786820][ T1258] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  466.879333][ T1258] usb 1-1: config 0 descriptor??
[  467.373137][ T8834] loop2: detected capacity change from 0 to 2048
[  467.467956][ T1258] pyra 0003:1E7D:2CF6.0001: unknown main item tag 0x0
[  467.467998][ T1258] pyra 0003:1E7D:2CF6.0001: unknown main item tag 0x0
[  467.468028][ T1258] pyra 0003:1E7D:2CF6.0001: unknown main item tag 0x0
[  467.468057][ T1258] pyra 0003:1E7D:2CF6.0001: unknown main item tag 0x0
[  467.468086][ T1258] pyra 0003:1E7D:2CF6.0001: unknown main item tag 0x0
[  467.468115][ T1258] pyra 0003:1E7D:2CF6.0001: unknown main item tag 0x0
[  467.468144][ T1258] pyra 0003:1E7D:2CF6.0001: unknown main item tag 0x0
[  467.557068][ T1258] pyra 0003:1E7D:2CF6.0001: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.0-1/input0
[  467.742847][ T1258] pyra 0003:1E7D:2CF6.0001: couldn't init struct pyra_device
[  467.742900][ T1258] pyra 0003:1E7D:2CF6.0001: couldn't install mouse
[  467.763564][ T8834] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  467.850277][ T5634] udevd[5634]: incorrect nilfs2 checksum on /dev/loop2
[  467.914712][ T8839] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  467.945693][ T1258] pyra 0003:1E7D:2CF6.0001: probe with driver pyra failed with error -5
[  468.894914][ T8845] netlink: 40 bytes leftover after parsing attributes in process `syz.3.617'.
[  468.932267][ T8844] netlink: 48 bytes leftover after parsing attributes in process `syz.3.617'.
[  468.992822][ T8537] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  469.058665][ T8537] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  469.059628][ T8537] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  469.127855][ T8537] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  469.131026][ T8537] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  469.199799][ T8853] loop3: detected capacity change from 0 to 128
[  469.214687][ T8537] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  469.217202][ T8537] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  469.300192][ T8537] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  469.472092][ T1007] usb 1-1: USB disconnect, device number 7
[  469.525047][ T8853] qnx6: superblock #1 checksum error
[  469.646769][ T8850] loop3: detected capacity change from 0 to 8
[  469.940966][ T8850] SQUASHFS error: lzo decompression failed, data probably corrupt
[  469.940999][ T8850] SQUASHFS error: Failed to read block 0x62b: -5
[  469.941014][ T8850] SQUASHFS error: Unable to read metadata cache entry [629]
[  469.941035][ T8850] SQUASHFS error: Unable to read inode 0x11f
[  471.240313][ T8873] loop2: detected capacity change from 0 to 8
[  471.282548][ T8873] SQUASHFS error: lzo decompression failed, data probably corrupt
[  471.282580][ T8873] SQUASHFS error: Failed to read block 0x91: -5
[  471.282597][ T8873] SQUASHFS error: Unable to read metadata cache entry [8f]
[  471.282613][ T8873] SQUASHFS error: Unable to read inode 0x11f
[  471.489779][ T8537] 8021q: adding VLAN 0 to HW filter on device bond0
[  471.511989][ T8537] 8021q: adding VLAN 0 to HW filter on device team0
[  471.584499][ T1358] bridge0: port 1(bridge_slave_0) entered blocking state
[  471.584712][ T1358] bridge0: port 1(bridge_slave_0) entered forwarding state
[  471.694848][ T1358] bridge0: port 2(bridge_slave_1) entered blocking state
[  471.694950][ T1358] bridge0: port 2(bridge_slave_1) entered forwarding state
[  472.341098][ T8899] netlink: 48 bytes leftover after parsing attributes in process `syz.0.630'.
[  472.354366][ T8899] netlink: 40 bytes leftover after parsing attributes in process `syz.0.630'.
[  477.532276][ T8932] FAULT_INJECTION: forcing a failure.
[  477.532276][ T8932] name failslab, interval 1, probability 0, space 0, times 0
[  477.532332][ T8932] CPU: 1 UID: 0 PID: 8932 Comm: syz.3.637 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  477.532356][ T8932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  477.532369][ T8932] Call Trace:
[  477.532377][ T8932]  <TASK>
[  477.532386][ T8932]  dump_stack_lvl+0xe8/0x150
[  477.532418][ T8932]  should_fail_ex+0x46b/0x600
[  477.532445][ T8932]  should_failslab+0xa8/0x100
[  477.532474][ T8932]  kmem_cache_alloc_noprof+0x87/0x680
[  477.532500][ T8932]  ? security_inode_alloc+0x39/0x310
[  477.532532][ T8932]  security_inode_alloc+0x39/0x310
[  477.532563][ T8932]  inode_init_always_gfp+0x99a/0xd50
[  477.532590][ T8932]  ? __pfx_sock_alloc_inode+0x10/0x10
[  477.532610][ T8932]  alloc_inode+0x82/0x1b0
[  477.532639][ T8932]  __sock_create+0x11e/0x960
[  477.532670][ T8932]  __sys_socket+0xd9/0x330
[  477.532693][ T8932]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  477.532716][ T8932]  __x64_sys_socket+0x7a/0x90
[  477.532739][ T8932]  do_syscall_64+0x15f/0xf80
[  477.532768][ T8932]  ? clear_bhb_loop+0x40/0x90
[  477.532793][ T8932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  477.532813][ T8932] RIP: 0033:0x7fb05c66cdd9
[  477.532832][ T8932] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  477.532850][ T8932] RSP: 002b:00007fb05a884028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  477.532872][ T8932] RAX: ffffffffffffffda RBX: 00007fb05c8e6180 RCX: 00007fb05c66cdd9
[  477.532887][ T8932] RDX: 0000000000000106 RSI: 0000000000000001 RDI: 0000000000000002
[  477.532899][ T8932] RBP: 00007fb05a884090 R08: 0000000000000000 R09: 0000000000000000
[  477.532911][ T8932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  477.532923][ T8932] R13: 00007fb05c8e6218 R14: 00007fb05c8e6180 R15: 00007ffe629b7eb8
[  477.532957][ T8932]  </TASK>
[  477.533122][ T8932] socket: no more sockets
[  478.592894][ T8936] loop3: detected capacity change from 0 to 2048
[  478.629594][ T8936] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  478.727211][ T8938] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  478.730863][ T5853] udevd[5853]: incorrect nilfs2 checksum on /dev/loop3
[  479.987040][ T8941] NILFS error (device loop3): nilfs_lookup: deleted inode referenced: 12
[  480.077873][ T8941] Remounting filesystem read-only
[  480.500367][ T8537] 8021q: adding VLAN 0 to HW filter on device batadv0
[  480.883271][ T5617] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  481.059030][ T5617] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  481.059058][ T5617] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  481.059076][ T5617] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  481.059095][ T5617] usb 4-1: config 220 has no interface number 2
[  481.059157][ T5617] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  481.059190][ T5617] usb 4-1: config 220 interface 0 has no altsetting 0
[  481.059207][ T5617] usb 4-1: config 220 interface 76 has no altsetting 0
[  481.059224][ T5617] usb 4-1: config 220 interface 1 has no altsetting 0
[  481.061603][ T5617] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  481.061623][ T5617] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  481.061637][ T5617] usb 4-1: Product: syz
[  481.061648][ T5617] usb 4-1: Manufacturer: syz
[  481.061657][ T5617] usb 4-1: SerialNumber: syz
[  481.449974][ T8946] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  481.474630][ T8946] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  481.657037][ T8537] veth0_vlan: entered promiscuous mode
[  481.740081][ T8537] veth1_vlan: entered promiscuous mode
[  481.876958][ T8956] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  481.956187][ T8960] netlink: 40 bytes leftover after parsing attributes in process `syz.0.641'.
[  482.111095][ T8965] loop2: detected capacity change from 0 to 128
[  482.129331][ T8965] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  482.332847][ T8958] netlink: 48 bytes leftover after parsing attributes in process `syz.0.641'.
[  482.607702][ T8537] veth0_macvtap: entered promiscuous mode
[  482.663956][ T8537] veth1_macvtap: entered promiscuous mode
[  482.729807][ T8537] batman_adv: batadv0: Interface activated: batadv_slave_0
[  482.758149][ T5617] usb 4-1: selecting invalid altsetting 0
[  482.823488][ T1007] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  482.841052][ T5617] uvcvideo 4-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  482.841093][ T5617] uvcvideo 4-1:220.0: No valid video chain found.
[  482.866479][ T8537] batman_adv: batadv0: Interface activated: batadv_slave_1
[  482.879065][ T5617] usb 4-1: selecting invalid altsetting 0
[  482.879153][ T5617] usbtest 4-1:220.1: probe with driver usbtest failed with error -22
[  482.922903][   T13] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  482.934305][ T3389] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  482.935687][ T3389] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  482.935725][ T3389] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  482.973025][ T1007] usb 1-1: Using ep0 maxpacket: 8
[  482.985721][ T1007] usb 1-1: unable to get BOS descriptor or descriptor too short
[  482.987207][ T1007] usb 1-1: config 129 has an invalid interface number: 219 but max is 0
[  482.987233][ T1007] usb 1-1: config 129 has no interface number 0
[  482.987278][ T1007] usb 1-1: config 129 interface 219 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[  482.987300][ T1007] usb 1-1: config 129 interface 219 altsetting 7 has an endpoint descriptor with address 0xDC, changing to 0x8C
[  482.987324][ T1007] usb 1-1: config 129 interface 219 altsetting 7 endpoint 0x8C has invalid maxpacket 39723, setting to 1024
[  482.987348][ T1007] usb 1-1: config 129 interface 219 altsetting 7 bulk endpoint 0x8C has invalid maxpacket 1024
[  482.987370][ T1007] usb 1-1: config 129 interface 219 altsetting 7 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  482.987394][ T1007] usb 1-1: config 129 interface 219 has no altsetting 0
[  483.031026][ T1007] usb 1-1: New USB device found, idVendor=0bfd, idProduct=0115, bcdDevice=52.55
[  483.031052][ T1007] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  483.031071][ T1007] usb 1-1: Product: syz
[  483.031084][ T1007] usb 1-1: Manufacturer: syz
[  483.031098][ T1007] usb 1-1: SerialNumber: syz
[  483.189633][ T8970] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  483.259668][ T5617] usb 4-1: USB disconnect, device number 3
[  483.592323][ T8970] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  483.673085][ T8975] ALSA: mixer_oss: invalid OSS volume ''
[  483.933340][ T1007] kvaser_usb 1-1:129.219: error -ENODEV: Cannot get usb endpoint(s)
[  484.026293][ T1007] usb 1-1: USB disconnect, device number 8
[  484.254314][ T8977] loop2: detected capacity change from 0 to 2048
[  484.690843][ T8977] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  485.053601][ T8990] loop3: detected capacity change from 0 to 2048
[  485.121573][ T5612] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  485.262586][ T8990] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  485.291200][ T5634] udevd[5634]: incorrect nilfs2 checksum on /dev/loop3
[  485.360504][ T8992] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  485.442922][ T3389] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  485.444208][ T3389] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  486.664237][ T8999] NILFS error (device loop3): nilfs_lookup: deleted inode referenced: 12
[  486.689029][ T8999] Remounting filesystem read-only
[  486.710038][ T8998] NILFS error (device loop3): nilfs_lookup: deleted inode referenced: 12
[  486.725890][ T8996] loop2: detected capacity change from 0 to 512
[  486.856638][ T8996] EXT4-fs (loop2): 1 truncate cleaned up
[  486.904217][ T3389] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  486.904235][ T3389] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  486.908635][ T8996] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  487.088129][ T9002] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 465: padding at end of block bitmap is not set
[  487.295839][ T5612] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  487.672689][ T9007] loop2: detected capacity change from 0 to 128
[  487.685855][ T9007] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  488.866009][ T9014] loop3: detected capacity change from 0 to 2048
[  488.877402][ T9014] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  489.010604][ T9021] loop5: detected capacity change from 0 to 512
[  489.932060][ T9021] EXT4-fs (loop5): 1 truncate cleaned up
[  490.003276][ T9021] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  490.585319][ T9028] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  490.883137][ T8537] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  491.438266][ T9031] NILFS error (device loop3): nilfs_lookup: deleted inode referenced: 12
[  491.706593][ T9031] Remounting filesystem read-only
[  491.721623][ T9031] NILFS error (device loop3): nilfs_lookup: deleted inode referenced: 12
[  492.159357][ T9038] loop5: detected capacity change from 0 to 128
[  492.593391][ T5741] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  492.779477][ T5741] usb 3-1: Using ep0 maxpacket: 8
[  492.944164][ T5741] usb 3-1: unable to get BOS descriptor or descriptor too short
[  493.150134][ T5741] usb 3-1: config 129 has an invalid interface number: 219 but max is 0
[  493.150164][ T5741] usb 3-1: config 129 has no interface number 0
[  493.150206][ T5741] usb 3-1: config 129 interface 219 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[  493.150228][ T5741] usb 3-1: config 129 interface 219 altsetting 7 has an endpoint descriptor with address 0xDC, changing to 0x8C
[  493.150250][ T5741] usb 3-1: config 129 interface 219 altsetting 7 endpoint 0x8C has invalid maxpacket 39723, setting to 1024
[  493.150275][ T5741] usb 3-1: config 129 interface 219 altsetting 7 bulk endpoint 0x8C has invalid maxpacket 1024
[  493.150298][ T5741] usb 3-1: config 129 interface 219 altsetting 7 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  493.150323][ T5741] usb 3-1: config 129 interface 219 has no altsetting 0
[  493.503128][ T5741] usb 3-1: New USB device found, idVendor=0bfd, idProduct=0115, bcdDevice=52.55
[  493.503157][ T5741] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  493.503175][ T5741] usb 3-1: Product: syz
[  493.503189][ T5741] usb 3-1: Manufacturer: syz
[  493.503202][ T5741] usb 3-1: SerialNumber: syz
[  493.798811][ T9054] loop3: detected capacity change from 0 to 128
[  493.801252][ T9054] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  493.827601][ T9042] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  494.060750][ T9042] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  494.168256][ T9056] loop5: detected capacity change from 0 to 2048
[  494.271989][ T5741] kvaser_usb 3-1:129.219: error -ENODEV: Cannot get usb endpoint(s)
[  494.273306][ T9062] loop3: detected capacity change from 0 to 2048
[  494.285612][ T9062] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  494.341378][ T5741] usb 3-1: USB disconnect, device number 4
[  494.362853][ T9056] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  494.387128][ T9061] netlink: 28 bytes leftover after parsing attributes in process `syz.0.669'.
[  495.050958][ T5853] udevd[5853]: incorrect nilfs2 checksum on /dev/loop5
[  495.070979][ T5634] udevd[5634]: incorrect nilfs2 checksum on /dev/loop3
[  495.241779][ T9065] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  495.247214][ T9067] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  495.286820][ T5853] udevd[5853]: incorrect nilfs2 checksum on /dev/loop5
[  497.199630][ T9074] NILFS error (device loop5): nilfs_lookup: deleted inode referenced: 12
[  499.507373][ T9074] Remounting filesystem read-only
[  499.816746][ T9074] NILFS error (device loop5): nilfs_lookup: deleted inode referenced: 12
[  501.021971][ T5617] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  501.491526][ T1335] ieee802154 phy0 wpan0: encryption failed: -22
[  501.491637][ T1335] ieee802154 phy1 wpan1: encryption failed: -22
[  501.556483][ T9079] vlan2: entered promiscuous mode
[  501.556498][ T9079] bridge0: entered promiscuous mode
[  501.556778][ T9079] vlan2: entered allmulticast mode
[  501.556787][ T9079] bridge0: entered allmulticast mode
[  503.942128][ T9115] loop3: detected capacity change from 0 to 64
[  503.986431][ T9115] loop3: detected capacity change from 0 to 8
[  503.991692][ T9114] loop5: detected capacity change from 0 to 2048
[  504.075117][ T9114] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  504.164071][ T9121] loop0: detected capacity change from 0 to 2048
[  504.229014][ T9121] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  504.404576][ T5613] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  504.563085][ T5740] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  504.715381][ T5740] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  504.715413][ T5740] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 126, changing to 10
[  504.715441][ T5740] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 8463, setting to 1024
[  504.715479][ T5740] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  504.715502][ T5740] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.275469][ T8537] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  507.306850][ T5740] usb 5-1: config 0 descriptor??
[  507.687122][ T9147] loop2: detected capacity change from 0 to 2048
[  507.699081][ T9147] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  507.836456][ T9153] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  507.903573][ T5740] usb 5-1: can't set config #0, error -71
[  507.919591][ T5740] usb 5-1: USB disconnect, device number 7
[  507.973329][ T9152] loop5: detected capacity change from 0 to 512
[  507.973876][ T9152] EXT4-fs: Ignoring removed oldalloc option
[  507.973906][ T9152] EXT4-fs: Ignoring removed nobh option
[  509.099896][ T9160] NILFS error (device loop2): nilfs_lookup: deleted inode referenced: 12
[  509.117997][ T9160] Remounting filesystem read-only
[  509.338346][ T9154] loop3: detected capacity change from 0 to 512
[  509.376634][ T9154] EXT4-fs (loop3): 1 truncate cleaned up
[  509.404483][ T9154] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  509.568915][ T9152] 
[  509.568927][ T9152] ======================================================
[  509.568936][ T9152] WARNING: possible circular locking dependency detected
[  509.568952][ T9152] syzkaller #0 Not tainted
[  509.568964][ T9152] ------------------------------------------------------
[  509.568973][ T9152] syz.5.688/9152 is trying to acquire lock:
[  509.568984][ T9152] ffff8880385eccd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x205/0x3b0
[  509.569045][ T9152] 
[  509.569045][ T9152] but task is already holding lock:
[  509.569052][ T9152] ffff888011e82428 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x3db/0x710
[  509.569108][ T9152] 
[  509.569108][ T9152] which lock already depends on the new lock.
[  509.569108][ T9152] 
[  509.569116][ T9152] 
[  509.569116][ T9152] the existing dependency chain (in reverse order) is:
[  509.569125][ T9152] 
[  509.569125][ T9152] -> #1 (&ei->xattr_sem){++++}-{4:4}:
[  509.569156][ T9152]        down_write+0x3a/0x50
[  509.569188][ T9152]        ext4_destroy_inline_data+0x28/0xe0
[  509.569213][ T9152]        ext4_do_writepages+0x521/0x4670
[  509.569251][ T9152]        ext4_writepages+0x241/0x3b0
[  509.569280][ T9152]        do_writepages+0x32e/0x550
[  509.569302][ T9152]        __writeback_single_inode+0x133/0x10e0
[  509.569324][ T9152]        writeback_sb_inodes+0x97f/0x1980
[  509.569344][ T9152]        wb_writeback+0x445/0xb00
[  509.569362][ T9152]        wb_workfn+0x3fd/0xf20
[  509.569390][ T9152]        process_one_work+0x9a3/0x1710
[  509.569414][ T9152]        worker_thread+0xba8/0x11e0
[  509.569438][ T9152]        kthread+0x388/0x470
[  509.569467][ T9152]        ret_from_fork+0x514/0xb70
[  509.569492][ T9152]        ret_from_fork_asm+0x1a/0x30
[  509.569521][ T9152] 
[  509.569521][ T9152] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[  509.569553][ T9152]        __lock_acquire+0x15a5/0x2d10
[  509.569585][ T9152]        lock_acquire+0x106/0x350
[  509.569613][ T9152]        percpu_down_read_internal+0x48/0x1d0
[  509.569634][ T9152]        ext4_writepages+0x205/0x3b0
[  509.569654][ T9152]        do_writepages+0x32e/0x550
[  509.569674][ T9152]        __writeback_single_inode+0x133/0x10e0
[  509.569695][ T9152]        writeback_single_inode+0x488/0xd60
[  509.569724][ T9152]        write_inode_now+0x1c2/0x290
[  509.569754][ T9152]        iput+0x8c1/0xe80
[  509.569774][ T9152]        ext4_xattr_block_set+0x1fd4/0x2ad0
[  509.569807][ T9152]        ext4_expand_extra_isize_ea+0x12cf/0x1ea0
[  509.569828][ T9152]        __ext4_expand_extra_isize+0x30d/0x400
[  509.569862][ T9152]        __ext4_mark_inode_dirty+0x45c/0x710
[  509.569887][ T9152]        ext4_evict_inode+0x986/0x10e0
[  509.569912][ T9152]        evict+0x61e/0xb10
[  509.569938][ T9152]        ext4_orphan_cleanup+0xc38/0x1470
[  509.569973][ T9152]        ext4_fill_super+0x59bb/0x62d0
[  509.569995][ T9152]        get_tree_bdev_flags+0x431/0x4f0
[  509.570023][ T9152]        vfs_get_tree+0x92/0x2a0
[  509.570051][ T9152]        do_new_mount+0x341/0xd30
[  509.570070][ T9152]        __se_sys_mount+0x31d/0x420
[  509.570090][ T9152]        do_syscall_64+0x15f/0xf80
[  509.570125][ T9152]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.570147][ T9152] 
[  509.570147][ T9152] other info that might help us debug this:
[  509.570147][ T9152] 
[  509.570154][ T9152]  Possible unsafe locking scenario:
[  509.570154][ T9152] 
[  509.570161][ T9152]        CPU0                    CPU1
[  509.570168][ T9152]        ----                    ----
[  509.570175][ T9152]   lock(&ei->xattr_sem);
[  509.570191][ T9152]                                lock(&sbi->s_writepages_rwsem);
[  509.570208][ T9152]                                lock(&ei->xattr_sem);
[  509.570224][ T9152]   rlock(&sbi->s_writepages_rwsem);
[  509.570238][ T9152] 
[  509.570238][ T9152]  *** DEADLOCK ***
[  509.570238][ T9152] 
[  509.570245][ T9152] 3 locks held by syz.5.688/9152:
[  509.570258][ T9152]  #0: ffff8880335900d0 (&type->s_umount_key#29/1){+.+.}-{4:4}, at: alloc_super+0x28c/0xac0
[  509.570334][ T9152]  #1: ffff888033590770 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x426/0x10e0
[  509.570392][ T9152]  #2: ffff888011e82428 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x3db/0x710
[  509.570448][ T9152] 
[  509.570448][ T9152] stack backtrace:
[  509.570461][ T9152] CPU: 1 UID: 0 PID: 9152 Comm: syz.5.688 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  509.570487][ T9152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  509.570501][ T9152] Call Trace:
[  509.570509][ T9152]  <TASK>
[  509.570519][ T9152]  dump_stack_lvl+0xe8/0x150
[  509.570549][ T9152]  print_circular_bug+0x2e1/0x300
[  509.570575][ T9152]  check_noncircular+0x12e/0x150
[  509.570602][ T9152]  __lock_acquire+0x15a5/0x2d10
[  509.570642][ T9152]  ? __lock_acquire+0x6b5/0x2d10
[  509.570677][ T9152]  ? ext4_writepages+0x205/0x3b0
[  509.570700][ T9152]  lock_acquire+0x106/0x350
[  509.570729][ T9152]  ? ext4_writepages+0x205/0x3b0
[  509.570758][ T9152]  percpu_down_read_internal+0x48/0x1d0
[  509.570779][ T9152]  ? ext4_writepages+0x205/0x3b0
[  509.570801][ T9152]  ext4_writepages+0x205/0x3b0
[  509.570826][ T9152]  ? __pfx_ext4_writepages+0x10/0x10
[  509.570848][ T9152]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  509.570879][ T9152]  ? rt_spin_unlock+0x14f/0x200
[  509.570905][ T9152]  ? rt_spin_unlock+0x160/0x200
[  509.570929][ T9152]  ? __pfx_ext4_writepages+0x10/0x10
[  509.570952][ T9152]  do_writepages+0x32e/0x550
[  509.570976][ T9152]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  509.571007][ T9152]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  509.571031][ T9152]  ? rt_spin_lock+0x1e0/0x400
[  509.571059][ T9152]  __writeback_single_inode+0x133/0x10e0
[  509.571084][ T9152]  ? rt_spin_unlock+0x160/0x200
[  509.571108][ T9152]  writeback_single_inode+0x488/0xd60
[  509.571143][ T9152]  write_inode_now+0x1c2/0x290
[  509.571173][ T9152]  ? __pfx_write_inode_now+0x10/0x10
[  509.571222][ T9152]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  509.571248][ T9152]  ? rt_spin_unlock+0x14f/0x200
[  509.571290][ T9152]  ? rt_spin_unlock+0x160/0x200
[  509.571312][ T9152]  iput+0x8c1/0xe80
[  509.571336][ T9152]  ext4_xattr_block_set+0x1fd4/0x2ad0
[  509.571376][ T9152]  ? __pfx_check_xattrs+0x10/0x10
[  509.571408][ T9152]  ? __pfx_ext4_xattr_block_set+0x10/0x10
[  509.571443][ T9152]  ? ext4_xattr_block_find+0x2d4/0x350
[  509.571466][ T9152]  ext4_expand_extra_isize_ea+0x12cf/0x1ea0
[  509.571491][ T9152]  __ext4_expand_extra_isize+0x30d/0x400
[  509.571516][ T9152]  __ext4_mark_inode_dirty+0x45c/0x710
[  509.571536][ T9152]  ext4_evict_inode+0x986/0x10e0
[  509.571552][ T9152]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  509.571574][ T9152]  ? __pfx_ext4_evict_inode+0x10/0x10
[  509.571589][ T9152]  ? rt_spin_unlock+0x14f/0x200
[  509.571605][ T9152]  ? rt_spin_unlock+0x160/0x200
[  509.571618][ T9152]  ? __pfx_ext4_evict_inode+0x10/0x10
[  509.571634][ T9152]  evict+0x61e/0xb10
[  509.571654][ T9152]  ? __pfx_evict+0x10/0x10
[  509.571671][ T9152]  ? rt_spin_unlock+0x160/0x200
[  509.571686][ T9152]  ? iput+0xb25/0xe80
[  509.571701][ T9152]  ext4_orphan_cleanup+0xc38/0x1470
[  509.571722][ T9152]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[  509.571740][ T9152]  ? ext4_register_li_request+0x259/0x720
[  509.571756][ T9152]  ? errseq_check_and_advance+0x66/0x120
[  509.571774][ T9152]  ext4_fill_super+0x59bb/0x62d0
[  509.571795][ T9152]  ? __pfx_ext4_fill_super+0x10/0x10
[  509.571808][ T9152]  ? snprintf+0xe8/0x140
[  509.571820][ T9152]  ? reacquire_held_locks+0x104/0x190
[  509.571834][ T9152]  ? rt_spin_lock+0x1e0/0x400
[  509.571873][ T9152]  ? __pfx_snprintf+0x10/0x10
[  509.571899][ T9152]  ? sb_set_blocksize+0x11b/0x210
[  509.571919][ T9152]  ? setup_bdev_super+0x4c1/0x5b0
[  509.571937][ T9152]  get_tree_bdev_flags+0x431/0x4f0
[  509.571955][ T9152]  ? __pfx_ext4_fill_super+0x10/0x10
[  509.571969][ T9152]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  509.571990][ T9152]  vfs_get_tree+0x92/0x2a0
[  509.572008][ T9152]  do_new_mount+0x341/0xd30
[  509.572020][ T9152]  ? apparmor_capable+0x126/0x170
[  509.572044][ T9152]  ? __pfx_do_new_mount+0x10/0x10
[  509.572057][ T9152]  ? ns_capable+0x89/0xe0
[  509.572074][ T9152]  ? user_path_at+0xd4/0x160
[  509.572090][ T9152]  ? user_path_at+0xd4/0x160
[  509.572106][ T9152]  __se_sys_mount+0x31d/0x420
[  509.572121][ T9152]  ? __pfx___se_sys_mount+0x10/0x10
[  509.572137][ T9152]  ? __x64_sys_mount+0x20/0xc0
[  509.572150][ T9152]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.572163][ T9152]  do_syscall_64+0x15f/0xf80
[  509.572182][ T9152]  ? trace_irq_disable+0x3b/0x140
[  509.572199][ T9152]  ? clear_bhb_loop+0x40/0x90
[  509.572215][ T9152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.572228][ T9152] RIP: 0033:0x7ff6733be04a
[  509.572240][ T9152] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  509.572252][ T9152] RSP: 002b:00007ff671615e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  509.572266][ T9152] RAX: ffffffffffffffda RBX: 00007ff671615ee0 RCX: 00007ff6733be04a
[  509.572282][ T9152] RDX: 00002000000001c0 RSI: 0000200000000b80 RDI: 00007ff671615ea0
[  509.572292][ T9152] RBP: 00002000000001c0 R08: 00007ff671615ee0 R09: 0000000000800744
[  509.572303][ T9152] R10: 0000000000800744 R11: 0000000000000246 R12: 0000200000000b80
[  509.572311][ T9152] R13: 00007ff671615ea0 R14: 000000000000047a R15: 000000000000002c
[  509.572326][ T9152]  </TASK>
[  509.652401][ T9152] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #11: comm syz.5.688: iget: bad extra_isize 90 (inode size 256)
[  509.652523][ T9152] loop5: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  509.652991][    C0] EXT4-fs (loop5): error count since last fsck: 1
[  509.653040][    C0] EXT4-fs (loop5): initial error at time 1777521861: ext4_xattr_inode_iget:441: inode 11
[  509.653129][    C0] EXT4-fs (loop5): last error at time 1777521861: ext4_xattr_inode_iget:441: inode 11
[  509.658496][ T9152] EXT4-fs (loop5): Remounting filesystem read-only
[  509.658827][ T9152] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2860: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  509.658864][ T9152] EXT4-fs warning (device loop5): ext4_evict_inode:270: couldn't mark inode dirty (err -30)
[  509.659011][ T9152] EXT4-fs (loop5): 1 orphan inode deleted
[  509.711812][ T9152] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  509.793105][ T9152] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  509.990930][ T5614] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  510.701425][ T9157] FAULT_INJECTION: forcing a failure.
[  510.701425][ T9157] name failslab, interval 1, probability 0, space 0, times 0
[  510.701459][ T9157] CPU: 0 UID: 0 PID: 9157 Comm: syz.0.693 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  510.701484][ T9157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  510.701497][ T9157] Call Trace:
[  510.701504][ T9157]  <TASK>
[  510.701512][ T9157]  dump_stack_lvl+0xe8/0x150
[  510.701544][ T9157]  should_fail_ex+0x46b/0x600
[  510.701567][ T9157]  should_failslab+0xa8/0x100
[  510.701595][ T9157]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  510.701622][ T9157]  ? zswap_store+0xc23/0x2000
[  510.701654][ T9157]  zswap_store+0xc23/0x2000
[  510.701685][ T9157]  ? zswap_store+0x764/0x2000
[  510.701721][ T9157]  ? __pfx_zswap_store+0x10/0x10
[  510.701750][ T9157]  ? lock_release+0x4b/0x3c0
[  510.701781][ T9157]  ? folio_free_swap+0x747/0x8b0
[  510.701804][ T9157]  ? folio_free_swap+0x3f7/0x8b0
[  510.701828][ T9157]  swap_writeout+0x60f/0xd10
[  510.701874][ T9157]  shmem_writeout+0xe97/0x1150
[  510.701902][ T9157]  ? __pfx_shmem_writeout+0x10/0x10
[  510.701944][ T9157]  ? folio_clear_dirty_for_io+0x177/0x700
[  510.701982][ T9157]  shrink_folio_list+0x331b/0x53c0
[  510.702019][ T9157]  ? __pfx_shrink_folio_list+0x10/0x10
[  510.702039][ T9157]  ? __enqueue_entity+0x673/0xb70
[  510.702068][ T9157]  ? update_cfs_rq_load_avg+0x3fb/0x4e0
[  510.702099][ T9157]  ? __dequeue_entity+0x4c/0x11b0
[  510.702118][ T9157]  ? update_load_avg+0x1b0/0x1eb0
[  510.702181][ T9157]  ? rcu_is_watching+0x15/0xb0
[  510.702202][ T9157]  ? trace_irq_enable+0x3b/0x140
[  510.702246][ T9157]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  510.702282][ T9157]  ? __pfx___set_cpus_allowed_ptr_locked+0x10/0x10
[  510.702327][ T9157]  reclaim_folio_list+0x100/0x430
[  510.702371][ T9157]  ? __pfx_reclaim_folio_list+0x10/0x10
[  510.702399][ T9157]  ? rcu_is_watching+0x15/0xb0
[  510.702440][ T9157]  ? rcu_is_watching+0x15/0xb0
[  510.702463][ T9157]  reclaim_pages+0x45b/0x530
[  510.702485][ T9157]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  510.702521][ T9157]  ? __pfx_reclaim_pages+0x10/0x10
[  510.702549][ T9157]  madvise_cold_or_pageout_pte_range+0x16dd/0x1920
[  510.702592][ T9157]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[  510.702626][ T9157]  ? css_rstat_updated+0x23a/0x530
[  510.702658][ T9157]  ? __pfx_css_rstat_updated+0x10/0x10
[  510.702689][ T9157]  ? is_bpf_text_address+0x26/0x2b0
[  510.702733][ T9157]  walk_pgd_range+0xed8/0x1ce0
[  510.702777][ T9157]  ? __pfx_walk_pgd_range+0x10/0x10
[  510.702801][ T9157]  ? folios_put_refs+0x7d2/0x8d0
[  510.702826][ T9157]  __walk_page_range+0x14c/0x710
[  510.702856][ T9157]  ? rcu_is_watching+0x15/0xb0
[  510.702878][ T9157]  ? rcu_is_watching+0x15/0xb0
[  510.702899][ T9157]  ? trace_irq_enable+0x3b/0x140
[  510.702931][ T9157]  walk_page_range_vma_unsafe+0x309/0x410
[  510.702959][ T9157]  ? __pfx_walk_page_range_vma_unsafe+0x10/0x10
[  510.702987][ T9157]  ? rt_spin_unlock+0x160/0x200
[  510.703012][ T9157]  ? walk_page_range_vma+0x6b/0x90
[  510.703037][ T9157]  madvise_vma_behavior+0x2849/0x41f0
[  510.703080][ T9157]  ? rtlock_slowlock_locked+0xfb/0x3c80
[  510.703105][ T9157]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  510.703138][ T9157]  ? lock_release+0x4b/0x3c0
[  510.703184][ T9157]  ? kfree+0x1c5/0x6c0
[  510.703209][ T9157]  ? __pfx_process_measurement+0x10/0x10
[  510.703245][ T9157]  ? tomoyo_check_open_permission+0x38e/0x470
[  510.703271][ T9157]  ? tomoyo_check_open_permission+0x1d3/0x470
[  510.703302][ T9157]  ? do_raw_spin_lock+0x12b/0x2f0
[  510.703329][ T9157]  ? rcu_is_watching+0x15/0xb0
[  510.703352][ T9157]  ? rcu_is_watching+0x15/0xb0
[  510.703375][ T9157]  ? rcu_is_watching+0x15/0xb0
[  510.703397][ T9157]  ? trace_irq_enable+0x3b/0x140
[  510.703425][ T9157]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  510.703456][ T9157]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  510.703483][ T9157]  ? unwind_next_frame+0xa6/0x2550
[  510.703512][ T9157]  ? rcu_is_watching+0x15/0xb0
[  510.703535][ T9157]  ? unwind_next_frame+0xa6/0x2550
[  510.703564][ T9157]  ? rcu_is_watching+0x15/0xb0
[  510.703598][ T9157]  ? unwind_next_frame+0xa6/0x2550
[  510.703636][ T9157]  ? mtree_range_walk+0x6fc/0x8b0
[  510.703670][ T9157]  ? mas_prev_slot+0xb7e/0xc00
[  510.703706][ T9157]  ? find_vma_prev+0x123/0x1b0
[  510.703731][ T9157]  ? __pfx_find_vma_prev+0x10/0x10
[  510.703765][ T9157]  madvise_walk_vmas+0x573/0xae0
[  510.703801][ T9157]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  510.703833][ T9157]  ? blk_start_plug+0x6e/0x1b0
[  510.703864][ T9157]  madvise_do_behavior+0x386/0x540
[  510.703896][ T9157]  ? __pfx_madvise_do_behavior+0x10/0x10
[  510.703923][ T9157]  ? down_read+0x156/0x200
[  510.703956][ T9157]  ? rcu_is_watching+0x15/0xb0
[  510.703981][ T9157]  do_madvise+0x1b3/0x270
[  510.704013][ T9157]  ? __pfx_do_madvise+0x10/0x10
[  510.704046][ T9157]  ? __pfx_ksys_write+0x10/0x10
[  510.704074][ T9157]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.704097][ T9157]  __x64_sys_madvise+0xa6/0xc0
[  510.704126][ T9157]  do_syscall_64+0x15f/0xf80
[  510.704169][ T9157]  ? trace_irq_disable+0x3b/0x140
[  510.704197][ T9157]  ? clear_bhb_loop+0x40/0x90
[  510.704222][ T9157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.704243][ T9157] RIP: 0033:0x7f3319b5cdd9
[  510.704263][ T9157] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  510.704282][ T9157] RSP: 002b:00007f3317db6028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  510.704305][ T9157] RAX: ffffffffffffffda RBX: 00007f3319dd5fa0 RCX: 00007f3319b5cdd9
[  510.704321][ T9157] RDX: 0000000000000015 RSI: 0000000000600000 RDI: 0000200000000000
[  510.704335][ T9157] RBP: 00007f3317db6090 R08: 0000000000000000 R09: 0000000000000000
[  510.704349][ T9157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  510.704362][ T9157] R13: 00007f3319dd6038 R14: 00007f3319dd5fa0 R15: 00007ffc89783578
[  510.704386][ T9157]  </TASK>