last executing test programs:

6m6.207341949s ago: executing program 32 (id=632):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x0)

5m43.599286949s ago: executing program 33 (id=716):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
prlimit64(r0, 0xf, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000200)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$can_raw(0xffffffffffffffff, 0x0, 0x0)
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0)
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f00000001c0)=[{{0x1}, {0x1, 0x1, 0x1, 0x1}}], 0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2182, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/bus/input/devices\x00', 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7fdc}]})
r3 = syz_open_procfs(0x0, &(0x7f00000193c0)='net/igmp6\x00')
pread64(r3, &(0x7f0000019400)=""/102344, 0x18fc8, 0x10000000000005)

5m0.254917521s ago: executing program 3 (id=877):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448cb, 0x0)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e1f0a"], 0x22)

4m58.910021113s ago: executing program 3 (id=879):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x7fffe, {0x0, 0x0, 0x0, r7, {0x0, 0xffe0}, {0xb, 0xb}, {0x4, 0x1}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_SPLIT_GSO={0x8}, @TCA_CAKE_ATM={0x8, 0x4, 0x2}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4048800}, 0x400c000)
sendto$packet(r4, &(0x7f00000002c0)="05031c00d3fc140000004788031c09102c28", 0xfdef, 0x4, &(0x7f0000000140)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)

4m57.73257729s ago: executing program 3 (id=882):
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
ioctl$XFS_IOC_PATH_TO_HANDLE(r0, 0xc0385869, &(0x7f0000000140)={<r1=>r0, &(0x7f0000000040)='^\x00', 0x446101, 0x0, 0x7, &(0x7f00000000c0), 0x0})
ioctl$TUNSETLINK(r1, 0x400454cd, 0x110)
r2 = openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
close(0x3)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0))
socket$xdp(0x2c, 0x3, 0x0)
close(0xffffffffffffffff)
r3 = socket(0x2b, 0x1, 0x1)
bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x5)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
accept4$tipc(r3, &(0x7f0000000040), 0x0, 0x0)

4m56.672328803s ago: executing program 3 (id=887):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x1008400, &(0x7f0000000080)=ANY=[], 0x85, 0x676, &(0x7f0000000800)="$eJzs3c1vHGcdB/DvbNZONpTUbZM2RZUSNRIgIhI7Vgrm0oAQyqFCVTlwthInsbJJi+0it0LUvF97yB9QDr5xQEjcI8qFC9x69bESgksvmNOimZ1db/y6bhOvHT6favw8M888z/ye387s7EujDfB/6/rFNB+myPWLbyyX62ur0+211el7vXqS40kaSbNbpPhPp9P5OLmW7pKXy431cMVOx3kwP/PWJ5+tfdpda9ZLtX9jt37DWamXnE9yrC4f13g39hrvxF7DFf0Zlgm70EscjNpYkk7lXw+6W37yt2f6LQNa2/Xe88wHjoCie9/cYiI5WV/o5euA7l2xe88+0lZGHQAAAAAcgGfXs57lnBp1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU1L//X9RLo1c/n6L3+//j9bbU9cPl3P52f/ik4gAAAAAAAACAA3RuPetZzqneeqeovvN/tVo5Xf39Ut7NYuaykEtZzmyWspSFTCWZGBhofHl2aWlhqt+z938GbO15ZdueV/YI9Hhdth7HrAEAAAAAAADgqfPLXN/4/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6DIjnWLarldK8+kUYzyYkk4+V+K8k/evWj7OGoAwAAAIAvoDPkfs+uZz3LOdXvV1Tv+V+s3vefyLu5n6XMZyntzOVm9VlA911/Y211ur22On2vXLaO+91/7yvcasR0P3vY/shnqz1auZX5asul3MjbKYqbaVQ9S2d78Wwf1y/KmIrXu8aGjOxmXZYz/7Aut/hgX5PdyT4/TJmoMjLWz8hkHVuZjed2z8Q+H53NR5pKox/s6U1H2jSJR3L++pDHO1mX5Xx+u1POR2JzJq4MnH0v7p7z5Gt//sOP77Tv371za/Hi4ZnScI7VZfd5pbU1E9MDmXjpac7EFpNVJs7016/nB/lRLuZ83sxC5vPTzGYpczmf71e12fp8LgYu+R0yde2RtTf3imS8PkO7D9ajMWWPmF6t+p7KfH6Yt3Mzc3mt+u9KpvKtXM3VzAw8wmeGeKZt7HDVd768bfAXvl5XWkl+V5eV2829Jv6ElXl9biCvg8+5E1Xb4JaNLD2/j/tRL0t/3D2U5lfqSnmMX9Xl4bA5E1MDmXhh90z8vnpaWWzfv7twZ/ad4Q73/Id1pbyOfnOo7hLl+fJ8+WBVa4+eHWXbC3XbWLVs5Gu8/sal26+xpe1Mv617pa7seKWO16/hto50pWp7adu26art7EDb5tdb7f7roafhyx+Ap9bJb5wcb/2z9ffWR61ft+603jjxvePfPv7KeMb+Ovad5uSxrzZeKf6Uj/Lzjff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA57f43vt3Z9vtuYVNlU6n88EOTUe50vs5swM86MvPJKOa8niSw5H5/3Y6nXpLcRji2b3SKR1P53N2/0uS4XZuJtmu6dzokzDiJybgibu8dO+dy4vvvf/N+Xuzt+duz92fuXp1ZnLm6mvTl2/Nt+cmu39HHSXwJGzc9EcdCQAAAAAAAAAAADCsg/jnBDsf/cRBThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4oq5fTPNhikxNXpos19dWp9vl0qtv7NlM0khS/CwpPk6upbtkYmC4YqfjPJifeeuTz9Y+3Rir2du/sVu/4azUS84nOVaXj2u8G194vKI/wzJhF3qJg1H7XwAAAP//DJEGHw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc6081, 0x19f)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x141a42, 0x1c2)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000200), 0xfea7)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x82200, 0x0)
sendfile(r0, r2, 0x0, 0x20fffe89)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f00000003c0)='./bus\x00', 0x0, 0x5000, 0x0)
ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x14, 0xd, "ef359f413bb9386ff7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e7376b7a5ff537ed73ac58818d78c660e677df8dc905b90242b7c528a076d2f6a00400", "036c5bc6780820d1cbf7966d61fdcf335263bd9b0abdc2542ded71038259ca171ce1a311ef545032d71e14ef3dc177e9b48b001d00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
io_setup(0x1, &(0x7f00000004c0)=<r3=>0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
io_submit(r3, 0x1, &(0x7f00000002c0)=[&(0x7f0000000040)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0x7, r4, &(0x7f0000000140)='i', 0x1, 0x9fd}])

4m56.181465479s ago: executing program 3 (id=889):
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e1f0a"], 0x22)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e079c0814"], 0xa)

4m55.640546605s ago: executing program 3 (id=891):
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x1000, 0x10ffff, 0xfffffffd})
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f0000000000)={0xfffffc64, 0x0})

4m54.757005243s ago: executing program 34 (id=891):
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x1000, 0x10ffff, 0xfffffffd})
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f0000000000)={0xfffffc64, 0x0})

4m12.388066564s ago: executing program 1 (id=1055):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)=@newqdisc={0x50, 0x24, 0xf0b, 0x70bd2e, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}, {0x2, 0x9}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x9, 0x5, 0x9, 0x1, 0xffffffff, 0x1ff}}, {0x4}}]}, @qdisc_kind_options=@q_qfg={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x8004001}, 0x0)

4m12.033122365s ago: executing program 1 (id=1059):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
close(r0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000340), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20006911}, 0x0)
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x2}}, 0x2e)
ioctl$PPPIOCGL2TPSTATS(r2, 0x80487436, &(0x7f0000000040)="d9b604")

4m11.804060102s ago: executing program 1 (id=1061):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newqdisc={0x34, 0x24, 0x100, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {0x6}, {0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000884}, 0x48000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002800500190084"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(r0)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xfffffecc)
splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x4ffe6, 0x8)

4m11.55242494s ago: executing program 1 (id=1062):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x1008400, &(0x7f0000000080)=ANY=[], 0x85, 0x676, &(0x7f0000000800)="$eJzs3c1vHGcdB/DvbNZONpTUbZM2RZUSNRIgIhI7Vgrm0oAQyqFCVTlwthInsbJJi+0it0LUvF97yB9QDr5xQEjcI8qFC9x69bESgksvmNOimZ1db/y6bhOvHT6favw8M888z/ye387s7EujDfB/6/rFNB+myPWLbyyX62ur0+211el7vXqS40kaSbNbpPhPp9P5OLmW7pKXy431cMVOx3kwP/PWJ5+tfdpda9ZLtX9jt37DWamXnE9yrC4f13g39hrvxF7DFf0Zlgm70EscjNpYkk7lXw+6W37yt2f6LQNa2/Xe88wHjoCie9/cYiI5WV/o5euA7l2xe88+0lZGHQAAAAAcgGfXs57lnBp1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU1L//X9RLo1c/n6L3+//j9bbU9cPl3P52f/ik4gAAAAAAAACAA3RuPetZzqneeqeovvN/tVo5Xf39Ut7NYuaykEtZzmyWspSFTCWZGBhofHl2aWlhqt+z938GbO15ZdueV/YI9Hhdth7HrAEAAAAAAADgqfPLXN/4/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6DIjnWLarldK8+kUYzyYkk4+V+K8k/evWj7OGoAwAAAIAvoDPkfs+uZz3LOdXvV1Tv+V+s3vefyLu5n6XMZyntzOVm9VlA911/Y211ur22On2vXLaO+91/7yvcasR0P3vY/shnqz1auZX5asul3MjbKYqbaVQ9S2d78Wwf1y/KmIrXu8aGjOxmXZYz/7Aut/hgX5PdyT4/TJmoMjLWz8hkHVuZjed2z8Q+H53NR5pKox/s6U1H2jSJR3L++pDHO1mX5Xx+u1POR2JzJq4MnH0v7p7z5Gt//sOP77Tv371za/Hi4ZnScI7VZfd5pbU1E9MDmXjpac7EFpNVJs7016/nB/lRLuZ83sxC5vPTzGYpczmf71e12fp8LgYu+R0yde2RtTf3imS8PkO7D9ajMWWPmF6t+p7KfH6Yt3Mzc3mt+u9KpvKtXM3VzAw8wmeGeKZt7HDVd768bfAXvl5XWkl+V5eV2829Jv6ElXl9biCvg8+5E1Xb4JaNLD2/j/tRL0t/3D2U5lfqSnmMX9Xl4bA5E1MDmXhh90z8vnpaWWzfv7twZ/ad4Q73/Id1pbyOfnOo7hLl+fJ8+WBVa4+eHWXbC3XbWLVs5Gu8/sal26+xpe1Mv617pa7seKWO16/hto50pWp7adu26art7EDb5tdb7f7roafhyx+Ap9bJb5wcb/2z9ffWR61ft+603jjxvePfPv7KeMb+Ovad5uSxrzZeKf6Uj/Lzjff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA57f43vt3Z9vtuYVNlU6n88EOTUe50vs5swM86MvPJKOa8niSw5H5/3Y6nXpLcRji2b3SKR1P53N2/0uS4XZuJtmu6dzokzDiJybgibu8dO+dy4vvvf/N+Xuzt+duz92fuXp1ZnLm6mvTl2/Nt+cmu39HHSXwJGzc9EcdCQAAAAAAAAAAADCsg/jnBDsf/cRBThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4oq5fTPNhikxNXpos19dWp9vl0qtv7NlM0khS/CwpPk6upbtkYmC4YqfjPJifeeuTz9Y+3Rir2du/sVu/4azUS84nOVaXj2u8G194vKI/wzJhF3qJg1H7XwAAAP//DJEGHw==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc6081, 0x19f)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x141a42, 0x1c2)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000200), 0xfea7)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f00000003c0)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x14, 0xd, "ef359f413bb9386ff7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e7376b7a5ff537ed73ac58818d78c660e677df8dc905b90242b7c528a076d2f6a00400", "036c5bc6780820d1cbf7966d61fdcf335263bd9b0abdc2542ded71038259ca171ce1a311ef545032d71e14ef3dc177e9b48b001d00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
io_setup(0x1, &(0x7f00000004c0)=<r1=>0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
io_submit(r1, 0x1, &(0x7f00000002c0)=[&(0x7f0000000040)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0x7, r2, &(0x7f0000000140)='i', 0x1, 0x9fd}])

4m10.350603628s ago: executing program 1 (id=1068):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='htcp', 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9135a01c95d4a128ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd07140686242fea48caf3a1a93b86f35d77f258a2c9ce24cf321068551a584262d7a74a344e428c77c8af755e72904b0ca8a0bb", 0x1a4, 0x12, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080), 0xffffffffffffffa9, 0xc9100120, 0x0, 0x1500)

4m9.456486316s ago: executing program 1 (id=1072):
pipe(0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newqdisc={0x34, 0x24, 0x100, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {0x6}, {0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000884}, 0x48000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002800500190084"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(r0)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xfffffecc)
splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x4ffe6, 0x8)

4m9.03252649s ago: executing program 35 (id=1072):
pipe(0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newqdisc={0x34, 0x24, 0x100, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {0x6}, {0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000884}, 0x48000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002800500190084"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(r0)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xfffffecc)
splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x4ffe6, 0x8)

3m34.3087947s ago: executing program 7 (id=1184):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x7fffe, {0x0, 0x0, 0x0, r5, {0x0, 0xffe0}, {0xb, 0xb}, {0x4, 0x1}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_SPLIT_GSO={0x8}, @TCA_CAKE_ATM={0x8, 0x4, 0x2}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4048800}, 0x400c000)
sendto$packet(r2, &(0x7f00000002c0)="05031c00d3fc140000004788031c09102c28", 0xfdef, 0x4, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)

3m33.864659034s ago: executing program 7 (id=1186):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4240}, 0xe)
r2 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r2, 0x400442c8, &(0x7f0000000240)={r1, 0x0, 0x6})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000780), 0xffffffffffffffff)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="14000000100035", 0x7}], 0x1}, 0x0)
socket(0x2d, 0x2, 0x0)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r3, 0x0, 0x20000000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0xb026e000)
ioctl$NILFS_IOCTL_RESIZE(r0, 0x40086e8b, &(0x7f0000000000)=0x81)

3m33.432432487s ago: executing program 2 (id=1190):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close(r6)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r7 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@newtfilter={0x88, 0x2c, 0xd3f, 0x10bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xf, 0xfff3}, {}, {0x8, 0x10}}, [@filter_kind_options=@f_basic={{0xa}, {0x58, 0x2, [@TCA_BASIC_ACT={0x54, 0x3, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x2, 0x3, 0x20000000, 0x8001, 0xfffffbff}, 0x80}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}]}, 0x88}, 0x1, 0x0, 0x0, 0x10}, 0x8080)
r8 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r8, &(0x7f00000000c0)={&(0x7f0000000140)=@xdp={0x2c, 0x8, r2, 0x3c}, 0x80, &(0x7f0000000680)=[{&(0x7f0000000540)='\'', 0x5dc}], 0x1}, 0x4011)

3m33.218784324s ago: executing program 7 (id=1191):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000200), 0x5e)

3m32.908485504s ago: executing program 7 (id=1192):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x1008400, &(0x7f0000000080)=ANY=[], 0x85, 0x676, &(0x7f0000000800)="$eJzs3c1vHGcdB/DvbNZONpTUbZM2RZUSNRIgIhI7Vgrm0oAQyqFCVTlwthInsbJJi+0it0LUvF97yB9QDr5xQEjcI8qFC9x69bESgksvmNOimZ1db/y6bhOvHT6favw8M888z/ye387s7EujDfB/6/rFNB+myPWLbyyX62ur0+211el7vXqS40kaSbNbpPhPp9P5OLmW7pKXy431cMVOx3kwP/PWJ5+tfdpda9ZLtX9jt37DWamXnE9yrC4f13g39hrvxF7DFf0Zlgm70EscjNpYkk7lXw+6W37yt2f6LQNa2/Xe88wHjoCie9/cYiI5WV/o5euA7l2xe88+0lZGHQAAAAAcgGfXs57lnBp1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU1L//X9RLo1c/n6L3+//j9bbU9cPl3P52f/ik4gAAAAAAAACAA3RuPetZzqneeqeovvN/tVo5Xf39Ut7NYuaykEtZzmyWspSFTCWZGBhofHl2aWlhqt+z938GbO15ZdueV/YI9Hhdth7HrAEAAAAAAADgqfPLXN/4/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6DIjnWLarldK8+kUYzyYkk4+V+K8k/evWj7OGoAwAAAIAvoDPkfs+uZz3LOdXvV1Tv+V+s3vefyLu5n6XMZyntzOVm9VlA911/Y211ur22On2vXLaO+91/7yvcasR0P3vY/shnqz1auZX5asul3MjbKYqbaVQ9S2d78Wwf1y/KmIrXu8aGjOxmXZYz/7Aut/hgX5PdyT4/TJmoMjLWz8hkHVuZjed2z8Q+H53NR5pKox/s6U1H2jSJR3L++pDHO1mX5Xx+u1POR2JzJq4MnH0v7p7z5Gt//sOP77Tv371za/Hi4ZnScI7VZfd5pbU1E9MDmXjpac7EFpNVJs7016/nB/lRLuZ83sxC5vPTzGYpczmf71e12fp8LgYu+R0yde2RtTf3imS8PkO7D9ajMWWPmF6t+p7KfH6Yt3Mzc3mt+u9KpvKtXM3VzAw8wmeGeKZt7HDVd768bfAXvl5XWkl+V5eV2829Jv6ElXl9biCvg8+5E1Xb4JaNLD2/j/tRL0t/3D2U5lfqSnmMX9Xl4bA5E1MDmXhh90z8vnpaWWzfv7twZ/ad4Q73/Id1pbyOfnOo7hLl+fJ8+WBVa4+eHWXbC3XbWLVs5Gu8/sal26+xpe1Mv617pa7seKWO16/hto50pWp7adu26art7EDb5tdb7f7roafhyx+Ap9bJb5wcb/2z9ffWR61ft+603jjxvePfPv7KeMb+Ovad5uSxrzZeKf6Uj/Lzjff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA57f43vt3Z9vtuYVNlU6n88EOTUe50vs5swM86MvPJKOa8niSw5H5/3Y6nXpLcRji2b3SKR1P53N2/0uS4XZuJtmu6dzokzDiJybgibu8dO+dy4vvvf/N+Xuzt+duz92fuXp1ZnLm6mvTl2/Nt+cmu39HHSXwJGzc9EcdCQAAAAAAAAAAADCsg/jnBDsf/cRBThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4oq5fTPNhikxNXpos19dWp9vl0qtv7NlM0khS/CwpPk6upbtkYmC4YqfjPJifeeuTz9Y+3Rir2du/sVu/4azUS84nOVaXj2u8G194vKI/wzJhF3qJg1H7XwAAAP//DJEGHw==")
openat(0xffffffffffffff9c, 0x0, 0x141a42, 0x1c2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000200), 0xfea7)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f00000003c0)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x14, 0xd, "ef359f413bb9386ff7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e7376b7a5ff537ed73ac58818d78c660e677df8dc905b90242b7c528a076d2f6a00400", "036c5bc6780820d1cbf7966d61fdcf335263bd9b0abdc2542ded71038259ca171ce1a311ef545032d71e14ef3dc177e9b48b001d00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
io_setup(0x1, &(0x7f00000004c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
io_submit(r2, 0x1, &(0x7f00000002c0)=[&(0x7f0000000040)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0x7, r3, &(0x7f0000000140)='i', 0x1, 0x9fd}])

3m32.203976126s ago: executing program 7 (id=1193):
r0 = socket$kcm(0x11, 0xa, 0x300)
sendmsg$kcm(r0, &(0x7f0000005780)={0x0, 0x0, 0x0}, 0x48001)

3m28.719929645s ago: executing program 2 (id=1195):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x7fffe, {0x0, 0x0, 0x0, r5, {0x0, 0xffe0}, {0xb, 0xb}, {0x4, 0x1}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_SPLIT_GSO={0x8}, @TCA_CAKE_ATM={0x8, 0x4, 0x2}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4048800}, 0x400c000)
sendto$packet(r2, &(0x7f00000002c0)="05031c00d3fc140000004788031c09102c28", 0xfdef, 0x4, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)

3m28.464448923s ago: executing program 7 (id=1197):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x20, 0xf, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8fea, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x67a021c03d2005e9, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r1, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0x2f9, 0x543, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632f77fb7f0200017f020001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28)

3m27.879634962s ago: executing program 36 (id=1197):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x20, 0xf, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8fea, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x67a021c03d2005e9, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r1, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0x2f9, 0x543, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632f77fb7f0200017f020001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28)

3m27.874114482s ago: executing program 2 (id=1200):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4240}, 0xe)
r2 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r2, 0x400442c8, &(0x7f0000000240)={r1, 0x0, 0x6})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000780), 0xffffffffffffffff)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="14000000100035", 0x7}], 0x1}, 0x0)
socket(0x2d, 0x2, 0x0)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r3, 0x0, 0x20000000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0xb026e000)
ioctl$NILFS_IOCTL_RESIZE(r0, 0x40086e8b, &(0x7f0000000000)=0x81)

3m27.414593316s ago: executing program 2 (id=1202):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x1008400, &(0x7f0000000080)=ANY=[], 0x85, 0x676, &(0x7f0000000800)="$eJzs3c1vHGcdB/DvbNZONpTUbZM2RZUSNRIgIhI7Vgrm0oAQyqFCVTlwthInsbJJi+0it0LUvF97yB9QDr5xQEjcI8qFC9x69bESgksvmNOimZ1db/y6bhOvHT6favw8M888z/ye387s7EujDfB/6/rFNB+myPWLbyyX62ur0+211el7vXqS40kaSbNbpPhPp9P5OLmW7pKXy431cMVOx3kwP/PWJ5+tfdpda9ZLtX9jt37DWamXnE9yrC4f13g39hrvxF7DFf0Zlgm70EscjNpYkk7lXw+6W37yt2f6LQNa2/Xe88wHjoCie9/cYiI5WV/o5euA7l2xe88+0lZGHQAAAAAcgGfXs57lnBp1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU1L//X9RLo1c/n6L3+//j9bbU9cPl3P52f/ik4gAAAAAAAACAA3RuPetZzqneeqeovvN/tVo5Xf39Ut7NYuaykEtZzmyWspSFTCWZGBhofHl2aWlhqt+z938GbO15ZdueV/YI9Hhdth7HrAEAAAAAAADgqfPLXN/4/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6DIjnWLarldK8+kUYzyYkk4+V+K8k/evWj7OGoAwAAAIAvoDPkfs+uZz3LOdXvV1Tv+V+s3vefyLu5n6XMZyntzOVm9VlA911/Y211ur22On2vXLaO+91/7yvcasR0P3vY/shnqz1auZX5asul3MjbKYqbaVQ9S2d78Wwf1y/KmIrXu8aGjOxmXZYz/7Aut/hgX5PdyT4/TJmoMjLWz8hkHVuZjed2z8Q+H53NR5pKox/s6U1H2jSJR3L++pDHO1mX5Xx+u1POR2JzJq4MnH0v7p7z5Gt//sOP77Tv371za/Hi4ZnScI7VZfd5pbU1E9MDmXjpac7EFpNVJs7016/nB/lRLuZ83sxC5vPTzGYpczmf71e12fp8LgYu+R0yde2RtTf3imS8PkO7D9ajMWWPmF6t+p7KfH6Yt3Mzc3mt+u9KpvKtXM3VzAw8wmeGeKZt7HDVd768bfAXvl5XWkl+V5eV2829Jv6ElXl9biCvg8+5E1Xb4JaNLD2/j/tRL0t/3D2U5lfqSnmMX9Xl4bA5E1MDmXhh90z8vnpaWWzfv7twZ/ad4Q73/Id1pbyOfnOo7hLl+fJ8+WBVa4+eHWXbC3XbWLVs5Gu8/sal26+xpe1Mv617pa7seKWO16/hto50pWp7adu26art7EDb5tdb7f7roafhyx+Ap9bJb5wcb/2z9ffWR61ft+603jjxvePfPv7KeMb+Ovad5uSxrzZeKf6Uj/Lzjff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA57f43vt3Z9vtuYVNlU6n88EOTUe50vs5swM86MvPJKOa8niSw5H5/3Y6nXpLcRji2b3SKR1P53N2/0uS4XZuJtmu6dzokzDiJybgibu8dO+dy4vvvf/N+Xuzt+duz92fuXp1ZnLm6mvTl2/Nt+cmu39HHSXwJGzc9EcdCQAAAAAAAAAAADCsg/jnBDsf/cRBThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4oq5fTPNhikxNXpos19dWp9vl0qtv7NlM0khS/CwpPk6upbtkYmC4YqfjPJifeeuTz9Y+3Rir2du/sVu/4azUS84nOVaXj2u8G194vKI/wzJhF3qJg1H7XwAAAP//DJEGHw==")
openat(0xffffffffffffff9c, 0x0, 0x141a42, 0x1c2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000200), 0xfea7)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f00000003c0)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x14, 0xd, "ef359f413bb9386ff7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e7376b7a5ff537ed73ac58818d78c660e677df8dc905b90242b7c528a076d2f6a00400", "036c5bc6780820d1cbf7966d61fdcf335263bd9b0abdc2542ded71038259ca171ce1a311ef545032d71e14ef3dc177e9b48b001d00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
io_setup(0x1, &(0x7f00000004c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
io_submit(r2, 0x1, &(0x7f00000002c0)=[&(0x7f0000000040)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0x7, r3, &(0x7f0000000140)='i', 0x1, 0x9fd}])

3m26.708399379s ago: executing program 2 (id=1207):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)={0x68, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x32}}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_REPLY={0x4}]}, 0x68}}, 0x0)

3m15.689342025s ago: executing program 2 (id=1216):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x1008400, &(0x7f0000000080)=ANY=[], 0x85, 0x676, &(0x7f0000000800)="$eJzs3c1vHGcdB/DvbNZONpTUbZM2RZUSNRIgIhI7Vgrm0oAQyqFCVTlwthInsbJJi+0it0LUvF97yB9QDr5xQEjcI8qFC9x69bESgksvmNOimZ1db/y6bhOvHT6favw8M888z/ye387s7EujDfB/6/rFNB+myPWLbyyX62ur0+211el7vXqS40kaSbNbpPhPp9P5OLmW7pKXy431cMVOx3kwP/PWJ5+tfdpda9ZLtX9jt37DWamXnE9yrC4f13g39hrvxF7DFf0Zlgm70EscjNpYkk7lXw+6W37yt2f6LQNa2/Xe88wHjoCie9/cYiI5WV/o5euA7l2xe88+0lZGHQAAAAAcgGfXs57lnBp1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU1L//X9RLo1c/n6L3+//j9bbU9cPl3P52f/ik4gAAAAAAAACAA3RuPetZzqneeqeovvN/tVo5Xf39Ut7NYuaykEtZzmyWspSFTCWZGBhofHl2aWlhqt+z938GbO15ZdueV/YI9Hhdth7HrAEAAAAAAADgqfPLXN/4/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6DIjnWLarldK8+kUYzyYkk4+V+K8k/evWj7OGoAwAAAIAvoDPkfs+uZz3LOdXvV1Tv+V+s3vefyLu5n6XMZyntzOVm9VlA911/Y211ur22On2vXLaO+91/7yvcasR0P3vY/shnqz1auZX5asul3MjbKYqbaVQ9S2d78Wwf1y/KmIrXu8aGjOxmXZYz/7Aut/hgX5PdyT4/TJmoMjLWz8hkHVuZjed2z8Q+H53NR5pKox/s6U1H2jSJR3L++pDHO1mX5Xx+u1POR2JzJq4MnH0v7p7z5Gt//sOP77Tv371za/Hi4ZnScI7VZfd5pbU1E9MDmXjpac7EFpNVJs7016/nB/lRLuZ83sxC5vPTzGYpczmf71e12fp8LgYu+R0yde2RtTf3imS8PkO7D9ajMWWPmF6t+p7KfH6Yt3Mzc3mt+u9KpvKtXM3VzAw8wmeGeKZt7HDVd768bfAXvl5XWkl+V5eV2829Jv6ElXl9biCvg8+5E1Xb4JaNLD2/j/tRL0t/3D2U5lfqSnmMX9Xl4bA5E1MDmXhh90z8vnpaWWzfv7twZ/ad4Q73/Id1pbyOfnOo7hLl+fJ8+WBVa4+eHWXbC3XbWLVs5Gu8/sal26+xpe1Mv617pa7seKWO16/hto50pWp7adu26art7EDb5tdb7f7roafhyx+Ap9bJb5wcb/2z9ffWR61ft+603jjxvePfPv7KeMb+Ovad5uSxrzZeKf6Uj/Lzjff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA57f43vt3Z9vtuYVNlU6n88EOTUe50vs5swM86MvPJKOa8niSw5H5/3Y6nXpLcRji2b3SKR1P53N2/0uS4XZuJtmu6dzokzDiJybgibu8dO+dy4vvvf/N+Xuzt+duz92fuXp1ZnLm6mvTl2/Nt+cmu39HHSXwJGzc9EcdCQAAAAAAAAAAADCsg/jnBDsf/cRBThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4oq5fTPNhikxNXpos19dWp9vl0qtv7NlM0khS/CwpPk6upbtkYmC4YqfjPJifeeuTz9Y+3Rir2du/sVu/4azUS84nOVaXj2u8G194vKI/wzJhF3qJg1H7XwAAAP//DJEGHw==")
openat(0xffffffffffffff9c, 0x0, 0x141a42, 0x1c2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000200), 0xfea7)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f00000003c0)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x14, 0xd, "ef359f413bb9386ff7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e7376b7a5ff537ed73ac58818d78c660e677df8dc905b90242b7c528a076d2f6a00400", "036c5bc6780820d1cbf7966d61fdcf335263bd9b0abdc2542ded71038259ca171ce1a311ef545032d71e14ef3dc177e9b48b001d00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
io_setup(0x1, &(0x7f00000004c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
io_submit(r2, 0x1, &(0x7f00000002c0)=[&(0x7f0000000040)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0x7, r3, &(0x7f0000000140)='i', 0x1, 0x9fd}])

3m15.134271022s ago: executing program 37 (id=1216):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x1008400, &(0x7f0000000080)=ANY=[], 0x85, 0x676, &(0x7f0000000800)="$eJzs3c1vHGcdB/DvbNZONpTUbZM2RZUSNRIgIhI7Vgrm0oAQyqFCVTlwthInsbJJi+0it0LUvF97yB9QDr5xQEjcI8qFC9x69bESgksvmNOimZ1db/y6bhOvHT6favw8M888z/ye387s7EujDfB/6/rFNB+myPWLbyyX62ur0+211el7vXqS40kaSbNbpPhPp9P5OLmW7pKXy431cMVOx3kwP/PWJ5+tfdpda9ZLtX9jt37DWamXnE9yrC4f13g39hrvxF7DFf0Zlgm70EscjNpYkk7lXw+6W37yt2f6LQNa2/Xe88wHjoCie9/cYiI5WV/o5euA7l2xe88+0lZGHQAAAAAcgGfXs57lnBp1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU1L//X9RLo1c/n6L3+//j9bbU9cPl3P52f/ik4gAAAAAAAACAA3RuPetZzqneeqeovvN/tVo5Xf39Ut7NYuaykEtZzmyWspSFTCWZGBhofHl2aWlhqt+z938GbO15ZdueV/YI9Hhdth7HrAEAAAAAAADgqfPLXN/4/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6DIjnWLarldK8+kUYzyYkk4+V+K8k/evWj7OGoAwAAAIAvoDPkfs+uZz3LOdXvV1Tv+V+s3vefyLu5n6XMZyntzOVm9VlA911/Y211ur22On2vXLaO+91/7yvcasR0P3vY/shnqz1auZX5asul3MjbKYqbaVQ9S2d78Wwf1y/KmIrXu8aGjOxmXZYz/7Aut/hgX5PdyT4/TJmoMjLWz8hkHVuZjed2z8Q+H53NR5pKox/s6U1H2jSJR3L++pDHO1mX5Xx+u1POR2JzJq4MnH0v7p7z5Gt//sOP77Tv371za/Hi4ZnScI7VZfd5pbU1E9MDmXjpac7EFpNVJs7016/nB/lRLuZ83sxC5vPTzGYpczmf71e12fp8LgYu+R0yde2RtTf3imS8PkO7D9ajMWWPmF6t+p7KfH6Yt3Mzc3mt+u9KpvKtXM3VzAw8wmeGeKZt7HDVd768bfAXvl5XWkl+V5eV2829Jv6ElXl9biCvg8+5E1Xb4JaNLD2/j/tRL0t/3D2U5lfqSnmMX9Xl4bA5E1MDmXhh90z8vnpaWWzfv7twZ/ad4Q73/Id1pbyOfnOo7hLl+fJ8+WBVa4+eHWXbC3XbWLVs5Gu8/sal26+xpe1Mv617pa7seKWO16/hto50pWp7adu26art7EDb5tdb7f7roafhyx+Ap9bJb5wcb/2z9ffWR61ft+603jjxvePfPv7KeMb+Ovad5uSxrzZeKf6Uj/Lzjff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA57f43vt3Z9vtuYVNlU6n88EOTUe50vs5swM86MvPJKOa8niSw5H5/3Y6nXpLcRji2b3SKR1P53N2/0uS4XZuJtmu6dzokzDiJybgibu8dO+dy4vvvf/N+Xuzt+duz92fuXp1ZnLm6mvTl2/Nt+cmu39HHSXwJGzc9EcdCQAAAAAAAAAAADCsg/jnBDsf/cRBThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4oq5fTPNhikxNXpos19dWp9vl0qtv7NlM0khS/CwpPk6upbtkYmC4YqfjPJifeeuTz9Y+3Rir2du/sVu/4azUS84nOVaXj2u8G194vKI/wzJhF3qJg1H7XwAAAP//DJEGHw==")
openat(0xffffffffffffff9c, 0x0, 0x141a42, 0x1c2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000200), 0xfea7)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f00000003c0)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x14, 0xd, "ef359f413bb9386ff7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e7376b7a5ff537ed73ac58818d78c660e677df8dc905b90242b7c528a076d2f6a00400", "036c5bc6780820d1cbf7966d61fdcf335263bd9b0abdc2542ded71038259ca171ce1a311ef545032d71e14ef3dc177e9b48b001d00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
io_setup(0x1, &(0x7f00000004c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
io_submit(r2, 0x1, &(0x7f00000002c0)=[&(0x7f0000000040)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0x7, r3, &(0x7f0000000140)='i', 0x1, 0x9fd}])

2m16.848540119s ago: executing program 9 (id=1389):
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, 0x0)
ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000005300)=[{0x28, 0x0, 0xfb, 0xfffff034}, {0x80000006, 0x66, 0x0, 0x30}]}, 0x10)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x4ea3, 0x0, @loopback, 0x3}, 0x1c)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x9521, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xff8a}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

2m16.49148658s ago: executing program 9 (id=1391):
syz_usb_connect(0x5, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0)
close(0x3)
syz_open_dev$audion(&(0x7f0000000000), 0x3, 0x1)

2m13.300934381s ago: executing program 9 (id=1403):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x28, 0x9, 0x6, 0x201, 0x0, 0x0, {0x5, 0x0, 0xffff}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
recvmsg(r1, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000001740)=""/208, 0xd0}, {&(0x7f0000000200)=""/43, 0x2b}, {&(0x7f0000000240)=""/84, 0x54}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000001500)=""/19, 0x13}, {&(0x7f0000001540)=""/112, 0x70}], 0x6}, 0x0)
sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)

2m13.066476849s ago: executing program 9 (id=1404):
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f0000000000)={[{@noauto_da_alloc}, {@init_itable_val={'init_itable', 0x3d, 0x4004}}, {@barrier_val={'barrier', 0x3d, 0x5}}]}, 0x43, 0x4e1, &(0x7f0000000740)="$eJzs3E9sVEUcAODf27a05Y+siCiIWkRjI7GFgsLBxGA08aCJERP12LSFIIUaWhIhaJbE4NGQeDcevXrwql6I8WTiFY8mhoQYLoCJcc3bfW93u91tadl2wX5fst2ZefvezOy8eTtvprsBrFtD6Z+kGr4WEVsjotD8gqHq0+2bFyfu3Lw4EaVy+dhfSWW3W2k8kx0mNmWR4UJE4fOkvqHB7PkLp8anp6fOZvHRudMfj86ev/DiyYEs5ciRQwcPHH557KXlV6pFfmm9bu36bGb3zjc/vPL2RG+enufWWI9OGYqhVkWpeK7TmXXZloZw0tvFgrAs6fmfNldfpf9vjZ5YrPFKa1gyYLWVy+Vyf/vNpXKzSwtSgAdWEt0uAdAd+Qd9ev+bP1oNBDaszvCj624crd4ApfW+nT0inq4k5vMgfU33t500FBEflP7+On3EKs1DAAA0+vFoPhJsGv8Vqysj/5y7+mr6/FC2hlKMiIcjYltEPBIR2yPi0YjYERGPRcTjTcfviYjyIvk3zzbX8q8tQhWud6iqLaXjv1eyta36+G9eAYo9WWxLRD5gntqfvSfD0dd//OT01IFF8vjp9d++bLetcfyXPtL887FgVo7rvU0TdJPjc+MrrnCTG5cidvU21z/pjUhqbZNExM6I2LWM4xYbwidf+HZ3LdI3/3VL17+i3HIdrQPrTOVvIp6vtn8p5rV/Pcdk3vrk6fETUyemzozV1idHB2J6av9oehbsb5nHL79efqdd/kvW//s/mnd54/APx7Kede/S9t/YcP5Hvn5br38xiUhq67Wzy8/j8u9ftL2nWen5vyF5rxLO70s/GZ+bO3sgYkPy1sL0sfq+eTx9jlK1/sN7W/f/bdk+6TvxRESkJ/GTEfFUVO8Q07LviYhnImLvIvX/+bVnP1p5/VdXWv/JputfteXntX99vb5dIMnWBqspg42bek7tuXanzcXj7tr/UCU0nKUsvP6lJUzmXSLalTT/tEtT/u3IOwgAAAD3v0JEbG6YS9ochcLISHUOaHtsLEzPzM7tOz5z7sxkui2iGH2FfKarOh/cl+Tzn8WG+FhT/GA2b/xVz2AlPjIxMz3Z1ZoDmyp9PimMRLzf09D/U392ZooZuJ/5vhasX4v1/3QQv+PKGhYGWFN3//l/9dNVLQiw5hr6f7tv+JdW8H9fwAPA/T9Qt/QP/bhmwIOvrC/Duras/r/PjwDC/0lvvFsLF7paEmCtGf/DurTk9/rvKVDub71pIBa+OAYWP2BPrKwYgy3y6kogHVl1JffBleyV/5pC29dEYXkH7I/OtOnxe3w3SmdnT+zo+Mlfzv5XvtMt+N2a9NNWga5cjgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADruvwAAAP//hS/gCQ==")
syz_mount_image$exfat(0x0, &(0x7f0000000300)='./bus\x00', 0x400, 0x0, 0x0, 0x0, &(0x7f0000000300))
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0xc88, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

2m12.556459876s ago: executing program 9 (id=1405):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0xc, 0x0, @val=@tracing={0x0, 0x2}}, 0x20)
read$FUSE(0xffffffffffffffff, &(0x7f0000005180)={0x2020}, 0x2020)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r3 = syz_open_procfs(0x0, &(0x7f0000003100)='fdinfo\x00')
getdents(r3, &(0x7f0000001ec0)=""/4096, 0x1000)
pipe2(0x0, 0x800)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$IPT_SO_GET_INFO(r4, 0x0, 0x40, 0x0, 0x0)

2m11.858275758s ago: executing program 9 (id=1410):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="6c0000000206050000000000000000000000fffc120003006269746d61703a69702c6d616300000005000400000000000900020073797a310000000020000780050003001f0000000c00018008000140ffffffff08000840000000f705000500020000000500010006"], 0x6c}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x28, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x10048047}, 0x40000)

2m11.228794528s ago: executing program 38 (id=1410):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="6c0000000206050000000000000000000000fffc120003006269746d61703a69702c6d616300000005000400000000000900020073797a310000000020000780050003001f0000000c00018008000140ffffffff08000840000000f705000500020000000500010006"], 0x6c}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x28, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x10048047}, 0x40000)

4.821348095s ago: executing program 0 (id=1935):
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
sendmsg$nl_route(r1, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$unix(0x1, 0x2, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010028bd7000fddbdf250700000008000300", @ANYRES32=r5, @ANYBLOB="0c009900ff070000700000001400040073797a6b616c6c65723000000000000008000500070000000a0018"], 0x50}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000000)=ANY=[@ANYBLOB="d0187f0008021100000108041100000050505050505020000f", @ANYRES8=r0], 0x3c)

3.925754404s ago: executing program 0 (id=1951):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r0, &(0x7f0000000140)='^', 0x34000, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10)
listen(r0, 0xda90)

3.712390581s ago: executing program 6 (id=1954):
socket$nl_route(0x10, 0x3, 0x0)
close(0xffffffffffffffff)
fsync(0xffffffffffffffff)
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r2, &(0x7f0000000080)=""/59, 0x3b)

3.548012006s ago: executing program 5 (id=1956):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x80000)
io_setup(0xff, &(0x7f0000000380)=<r2=>0x0)
io_submit(r2, 0x2000000000000225, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0xfffb, r1, &(0x7f0000000340), 0x2d}])

3.43255925s ago: executing program 6 (id=1958):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

3.238904876s ago: executing program 6 (id=1961):
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
sendmsg$nl_route(r1, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$unix(0x1, 0x2, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010028bd7000fddbdf250700000008000300", @ANYRES32=r5, @ANYBLOB="0c009900ff070000700000001400040073797a6b616c6c65723000000000000008000500070000000a0018"], 0x50}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000000)=ANY=[@ANYBLOB="d0187f0008021100000108041100000050505050505020000f", @ANYRES8=r0], 0x3c)

3.13261659s ago: executing program 4 (id=1962):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff0001, 0x0, 0x0, 0x0, 0x40}, [@call={0x85, 0x0, 0x0, 0x7b}]}, &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15)

2.914771727s ago: executing program 4 (id=1964):
userfaultfd(0x801)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000fed000/0x13000)=nil, &(0x7f0000ff5000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000fe9000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0xc89f, 0xc400, 0xa, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0xffff}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x48080}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000280)=0x8)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

2.840687579s ago: executing program 0 (id=1965):
r0 = fanotify_init(0x40, 0x1000)
r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', &(0x7f0000000140)={0x474082, 0x5c, 0x8}, 0x18)
fanotify_mark(r0, 0x241, 0x48000030, r1, 0x0)

2.838218259s ago: executing program 8 (id=1966):
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000039c0)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x18000000000002a0, 0x38, 0x0, &(0x7f0000000140)="b9ff0300600d698cff9e14f086dd", 0x0, 0x63, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x48)

2.753860832s ago: executing program 5 (id=1967):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)=[@code={0x1, 0x81, {"0f22e5c744240060420000c744240233d8cecbc7442406000000000f011c24668f38896810c4027958b20000000064449966baf80cb83284af80ef66bafc0c66ed66baf80cb8cc07ff8aef66bafc0cb8d4000000ef48b8f8000000000000000f23c00f2135030009000f23f8450f2244"}}], 0x81})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000500)={[0x645, 0x9, 0xacf4, 0x40000010000000, 0x10000, 0x3, 0x400004002004c2, 0x7ff, 0x1, 0x0, 0x404, 0x82, 0x3, 0xfffffffffffffff8, 0x6, 0x9], 0xeeee8000, 0x240456})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2.697991413s ago: executing program 4 (id=1968):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
dup2(r0, r1)
sendto$inet6(r1, &(0x7f0000000040)='l', 0x1, 0x7ddfdbdfafa51cdd, &(0x7f0000000100)={0xa, 0x4e23, 0x2, @loopback, 0xffffffff}, 0x1c)
sendmsg$inet6(r1, &(0x7f0000000240)={&(0x7f0000000180)={0xa, 0x4e21, 0x1000, @private1={0xfc, 0x1, '\x00', 0x1}, 0x461}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000000400)="cf", 0x1}], 0x1}, 0x4040090)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xc, &(0x7f0000000140)=@assoc_value={<r3=>0x0}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f0000000340)={r3, 0x7}, 0x8)

2.640449335s ago: executing program 0 (id=1969):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_VID_CMD(r0, 0x8982, &(0x7f0000000100))
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x2a0471a, &(0x7f00000002c0)={[{@errors_remount}]}, 0x82, 0x4b1, &(0x7f00000007c0)="$eJzs3EtoHVUfAPD/TF5f3/m0aluLRosYfCRNWrULN4qCi4qKLqquYpKW0rSRJoIppY0idSNIQdfqUnDpyp0bUVeC4Er3UinaTau4uDJzZ9qbm9zmdXNv2vx+MMk5c2buOWfOPM6ck5sANqy+7EcSsTUifo2IHdXo3A36qr+uXTk7+veVs6NJVCqv/hkRsxFXr5wdLTct99tSRPrTiPSDpMhkrqmZMydGJibGTxfxwemTbw9OzZx5/PjJkWPjx8ZPDR86dPDA0FNPDj/RlHpm9bq659zk3t0vvH7xxdEjF9/64ausvFuL9Np6rEj3/FV9WcX/quTq0x6KTavKbr3ZVhNOOttYEJalIyKy5urKrv9KpXK+Jm1HPP/+IrtvWePiAWsoezb1LLC+eC7OVhpKbpoK3AqSaHcJgPYon/fZ+2+5tLD70XaXn6m+AGX1vlYs1ZTOSIttuureb5upLyKOzP7zWbZEM8YhAAAW8dHop4fjsbL/t6mm/5HG3dXAH9mP7cUcSm9E/D8i7oiIOyNiZ0TcFZFve0/E17uWkmnNBEH91ND8/k96qW6Tps4uZP2/p/PaVl2rqX+ht6OIbcvr35UcPT4xvr84Jv3R1ZPFh26Sx7fP/fxxo7Ta/l+2ZPmXfcGiHJc66wboxkamR/JOaRNcfi9iT2f8W6lU6vq/yfUDnUTE7ojYs7yP3l4Gjj/y5d5GGy1e/3kfd0MTzoTKFxEPV9t9NurqX0rmz092b7sxPzn4v5gY3z9YnhXz/fjThZcb5b/0+q+NrP03F+d9sRQpn88Ugd43a+drp6LBzOXWhnlc+O3Dhu80Kz3/u5PX8vtROe367sj09OmhiO7kcB6fs374xr5lvNw+q3//vojI8sjrX+6Z5ve4KNr/3ojYW8yX3RcR9xdlfyAiHoyIfQ1rH/H9s43T1kP7j9W0fxL15/+uc9XfZfvPLDvQceK7bxrlv7T2P5iH+os1+f1vEUst4MqPHAAAANw60nzkJkkHrofTdGCg+oe9O2NzOjE5Nf3o0cl3To1VR3h6oystR7p21IyHDiWzxSdW48PFWHGZfqAYN/6kI/L4wOjkxFib6w4b3ZYG13/m9452lw5YcwvNow0v8IU24PZTf/2nc6PnX2plYYCW8n1t2LgWuf7TVpUDaD3Pf9i4Frr+z9fFzQXA7cnzHzauJV//ydqWA2g9z3/YuOqu/474pV0lAVpoBV/nF1g3gVcGlrNXTzQz90jXyUGoD5T/nqQmaen/D+KmgZ7Vl/CNVRYjjVYdzDbfmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJrkvwAAAP//6vXgVA==")
rt_sigprocmask(0x2, 0x0, 0x0, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x77, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1c992000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
getrlimit(0xe, &(0x7f00000000c0))
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f00000007c0)={0x40000000000ff80, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYRESOCT=r3, @ANYRES64=<r6=>r0, @ANYRESDEC=r5, @ANYRES32=r1], 0xa8}}, 0x20040850)
r7 = fcntl$dupfd(r0, 0x406, r0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200047fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, &(0x7f0000002cc0)={0x1, 0x1, {0x13, 0x25, 0x1, 0x4, 0x4000003, 0x8c, 0x2, 0x122, 0x1}})
r8 = socket(0x10, 0x3, 0x0)
write(r8, &(0x7f0000000080)="2400000058001f000307f4f9002304000a04f55f08000100020100020800038005000000", 0x24)
write$binfmt_elf64(r7, &(0x7f0000000180)=ANY=[], 0x540)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0900000004000000040000000a", @ANYRES8=r3, @ANYRES64=r1, @ANYRESHEX, @ANYRES16=r6], 0x50)

2.594018486s ago: executing program 8 (id=1970):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x42}}, 0x6}, 0x1c)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs2/binder-control\x00', 0x0, 0x0)
r2 = open(0x0, 0x101080, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
quotactl_fd$Q_GETINFO(r3, 0xffffffff80000502, 0x0, 0x0)
getdents(r2, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x4e22, 0xffff, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
waitid(0x1, 0x0, &(0x7f0000000380), 0x8, &(0x7f0000000540))
getsockopt$inet6_int(r6, 0x29, 0x18, 0x0, &(0x7f0000000100))
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=@newtaction={0x68, 0x30, 0xb, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_MARK={0x8, 0x3}, @TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc, 0xa, {0xe4ffffff}}, {0xc, 0x9, {0xf5}}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x20004040}, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x1a0484, &(0x7f0000000000)=ANY=[], 0x81, 0x1524, &(0x7f0000001940)="$eJzs3AuYztX2OPC99t5fhsTbJJdhr72+vGmwTZLkkpBLkiRJkltC0iRJQmLILWlIQq6T5DKE5DKNSeN+v+SeNDnSJElISLL/z/Tr/J3z7/xOv3P5p9+Z9Xme/cxes9+1Zn/fNc/7ft/9PDNf9xpdv2WDOs2JSPxL4L++JAkhYoQQw4UQhYQQgRCicmxlJS4vsz+MB1Kv9A7YlcT9z924/7kb9z934/7nbtz/3I37n7tx/3M37j9judmOucWv4fF7D/2Hed5/p/P/2Jz1fAr4/P930r3Q/+RR/P7/HyS7wpTPN1W4rvc/kML9z924/7kb9z934/7nbtz/3I37/5+v9t9Z4/7nbtx/xnKzf/C8OJ/458+a5b+Q+3fHVeLKn6P/bx1X+vePMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxljucN5fpoUQf55f6X0xxhhjjDHGGGPs38fnvdI7YIwxxhhjjDHG2P9/IKRQQotA5BF5RYzIJ/KLq0QBcbUoKAqJiLhGxIprRWFxnSgiiopioriIEyVESWEECitIhKKUKC2i4npRRtwg4kVZUU6UF05UEAniRlFR3CQqiZtFZXGLqGJvFVVFNVFd1BC3iZridlFL1BZ1xB2irqgn6osG4k7RUNwlGom7RWNxj2gi7hVNxX2imbhfNBcPiBbiQdFSPCRaiYdFa9FGtBXtRPt/Kv950U+8IPqLASJJDBSDxItisBgihophYrh4SYwQL4uR4hWRLEaJ0eJVMUa8JsaK18U4MV5MEG+IiWKSmCymiKlimkgRb4rp4i0xQ7wtZopZYraYI1LFXDFPvCPmiwVioXhXLBLvicViiVgqlok08b5IF8tFhvhArBAfikyxUqwSq8UasVasE+vFBrFRbBKbxRaxVWwT28UO8ZHYKXaJ3WKP2Cv2if3iY3FAfCIOik9FlvjsH8w/9//k9wYBAiRI0KAhD+SBGIiB/JAfCkABKAgFIQIRiIVYKAyFoQgUgWJQDOIgDkpCSUBAICAoBaUgClEoA2UgHuKhHJQDBw4SIAEqwk1QCSpBZagMVaAKVIVqUA1qQA2oCTWhFtSCOlAH6kJdqA/14U64E+6CRtAIGkNjaAJNoCk0hWbQDJpDc2gBLaAltIRW0ApaQ2toC22hPbSHDtABOkJH6AydoQt0ga7QFRIhEbpBN+gO3aEH9ICe0BN6QS/oDX2gDzwPz8ML8AIMgLpyYDAIBsFgGAxDYRgMg5dgBLwML8MrkAyjYDS8Cq/CazAWzsI4GA8TYALUlJNgMkwBktMgBVJgOkyHGTADZsIsmAVzIBXmwjyYB/NhASyAd2ERvAfvwRJYAssgDdIgHZZDBmTACjgHmbASVsFqWANrYQ2shw2wHjbBZtgEW2ErbIft8BF8BLtgF+yBPbAP9sHH8DF8Ap9AMmRBFhyCQ3AYDsMROALZkA1H4Sgcg2NwHI7DCTgBJ+EUnIZTcAbOwFk4B+fhPFyAC3ARno37ssW+shuThcyhpZZ5ZB4ZI2NkfplfFpAFZEFZUEZkRMbKWFlYFpZFZBFZTBaTcTJOlpQlJUqUJENZSpaSURmVZWQZGS/jZTlZTjrpZIJMkBVlRVlJVpKV5S2yirxVVpXVZCdXQ9aQNWVnV0vWlnVkHVlX1pP1ZQPZQDaUDWUj2Ug2lo1lE9lENpX3yWZyIAyFB2ROZ1rKUdBKjobWso1sK9vJ1+AR2UGOhY6yk+wsH5PjYRx0lR1conxSdpOTobt8Wk6BZ2RPOQ16yedkb9lH9pXPy36yo+svB8iZMFAOknNgsBwih8phcj7Ukzkdqy9fkclylBwtX5XL4DU5Vr4ux8nxcoJ8Q06Uk+RkOUVOldNkinxTTpdvyRnybTlTzpKz5RyZKufKefIdOV8ukAvlu3KRfE8ulkvkUrlMpsn3ZbpcLjPkB3KF/FBmypVylVwt18i1cp1cLzfIjXKT3Cy3yK1ym9wud8iP5E65S+6We+ReuU/ulx/LA/ITeVB+KrPkZ/KQ/JM8LD+XR+QXMlt+KY/Kr+Qx+bU8Lr+RJ+S38qQ8JU/L7+QZ+b08K8/J8/IHeUH+KC/Kn+Ql6aVQoKRSSqtA5VF5VYzKp/Krq1QBdbUqqAqpiLpGxaprVWF1nSqiiqpiqriKUyVUSWUUKqtIhaqUKq2i6npVRt2g4lVZVU6VV05VUAnqRlVR3aQqqZtVZXWLqqJuVVVVNVVd1VC3qZrqdlVL1VZ11B2qrqqn6qsG6k7VUN2lGqm7VWN1j2qi7lVN1X2qmbpfNVcPqBbqQdVSPaRaqYdVa9VGtVXtVHv1iOqgHlUdVSfVWT2muqjHVVf1hEpUT6pu6inVXT2teqhnVE/1rOqlnlO9VR/VV/2kLimv+qsBKkkNVIPUi2qwGqKGqmFquHpJjVAvq5HqFZWsRqnR6lU1Rr2mxqrX1Tg1Xk1Qb6iJapKarKaoqWqaSlFvqunqLTVDva1mqllqtpqjUtVcNfSXSgv/B/lv/Y38kT//9O1qh/pI7VS71G61R+1V+9R+tV8dUAfUQXVQZaksdUgdUofVYXVEHVHZKlsdzSeEUMfU8ZxX9hzqlPpBfafOqO/VWXVOnVM/qAvqgrr4y3MgNGipldY60Hl0Xh2j8+n8+ipdQF+tC+pCOqKv0bH6Wl1YX6eL6KK6mC6u43QJXVIbjdpq0qEupUvrqL5el9E36HhdVpfT5bXTFXSCvvFfzv+t/bXX7XUH3UF31B11Z91Zd9FddFfdVSfqRN1Nd9PddXfdQ/fQPXVP3Uv30r11b91X99X9dD/dX/fXSTpJD9Iv6sF6iB6qh+nh+iU9Qo/QI/VInayT9Wg9Wo/RY/RYPVaP0+P0BD1BT9QT9WQ9WU/VU3WKTtHT9XQ9Q8/QM/VMPVvP1qk6Vc/T8/R8PV8v1Av1Ir1IL9aL9VK9VKfpNJ2u03WGztAr9AqdqVfqlXq1Xq3X6rV6vV6vN+qNerPerLfqrTpT79A79E69U+/Wu/VevVfv1/v1AX1AH9QHdZbO0of0IX1YH9ZH9BGdrbP1UX1UH9PH9HF9XJ/QJ/RJfVKf1qf1GX1Gn9Vn9Xl9Xl/QF/RFfVFf0pdybvsCGchABzrIE+QJYoKYIH+QPygQFAgKBgWDSBAJYoPYoHBwXVAkKBoUC4oHcUGJoGRgAgxsQEEYlApKB9Hg+qBMcEMQH5QNygXlAxdUCBKCG4OKwU1BpeDmoHJwS1AluDWoGlQLqgc1gtuCmsHtQa2gdlAnuCOoG9QL6gcNgjuDhsFdQaPg7qBxcE/QJLg3aBrcFzQL7g+aBw8ELYIHg5bBQ0Gr4OGgddAmaBu0C9r/df2kf62+92eLPur6mwEmyQw0g8yLZrAZYoaaYWa4ecmMMC+bkeYVk2xGmdHmVTPGvGbGmtfNODPeTDBvmIlmkplsppipZppJMW+a6eYtM8O8bWaaWWa2mWNSzVwzz7xj5psFZqF51ywy75nFZolZapaZNPO+STfLTYb5wKwwH5pMs9KsMqvNGrPWrDPrzQaz0Wwym80Ws9VsM9vNDvOR2Wl2md1mj9lr9pn95mNzwHxiDppPTZb5zBwyfzKHzefmiPnCZJsvzVHzlTlmvjbHzTfmhPnWnDSnzGnznTljvjdnzTlz3vxgLpgfzUXzk7lkfM7Nfc7bO2rUmAfzYAzGYH7MjwWwABbEghjBCMZiLBbGwlgEi2AxLIZxGIclsSTmICQshaUwilEsg2UwHuOxHJZDhw4TMAErYkWshJWwMlbGKlgFq2JVrI7V8Ta8DW/H27E21sY78A6sh/WwATbAhtgQG2EjbIyNsQk2wabYFJthM2yOzbEFtsCW2BJbYStsja2xLbbF9tgeO2AH7IgdsTN2xi7YBbtiV0zEROyG3bA7dsce2AN7Yk/shb2wN/bGvtgX+2E/7I/9MQmTcBAOwsE4GIfiUByOw3EEjsCROBKTMRlH42gcg2NwLI7FcTgeJ+AbOBEn4WScglNxGqZgCk7H6TgDZ+BMnImzcTamYirOw3k4H+fjQlyIi3ARLsbFuBSXYhqmYTqmYwZm4ApcgZmYiatwFa7BNbgO1+EG3ICbcBNuwS24DbfhDtyBO3En7sbduBf34n7cjwfwAB7Eg5iFWXgID+FhPIxH8AhmYzYexaN4DI/hcTyOJ/AEnsSTeBpP4xk8g2fxLJ7H83gBf8SL+BNeQo8xVor89ipbwF5tC9pCNsbms38ZF7PFbZwtYUtaY4vYon8Vo7U23pa15Wx562wFm2Bv/FVc1Vaz1W0Ne5utaW+3tX4VN7R32Ub2btvY3mMb2Dv/Km5i77VN7UO2mX3YNrdtbAvbzra0D9lW9mHb2raxbW0728U+brvaJ2yifdJ2s0/9Kk63y+0Gu9FuspvtAfuJPW9/sMfs1/aC/dH2twPscPuSHWFftiPtKzbZjvpVPMG+YSfaSXaynWKn2mm/imfbOTbVzrXz7Dt2vl3wqzjNvm8X2Qy72C6xS+2yn+OcPWXYD+wK+6HNtCvtKrvarrFr7Tq7/v/udbXdarfZ7Xa//djutLvsbrvH7rX7fo5zruOg/dRm2c/sUfuVPWw/t0fscZttv/w5zrm+4/Ybe8J+a0/aU/a0/c6esd/bs/bcz9efc+3f2Z/sJeutICBJijQFlIfyUgzlo/x0FRWgq6kgFaIIXUOxdC0VpuuoCBWlYlSc4qgElSRDSJaIQipFpSlK11MZuoHiqSyVo/LkqAIl0I1UkW6iSnQzVaZbqArdSlWpGlWnGnQb1aTbqRbVpjp0B9WlelSfGtCd1JDuokZ0NzWme6gJ3UtN6T5qRvdTc3qAWtCD1JIeolb0MLWmNtSW2lF7eoQ60KPUkTpRZ3qMutDj1JWeoER6krrRU9SdnqYe9Az1pGepFz1HvakP9aXnqR+9QP1pACXRQBpEL9JgGkJDaRgNp5doBL1MI+kVSqZRNJpepTH0Go2l12kcjacJ9AZNpEk0mabQVJpGKfQmTae3aAa9TTNpFs2mOZRKc2kevUPzaQEtpHdpEb1Hi2kJLaVllEbvUzotpwz6gFbQh5RJK2kVraY1tJbW0XraQBtpE22mLbSVttF22kEf0U7aRbtpD+2lfbSfPqYD9AkdpE8piz6jQ/QnOkyf0xH6grLpSzpKX9Ex+pqO0zd0gr6lk3QqEPQdnaHv6Sydo/P0A12gH+ki/USXyJMIIZShCnUYhHnCvGFMmC/MH14VFgivDguGhcJIeE0YG14bFg6vC4uERcNiYfEwLiwRlgxNiKENKQzDUmHpMBpeH5YJbwjjw7JhubB86MIKYUJ4Y1gxvCmsFN4cVg5vCauEt4ZVw2rhQ/fUCG8La4a3h7XC2mGd8I6wblgvrB82CO8MG4Z3hY3Cu8PG4T1hpfDesGl4X9gsvD9sHj4QtggfDFuGD4WtwofD1mGbsG3YLmwfPhJ2CB8NO4adws7hY2GX8PGwa/hEmBg+GXYLn/rN9aRwYDgofDF8MfT+brU0uiyaFn0/mh5dHs2IfhBdEf0wmhldGV0VXR1dE10bXRddH90Q3RjdFN0c3RLdGt0W3R71vkFe4cBJp5x2gcvj8roYl8/ld1e5Au5qV9AVchF3jYt117rC7jpXxBV1xVxxF+dKuJLOOHTWkQtdKVfaRd31roy7wcW7sq6cK++cq+ASXDvX3rV3HdyjrqPr5Dq7x9xj7nH3uHvCPeGedN3cU667e9r1cM+4nu5Z96x7zvV2fVxf97zr515w/d0Al+SS3CA3yA12g91QN9QNd8PdCDfCjXQjXbJLdqPdaDfGjXFj3Vg3zo1zE9wEN9FNdJPdZDfVTXUpLsVNd9PdDDfDzXQz3Ww326W6VDfPzXPz3Xy30C10i+IXucVusVvqlro0l+bSXbrLcBluhVvhMl2mW+VWuTVujVvn1rkNboPb5Da5LW6L2+a2uR1uh9vpdrrdbrfb6/a6/W6/O+AOuIPuoMtyWe6QO+QOu8PuiPvCZbsv3VH3lTvmvnbH3TfuhPvWnXSn3Gn3nTvjvndn3Tl33v3gLrgf3UX3k7vkvEuJvBmZHnkrMiPydmRmZFZkdmROJDUyNzIv8k5kfmRBZGHk3ciiyHuRxZElkaWRZZG0yPuR9MjySEbkg8iKyIeRzMjKyKrI6siayNqI9yV2hr6UL+2j/npfxt/g431ZX86X985X8An+Rl/R3+Qr+Zt9ZX+Lr+Jv9VV9NV/dP+xb+za+rW/n2/tHfAf/qO/oO/nO/jHfxT/uu/onfKJ/0nfzT/nu/mnfwz/je/pnfS//nO/t+/i+/nnfz7/g+/sBPskP9IP8i36wH+KH+mF+uH/Jj/Av+5H+FZ/sR/nR/lU/xr/mx/rX/Tg/3k/wb/iJfpKf7Kf4qX6aT/Fv+un+LT/Dv+1n+ll+tp/jU/1cP8+/4+f7BX6hf9cv8u/5xX6JX+qX+TT/vk/3y32G/8Cv8B/6TL/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Q7/kd/pd/ndfo/f6/f5/f5jf8B/4g/6T32W/8wf8n/yh/3n/oj/wmf7L/1R/5U/5r/2x/03/oT/1p/0p/xp/50/47/3Z/05f97/4C/4H/1F/5O/9E/9zVrMv/84nTHGGGPsD25bkb+/PvBvfE/+MnIMEkJcvat49l+uKyHEll/qDpFxXSJCiCcH9Hrgz6Nu3aSkpF8em6lEUHqJECJyOT+PuByvFJ3F4yJRdBIV/+b+hsg+F+g36kdvESL/X+Tk3PX9Ob5c/6b/pv4jj01IrxKej/079ZcIEV/6ck4+cTm+XL/Sf1O/aIff2H++z1OE6PgXOQXE5fhy/QTxqHhKJP7VIxljjDHGGGOMsf8yRFbv8Vufn3M+n8fpyzl5xeX4tz6fM8YYY4wxxhhj7Mp7pk/fJx5JTOzUgye/yyT45Xn/o+yHJzz525Mr/MLEGGOMMcYY+7e7fNN/pXfCGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4zlXr/HvxO70tfIGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMXWn/JwAA///tTTC6")

2.525278879s ago: executing program 5 (id=1971):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

2.292481636s ago: executing program 6 (id=1972):
sendmsg$OSF_MSG_REMOVE(0xffffffffffffffff, &(0x7f0000001e40)={0x0, 0x0, &(0x7f0000001e00)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x44004)
recvmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000016c0)=""/4086, 0xff6}], 0x1}, 0x0)
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@qipcrtr={0x2a, 0x4, 0x1}, 0x80, &(0x7f0000000500)=[{&(0x7f00000006c0)="27031c00160014000000002f1eafacf706e105400000894f00050004ee0b80558ddbba9b37242d37a518fc9c5be50eaf07c3650596", 0x26}], 0xf}, 0x4)

1.363240686s ago: executing program 8 (id=1973):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=@newqdisc={0x2c, 0x24, 0xd0f, 0xfffffffd, 0xffffffff, {0x60, 0x0, 0x0, 0x0, {0xffe0, 0x2}, {0xfff2, 0x10}, {0xfff3, 0xfff2}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x4c}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000844}, 0x2000c8d1)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0xfffffffd, 0xffffffffffffffff, 0x4}, 0x38)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
close(r0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
ioctl$SIOCSIFHWADDR(r0, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="000500000020"})

1.283516628s ago: executing program 4 (id=1974):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff0001, 0x0, 0x0, 0x0, 0x40}, [@call={0x85, 0x0, 0x0, 0x7b}]}, &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15)

1.281142159s ago: executing program 5 (id=1975):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000))
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x9)
ioctl$TIOCGPTPEER(r1, 0x5441, 0x1)

822.853033ms ago: executing program 6 (id=1976):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000a80)=@newlink={0x34, 0x10, 0x403, 0x2, 0x0, {0x0, 0x0, 0x4}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000044}, 0x8044)

556.306882ms ago: executing program 8 (id=1977):
r0 = socket(0x10, 0x803, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000000)=0xe, 0x4)

380.685527ms ago: executing program 0 (id=1978):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='maps\x00')
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)

369.719537ms ago: executing program 8 (id=1979):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000040)={'sit0\x00', 0x0})

345.056329ms ago: executing program 5 (id=1980):
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000039c0)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x18000000000002a0, 0x38, 0x0, &(0x7f0000000140)="b9ff0300600d698cff9e14f086dd", 0x0, 0x63, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x48)

276.030451ms ago: executing program 4 (id=1981):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)=[@code={0x1, 0x81, {"0f22e5c744240060420000c744240233d8cecbc7442406000000000f011c24668f38896810c4027958b20000000064449966baf80cb83284af80ef66bafc0c66ed66baf80cb8cc07ff8aef66bafc0cb8d4000000ef48b8f8000000000000000f23c00f2135030009000f23f8450f2244"}}], 0x81})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000500)={[0x645, 0x9, 0xacf4, 0x40000010000000, 0x10000, 0x3, 0x400004002004c2, 0x7ff, 0x1, 0x0, 0x404, 0x82, 0x3, 0xfffffffffffffff8, 0x6, 0x9], 0xeeee8000, 0x240456})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

263.818731ms ago: executing program 6 (id=1982):
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000008c0), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])

44.579938ms ago: executing program 0 (id=1983):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x10, 0x0, 0x0, 0x0, 0x2, 0xe3, &(0x7f0000000240)=""/227}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000006c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb01002000000000393a1bdb0000000c"], 0x0, 0x2c, 0x0, 0x1, 0x8}, 0x28)

487.769µs ago: executing program 5 (id=1984):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a60000000060a0b0400000000000000000200ffff0900010073797a30000000000900020073797a320000000034000480300001800b00010074617267657400002000028008000100534554000c00030000000000000004920800024000000001"], 0xfea1}}, 0x800)

170.32µs ago: executing program 4 (id=1985):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
getdents(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@block_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@norecovery}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r3 = open(0x0, 0x14927e, 0x68)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r4, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000000), 0x4)
sendto$inet(r4, &(0x7f00000004c0), 0x0, 0x805, 0x0, 0x0)
fallocate(r3, 0x0, 0x9b1, 0x1001ed)
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

0s ago: executing program 8 (id=1986):
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0xfffffff7)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000080), 0x2008800, 0x0)
read$FUSE(r0, &(0x7f0000004280)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f00000062c0)="23db5037805f177d136115e6a1a5903469af39c1fb9cb38215fe64cff9f2f0444a57e22b0cc5cb4f74c9792365400d9e1c68539ea5eff0a5ed0864814d39251bee8dfea69aa052d900bc0c792e1c9752b7d3a3222f6a1ad3e44c1f65617b128aea51911861ca36ba7c96b96b2fba0fdaa49ffb2612f3e81fe565327dd9965a60046442c9dcd0d552c6a00388be3b438a08883c7349761531880294ad9887db97d8c2f74921c57910cf1f5cc528e17bd5c3746b6202f26d621535aac5f7872c2cb3295e42524b5acb249b2d1ac1b53a4e31271decfca3fad2e2f740768adf00875c18cb7d115150f83ceb73f77a1f61f1666c2bb9f6bd9f0fb55b3a619446e32bae2a1d99aa49e5f3822e048f8be44b707f2db10d7916ec9a10a695d573d871cf24959c3d15e61344a68309d186956537c6ea8532fc2e1c7649f8409d8dcde4c8ee1530470ac9c870f9f1837574e444ba6addf5ddb2dec67c0e76df79f265b403818dddb4efc27c90985ed69a48b12056e548f9c99edf80d2b195d26acb1127661727a0600257f4b2546513d03930a0638a71bd3223e51fbb75c832ef737907f2f4d3f0505f431ea02783c798b5c4579c99961fb73dc623a0d99c1b306435464d413b537d42c6444851b36482597140b22fbc0ebc7e795b2f96739bf139f5823bc869ede547da4f394fa1b1787836095e1013264042e53d5006ea059d0488cb2f5ccd44b30d25ea53c2dda71d112d7d441dbfc9f8462c99c098b1958c80b237d83c32f2759c9a9c081d7d7666a477cfda59354309b09f2a8b9f6c3077b0df1e8d0c71ac07232de4f437107cb0eb9b47b2267efe31938a337cf11cadad72ced56895bb14763cca5bdadd245d801e829a1eb3bb4ed851a345918efd2dcf8d38f66badc773068e6a2ef59b2bb838abd8b043cf6ac54550f3fde1bbb9e761095e4b8ef1891757d376be1f778142610c0acbbfc697f51fbb7a1602ed46e82813c74f41ee2bae818174809f3692084bea7310ebec3d6166702ae62aad84313e19b4d145167185ea8d53cb21d099fb592d7d7f8bc305dd375b5c0cd73be44f49ff53cee220085d4706bbf50c6f63b02e7e805e8fa4c73046a57a8700886da29ea53e5a316e7b011c44a0f7be5cc5cb5641ba0069ff591eee18966c7f005ef40046a5fe2bf325b2545b009867761264aa9611d184fa372ba3c5c33d9a50717210f7cec7f6dc4418a87a797eb6aaf6ab3892bd3f559547c88d8c29646c8173fad1588f52beb34ff863be65e7ec1598cfb465f270bd5532fa7035aae077eedbc846058fa19f58ffb1cf0f1863f6d33f2e5c454d18b66be766ca369af2cc9656fa34c6c10e4d4da44ce5e2370aaf60c4e130da331d3489e8f44c600246323409fdd35d11da27128c9d64be65dd3a90c1546a6eb9185cb6d3a4a9cfad0e41ea03896fd2346f745eb3563d7a79fd345b037c040e56f0677840bf9b0d295bcfa98b931464c5ce9fcaf745720deac2d8b4edeffc0fe6f089ed7c3880959fcf8e31f7b7054bc4f5c9d3ed3f66c968d0bc20b2d66c374f030f3f1965f43a98519e527caf693362412d523eeb38c8b016ff77f78f833d7513e4b5a53d5ed5143916673f822ceac9967b8788bc6428283181eaf8d99e48286aacf4f658a903e9f08659450f7f9483807c2e013a1d9d199f18886a8cb4e14d41c71e5731455a4394551281eca12a1bb6ae717f5da2949175d0f1f3d718b761dfc1099c7d9d8928c899ac8e936e69d19fcbfcfdee83b68ef8e15eed41a8ac0d54aa92d7d2ee58bb4799f378225ec9ba4709e5ce2b77208ecc85c22c64967a9ef3360c54d311b8917ceb7b432c90cc5e98de9327c1400f8ec89261b1d77d8874b0bbdd2c5eb59df415705de52b08b0e12c07fb7367c6d461c19f282d51e482cb4fb9ceb0249ac2d6400ca170fbd6c0063224179c616bb030a5c10102aa2eea92f1e6f5828590b250b09e6d1a9535c298a68160b7c281fecdd295dc3396c4e6eb3395d5a677d5fa95a732dfdef81f4346545dd1a74bb3aa9b516699bdf0a59165077ab459a5ffe0dbb3ef8afa7a8382a8441e0c36ffabbed8f93f4bbeb97e5f6a704bf63a0de9ccf8fef643ebc530a80920931002003b027014de317c42f861d98ef4fef66d232d9706e6bd263347384dadadaa43a7e106bbb21bd822d468ace171b3f04b996112135b63dcbd612b5888ec40da583ab549c340ddaf5d7406c3e99322c68874214356c1fd9b5f84348e629cc3487a901d1b7a2fa531b1509ac1c93de3da9f1c3773e3a2aba2b29d2419f240ae6d24ed9f14bf0b9b0f1e740a2db06dab64d6386f950bff4e4c94160ef4b832bbde3af4937b7528658b5c16a51cb22193fe99385721ce5b048d9338e289dcb40683140c413eca52c8e4b64b306f47569477379c864cfb3aa3e349262407d3935ab9a0916eb0f6db2be71a7eb8f9968dfac44995d5bff8ef617fceeaa448f5e5f8d4b39e3512fe7ae9ee1d8a0d5912b6148969ab0325f3f76e2340fbd67ce156bdf638140b3ccdb08e5049db15957915cb05db8901249b10c59cc5c3ff836290e3334eee2df387e44c57b4d6198c3749f5dc57f6c3de115ced6b43cbddd762b58f1fb40b2baf3b381febdc073142e30d2e9a1a69e8d86314221e540f195509d223b206173dc5406865d8064817c30c284c034035a63190ab86df3bae4168c58e01d2251748fd5d9d610024129e83a5730fe83cf0918790e6854ab765c78649b91c06655f0cb9e26d8432df78bbadd99583b6a8afcf177ed6f339e08c0b36a16c6d31d8a24cb6f2bc3ba58d7711b6f8b988dc3e3144be619548457d4f40509f17eeb186cb93a2928ecb951593d1907c8bbb9f4c8999caba3059c8e73dce54ad6f87bcd51d559f7759902b14e68d3b845c0b179b38f4e6f0bd3a89cbcd5ebed9972102048647da1eda5c8456442369f4ae871d4037ba26f27d27371ce57e23adca5af8dc93f934f2ef8d69ad3b2db66657b3868dd839c2b522f5461f24407ef091b77242fc70a48b7eec45f3bcbcfbc6bdc36e4b67295020a345233a32a0a0af4d03a53ef67e69716d5ae35342722afbe7558946475a9ebf5b39c18558a0011f68bc8a78590b0cb63618379a512790c42d94bb239dd3ef5b8d1036cf0391aded8802a7a447c38f231ae611aeeab9bba44cd14369473758b64108d0bc9b6bc9e9b497c2d1d2acbae7c620a55c226cf371331688eaddec61fe961c5fcef71dad45820ed0ac8dc7641d82150f1318ac15aa41e7be585b6a50da1b3cd95239ee61cfde15aba80ae8ebc21ba4540883c6f44cd35b6b97da4640c97f5a2b6efa8d184fec823abc754ab8a0db6c45c2293e90d9c154c4a3e0b9ec2b6113ce6583b80f0d234dec9a9815067244733e2134b9ba93bb9692fb44200bb5501bb109f2401e8baaf0115d795bb0346dfafaf953bed8e9a52a5b9b02d490c55fd89daf311ad5e08b070a9571f696d6df4715c8b69b840e4e03d6f361326e20d9546c47b3a63163e7df9bd260621358c166177ee7c69ed63a8c43dd4a78543aa9f922c0ef527f4aa61ff65bb14595f518412ce25a1e103df89cd4b363593da16c11d80a23a9b5ad8e3a7be8f697cecf82c8fbd889a4f743c839b67f7ba5453b10bbf59b1e4f4e821872c061a4125c0c15c1ca5164efe61a58bb54dcedc849800a6021a448d4660c3b85e2362b7cd8ce95156fbf408a09a30a8ccfc3554004e9f9a35382907eec00617e2ae1f8803146bc8c28b4f3bf3c6b183ae9248e7f05c4adce3e0b7ff29252b5be9b19431e3fe612d471f52c5c34cc12c83049189f4d2e5ca516df78766ba3449d07ef9436c68052c986d9dde8802c931194e2ce34acb8cc26663a09348b15c6c145d26306bded0d1f482803ae6dee26562b03fcb183b69ee4a0491e8776ecdadfca395cb4eac2948d4d64321a4e669f2f663eb54f05f12ed9c685835c3e79f982152dbe701073b9a4ab2932b46ee2424a5e18bbe5f25ce0b898ff6937927f4670defe430ac86021226ae055daf39b535cdc0899fcc99d15e67d66bd2dd89bb21b8d2689a8af10a1b0bd44103c469922c36fc0228d7b6febf5e366dceecf8bb1db385c8ab95d86ff09b76c2fa6282de81fd6864c495a4c8295df61a2548e1b81c3e3f30d7a41216801d6c2d1743f66ae2055756083e8bf403d436b8244ac214f4d84a693d13f299ba267401d094f2df70840e8a980622794212f0992ecf5a47980ab2cf7d5a6f12b0a489af3c3c847ac59bc89f36fbb0e08bf283b68213a17de38b3a45eade6f0b198def408f7711c16367bcc0ded794a9a323c7e7f07fad96ea9c4d7344c26e43844a27c21076b8d7cd07677602d91eac825eb5fd0631755c2dd1dbf7bce3eb3c3f7377fc6080ecd0b894e29769845725943e25932d4249abb4ab78d4e2ff2e2df42c8d884cd6bd13886cef080c6491c217abae0eec6e9d4d49eab6657f15cfd38e6cd6d0bd33198c4685ab302d0f46e42f4a5d5bb7d2840a0a8817b98a856700d4de74351896fe7d7d5a0d1bc57fb4c828aa51f9637807aeb905780f239527ed4affd83f68be8b7ad1e10d9e797ba39cdee24f7be0a0ab0ac22ea3968dac61eb4bdd522c9ce570edf63a439abfd9954bf6a16c88d86157d05477200a83255cde279b454979cee4de00e81cb44acdc4295c877566a749ab5b91d250f03d46ecc14210c196700338eea028c930ce104f20a9e7fabb0ad1d314ec1a2d97d1d1b9e09114dee0e3e513eacede01971ff85dc98634156073df4e8acd6c3aadd615adaffa7a81573813bc4ca21886ddd532021bba5c84b34c34665534db48d61903a03c1cca4ed955ca92c1e33b7664b494e3db6d1e637a49e537808a2669ebeca301691acd4fab0af197b9c7db01b7862466b568ab3a4712a25210264fb297a6b679dfc3fceb65bddd1a23d5b507a0d6da83d73b716d971c5179a92e57b9b93451eb943845a549de737f2d082a83682c32649b4941e787758ead9d2c256b2b4ed1e0255952ce83cccecc39e5bbdd38490f1960b26e5379943be3d9a64b5149c84d577e5fd099560baa292befa06ce9065fb03ed432a9e055ca4ad0e952f8368b3d230fd5239726f79f4c98a0b4a9648382b245d324cb61049562f765f923fc657ef36747658494d78590a1e27a2d09856acf50c3b26271c6d5aa96e8ff9bdb9043859665e21ea53a050c335cac414bbf27b0328ac2c7450acb26b093bf232358afd1135ee50ac3fb26b5f0256ccdd37033c8a59740607cfd549d4c6540afe4a6b4425ae1f633872dcfb5da8d0547cf0c4888817b71fbc7c45b2a641e9c1a76b6a6be124402422ada35edc02ed997d6b87b361aee95a16d2c528d89a52fe40dfd83434969bd86f02e63fc1ae72941209af39a08cfbb4c320bc47d853f5dbaf0cd60ec54608aadbc382fa6b5cab3e9cac57bea26609f4c79f6a6b4eb4a9336fa95783b0c0c366f36d5d6b8310b3cfdb800207919a131bc7f984f7fa11fd0bf2c89e060e9d1286e453fe97363ef72bd6eba29a85ffeccdc3bee72e12284333a5a40622c01619558d2750fc45abfa22059ebdf743f8e50ad29770d19f84d8a34232d6918514769b3bb2a1ea5e59e9556332ba669675764458e9349a1835c501a93e91dd3b31018979880a9913f54ec1e8526b8cffcb776b97fbb9424faa5c5eb60d2ac74955bba4b5182571d0d9f84f0df1baa722b20a78c9c0011c667f688b58489c9e450d83e40ac5eb41c5564b6d76a226448abe4a3f499927074125aa9c0e7e704c36df5bb110a0f15f8433a470e81db414827d5ce21ca1da1c8d51d746d1e1ca110127c15e92afd75d3cd05ce0b632cfa03745de3cdd4b57373d46676583c89f045c26c6fc5793e5489555ced08f83ba351135834a2028113c319af30cc85bc01a7f8208822d7d607aed0d2e12c80aa009100441b75beaccfe0adbda7e8bb870edf4963158794c8c3a5baacf6eec7b5efaefb7602dab8409d161beeb281cba21f1da0ccdc092d0433fb940d79699ffeb87ea775829a6e7e3b308a2ee0b7aec8ac5f35eed61be374c7c77196f7119a8882deff68230f461cb917b0ccb2b8597efcbdd1003b7b77b2c601ebd4b45c35b8426f7b9138ab3df0ec00819604ab8e1e64cf2aa2282b1269585af127a268cd207f964edff172e555398a16df44bdc52889538c3a27f8fbfffb61f7aeb55b259952bbfea81d73058d8b0f78ece9dc08e660437d21d4e3ec38b19e5afda7a6e33023f9158db8a1c14dabd9b8b307ddc66927f7b19df5e0da2237d98ddd890b81f1963808977d02198e8ae2e97419dbb1f8e51cad36a3424b955500fbdaab6ff8dbf028708b1f951fe43864b59b6c2368b816c98023d4480a91b3f1059e9c214bf55a7f8c7da907f79ff5568fd787d3aa022ab9d03cde551f7e3295f02c4f3aa37e4cebdd968c0f82f09eb004fbdb1a4ef3a0d426691bde3964c29ea65622f5d3ffd854053545ba1ec164495e4bef4845439c058f9438d13be7922b656db499c246ee6176a15b97e6a68e42f0c703033b699504e1f92b43054c7237199bd013d96faab47433b6b3f91dc66368706439d4ef7da3942ce8b9c1c9a9d0643fc4540e7d3f1c3821267e866cacd3e904be9f9df80381eec09eb2b0d745ff03ffb199b917a14fdd8fbfbffe8bfb0cf7023aa7183301a8a41e7097ff9f5247f8b78f7d08bbfc596a81047807cf0929677222e7e9e921b294e04088c3746d8dc19294645f1c093a21b4c5e6d92e54dd90465b11dd5d9d42af849070edff4ec63970f4088daaa33afdebb28d01df5ee043a8150ab1b25d864ef31e20c84696596cfbea92d02ea29c4a3933c41ec68aee7d68d7eea7f30d8920e14e62be42bcf856d7a58f46fdb2438b023e974f77281c5a462553627e9614504cbd3f1cae6e0fd9f7e89d9bce48946d0508616fbe542303dc542982c61d7bb4afbf3e76bf1fb2381cdc99f2175ef944dcd826aabdca2b7678db5262733c69ce504c38e7deb7adfb9b6d8bb00d8e4251e0438417ea615cde58bd76c2427b3d7a0578bbbff9fde2abbc5d60307aff0050b18176158aaedb34e283886378ff798b4f74e0a0c95d64271f1916280dd247304d9201c67f5e2640d9706add8703cac81795a0190107e2bb2941ed13738595da1c86ba0f68e2283a435cb5f162c74071a13dfe2266d05abaef080dd6b1dade115e883e04f0bb4be4d91f535ae6f822b02e814e65d2b7807d199a23d3f26209f6c9f93602a3a93ccfdebb5f8161b7928059674e15820d1848a980c8d1af5a73aadc5c402fbb6e730ba51227913ca27f0d78d331d6325d0a7926c238296b2a22b10a69cdffeb087dfe175511ed8e2cde8d7dae140e4ce92f892b129d9940e4a30b19f822ef7611b8750eaea8e55502604b7d2358c09a217af8be6c86d67cf6ff6130c971c9765d56631fe6224fbe1e833d497b534fbf6b030af93691f59295279aa1bdfb5d5d9d4668d5aea70e2b8fc117df0042e91c7e6225f27329727ed6e14a87c7943c040dfee4e5c06a20251c39a45ab4865951b0daefb9c05571fdcc21d1761945bd2b8047ccedd6f1e708646fbe61e75bb2728e8cee893d7e6f642119e786155a6cbab057d6d83b77716145119e974ad7355179d2adc3d748fa249cb58e32e6791d646240c05da4427b2f359976c8fd1486c604cb7ee647e24633d8fca8314cf1f85110ca6351156a2b26e44b040f7d2810acd36f45a3969c1fafd1a7e0bc14fd9b26593375be8e750c3f6534ffb85904d15d75fba05dac4a673de97f7543ee931724cd35474cd7ff5cf3e8abaf206f3030e92895633fa9d8499ea763601560260109dad18bd64b990531fc5377e6eaa5da050b98e1c6515ea48c7de1a15b63283d4a694cbad379356bfdac50e6c343879e29f6b9ab425600d51f257ceb35d0ca00f83cf5bd734223de716747614666ba1f1a8fa756e5f3ff0fc94fa4bd4073bddb0098cf565ee40af5732ee9218d262e5b64ad6b8118c54eeaf7072f2e15514a401779b425fa89d8abb1750e56cc3108dffdcf2d3fd86b8af4560d56f7ff0702154211f9949e3992d93e66892b297fa2d4bfe18de3fd74e96c9d30eb14fd458fdbc9e9a34e00f3280dd732520147fa2a8fa83e91dd0687501466a300015bf888c03fc08190c2753d7719acf6f84885c4c5642f466c1984f15a7716a9b608ee5f1b395726bcc8519766667d24d11e396e62ea39640c9e73e4e9e9e5076d7019ca1bebbd7097807f46b3b6fcb96ed4b433b25ec551fb176a5fa252ed1d81b0350cfdfb8069c9916495bef3a262b6668910896c0b37eee40547c663a901e92f41b417ac50e88d058d021a8f9a5783bd936cca4962bec1c9886689cc547970f9215232596392515182e563f720bb79d29baaabf0e2697de6500bc677e346847011ee3450358c0b16ca528368b5cbb8df5ab974a3cef072d20c9906fa585e0f3083ec6d8507b8561f64e65aa1aecf825fc47ad1459c87771549fd5c9a9cc094e7b1179ee1e90eff7158f28f59f029d90e708f4ec50b4f67d8b4bb7140065528354a7e25d63e92977183a0284ec22aa923210f0bfea89cca53547137381e5de0f60bc484bc2daf129b0380244f1ed4bfb674eb2791e76dce33cae684ad36620d5d67cb587f840caed316b7439b0e8c3de0e065e62680f3997369be3466670278168c9a1a644d870e3a8d0a79b2b720e8c3c51bb9133532beee64319e98714bb2e6d5c0b723962d923b0ef454361d4b3cb470bf8c39031ed4a75267f499741be15aacac92d8e6afdcb01a2e7d2dbf549ceb2a2108c4079c620f05ca1bd31d631c2c8d35ca0d73155f56ed020c25e389db356edf510ae088d11b5e4fed51d0dce4d3aa04924b09c28200ede5bec1a8f38cc5f081055e0f28d75afc4d588ca0e828d00085d150beafdda17b8df9e7d9218ea7d81f2e076412901c5ae04d6929d717fea2fcc8e5a1e69dbd7b5258799a2fa5eb108b6cc35dfab599fb27e6d75f1030b83f452af8137830337141f031942eba83123d3f87b5f01623d4613e5a44b4952c300baf3d4d3dbbfb0ad024a19b3810a174ef8453d85a25822f66e45eba2490f29de1077683ccc32e3517f88b51e010672a982f7c8591450c9ab1573143aefb61c17ebb0c92dcb0494d116b970c2a827a6b3608ae10d583d1f7d092263fa873de9f31cd59bc9491ff012059b63a9120af89477f2ccc34eee7bd66de60af64730c879128b49d31da6400c2471e0d5abf707e560574b477b8e20ca45d92182d639eb434e14aea1a3f91ad8fb60e4859b77389753990513181ea3a82884235e8520294359435cfba220502b591fc28ac36ec697442657d290bd7aad7fce53a3f1766f2bf7d55c24d7c0e9c7a71d6f1282ea1478e0a36378b50e4fee281f686bc53f50138036e2a5d6199d40caff084fde7b63b3c0a47da0791107c3218330f7c2e2c7609aba202fae5290243b6033379eb15edc572eee452008e04c9b53efd5f3d88327317b38934745bc3de4c55bd818febc7a7953bf03c4029f77177c2a974310f0485aa46252f1000dc71934947287c38ea5854f29c7b82f630afb8caf1fd880670307b155a6e7feddc019cfbbbdc18f3bc03da3bd371d93ccbf56bcb39eea55c2d113efc148127c30089d21ce6a5088dbfbcf8f8d75c19456bc962c371548634a95382acb5a0886efc46a87bdc111dc0d1e54084cea0d58054f00762c91d7fe0f0fbcf4c280f29f9cd5999a5e8c6f507f8080d7c7ea9a8685be50722cf1a082f3728dec8d6152cdc72f8da6b1805643c042f4f6780ba79cc8a2165d9d7acec8ab2f421bc3e77b51c62c4bbb262b5674ea7d2dcf9acb894d050e91b052364322a5b08bd9667249571c004fb495da7e24fc5620adda3af6848ccf238911a52bdbff766e4e279ac274afa2c2302faba25b5fe98d972a04aa13f77c0c05d7dd82b0a19f1ded8cf5f99c80e392b0aab1264a29e9fbcf0b69f6b0a9f2332e09ab74dea7277106d0883bb264e279c67e5bc69009225bf4fd1a8532f9392a011b55a73a7cf8d16a59d695b2a65b57fad64a2041f8c28804ee1a48845c5dab757d04f1d95520aa9ddb69904d6529c0e14bd789dfe37067073b3e0e136ae2aebb1c34c55b94ce942f786be4b45f801f35f7c768d91a460b92ffa57ff675f0b4b00437a07f871a8650f21b2bf7c722c1d9e860e8955fef5699ee53a5f6fe46fb9e5e17a1c69fe2538af4718b7215ad2c00c3d420589a8653ee511b809945451fb8205b19ce377c8d0253b05493c557cf2bd8ef208e8fc01beceea1acca38d025f328f28d69bcfaa3adc6d9573a3832dc3f3c758fe08cf9cd0c32acfddae81b3682869e8aa9725b64336252aeb2ee8eb78f0721aa3158217a3009948adb297c5ea45ec26cb6d963c7be47ee1b93fa136ebe73a21936df0148fa311206f8bca2e80719aeca8745ff74ddaad5182644762c66333f942d9a93c467d5f9fd5d0dbbe57480362d4bb0f760294f4eba3e1b08047d256dbda157635d21a43aff3a71f6ad574b402bb36e5270d7ed082c6fbae07771721513ae9ddb22d23b00733046c898ee6ac05ef8a51ce41919e1f241cb98e0592ace68214620ba1a748ef81131661f58f1635713ca2873e150a3e848c8d2ebd039769fda112b73050efa4d1c35dbb46ca5a7b7ccbed1dcded36af272f6838b4c1e7e6778e7e9ca3d794f275d49c9e32e768097349118d2337e7c031ada38d0cc5c04c286ff93083f6d58d73a821118c93432fda9a8c76fa2cbcc093a7decac8e4f001ecc9f67faf1c2f102120f0618469cf653bbd5fcefd4ef2bae86dc4f5393b840f9f47140cf7f46a186c21878a43612a71d3b540b9994f010ab623f878264cf46c7366d0bec5d43d481b47846091fd3cda73a9a28ceb7f839eca695c9f084a16c812475f6575ef2368c88cc6655f47663ef69ce4779fe3ccc4dd85a07a9e4c6f39f42690d231f5727f45c247a53fd8df029fcefda4f328658435892519c17205a3c715ad6bb7387d09a5e387c83f008daf626f5977c66203af1143ef7b59ccd8e3c17bb156bca317861f0b9f222ea63c044075a3a74beaf05c23d0a75caa60397d831bbe507234fff154960faf0f02776d3f9038c955bf0c1ec9c92523cf0b855c18d6ac3b35d437796420ba3dfd581dc6adac64315c1cb1a2c3a45ec4655bb2bd6e0b4a3082281ed0697a213d1d93142e96b4fd57431d2f4547451d008ab58bcd9765ccf3ca3297becd5de9e2be0263cfca09935c9334b5e687bc7e7057dc2ed03873be22200c9fe32a9497dd00a336cf4c723ead302340b5cd1fef8cd88330a9089fc93af4ef739295b94407b291bf33f4f39c936736e1166106428f8796a4b92805f4dfcf46d8692b54e40a9e8584c0eaac4caada87bb33f553eafeef5051b889402176ab766936a38ddd7e5205d2c87e133a02e84ab24ba2d889a4c4db8cbe18b271455e84da716f4a32acdbc0a5aaba25a2ec757c73847dd1c4ccb2967c651e5257692a4553dde227846bfe2977021805f46a287c835ea8dc5", 0x2000, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x10, 0xffffffffffffffda, 0x3ff, {0x0, 0xb}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000180)={0x50, 0x0, r1, {0x7, 0x2b, 0xfffffffe, 0x30004004, 0x0, 0xfffe, 0x6, 0xfffffffe, 0x0, 0x0, 0x1, 0x100}}, 0x50)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a43, 0x4)

kernel console output (not intermixed with test programs):

 capacity change from 0 to 32768
[  359.139898][ T8323] XFS (loop1): Mounting V5 Filesystem
[  359.235132][ T8323] XFS (loop1): Ending clean mount
[  359.293112][   T26] audit: type=1800 audit(1781121315.376:24): pid=8323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.974" name="file1" dev="loop1" ino=9286 res=0 errno=0
[  359.511078][ T7903] EXT4-fs (loop7): unmounting filesystem.
[  359.639781][ T4277] XFS (loop1): Unmounting Filesystem
[  360.555029][ T8362] loop4: detected capacity change from 0 to 32768
[  360.702284][ T8362] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.981 (8362)
[  360.839199][ T8362] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  360.857498][ T8362] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  360.900474][ T8362] BTRFS info (device loop4): setting nodatasum
[  360.906795][ T8362] BTRFS info (device loop4): using free space tree
[  360.953709][ T8395] netlink: 4 bytes leftover after parsing attributes in process `syz.7.989'.
[  361.128716][ T8408] netlink: 20 bytes leftover after parsing attributes in process `syz.1.990'.
[  361.182444][ T8408] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  361.191826][ T8408] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  361.200804][ T8408] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  361.209788][ T8408] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  361.273349][ T8362] BTRFS info (device loop4): enabling ssd optimizations
[  361.351116][ T8408] device vxlan0 entered promiscuous mode
[  361.463443][ T4275] EXT4-fs (loop2): unmounting filesystem.
[  361.711611][ T8426] loop2: detected capacity change from 0 to 512
[  361.809405][ T8426] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  361.835755][ T8428] loop7: detected capacity change from 0 to 4096
[  361.863784][ T8426] ext4 filesystem being mounted at /186/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  361.968090][ T4733] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
[  362.567744][ T7903] ntfs3: loop7: ntfs_evict_inode r=5 failed, -22.
[  362.602811][ T4275] EXT4-fs (loop2): unmounting filesystem.
[  362.860683][ T7903] ntfs3: loop7: Mark volume as dirty due to NTFS errors
[  363.408147][ T4286] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  363.593712][ T8424] loop6: detected capacity change from 0 to 32768
[  363.653608][ T8424] BTRFS error: device /dev/loop6 already registered with a higher generation, found 8 expect 11
[  363.962574][ T4395] I/O error, dev loop6, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  364.438545][ T8461] loop7: detected capacity change from 0 to 1024
[  364.593913][ T8467] Set syz1 is full, maxelem 1029 reached
[  364.602849][ T8461] EXT4-fs: Ignoring removed orlov option
[  364.684798][ T8464] device syzkaller0 entered promiscuous mode
[  364.882282][ T8481] loop1: detected capacity change from 0 to 512
[  364.903789][ T8461] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  365.048561][ T8481] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  365.119215][ T8481] ext4 filesystem being mounted at /243/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  365.801909][ T4277] EXT4-fs (loop1): unmounting filesystem.
[  367.935918][ T7903] EXT4-fs (loop7): unmounting filesystem.
[  370.017636][ T8532] loop1: detected capacity change from 0 to 16
[  370.081774][ T8532] erofs: (device loop1): EXPERIMENTAL compressed fragments feature in use. Use at your own risk!
[  370.116900][ T8532] erofs: (device loop1): EXPERIMENTAL global deduplication feature in use. Use at your own risk!
[  370.708096][ T8558] device syzkaller0 entered promiscuous mode
[  371.115115][ T8570] device syzkaller0 left promiscuous mode
[  371.912560][ T8590] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1041'.
[  372.234392][ T8596] netlink: 60 bytes leftover after parsing attributes in process `syz.7.1044'.
[  372.267684][ T8596] netlink: 60 bytes leftover after parsing attributes in process `syz.7.1044'.
[  372.305609][ T8599] netlink: 60 bytes leftover after parsing attributes in process `syz.7.1044'.
[  372.436685][ T8577] loop1: detected capacity change from 0 to 32768
[  372.535974][ T8577] XFS (loop1): Mounting V5 Filesystem
[  372.671333][ T8577] XFS (loop1): Ending clean mount
[  372.894642][ T4277] XFS (loop1): Unmounting Filesystem
[  374.262486][ T8651] binder_alloc: 8650: binder_alloc_buf, no vma
[  374.291503][ T8651] binder: 8650:8651 ioctl c0306201 200000000240 returned -11
[  374.325473][ T8653] loop2: detected capacity change from 0 to 16
[  374.357675][ T8653] erofs: (device loop2): EXPERIMENTAL compressed fragments feature in use. Use at your own risk!
[  374.429023][ T8653] erofs: (device loop2): EXPERIMENTAL global deduplication feature in use. Use at your own risk!
[  374.906841][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  374.933989][ T8658] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  374.946739][ T8665] loop6: detected capacity change from 0 to 2048
[  375.041833][ T8665]  loop6: p1 p2 p3 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215
[  375.054966][ T8665] loop6: p2 size 458752 extends beyond EOD, 
[  375.311152][ T8678] loop1: detected capacity change from 0 to 1024
[  375.329518][ T8665] truncated
[  375.336909][ T8665] loop6: p6 size 458752 extends beyond EOD, truncated
[  375.390450][ T8665] loop6: p8 size 458752 extends beyond EOD, truncated
[  375.421081][ T8665] loop6: p10 size 458752 extends beyond EOD, truncated
[  375.441984][ T8665] loop6: p12 size 458752 extends beyond EOD, truncated
[  375.449812][ T8678] loop1: detected capacity change from 1024 to 64
[  375.468755][ T8678] bio_check_eod: 8 callbacks suppressed
[  375.496436][ T8665] loop6: p14 size 458752 extends beyond EOD, truncated
[  375.508014][ T8678] syz.1.1062: attempt to access beyond end of device
[  375.508014][ T8678] loop1: rw=2049, sector=198, nr_sectors = 2 limit=64
[  375.539791][ T8665] loop6: p16 size 458752 extends beyond EOD, truncated
[  375.592262][ T8678] buffer_io_error: 6 callbacks suppressed
[  375.592282][ T8678] Buffer I/O error on dev loop1, logical block 99, lost async page write
[  375.610403][ T8665] loop6: p18 size 458752 extends beyond EOD, truncated
[  375.637368][ T8678] syz.1.1062: attempt to access beyond end of device
[  375.637368][ T8678] loop1: rw=2049, sector=200, nr_sectors = 2 limit=64
[  375.657748][ T8665] loop6: p20 size 458752 extends beyond EOD, truncated
[  375.680771][ T8665] loop6: p22 size 458752 extends beyond EOD, truncated
[  375.693426][ T8678] Buffer I/O error on dev loop1, logical block 100, lost async page write
[  375.722781][ T8678] syz.1.1062: attempt to access beyond end of device
[  375.722781][ T8678] loop1: rw=2049, sector=202, nr_sectors = 2 limit=64
[  375.744848][ T8665] loop6: p24 size 458752 extends beyond EOD, truncated
[  375.757112][ T8665] loop6: p26 size 458752 extends beyond EOD, truncated
[  375.767481][ T8678] Buffer I/O error on dev loop1, logical block 101, lost async page write
[  375.785440][ T8665] loop6: p28 size 458752 extends beyond EOD, truncated
[  375.793876][ T8678] syz.1.1062: attempt to access beyond end of device
[  375.793876][ T8678] loop1: rw=2049, sector=204, nr_sectors = 2 limit=64
[  375.831056][ T8665] loop6: p30 size 458752 extends beyond EOD, truncated
[  375.838266][ T8678] Buffer I/O error on dev loop1, logical block 102, lost async page write
[  375.868356][ T8665] loop6: p32 size 458752 extends beyond EOD, truncated
[  375.883740][ T8678] syz.1.1062: attempt to access beyond end of device
[  375.883740][ T8678] loop1: rw=2049, sector=206, nr_sectors = 2 limit=64
[  375.905844][ T8665] loop6: p34 size 458752 extends beyond EOD, truncated
[  375.917028][ T8665] loop6: p36 size 458752 extends beyond EOD, truncated
[  375.941177][ T8678] Buffer I/O error on dev loop1, logical block 103, lost async page write
[  375.965191][ T8665] loop6: p38 size 458752 extends beyond EOD, truncated
[  375.972506][ T8678] syz.1.1062: attempt to access beyond end of device
[  375.972506][ T8678] loop1: rw=2049, sector=208, nr_sectors = 2 limit=64
[  375.999632][ T8665] loop6: p40 size 458752 extends beyond EOD, truncated
[  376.012547][ T8665] loop6: p42 size 458752 extends beyond EOD, truncated
[  376.021909][ T8678] Buffer I/O error on dev loop1, logical block 104, lost async page write
[  376.057987][ T8665] loop6: p44 size 458752 extends beyond EOD, truncated
[  376.068436][ T8678] syz.1.1062: attempt to access beyond end of device
[  376.068436][ T8678] loop1: rw=2049, sector=210, nr_sectors = 2 limit=64
[  376.115440][ T8665] loop6: p46 size 458752 extends beyond EOD, truncated
[  376.149559][ T8678] Buffer I/O error on dev loop1, logical block 105, lost async page write
[  376.158224][ T8678] syz.1.1062: attempt to access beyond end of device
[  376.158224][ T8678] loop1: rw=2049, sector=212, nr_sectors = 2 limit=64
[  376.179273][ T8665] loop6: p48 size 458752 extends beyond EOD, truncated
[  376.214475][ T8665] loop6: p50 size 458752 extends beyond EOD, truncated
[  376.251853][ T8665] loop6: p52 size 458752 extends beyond EOD, truncated
[  376.270523][ T8678] Buffer I/O error on dev loop1, logical block 106, lost async page write
[  376.293139][ T8691] binder: 8688:8691 ioctl c0306201 200000000240 returned -11
[  376.304620][ T8665] loop6: p54 size 458752 extends beyond EOD, truncated
[  376.359293][ T8665] loop6: p56 size 458752 extends beyond EOD, truncated
[  376.386576][ T8665] loop6: p58 size 458752 extends beyond EOD, truncated
[  376.419530][ T8665] loop6: p60 size 458752 extends beyond EOD, truncated
[  376.459155][ T8665] loop6: p62 size 458752 extends beyond EOD, truncated
[  376.497631][ T8665] loop6: p64 size 458752 extends beyond EOD, truncated
[  376.504334][ T8695] loop7: detected capacity change from 0 to 16
[  376.538637][ T8665] loop6: p66 size 458752 extends beyond EOD, truncated
[  376.593925][ T8665] loop6: p68 size 458752 extends beyond EOD, truncated
[  376.619795][ T8695] erofs: (device loop7): EXPERIMENTAL compressed fragments feature in use. Use at your own risk!
[  376.637034][ T8665] loop6: p70 size 458752 extends beyond EOD, truncated
[  376.667227][ T8695] erofs: (device loop7): EXPERIMENTAL global deduplication feature in use. Use at your own risk!
[  376.685617][ T8665] loop6: p72 size 458752 extends beyond EOD, truncated
[  376.713370][ T8665] loop6: p74 size 458752 extends beyond EOD, truncated
[  376.759360][ T8665] loop6: p76 size 458752 extends beyond EOD, truncated
[  376.816706][ T8665] loop6: p78 size 458752 extends beyond EOD, truncated
[  376.844160][ T8665] loop6: p80 size 458752 extends beyond EOD, truncated
[  376.880313][ T8665] loop6: p82 size 458752 extends beyond EOD, truncated
[  376.927804][ T8665] loop6: p84 size 458752 extends beyond EOD, truncated
[  376.929556][ T4400] kworker/u4:10: attempt to access beyond end of device
[  376.929556][ T4400] loop1: rw=1, sector=206, nr_sectors = 2 limit=64
[  376.989210][ T8665] loop6: p86 size 458752 extends beyond EOD, truncated
[  376.991062][ T4400] Buffer I/O error on dev loop1, logical block 103, lost async page write
[  377.021732][ T8665] loop6: p88 size 458752 extends beyond EOD, truncated
[  377.046407][ T4400] kworker/u4:10: attempt to access beyond end of device
[  377.046407][ T4400] loop1: rw=1, sector=208, nr_sectors = 2 limit=64
[  377.062671][ T8665] loop6: p90 size 458752 extends beyond EOD, truncated
[  377.087341][ T4400] Buffer I/O error on dev loop1, logical block 104, lost async page write
[  377.096503][ T8665] loop6: p92 size 458752 extends beyond EOD, truncated
[  377.117099][ T8665] loop6: p94 size 458752 extends beyond EOD, truncated
[  377.165323][ T8665] loop6: p96 size 458752 extends beyond EOD, truncated
[  377.194954][ T8665] loop6: p98 size 458752 extends beyond EOD, truncated
[  377.227767][ T8665] loop6: p100 size 458752 extends beyond EOD, truncated
[  377.257344][ T8665] loop6: p102 size 458752 extends beyond EOD, truncated
[  377.315470][ T8665] loop6: p104 size 458752 extends beyond EOD, truncated
[  377.372452][ T8665] loop6: p106 size 458752 extends beyond EOD, truncated
[  377.390802][ T8665] loop6: p108 size 458752 extends beyond EOD, truncated
[  377.427046][ T8665] loop6: p110 size 458752 extends beyond EOD, truncated
[  377.456699][ T8665] loop6: p112 size 458752 extends beyond EOD, truncated
[  377.486245][ T8665] loop6: p114 size 458752 extends beyond EOD, truncated
[  377.531450][ T8665] loop6: p116 size 458752 extends beyond EOD, truncated
[  377.552466][ T8665] loop6: p118 size 458752 extends beyond EOD, truncated
[  377.572615][ T8665] loop6: p120 size 458752 extends beyond EOD, truncated
[  377.597715][ T8665] loop6: p122 size 458752 extends beyond EOD, truncated
[  377.624049][ T8665] loop6: p124 size 458752 extends beyond EOD, truncated
[  377.650386][ T8665] loop6: p126 size 458752 extends beyond EOD, truncated
[  377.671027][ T8665] loop6: p128 size 458752 extends beyond EOD, truncated
[  377.698892][ T8665] loop6: p130 size 458752 extends beyond EOD, truncated
[  377.727717][ T8665] loop6: p132 size 458752 extends beyond EOD, truncated
[  377.746475][ T8665] loop6: p134 size 458752 extends beyond EOD, truncated
[  377.777796][ T8665] loop6: p136 size 458752 extends beyond EOD, truncated
[  377.809121][ T8665] loop6: p138 size 458752 extends beyond EOD, truncated
[  377.818200][ T8665] loop6: p140 size 458752 extends beyond EOD, truncated
[  377.895638][ T8665] loop6: p142 size 458752 extends beyond EOD, truncated
[  377.952320][ T8665] loop6: p144 size 458752 extends beyond EOD, truncated
[  378.004022][ T8665] loop6: p146 size 458752 extends beyond EOD, truncated
[  378.032609][ T8665]  loop6: p146 could not be added: -ENOMEM
[  378.038603][ T8665]  loop6: p147 could not be added: -ENOMEM
[  378.073964][ T8665] loop6: p148 size 458752 extends beyond EOD, truncated
[  378.101260][ T8714] device syzkaller0 entered promiscuous mode
[  378.116505][ T8665] loop6: p150 size 458752 extends beyond EOD, truncated
[  378.155205][ T8665] loop6: p152 size 458752 extends beyond EOD, truncated
[  378.177015][ T8665] loop6: p154 size 458752 extends beyond EOD, truncated
[  378.233673][ T8665] loop6: p156 size 458752 extends beyond EOD, truncated
[  378.259404][ T8665] loop6: p158 size 458752 extends beyond EOD, truncated
[  378.309282][ T8665] loop6: p160 size 458752 extends beyond EOD, truncated
[  378.339042][ T8665] loop6: p162 size 458752 extends beyond EOD, truncated
[  378.384923][ T8665] loop6: p164 size 458752 extends beyond EOD, truncated
[  378.410661][ T8665] loop6: p166 size 458752 extends beyond EOD, truncated
[  378.428497][ T8665] loop6: p168 size 458752 extends beyond EOD, truncated
[  378.448151][ T8665] loop6: p170 size 458752 extends beyond EOD, truncated
[  378.466989][ T8665] loop6: p172 size 458752 extends beyond EOD, truncated
[  378.489071][ T8665] loop6: p174 size 458752 extends beyond EOD, truncated
[  378.521796][ T8665] loop6: p176 size 458752 extends beyond EOD, truncated
[  378.543333][ T8665] loop6: p178 size 458752 extends beyond EOD, truncated
[  378.585178][ T8665] loop6: p180 size 458752 extends beyond EOD, truncated
[  378.624295][ T8665] loop6: p182 size 458752 extends beyond EOD, truncated
[  378.652944][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  378.659405][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  378.689140][ T8665] loop6: p184 size 458752 extends beyond EOD, truncated
[  378.721155][ T8665] loop6: p186 size 458752 extends beyond EOD, truncated
[  378.761717][ T8665] loop6: p188 size 458752 extends beyond EOD, truncated
[  378.795150][ T8665] loop6: p190 size 458752 extends beyond EOD, truncated
[  378.814599][ T8665] loop6: p192 size 458752 extends beyond EOD, truncated
[  378.849651][ T8665] loop6: p194 size 458752 extends beyond EOD, truncated
[  378.870276][ T8665] loop6: p196 size 458752 extends beyond EOD, truncated
[  378.891608][ T8665] loop6: p198 size 458752 extends beyond EOD, truncated
[  378.926116][ T8665] loop6: p200 size 458752 extends beyond EOD, truncated
[  378.958911][ T4292] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  378.981444][ T4292] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  378.990811][ T8665] loop6: p202 size 458752 extends beyond EOD, truncated
[  378.999357][ T4292] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  379.023412][ T4292] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  379.046807][ T4292] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  379.048272][ T8665] loop6: p204 size 458752 extends beyond EOD, 
[  379.055163][ T4292] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  379.118888][ T8665] truncated
[  379.169637][ T8665] loop6: p206 size 458752 extends beyond EOD, truncated
[  379.206905][ T8665] loop6: p208 size 458752 extends beyond EOD, truncated
[  379.249124][ T8720] loop7: detected capacity change from 0 to 32768
[  379.268033][ T8665] loop6: p210 size 458752 extends beyond EOD, truncated
[  379.303456][ T8665] loop6: p212 size 458752 extends beyond EOD, truncated
[  379.355657][ T8665] loop6: p214 size 458752 extends beyond EOD, truncated
[  379.402400][ T8665] loop6: p216 size 458752 extends beyond EOD, truncated
[  379.451404][ T8665] loop6: p218 size 458752 extends beyond EOD, truncated
[  379.469284][ T8720] XFS (loop7): DAX unsupported by block device. Turning off DAX.
[  379.484467][ T8665] loop6: p220 size 458752 extends beyond EOD, truncated
[  379.510116][ T8665] loop6: p222 size 458752 extends beyond EOD, truncated
[  379.535968][ T8720] XFS (loop7): Mounting V5 Filesystem
[  379.543678][ T8665] loop6: p224 size 458752 extends beyond EOD, truncated
[  379.576898][ T8665] loop6: p226 size 458752 extends beyond EOD, truncated
[  379.616385][ T8665] loop6: p228 size 458752 extends beyond EOD, truncated
[  379.679168][ T8665] loop6: p230 size 458752 extends beyond EOD, truncated
[  379.770401][ T8720] XFS (loop7): Ending clean mount
[  379.777774][ T8665] loop6: p232 size 458752 extends beyond EOD, truncated
[  379.790879][ T8720] XFS (loop7): Quotacheck needed: Please wait.
[  379.836068][ T8665] loop6: p234 size 458752 extends beyond EOD, truncated
[  379.846868][ T8665] loop6: p236 size 458752 extends beyond EOD, truncated
[  379.869844][ T8665] loop6: p238 size 458752 extends beyond EOD, truncated
[  379.898645][ T8665] loop6: p240 size 458752 extends beyond EOD, truncated
[  379.913877][ T8665] loop6: p242 size 458752 extends beyond EOD, truncated
[  379.956003][ T8720] XFS (loop7): Quotacheck: Done.
[  379.964807][ T8665] loop6: p244 size 458752 extends beyond EOD, truncated
[  379.999759][ T8665] loop6: p246 size 458752 extends beyond EOD, truncated
[  380.017813][ T8665] loop6: p248 size 458752 extends beyond EOD, truncated
[  380.041893][ T8665] loop6: p250 size 458752 extends beyond EOD, truncated
[  380.046166][ T4293] Bluetooth: hci0: link tx timeout
[  380.054967][ T4293] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  380.074936][ T8665] loop6: p252 size 458752 extends beyond EOD, truncated
[  380.111834][ T8665] loop6: p254 size 458752 extends beyond EOD, truncated
[  380.316715][ T7903] XFS (loop7): Unmounting Filesystem
[  380.787227][ T3641]  loop6: p1 p2 p3 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215
[  380.788566][ T3641] loop6: p2 size 458752 extends beyond EOD, truncated
[  380.889173][ T3641] loop6: p6 size 458752 extends beyond EOD, truncated
[  380.898154][ T3641] loop6: p8 size 458752 extends beyond EOD, truncated
[  380.910184][ T3641] loop6: p10 size 458752 extends beyond EOD, truncated
[  380.921962][ T3641] loop6: p12 size 458752 extends beyond EOD, truncated
[  380.934330][ T3641] loop6: p14 size 458752 extends beyond EOD, truncated
[  380.944036][ T3641] loop6: p16 size 458752 extends beyond EOD, truncated
[  380.953395][ T3641] loop6: p18 size 458752 extends beyond EOD, truncated
[  380.968369][ T8758] Set syz1 is full, maxelem 1029 reached
[  380.979968][ T3641] loop6: p20 size 458752 extends beyond EOD, truncated
[  380.989422][ T3641] loop6: p22 size 458752 extends beyond EOD, truncated
[  381.012580][ T3641] loop6: p24 size 458752 extends beyond EOD, truncated
[  381.035144][ T3641] loop6: p26 size 458752 extends beyond EOD, truncated
[  381.045038][ T3641] loop6: p28 size 458752 extends beyond EOD, truncated
[  381.075253][ T3641] loop6: p30 size 458752 extends beyond EOD, truncated
[  381.084458][ T3641] loop6: p32 size 458752 extends beyond EOD, truncated
[  381.106123][ T3641] loop6: p34 size 458752 extends beyond EOD, truncated
[  381.115650][ T3641] loop6: p36 size 458752 extends beyond EOD, truncated
[  381.124973][ T3641] loop6: p38 size 458752 extends beyond EOD, truncated
[  381.144913][ T4293] Bluetooth: hci3: command 0x0409 tx timeout
[  381.180509][ T3641] loop6: p40 size 458752 extends beyond EOD, truncated
[  381.213603][ T3641] loop6: p42 size 458752 extends beyond EOD, truncated
[  381.266239][ T3641] loop6: p44 size 458752 extends beyond EOD, truncated
[  381.293860][ T3641] loop6: p46 size 458752 extends beyond EOD, truncated
[  381.309704][ T3641] loop6: p48 size 458752 extends beyond EOD, truncated
[  381.318622][ T3641] loop6: p50 size 458752 extends beyond EOD, truncated
[  381.332871][ T3641] loop6: p52 size 458752 extends beyond EOD, truncated
[  381.346538][ T3641] loop6: p54 size 458752 extends beyond EOD, truncated
[  381.363470][ T3641] loop6: p56 size 458752 extends beyond EOD, truncated
[  381.376573][ T3641] loop6: p58 size 458752 extends beyond EOD, truncated
[  381.406601][ T3641] loop6: p60 size 458752 extends beyond EOD, truncated
[  381.434151][ T3641] loop6: p62 size 458752 extends beyond EOD, truncated
[  381.444294][ T3641] loop6: p64 size 458752 extends beyond EOD, truncated
[  381.463350][ T3641] loop6: p66 size 458752 extends beyond EOD, truncated
[  381.476948][ T3641] loop6: p68 size 458752 extends beyond EOD, truncated
[  381.488103][ T3641] loop6: p70 size 458752 extends beyond EOD, truncated
[  381.504281][ T3641] loop6: p72 size 458752 extends beyond EOD, truncated
[  381.516247][ T3641] loop6: p74 size 458752 extends beyond EOD, truncated
[  381.542320][ T3641] loop6: p76 size 458752 extends beyond EOD, truncated
[  381.555030][ T3641] loop6: p78 size 458752 extends beyond EOD, truncated
[  381.581915][ T3641] loop6: p80 size 458752 extends beyond EOD, truncated
[  381.607553][ T3641] loop6: p82 size 458752 extends beyond EOD, truncated
[  381.622822][ T3641] loop6: p84 size 458752 extends beyond EOD, truncated
[  381.634939][ T3641] loop6: p86 size 458752 extends beyond EOD, truncated
[  381.646605][ T3641] loop6: p88 size 458752 extends beyond EOD, truncated
[  381.661902][ T3641] loop6: p90 size 458752 extends beyond EOD, truncated
[  381.676653][ T3641] loop6: p92 size 458752 extends beyond EOD, truncated
[  381.687742][ T3641] loop6: p94 size 458752 extends beyond EOD, truncated
[  381.703369][ T3641] loop6: p96 size 458752 extends beyond EOD, truncated
[  381.735264][ T3641] loop6: p98 size 458752 extends beyond EOD, truncated
[  381.763290][ T3641] loop6: p100 size 458752 extends beyond EOD, truncated
[  381.774700][ T3641] loop6: p102 size 458752 extends beyond EOD, truncated
[  381.807125][ T3641] loop6: p104 size 458752 extends beyond EOD, truncated
[  381.836467][ T3641] loop6: p106 size 458752 extends beyond EOD, truncated
[  381.845715][ T3641] loop6: p108 size 458752 extends beyond EOD, truncated
[  381.880022][ T3641] loop6: p110 size 458752 extends beyond EOD, truncated
[  381.911200][ T3641] loop6: p112 size 458752 extends beyond EOD, truncated
[  381.938358][ T3641] loop6: p114 size 458752 extends beyond EOD, truncated
[  381.983394][ T3641] loop6: p116 size 458752 extends beyond EOD, truncated
[  381.994192][ T3641] loop6: p118 size 458752 extends beyond EOD, truncated
[  382.041301][ T3641] loop6: p120 size 458752 extends beyond EOD, truncated
[  382.051280][ T3641] loop6: p122 size 458752 extends beyond EOD, truncated
[  382.060935][ T3641] loop6: p124 size 458752 extends beyond EOD, truncated
[  382.083302][ T3641] loop6: p126 size 458752 extends beyond EOD, truncated
[  382.148207][ T3641] loop6: p128 size 458752 extends beyond EOD, truncated
[  382.181026][ T3641] loop6: p130 size 458752 extends beyond EOD, truncated
[  382.214204][ T3641] loop6: p132 size 458752 extends beyond EOD, truncated
[  382.264229][ T3641] loop6: p134 size 458752 extends beyond EOD, truncated
[  382.290037][ T3641] loop6: p136 size 458752 extends beyond EOD, truncated
[  382.323208][ T3641] loop6: p138 size 458752 extends beyond EOD, truncated
[  382.344604][ T3641] loop6: p140 size 458752 extends beyond EOD, truncated
[  382.376279][ T3641] loop6: p142 size 458752 extends beyond EOD, truncated
[  382.403362][ T3641] loop6: p144 size 458752 extends beyond EOD, truncated
[  382.425991][ T3641] loop6: p146 size 458752 extends beyond EOD, truncated
[  382.477753][ T3641] loop6: p148 size 458752 extends beyond EOD, truncated
[  382.500889][ T3641] loop6: p150 size 458752 extends beyond EOD, truncated
[  382.521472][ T3641] loop6: p152 size 458752 extends beyond EOD, truncated
[  382.552276][ T3641] loop6: p154 size 458752 extends beyond EOD, truncated
[  382.569194][ T3641] loop6: p156 size 458752 extends beyond EOD, truncated
[  382.587711][ T3641] loop6: p158 size 458752 extends beyond EOD, truncated
[  382.610027][ T8779] loop4: detected capacity change from 0 to 128
[  382.616536][ T3641] loop6: p160 size 458752 extends beyond EOD, truncated
[  382.647915][ T3641] loop6: p162 size 458752 extends beyond EOD, truncated
[  382.662976][ T8779] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  382.667944][ T3641] loop6: p164 size 458752 extends beyond EOD, truncated
[  382.710402][ T8779] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  382.720934][ T3641] loop6: p166 size 458752 extends beyond EOD, truncated
[  382.740119][ T3641] loop6: p168 size 458752 extends beyond EOD, truncated
[  382.748516][ T8779] ext2 filesystem being mounted at /209/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  382.925859][ T3641] loop6: p170 size 458752 extends beyond EOD, truncated
[  382.945820][ T3641] loop6: p172 size 458752 extends beyond EOD, truncated
[  383.023329][ T3641] loop6: p174 size 458752 extends beyond EOD, truncated
[  383.056864][ T3641] loop6: p176 size 458752 extends beyond EOD, truncated
[  383.080906][ T3641] loop6: p178 size 458752 extends beyond EOD, truncated
[  383.107235][ T3641] loop6: p180 size 458752 extends beyond EOD, truncated
[  383.151686][ T3641] loop6: p182 size 458752 extends beyond EOD, truncated
[  383.208401][ T3641] loop6: p184 size 458752 extends beyond EOD, truncated
[  383.255203][ T3641] loop6: p186 size 458752 extends beyond EOD, truncated
[  383.299954][ T3641] loop6: p188 size 458752 extends beyond EOD, truncated
[  383.324912][ T3641] loop6: p190 size 458752 extends beyond EOD, truncated
[  383.374028][ T3641] loop6: p192 size 458752 extends beyond EOD, truncated
[  383.418027][ T3641] loop6: p194 size 458752 extends beyond EOD, truncated
[  383.458499][ T3641] loop6: p196 size 458752 extends beyond EOD, truncated
[  383.471224][ T4293] Bluetooth: hci3: command 0x041b tx timeout
[  383.499393][ T3641] loop6: p198 size 458752 extends beyond EOD, truncated
[  383.541155][ T3641] loop6: p200 size 458752 extends beyond EOD, truncated
[  383.571035][ T3641] loop6: p202 size 458752 extends beyond EOD, truncated
[  383.602605][ T3641] loop6: p204 size 458752 extends beyond EOD, truncated
[  383.648304][ T3641] loop6: p206 size 458752 extends beyond EOD, truncated
[  383.665116][ T3641] loop6: p208 size 458752 extends beyond EOD, truncated
[  383.694721][ T3641] loop6: p210 size 458752 extends beyond EOD, truncated
[  383.731925][ T3641] loop6: p212 size 458752 extends beyond EOD, truncated
[  383.760837][ T3641] loop6: p214 size 458752 extends beyond EOD, truncated
[  383.771578][ T3641] loop6: p216 size 458752 extends beyond EOD, truncated
[  383.786168][ T3641] loop6: p218 size 458752 extends beyond EOD, truncated
[  383.796183][ T3641] loop6: p220 size 458752 extends beyond EOD, truncated
[  383.805213][ T3641] loop6: p222 size 458752 extends beyond EOD, truncated
[  383.821317][ T3641] loop6: p224 size 458752 extends beyond EOD, truncated
[  383.830355][ T3641] loop6: p226 size 458752 extends beyond EOD, truncated
[  383.847657][ T3641] loop6: p228 size 458752 extends beyond EOD, truncated
[  383.856775][ T3641] loop6: p230 size 458752 extends beyond EOD, truncated
[  383.865923][ T3641] loop6: p232 size 458752 extends beyond EOD, truncated
[  383.874878][ T3641] loop6: p234 size 458752 extends beyond EOD, truncated
[  383.883975][ T3641] loop6: p236 size 458752 extends beyond EOD, truncated
[  383.918523][ T3641] loop6: p238 size 458752 extends beyond EOD, truncated
[  383.941943][ T3641] loop6: p240 size 458752 extends beyond EOD, truncated
[  383.956684][ T3641] loop6: p242 size 458752 extends beyond EOD, truncated
[  383.968542][ T3641] loop6: p244 size 458752 extends beyond EOD, truncated
[  383.983136][ T3641] loop6: p246 size 458752 extends beyond EOD, truncated
[  384.003266][ T3641] loop6: p248 size 458752 extends beyond EOD, truncated
[  384.015655][ T3641] loop6: p250 size 458752 extends beyond EOD, truncated
[  384.024842][ T3641] loop6: p252 size 458752 extends beyond EOD, truncated
[  384.034202][ T3641] loop6: p254 size 458752 extends beyond EOD, truncated
[  384.123862][ T8791] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1080'.
[  384.583720][ T4395] udevd[4395]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[  384.597668][ T8229] udevd[8229]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  384.611470][ T4364] udevd[4364]: inotify_add_watch(7, /dev/loop6p6, 10) failed: No such file or directory
[  384.624260][ T4404] udevd[4404]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory
[  384.625933][ T4403] udevd[4403]: inotify_add_watch(7, /dev/loop6p5, 10) failed: No such file or directory
[  384.653013][ T4361] udevd[4361]: inotify_add_watch(7, /dev/loop6p7, 10) failed: No such file or directory
[  384.712801][ T8795] Set syz1 is full, maxelem 1029 reached
[  384.811810][ T8794] udevd[8794]: inotify_add_watch(7, /dev/loop6p9, 10) failed: No such file or directory
[  384.827895][ T8793] udevd[8793]: inotify_add_watch(7, /dev/loop6p8, 10) failed: No such file or directory
[  384.834683][ T8797] udevd[8797]: inotify_add_watch(7, /dev/loop6p11, 10) failed: No such file or directory
[  384.864682][ T8796] udevd[8796]: inotify_add_watch(7, /dev/loop6p10, 10) failed: No such file or directory
[  385.529052][ T4293] Bluetooth: hci3: command 0x040f tx timeout
[  387.609257][ T4293] Bluetooth: hci3: command 0x0419 tx timeout
[  388.183491][ T4286] EXT4-fs (loop4): unmounting filesystem.
[  388.411859][ T8834] netlink: 48 bytes leftover after parsing attributes in process `syz.7.1101'.
[  388.719575][ T8841] netlink: 'syz.4.1103': attribute type 39 has an invalid length.
[  388.841587][ T8736] chnl_net:caif_netlink_parms(): no params data found
[  389.105191][ T8861] loop7: detected capacity change from 0 to 128
[  389.115306][ T8861] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem
[  389.150929][ T8853] Set syz1 is full, maxelem 1029 reached
[  389.168218][ T8861] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  389.198595][ T8861] ext2 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  389.366643][ T8867] device syzkaller0 entered promiscuous mode
[  389.463322][ T8736] bridge0: port 1(bridge_slave_0) entered blocking state
[  389.487255][ T8736] bridge0: port 1(bridge_slave_0) entered disabled state
[  389.633536][ T8736] device bridge_slave_0 entered promiscuous mode
[  390.596628][ T8892] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1114'.
[  392.147819][ T8911] netlink: 'syz.4.1116': attribute type 29 has an invalid length.
[  392.526907][ T8919] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1117'.
[  395.756207][ T8736] bridge0: port 2(bridge_slave_1) entered blocking state
[  395.769028][ T8736] bridge0: port 2(bridge_slave_1) entered disabled state
[  395.778251][ T8736] device bridge_slave_1 entered promiscuous mode
[  395.794746][ T8911] netlink: 'syz.4.1116': attribute type 29 has an invalid length.
[  395.891321][ T7903] EXT4-fs (loop7): unmounting filesystem.
[  395.970001][ T8736] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  396.047313][ T8736] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  396.206242][ T8972] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1124'.
[  396.220311][ T8736] team0: Port device team_slave_0 added
[  396.254100][ T8736] team0: Port device team_slave_1 added
[  396.313514][ T8736] batman_adv: batadv0: Adding interface: batadv_slave_0
[  396.330795][ T8736] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  396.395924][ T8736] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  396.439764][ T8736] batman_adv: batadv0: Adding interface: batadv_slave_1
[  396.454753][ T8736] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  396.525375][ T8736] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  396.713373][ T8736] device hsr_slave_0 entered promiscuous mode
[  396.721609][ T8736] device hsr_slave_1 entered promiscuous mode
[  396.739571][ T8736] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  396.748637][ T8736] Cannot create hsr debugfs directory
[  396.773186][ T8991] loop4: detected capacity change from 0 to 128
[  396.794088][ T8991] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  396.847360][ T8991] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  396.860129][ T8991] ext2 filesystem being mounted at /218/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  397.547169][ T9000] device syzkaller0 entered promiscuous mode
[  397.740572][ T4286] EXT4-fs (loop4): unmounting filesystem.
[  397.807766][ T9013] device syzkaller0 entered promiscuous mode
[  398.879077][ T9027] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1137'.
[  402.887347][ T8736] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  402.931967][ T8736] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  402.985464][ T8736] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  403.013869][ T8736] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  403.649769][ T8736] 8021q: adding VLAN 0 to HW filter on device bond0
[  403.702794][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  403.722637][ T9078] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1150'.
[  403.724788][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  403.764638][ T8736] 8021q: adding VLAN 0 to HW filter on device team0
[  403.790943][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  403.818226][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  403.849437][ T4351] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.856618][ T4351] bridge0: port 1(bridge_slave_0) entered forwarding state
[  403.916111][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  403.949052][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  403.970447][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  404.017162][ T4351] bridge0: port 2(bridge_slave_1) entered blocking state
[  404.024405][ T4351] bridge0: port 2(bridge_slave_1) entered forwarding state
[  404.058395][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  404.090707][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  404.162484][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  404.199578][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  404.240597][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  404.278487][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  404.307811][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  404.325193][ T9092] loop7: detected capacity change from 0 to 512
[  404.355045][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  404.367977][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  404.402733][ T8736] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  404.442898][ T8736] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  404.466376][ T9092] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  404.492693][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  404.499728][ T9092] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  404.510978][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  404.753381][ T9104] device syzkaller0 entered promiscuous mode
[  406.113358][ T7903] EXT4-fs (loop7): unmounting filesystem.
[  408.550208][ T9155] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1163'.
[  408.718298][ T9159] binder: BINDER_SET_CONTEXT_MGR already set
[  408.727421][ T9159] binder: 9158:9159 ioctl 4018620d 2000000002c0 returned -16
[  408.746163][ T9159] binder: 9158:9159 ioctl c0306201 200000000240 returned -11
[  411.068207][ T4830] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  411.079101][ T4830] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  411.142736][ T8736] 8021q: adding VLAN 0 to HW filter on device batadv0
[  411.365768][ T9192] binder: BINDER_SET_CONTEXT_MGR already set
[  411.415118][ T9192] binder: 9191:9192 ioctl 4018620d 2000000002c0 returned -16
[  411.457473][ T9192] binder: 9191:9192 ioctl c0306201 200000000240 returned -11
[  411.581583][ T9200] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1176'.
[  412.046470][ T9214] 0: reclassify loop, rule prio 0, protocol 800
[  412.256634][ T9221] netlink: 'syz.7.1182': attribute type 4 has an invalid length.
[  412.264909][ T9221] netlink: 60683 bytes leftover after parsing attributes in process `syz.7.1182'.
[  412.525452][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  412.556522][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  412.625007][ T4756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  412.637274][ T4756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  412.665225][ T8736] device veth0_vlan entered promiscuous mode
[  412.676982][ T4756] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  412.701186][ T4756] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  412.835929][ T8736] device veth1_vlan entered promiscuous mode
[  412.941144][ T4708] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  413.000033][ T4708] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  413.038273][ T4708] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  413.090244][ T4708] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  413.118680][ T8736] device veth0_macvtap entered promiscuous mode
[  413.131307][ T9235] binder: BINDER_SET_CONTEXT_MGR already set
[  413.169368][ T9235] binder: 9232:9235 ioctl 4018620d 2000000002c0 returned -16
[  413.181499][ T8736] device veth1_macvtap entered promiscuous mode
[  413.215841][ T9235] binder: 9232:9235 ioctl c0306201 200000000240 returned -11
[  413.318557][ T9246] netlink: 'syz.6.1189': attribute type 29 has an invalid length.
[  413.345535][ T8736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  413.421707][ T8736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  413.448895][ T8736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  413.468877][ T8736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  413.489217][ T8736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  413.510140][ T8736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  413.543575][ T8736] batman_adv: batadv0: Interface activated: batadv_slave_0
[  413.572823][ T9246] netlink: 'syz.6.1189': attribute type 29 has an invalid length.
[  413.589279][ T9247] netlink: 'syz.6.1189': attribute type 29 has an invalid length.
[  414.016723][ T9272] loop7: detected capacity change from 0 to 1024
[  414.350912][ T9272] loop7: detected capacity change from 1024 to 64
[  414.369732][ T9277] bio_check_eod: 10 callbacks suppressed
[  414.369751][ T9277] syz.7.1192: attempt to access beyond end of device
[  414.369751][ T9277] loop7: rw=0, sector=268, nr_sectors = 2 limit=64
[  414.397637][ T9277] buffer_io_error: 10 callbacks suppressed
[  414.397655][ T9277] Buffer I/O error on dev loop7, logical block 134, async page read
[  414.431815][ T9277] syz.7.1192: attempt to access beyond end of device
[  414.431815][ T9277] loop7: rw=0, sector=268, nr_sectors = 2 limit=64
[  414.445513][ T9277] Buffer I/O error on dev loop7, logical block 134, async page read
[  414.454651][   T26] audit: type=1800 audit(1781121370.546:25): pid=9277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.1192" name="file1" dev="loop7" ino=20 res=0 errno=0
[  414.751528][ T4733] kworker/u4:14: attempt to access beyond end of device
[  414.751528][ T4733] loop7: rw=1, sector=206, nr_sectors = 2 limit=64
[  414.765416][ T4733] Buffer I/O error on dev loop7, logical block 103, lost async page write
[  414.780900][ T4733] kworker/u4:14: attempt to access beyond end of device
[  414.780900][ T4733] loop7: rw=1, sector=208, nr_sectors = 2 limit=64
[  414.794784][ T4733] Buffer I/O error on dev loop7, logical block 104, lost async page write
[  414.805054][ T4733] kworker/u4:14: attempt to access beyond end of device
[  414.805054][ T4733] loop7: rw=1, sector=210, nr_sectors = 2 limit=64
[  414.820393][ T4733] Buffer I/O error on dev loop7, logical block 105, lost async page write
[  414.846116][ T4733] kworker/u4:14: attempt to access beyond end of device
[  414.846116][ T4733] loop7: rw=1, sector=212, nr_sectors = 2 limit=64
[  414.873944][ T4733] Buffer I/O error on dev loop7, logical block 106, lost async page write
[  414.884224][ T4733] kworker/u4:14: attempt to access beyond end of device
[  414.884224][ T4733] loop7: rw=2049, sector=198, nr_sectors = 2 limit=64
[  414.899298][ T4733] Buffer I/O error on dev loop7, logical block 99, lost async page write
[  414.907863][ T4733] kworker/u4:14: attempt to access beyond end of device
[  414.907863][ T4733] loop7: rw=2049, sector=200, nr_sectors = 2 limit=64
[  414.959919][ T4733] Buffer I/O error on dev loop7, logical block 100, lost async page write
[  414.989631][ T4733] kworker/u4:14: attempt to access beyond end of device
[  414.989631][ T4733] loop7: rw=2049, sector=202, nr_sectors = 2 limit=64
[  415.018160][ T4733] Buffer I/O error on dev loop7, logical block 101, lost async page write
[  415.027137][ T4733] kworker/u4:14: attempt to access beyond end of device
[  415.027137][ T4733] loop7: rw=2049, sector=204, nr_sectors = 2 limit=64
[  415.056796][ T4733] Buffer I/O error on dev loop7, logical block 102, lost async page write
[  417.801735][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  417.821659][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  417.830228][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  417.839482][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  417.854374][ T8736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  417.865521][ T8736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  417.875876][ T8736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  417.886457][ T8736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  417.896381][ T8736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  417.908017][ T8736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  417.920127][ T8736] batman_adv: batadv0: Interface activated: batadv_slave_1
[  417.932643][ T9250] netlink: 'syz.6.1189': attribute type 29 has an invalid length.
[  418.131099][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  418.140829][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  418.152558][ T8736] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  418.182679][ T8736] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  418.182726][ T4293] Bluetooth: hci4: link tx timeout
[  418.196783][ T4293] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  418.204730][ T4293] Bluetooth: hci4: link tx timeout
[  418.210009][ T8736] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  418.219121][ T8736] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  418.336385][ T4797] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  418.353067][ T4797] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  418.525910][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  418.759900][ T4830] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.851678][ T4351] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  418.892303][ T4351] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  418.983378][ T4830] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.039115][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  419.123281][ T4830] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.146392][ T9313] Set syz1 is full, maxelem 1029 reached
[  419.397384][ T4830] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.621465][ T9325] loop2: detected capacity change from 0 to 1024
[  419.869553][ T9325] loop2: detected capacity change from 1024 to 64
[  419.991786][ T9328] device syzkaller0 entered promiscuous mode
[  420.152360][ T4292] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  420.165336][ T4292] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  420.176388][ T4289] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  420.188885][ T4289] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  420.196584][ T4289] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  420.204506][ T4289] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  420.371920][ T4708] bio_check_eod: 4 callbacks suppressed
[  420.371938][ T4708] kworker/u4:13: attempt to access beyond end of device
[  420.371938][ T4708] loop2: rw=1, sector=206, nr_sectors = 2 limit=64
[  420.446764][ T4708] buffer_io_error: 4 callbacks suppressed
[  420.446781][ T4708] Buffer I/O error on dev loop2, logical block 103, lost async page write
[  420.472235][ T4708] kworker/u4:13: attempt to access beyond end of device
[  420.472235][ T4708] loop2: rw=1, sector=208, nr_sectors = 2 limit=64
[  420.502747][ T4708] Buffer I/O error on dev loop2, logical block 104, lost async page write
[  420.516807][ T4708] kworker/u4:13: attempt to access beyond end of device
[  420.516807][ T4708] loop2: rw=1, sector=210, nr_sectors = 2 limit=64
[  420.537445][ T4708] Buffer I/O error on dev loop2, logical block 105, lost async page write
[  420.579129][ T4708] kworker/u4:13: attempt to access beyond end of device
[  420.579129][ T4708] loop2: rw=1, sector=212, nr_sectors = 2 limit=64
[  420.609735][ T4708] Buffer I/O error on dev loop2, logical block 106, lost async page write
[  420.622988][ T4708] kworker/u4:13: attempt to access beyond end of device
[  420.622988][ T4708] loop2: rw=2049, sector=198, nr_sectors = 2 limit=64
[  420.653355][ T4708] Buffer I/O error on dev loop2, logical block 99, lost async page write
[  420.663509][ T4708] kworker/u4:13: attempt to access beyond end of device
[  420.663509][ T4708] loop2: rw=2049, sector=200, nr_sectors = 2 limit=64
[  420.685906][ T4708] Buffer I/O error on dev loop2, logical block 100, lost async page write
[  420.694951][ T4708] kworker/u4:13: attempt to access beyond end of device
[  420.694951][ T4708] loop2: rw=2049, sector=202, nr_sectors = 2 limit=64
[  420.716722][ T4708] Buffer I/O error on dev loop2, logical block 101, lost async page write
[  420.726540][ T4708] kworker/u4:13: attempt to access beyond end of device
[  420.726540][ T4708] loop2: rw=2049, sector=204, nr_sectors = 2 limit=64
[  420.761344][ T4708] Buffer I/O error on dev loop2, logical block 102, lost async page write
[  420.772001][ T4708] kworker/u4:13: attempt to access beyond end of device
[  420.772001][ T4708] loop2: rw=2049, sector=206, nr_sectors = 2 limit=64
[  420.806985][ T4708] Buffer I/O error on dev loop2, logical block 103, lost async page write
[  420.828991][ T4708] kworker/u4:13: attempt to access beyond end of device
[  420.828991][ T4708] loop2: rw=2049, sector=208, nr_sectors = 2 limit=64
[  420.854542][ T4708] Buffer I/O error on dev loop2, logical block 104, lost async page write
[  422.266650][ T4289] Bluetooth: hci0: command 0x0409 tx timeout
[  424.347618][ T4289] Bluetooth: hci0: command 0x041b tx timeout
[  426.409083][ T4289] Bluetooth: hci0: command 0x040f tx timeout
[  428.492018][ T4289] Bluetooth: hci0: command 0x0419 tx timeout
[  431.678990][ T4349] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  431.900848][ T4349] usb 9-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  431.926908][ T4349] usb 9-1: config 0 interface 0 has no altsetting 0
[  431.952150][ T4349] usb 9-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  431.976227][ T4349] usb 9-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  431.998868][ T4349] usb 9-1: Product: syz
[  432.011683][ T9349] chnl_net:caif_netlink_parms(): no params data found
[  432.037503][ T4349] usb 9-1: Manufacturer: syz
[  432.042307][ T4349] usb 9-1: SerialNumber: syz
[  432.080408][ T4349] usb 9-1: config 0 descriptor??
[  432.105326][ T4349] usb 9-1: selecting invalid altsetting 0
[  432.296754][ T4349] usb 9-1: USB disconnect, device number 2
[  432.726897][ T4293] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  432.738747][ T4293] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  432.747773][ T4293] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  432.761201][ T4293] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  432.769820][ T4293] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  432.778692][ T4293] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  434.615171][ T9518] netlink: 560 bytes leftover after parsing attributes in process `syz.4.1228'.
[  434.618721][ T9349] bridge0: port 1(bridge_slave_0) entered blocking state
[  434.649026][ T9349] bridge0: port 1(bridge_slave_0) entered disabled state
[  434.677410][ T9349] device bridge_slave_0 entered promiscuous mode
[  434.710552][ T9349] bridge0: port 2(bridge_slave_1) entered blocking state
[  434.718183][ T9349] bridge0: port 2(bridge_slave_1) entered disabled state
[  434.740185][ T9349] device bridge_slave_1 entered promiscuous mode
[  434.809052][ T4289] Bluetooth: hci2: command 0x0409 tx timeout
[  434.840906][ T4830] device hsr_slave_0 left promiscuous mode
[  434.856684][ T4830] device hsr_slave_1 left promiscuous mode
[  434.868095][ T4830] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  434.882536][ T4830] batman_adv: batadv0: Removing interface: batadv_slave_0
[  434.894454][ T4830] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  434.908673][ T4830] batman_adv: batadv0: Removing interface: batadv_slave_1
[  434.926084][ T4830] device bridge_slave_1 left promiscuous mode
[  434.935779][ T4830] bridge0: port 2(bridge_slave_1) entered disabled state
[  434.956734][ T4830] device bridge_slave_0 left promiscuous mode
[  434.965586][ T4830] bridge0: port 1(bridge_slave_0) entered disabled state
[  435.048519][ T4830] device veth1_macvtap left promiscuous mode
[  435.086054][ T4830] device veth0_macvtap left promiscuous mode
[  435.096873][ T4830] device veth1_vlan left promiscuous mode
[  435.127689][ T4830] device veth0_vlan left promiscuous mode
[  435.447292][ T7510] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  435.654478][ T7510] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  435.683185][ T7510] usb 7-1: config 0 interface 0 has no altsetting 0
[  435.749741][ T7510] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  435.765671][ T7510] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  435.774248][ T7510] usb 7-1: Product: syz
[  435.778475][ T7510] usb 7-1: Manufacturer: syz
[  435.794459][ T7510] usb 7-1: SerialNumber: syz
[  435.804474][ T7510] usb 7-1: config 0 descriptor??
[  435.854800][ T7510] usb 7-1: selecting invalid altsetting 0
[  435.886441][ T9543] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1237'.
[  436.045606][   T14] usb 7-1: USB disconnect, device number 2
[  436.474431][ T4830] team0 (unregistering): Port device team_slave_1 removed
[  436.547410][ T4830] team0 (unregistering): Port device team_slave_0 removed
[  436.638509][ T4830] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  436.703185][ T9546] netlink: 'syz.6.1238': attribute type 29 has an invalid length.
[  436.733737][ T4830] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  436.897276][ T4289] Bluetooth: hci2: command 0x041b tx timeout
[  437.195634][ T4830] bond0 (unregistering): Released all slaves
[  437.334902][ T9543] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1237'.
[  437.348449][ T9546] netlink: 'syz.6.1238': attribute type 29 has an invalid length.
[  437.382275][ T9349] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  437.460804][ T9547] netlink: 'syz.6.1238': attribute type 29 has an invalid length.
[  437.472438][ T9349] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  437.505473][ T9548] netlink: 'syz.6.1238': attribute type 29 has an invalid length.
[  437.616726][ T9349] team0: Port device team_slave_0 added
[  437.704544][ T9349] team0: Port device team_slave_1 added
[  437.763837][ T9349] batman_adv: batadv0: Adding interface: batadv_slave_0
[  437.782516][ T9349] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  437.891348][ T9349] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  437.908389][ T9440] chnl_net:caif_netlink_parms(): no params data found
[  437.922502][ T9349] batman_adv: batadv0: Adding interface: batadv_slave_1
[  437.930377][ T9349] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  437.957565][ T9349] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  438.229785][ T9349] device hsr_slave_0 entered promiscuous mode
[  438.284802][ T9349] device hsr_slave_1 entered promiscuous mode
[  438.629897][ T9440] bridge0: port 1(bridge_slave_0) entered blocking state
[  438.665745][ T9440] bridge0: port 1(bridge_slave_0) entered disabled state
[  438.683106][ T9440] device bridge_slave_0 entered promiscuous mode
[  438.706028][ T9440] bridge0: port 2(bridge_slave_1) entered blocking state
[  438.717944][ T9440] bridge0: port 2(bridge_slave_1) entered disabled state
[  438.731918][ T9440] device bridge_slave_1 entered promiscuous mode
[  438.969595][ T4289] Bluetooth: hci2: command 0x040f tx timeout
[  440.093906][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  440.100415][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  441.055233][ T4289] Bluetooth: hci2: command 0x0419 tx timeout
[  442.634399][ T9440] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  442.763594][ T9440] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  442.965868][ T4830] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  442.977279][ T4830] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  443.013017][ T9440] team0: Port device team_slave_0 added
[  443.230527][ T9440] team0: Port device team_slave_1 added
[  443.407426][ T4830] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  443.439026][ T4830] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  443.466110][ T9440] batman_adv: batadv0: Adding interface: batadv_slave_0
[  443.475418][ T9440] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  443.533537][ T9440] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  443.622437][ T4830] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  443.639427][ T4830] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  443.692750][ T9440] batman_adv: batadv0: Adding interface: batadv_slave_1
[  443.700611][ T9440] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  443.765133][ T9440] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  443.826455][ T9349] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  443.979711][ T9349] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  444.019418][ T9349] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  444.077212][ T9440] device hsr_slave_0 entered promiscuous mode
[  444.116817][ T9440] device hsr_slave_1 entered promiscuous mode
[  444.147290][ T9440] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  444.172954][ T9440] Cannot create hsr debugfs directory
[  444.224215][ T9349] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  444.387004][ T9635] loop4: detected capacity change from 0 to 32768
[  444.487795][ T9657] device syzkaller0 entered promiscuous mode
[  444.512081][ T9635] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  444.540172][ T9635] XFS (loop4): Mounting V5 Filesystem
[  444.577121][ T9635] XFS (loop4): Ending clean mount
[  444.627654][ T9635] XFS (loop4): Quotacheck needed: Please wait.
[  444.905028][ T9635] XFS (loop4): Quotacheck: Done.
[  445.129104][ T4286] XFS (loop4): Unmounting Filesystem
[  447.289144][ T4289] Bluetooth: hci1: command 0x0406 tx timeout
[  449.389085][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  449.691005][ T9349] 8021q: adding VLAN 0 to HW filter on device bond0
[  450.275215][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  450.301892][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  451.089396][ T9349] 8021q: adding VLAN 0 to HW filter on device team0
[  451.446791][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  451.490586][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  451.529959][ T4400] bridge0: port 1(bridge_slave_0) entered blocking state
[  451.537174][ T4400] bridge0: port 1(bridge_slave_0) entered forwarding state
[  451.633448][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  451.666880][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  451.712933][ T4400] bridge0: port 2(bridge_slave_1) entered blocking state
[  451.720240][ T4400] bridge0: port 2(bridge_slave_1) entered forwarding state
[  452.020416][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  452.048190][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  452.061698][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  452.075112][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  452.087861][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  452.161339][ T9740] device syzkaller0 entered promiscuous mode
[  456.108657][ T9349] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  456.124110][ T9349] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  456.138101][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  456.156445][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  456.168265][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  456.189899][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  456.200281][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  456.211297][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  456.220016][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  456.228666][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  456.281451][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  457.681876][ T9440] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  457.707789][ T9440] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  457.759821][ T9440] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  457.818062][ T4830] device hsr_slave_0 left promiscuous mode
[  457.844275][ T4830] device hsr_slave_1 left promiscuous mode
[  457.866635][ T4830] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  457.887886][ T4830] batman_adv: batadv0: Removing interface: batadv_slave_0
[  457.917572][ T4830] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  457.927969][ T4830] batman_adv: batadv0: Removing interface: batadv_slave_1
[  457.953248][ T4830] bridge0: port 3(team0) entered disabled state
[  457.986032][ T4830] device bridge_slave_1 left promiscuous mode
[  457.995972][ T4830] bridge0: port 2(bridge_slave_1) entered disabled state
[  458.030147][ T4830] device bridge_slave_0 left promiscuous mode
[  458.051120][ T4830] bridge0: port 1(bridge_slave_0) entered disabled state
[  458.083265][ T9805] loop6: detected capacity change from 0 to 1024
[  458.145185][ T9805] EXT4-fs error (device loop6): __ext4_fill_super:5465: comm syz.6.1297: inode #2: comm syz.6.1297: iget: illegal inode #
[  458.210805][ T4830] device veth1_macvtap left promiscuous mode
[  458.217136][ T4830] device veth0_macvtap left promiscuous mode
[  458.223983][ T4830] device veth1_vlan left promiscuous mode
[  458.230146][ T4830] device veth0_vlan left promiscuous mode
[  458.241237][ T9805] EXT4-fs (loop6): get root inode failed
[  458.246922][ T9805] EXT4-fs (loop6): mount failed
[  458.960620][ T4830] bond1 (unregistering): Released all slaves
[  460.671277][ T4830] device team_slave_1 left promiscuous mode
[  460.683954][ T4830] team0 (unregistering): Port device team_slave_1 removed
[  460.802268][ T4830] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  460.865267][ T4830] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  461.358025][ T4830] bond0 (unregistering): Released all slaves
[  461.477570][ T9440] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  461.587475][ T9500] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  461.599148][ T9500] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  461.619476][ T9813] device syzkaller0 entered promiscuous mode
[  461.662577][ T9349] 8021q: adding VLAN 0 to HW filter on device batadv0
[  461.955233][ T9484] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  462.124028][ T9440] 8021q: adding VLAN 0 to HW filter on device bond0
[  462.842787][ T9506] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  462.853572][ T9506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  462.906309][ T9440] 8021q: adding VLAN 0 to HW filter on device team0
[  462.961212][ T9506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  462.998418][ T9506] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  463.048197][ T9506] bridge0: port 1(bridge_slave_0) entered blocking state
[  463.055444][ T9506] bridge0: port 1(bridge_slave_0) entered forwarding state
[  463.095622][ T9506] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  463.162540][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  463.199548][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  463.239768][ T4332] bridge0: port 2(bridge_slave_1) entered blocking state
[  463.246952][ T4332] bridge0: port 2(bridge_slave_1) entered forwarding state
[  463.299386][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  463.356590][ T9848] netlink: 532 bytes leftover after parsing attributes in process `syz.4.1309'.
[  463.399195][ T9487] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  463.450759][ T9487] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  463.484529][ T9487] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  463.538248][ T9487] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  463.561816][ T9487] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  463.604167][ T9487] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  463.637165][ T9487] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  463.674773][ T9487] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  463.704630][ T9440] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  463.739822][ T9440] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  463.773496][ T9487] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  463.790490][ T9487] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  464.310880][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  464.339900][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  464.384914][ T9506] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  464.405098][ T9506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  464.442545][ T9349] device veth0_vlan entered promiscuous mode
[  464.456250][ T9506] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  464.515998][ T9506] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  464.545404][ T9349] device veth1_vlan entered promiscuous mode
[  464.649970][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  464.670547][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  464.700664][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  464.740331][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  464.763867][ T9349] device veth0_macvtap entered promiscuous mode
[  464.811333][ T9487] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  464.843559][ T9349] device veth1_macvtap entered promiscuous mode
[  464.904842][ T9349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.948952][ T9349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.974838][ T9349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.998859][ T9349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.020913][ T9349] batman_adv: batadv0: Interface activated: batadv_slave_0
[  465.212159][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  465.241039][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  465.271637][ T9349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.300406][ T9349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.339311][ T9349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.358730][ T9349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.370444][ T9349] batman_adv: batadv0: Interface activated: batadv_slave_1
[  465.378043][ T9867] device syzkaller0 entered promiscuous mode
[  465.413590][ T9440] 8021q: adding VLAN 0 to HW filter on device batadv0
[  465.433513][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  465.453377][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  465.480114][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  465.498138][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  465.515592][ T9349] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  465.551677][ T9349] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  465.569152][ T9349] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  465.577945][ T9349] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  465.685394][ T9506] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  465.720831][ T9506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  465.725131][ T9874] loop6: detected capacity change from 0 to 256
[  465.811900][ T9872] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  465.834615][ T4830] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  465.846712][ T4830] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  465.862352][ T9440] device veth0_vlan entered promiscuous mode
[  465.879849][ T4830] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  465.892217][ T4830] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  465.907979][ T9440] device veth1_vlan entered promiscuous mode
[  465.957115][ T9874] FAT-fs (loop6): Directory bread(block 64) failed
[  466.016751][ T9874] FAT-fs (loop6): Directory bread(block 65) failed
[  466.161729][ T9874] FAT-fs (loop6): Directory bread(block 66) failed
[  466.184567][ T9874] FAT-fs (loop6): Directory bread(block 67) failed
[  466.408855][ T9874] FAT-fs (loop6): Directory bread(block 68) failed
[  466.430899][ T4830] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  466.524868][ T4830] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  466.574540][ T9874] FAT-fs (loop6): Directory bread(block 69) failed
[  466.725091][ T9440] device veth0_macvtap entered promiscuous mode
[  466.732184][ T9874] FAT-fs (loop6): Directory bread(block 70) failed
[  466.793410][ T9440] device veth1_macvtap entered promiscuous mode
[  466.801503][ T4830] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  466.818894][ T9874] FAT-fs (loop6): Directory bread(block 71) failed
[  466.830511][ T4830] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  466.868438][ T9500] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  466.879280][ T9874] FAT-fs (loop6): Directory bread(block 72) failed
[  466.885912][ T9874] FAT-fs (loop6): Directory bread(block 73) failed
[  466.907468][ T9500] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  466.956903][ T9500] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  467.135519][ T9440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  467.146680][ T9440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.156966][ T9440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  467.167730][ T9440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.186957][ T9440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  467.502279][ T9440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.555953][ T9440] batman_adv: batadv0: Interface activated: batadv_slave_0
[  467.609413][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  467.635507][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  467.665570][ T9440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.693309][ T9440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.726847][ T9440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.755539][ T9440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.792749][ T9440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.830187][ T9440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.851344][ T9440] batman_adv: batadv0: Interface activated: batadv_slave_1
[  467.916183][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  467.972366][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  468.007574][ T9440] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  468.030955][ T9440] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  468.075784][ T9440] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  468.094200][ T9440] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  468.115995][ T4830] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  468.142139][ T4830] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  468.204410][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  468.398030][ T4332] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  468.422686][ T4332] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  468.498234][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  468.583480][ T9500] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  468.602735][ T9500] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  468.622430][ T9900] loop9: detected capacity change from 0 to 128
[  468.633770][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  468.691054][ T9900] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  468.762144][ T9900] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  468.786900][ T9900] ext2 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  469.265260][ T9922] loop6: detected capacity change from 0 to 512
[  469.331252][ T9922] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  469.503852][ T9922] EXT4-fs (loop6): 1 truncate cleaned up
[  469.546835][ T9349] EXT4-fs (loop9): unmounting filesystem.
[  469.559206][ T9922] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  471.362735][ T7022] EXT4-fs (loop6): unmounting filesystem.
[  471.648617][ T9947] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  471.827635][ T9949] netlink: 'syz.0.1328': attribute type 4 has an invalid length.
[  471.986376][ T9952] netlink: 'syz.0.1328': attribute type 4 has an invalid length.
[  472.084553][ T9949] loop0: detected capacity change from 0 to 256
[  472.515981][ T9959] loop6: detected capacity change from 0 to 16
[  472.888869][ T7654] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  472.932898][ T9968] loop0: detected capacity change from 0 to 512
[  473.078924][ T7654] usb 7-1: Using ep0 maxpacket: 16
[  473.079234][ T9968] EXT4-fs error (device loop0): ext4_xattr_inode_iget:401: comm syz.0.1333: inode #1: comm syz.0.1333: iget: illegal inode #
[  473.090399][ T7654] usb 7-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  473.108957][ T7654] usb 7-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  473.119399][ T7654] usb 7-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[  473.132857][ T7654] usb 7-1: config 0 interface 0 has no altsetting 0
[  473.139802][ T7654] usb 7-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  473.149166][ T7654] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  473.174311][ T9968] EXT4-fs error (device loop0): ext4_xattr_inode_iget:406: comm syz.0.1333: error while reading EA inode 1 err=-117
[  473.188110][ T7654] usb 7-1: config 0 descriptor??
[  473.239403][ T9968] EXT4-fs error (device loop0): ext4_xattr_inode_iget:401: comm syz.0.1333: inode #1: comm syz.0.1333: iget: illegal inode #
[  473.313395][ T9968] EXT4-fs error (device loop0): ext4_xattr_inode_iget:406: comm syz.0.1333: error while reading EA inode 1 err=-117
[  473.381821][ T9968] EXT4-fs (loop0): 1 orphan inode deleted
[  473.387708][ T9968] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  473.609567][ T7654] hid (null): report_id 6655 is invalid
[  473.660629][ T7654] hid (null): usage index exceeded
[  473.681144][ T9440] EXT4-fs (loop0): unmounting filesystem.
[  473.684432][ T7654] hid (null): unknown global tag 0xf1
[  473.780581][ T9981] loop9: detected capacity change from 0 to 256
[  473.905839][ T9981] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x8f9fe1ed, utbl_chksum : 0xe619d30d)
[  474.679007][ T9985] capability: warning: `syz.0.1337' uses deprecated v2 capabilities in a way that may be insecure
[  474.928844][ T7654] hid (null): unknown global tag 0xa1
[  474.950021][ T7654] usb 7-1: USB disconnect, device number 3
[  475.666461][ T9998] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  476.160135][T10011] device syzkaller0 entered promiscuous mode
[  477.039540][T10007] loop0: detected capacity change from 0 to 40427
[  477.087774][T10007] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  477.118353][T10007] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  477.162045][T10007] F2FS-fs (loop0): invalid crc value
[  477.228331][T10007] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  477.275815][T10010] loop9: detected capacity change from 0 to 40427
[  477.358222][T10010] F2FS-fs (loop9): invalid crc value
[  477.417634][T10010] F2FS-fs (loop9): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  477.611494][T10007] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  477.618630][T10007] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  477.698140][T10010] F2FS-fs (loop9): Cannot turn on quotas: -2 on 0
[  477.740151][T10010] F2FS-fs (loop9): Start checkpoint disabled!
[  477.774634][T10026] bio_check_eod: 2 callbacks suppressed
[  477.774654][T10026] f2fs_ckpt-7:0: attempt to access beyond end of device
[  477.774654][T10026] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  477.877078][T10010] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[  478.013067][T10042] loop4: detected capacity change from 0 to 512
[  478.105731][T10042] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  478.146280][ T4332] kworker/u4:6: attempt to access beyond end of device
[  478.146280][ T4332] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  478.253205][T10042] EXT4-fs (loop4): 1 truncate cleaned up
[  478.290694][T10042] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  480.437522][ T4286] EXT4-fs (loop4): unmounting filesystem.
[  480.792982][T10073] loop9: detected capacity change from 0 to 2048
[  481.026349][T10073] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  481.369125][T10091] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  481.380655][T10090] binder: 10088:10090 ioctl c0306201 200000000240 returned -11
[  482.864555][T10084] netlink: 92 bytes leftover after parsing attributes in process `syz.4.1355'.
[  482.882569][ T9349] EXT4-fs (loop9): unmounting filesystem.
[  483.204381][ T4332] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  483.499341][ T4332] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  483.960206][ T4332] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  485.021276][ T4332] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  485.226160][T10127] binder: 10126:10127 ioctl c0306201 200000000240 returned -11
[  485.787252][T10104] loop9: detected capacity change from 0 to 40427
[  485.816099][T10149] loop6: detected capacity change from 0 to 128
[  485.828669][T10104] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[  485.839115][T10104] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  485.848550][T10149] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  485.858117][T10149] ext4 filesystem being mounted at /144/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  485.878834][ T4280] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  485.897249][T10104] F2FS-fs (loop9): Found nat_bits in checkpoint
[  486.027638][ T7022] EXT4-fs (loop6): unmounting filesystem.
[  486.078875][ T4280] usb 9-1: device descriptor read/64, error -71
[  486.151743][T10104] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  486.182869][T10104] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  486.348903][ T4280] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  486.541461][ T4280] usb 9-1: device descriptor read/64, error -71
[  486.705387][T10172] loop0: detected capacity change from 0 to 2048
[  486.802323][ T7510] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  486.926714][T10172] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  486.970970][ T4280] usb usb9-port1: attempt power cycle
[  487.769433][ T7510] usb 5-1: Using ep0 maxpacket: 32
[  487.776549][ T7510] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  487.861637][ T7510] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  487.921712][ T7510] usb 5-1: New USB device found, idVendor=25dd, idProduct=f3d2, bcdDevice=d2.37
[  487.992178][ T7510] usb 5-1: New USB device strings: Mfr=84, Product=45, SerialNumber=0
[  488.038990][ T4280] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  488.067019][ T7510] usb 5-1: Product: syz
[  488.080793][ T4280] usb 9-1: device descriptor read/8, error -71
[  488.116815][ T7510] usb 5-1: Manufacturer: syz
[  488.230607][ T7510] usb 5-1: config 0 descriptor??
[  488.388914][ T4280] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  488.443219][ T4280] usb 9-1: device descriptor read/8, error -71
[  488.589247][ T4280] usb usb9-port1: unable to enumerate USB device
[  488.789669][ T7510] hid-generic 0003:25DD:F3D2.0005: hiddev0,hidraw0: USB HID v0.00 Device [syz syz] on usb-dummy_hcd.4-1/input0
[  488.976089][ T9440] EXT4-fs (loop0): unmounting filesystem.
[  488.993346][ T4328] usb 5-1: USB disconnect, device number 3
[  489.290151][T10188] fido_id[10188]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  489.461973][T10196] binder: 10195:10196 ioctl c0306201 200000000240 returned -11
[  489.919257][T10214] loop4: detected capacity change from 0 to 1024
[  490.026907][T10214] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  490.318863][T10225] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  490.386977][T10225] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  490.536061][ T4332] device hsr_slave_0 left promiscuous mode
[  490.549732][ T4332] device hsr_slave_1 left promiscuous mode
[  490.611849][ T4332] batman_adv: batadv0: Removing interface: batadv_slave_0
[  490.614342][ T4286] EXT4-fs (loop4): unmounting filesystem.
[  490.625635][ T4332] batman_adv: batadv0: Removing interface: batadv_slave_1
[  490.693115][ T4332] device bridge_slave_0 left promiscuous mode
[  490.719048][ T4280] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  490.729246][ T4332] bridge0: port 1(bridge_slave_0) entered disabled state
[  490.889001][ T4280] usb 10-1: device descriptor read/64, error -71
[  490.903845][ T4332] bond1 (unregistering): (slave lo): Releasing backup interface
[  490.912510][T10245] binder: 10244:10245 ioctl c0306201 200000000240 returned -11
[  490.922911][ T4332] bond1 (unregistering): (slave lo): last VLAN challenged slave left bond - VLAN blocking is removed
[  490.948019][ T4332] bond1 (unregistering): Released all slaves
[  491.160474][ T4280] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  491.340925][ T4280] usb 10-1: device descriptor read/64, error -71
[  491.391609][T10260] loop0: detected capacity change from 0 to 256
[  491.459896][ T4280] usb usb10-port1: attempt power cycle
[  491.498526][T10260] FAT-fs (loop0): Directory bread(block 64) failed
[  491.512752][T10260] FAT-fs (loop0): Directory bread(block 65) failed
[  491.522365][T10260] FAT-fs (loop0): Directory bread(block 66) failed
[  491.564572][T10260] FAT-fs (loop0): Directory bread(block 67) failed
[  491.587824][T10260] FAT-fs (loop0): Directory bread(block 68) failed
[  491.596505][T10260] FAT-fs (loop0): Directory bread(block 69) failed
[  491.636741][T10260] FAT-fs (loop0): Directory bread(block 70) failed
[  491.665601][T10260] FAT-fs (loop0): Directory bread(block 71) failed
[  491.672768][T10260] FAT-fs (loop0): Directory bread(block 72) failed
[  491.692549][T10260] FAT-fs (loop0): Directory bread(block 73) failed
[  491.885141][ T4280] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  491.926375][ T4280] usb 10-1: device descriptor read/8, error -71
[  492.208937][ T4280] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  492.306754][ T4280] usb 10-1: device descriptor read/8, error -71
[  492.441638][ T4280] usb usb10-port1: unable to enumerate USB device
[  492.571162][ T4332] team0 (unregistering): Port device team_slave_1 removed
[  492.667114][ T4332] team0 (unregistering): Port device team_slave_0 removed
[  492.760304][ T4332] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  492.872444][ T4332] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  493.864303][T10307] loop9: detected capacity change from 0 to 512
[  493.967405][T10307] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #11: comm syz.9.1404: invalid indirect mapped block 4294967295 (level 1)
[  494.006502][ T4332] bond0 (unregistering): Released all slaves
[  494.009133][T10307] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #11: comm syz.9.1404: invalid indirect mapped block 4294967295 (level 1)
[  494.028495][T10307] EXT4-fs (loop9): 2 truncates cleaned up
[  494.034843][T10307] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  494.243553][ T9349] EXT4-fs error (device loop9): ext4_lookup:1858: inode #17: comm syz-executor: iget: bad extended attribute block 6904
[  494.297314][ T9349] EXT4-fs error (device loop9): ext4_lookup:1858: inode #17: comm syz-executor: iget: bad extended attribute block 6904
[  494.339258][T10246] device syzkaller0 left promiscuous mode
[  494.799127][T10319] binder: 10317:10319 ioctl c0306201 200000000240 returned -11
[  494.892269][ T9349] EXT4-fs (loop9): unmounting filesystem.
[  495.771703][T10314] loop8: detected capacity change from 0 to 40427
[  495.816828][T10314] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  495.851124][T10314] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  495.864823][ T4332] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  495.912276][T10314] F2FS-fs (loop8): invalid crc value
[  495.942621][T10314] F2FS-fs (loop8): Found nat_bits in checkpoint
[  495.968884][   T41] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  496.074789][T10314] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  496.104600][T10314] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  496.119553][ T4332] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  496.170829][   T41] usb 7-1: config 0 has no interfaces?
[  496.180058][   T41] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  496.218964][   T41] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  496.247636][   T41] usb 7-1: Product: syz
[  496.259536][   T41] usb 7-1: Manufacturer: syz
[  496.264317][   T41] usb 7-1: SerialNumber: syz
[  496.315831][   T41] usb 7-1: config 0 descriptor??
[  496.471245][ T4332] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  496.554803][   T41] usb 7-1: USB disconnect, device number 4
[  496.677057][ T9494] kworker/u4:24: attempt to access beyond end of device
[  496.677057][ T9494] loop8: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  496.712916][ T4332] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  496.798369][ T4289] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  496.809629][ T4289] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  496.828037][ T4289] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  496.837033][ T4289] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  496.846507][ T4289] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  496.855698][ T4289] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  497.563490][T10379] loop6: detected capacity change from 0 to 512
[  497.697184][T10379] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a80ec19c, mo2=0002]
[  497.738937][T10379] System zones: 1-12
[  497.744880][T10379] EXT4-fs error (device loop6): ext4_iget_extra_inode:4763: inode #15: comm syz.6.1422: corrupted in-inode xattr
[  497.802721][T10379] EXT4-fs error (device loop6): ext4_orphan_get:1410: comm syz.6.1422: couldn't read orphan inode 15 (err -117)
[  497.827627][T10379] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  498.039406][ T7022] EXT4-fs (loop6): unmounting filesystem.
[  498.895376][ T4293] Bluetooth: hci0: command 0x0409 tx timeout
[  500.968844][ T4289] Bluetooth: hci0: command 0x041b tx timeout
[  501.460964][T10413] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1429'.
[  501.534905][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  501.544216][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  502.831542][T10393] device syzkaller0 entered promiscuous mode
[  503.050024][ T4289] Bluetooth: hci0: command 0x040f tx timeout
[  504.258785][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  504.278795][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  504.288804][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  504.298798][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  504.308794][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  504.318795][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  504.328792][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  504.338793][    T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!!
[  504.348793][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[  504.358790][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[  505.148877][ T4289] Bluetooth: hci0: command 0x0419 tx timeout
[  505.305222][T10435] loop6: detected capacity change from 0 to 512
[  505.312577][T10435] ext4: Unknown parameter 'context'
[  505.401199][ T9772] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  505.531242][T10358] chnl_net:caif_netlink_parms(): no params data found
[  505.577973][T10444] loop8: detected capacity change from 0 to 4096
[  505.587752][T10444] EXT4-fs: Ignoring removed mblk_io_submit option
[  505.594205][T10433] overlayfs: missing 'lowerdir'
[  505.643885][T10444] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  505.643903][T10444] EXT4-fs (loop8): Test dummy encryption mode enabled
[  505.708507][T10444] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c198, mo2=0003]
[  505.708600][T10444] System zones: 0-5
[  505.744478][T10444] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  506.025854][T10451] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  507.402851][T10427] tty tty4: ldisc open failed (-12), clearing slot 3
[  507.632914][ T8736] EXT4-fs (loop8): unmounting filesystem.
[  507.671685][T10358] bridge0: port 1(bridge_slave_0) entered blocking state
[  507.727832][T10358] bridge0: port 1(bridge_slave_0) entered disabled state
[  507.760507][T10358] device bridge_slave_0 entered promiscuous mode
[  508.071387][T10465] xt_hashlimit: size too large, truncated to 1048576
[  508.234684][T10468] loop4: detected capacity change from 0 to 512
[  508.608042][T10468] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  509.983878][T10358] bridge0: port 2(bridge_slave_1) entered blocking state
[  510.154564][T10358] bridge0: port 2(bridge_slave_1) entered disabled state
[  510.201898][T10358] device bridge_slave_1 entered promiscuous mode
[  510.644304][T10358] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  510.697378][T10468] EXT4-fs: error -4 creating inode table initialization thread
[  510.706192][T10468] EXT4-fs (loop4): mount failed
[  511.400150][T10358] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  511.450246][T10478] 0: reclassify loop, rule prio 0, protocol 800
[  511.577550][T10476] device syzkaller0 left promiscuous mode
[  511.643471][T10358] team0: Port device team_slave_0 added
[  511.983751][T10494] loop0: detected capacity change from 0 to 512
[  512.004114][T10494] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  512.047352][T10358] team0: Port device team_slave_1 added
[  512.133194][T10494] EXT4-fs (loop0): 1 truncate cleaned up
[  512.947351][T10494] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  513.235553][ T9440] EXT4-fs (loop0): unmounting filesystem.
[  513.289772][T10510] loop8: detected capacity change from 0 to 128
[  513.496807][T10358] batman_adv: batadv0: Adding interface: batadv_slave_0
[  513.557580][T10358] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  514.224711][T10358] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  514.400106][T10358] batman_adv: batadv0: Adding interface: batadv_slave_1
[  514.407142][T10358] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  514.457259][ T4289] Bluetooth: hci4: link tx timeout
[  514.463249][ T4289] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  514.471618][ T4289] Bluetooth: hci4: link tx timeout
[  514.731487][T10358] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  515.458161][ T4332] device hsr_slave_0 left promiscuous mode
[  515.475520][T10539] loop6: detected capacity change from 0 to 512
[  515.509393][ T4332] device hsr_slave_1 left promiscuous mode
[  515.525802][ T4332] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  515.566203][ T4332] batman_adv: batadv0: Removing interface: batadv_slave_0
[  515.605193][T10539] EXT4-fs (loop6): unable to read superblock
[  515.860316][T10544] loop8: detected capacity change from 0 to 4096
[  515.876297][T10544] EXT4-fs: Ignoring removed mblk_io_submit option
[  515.891960][T10544] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  515.900902][T10544] EXT4-fs (loop8): Test dummy encryption mode enabled
[  515.903204][ T4332] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  516.092442][ T4332] batman_adv: batadv0: Removing interface: batadv_slave_1
[  516.688389][T10548] loop0: detected capacity change from 0 to 128
[  516.738104][T10544] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c198, mo2=0003]
[  516.846778][ T4332] device bridge_slave_1 left promiscuous mode
[  516.940234][ T4332] bridge0: port 2(bridge_slave_1) entered disabled state
[  517.003422][T10544] System zones: 0-5
[  517.290301][T10544] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  517.992539][ T4332] device bridge_slave_0 left promiscuous mode
[  518.012986][ T4332] bridge0: port 1(bridge_slave_0) entered disabled state
[  518.118944][   T26] audit: type=1800 audit(1781121474.186:26): pid=10544 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1459" name="file1" dev="loop8" ino=15 res=0 errno=0
[  518.846603][ T8736] EXT4-fs (loop8): unmounting filesystem.
[  519.597116][T10560] loop6: detected capacity change from 0 to 1024
[  519.629779][T10560] EXT4-fs: Ignoring removed mblk_io_submit option
[  519.659131][T10560] EXT4-fs (loop6): bad geometry: bigalloc file system with non-zero first_data_block
[  519.659131][T10560] 
[  519.684975][T10562] loop0: detected capacity change from 0 to 512
[  519.737317][T10562] FAT-fs (loop0): Directory bread(block 199916) failed
[  519.809222][T10562] FAT-fs (loop0): Directory bread(block 199917) failed
[  519.816199][T10562] FAT-fs (loop0): Directory bread(block 199918) failed
[  519.834553][ T4332] device veth1_macvtap left promiscuous mode
[  519.849263][ T4332] device veth0_macvtap left promiscuous mode
[  519.878594][T10562] FAT-fs (loop0): Directory bread(block 199919) failed
[  519.890618][ T4332] device veth1_vlan left promiscuous mode
[  519.927364][ T4332] device veth0_vlan left promiscuous mode
[  519.933580][T10562] FAT-fs (loop0): Directory bread(block 199920) failed
[  519.983732][T10562] FAT-fs (loop0): Directory bread(block 199921) failed
[  520.010933][T10562] FAT-fs (loop0): Directory bread(block 199922) failed
[  520.017919][T10562] FAT-fs (loop0): Directory bread(block 199923) failed
[  520.915378][T10579] loop8: detected capacity change from 0 to 256
[  522.464859][ T4332] team0 (unregistering): Port device team_slave_1 removed
[  522.580515][ T4332] team0 (unregistering): Port device team_slave_0 removed
[  522.656389][ T4332] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  522.783653][ T4332] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  524.023921][ T4332] bond0 (unregistering): Released all slaves
[  524.270940][T10358] device hsr_slave_0 entered promiscuous mode
[  524.278024][T10358] device hsr_slave_1 entered promiscuous mode
[  524.895759][   T26] audit: type=1804 audit(1781121480.976:27): pid=10605 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.1473" name="/newroot/56/file0" dev="fuse" ino=1 res=1 errno=0
[  525.150104][T10610] 0: reclassify loop, rule prio 0, protocol 800
[  525.591104][T10615] netlink: 196 bytes leftover after parsing attributes in process `syz.4.1478'.
[  526.705519][T10631] loop8: detected capacity change from 0 to 512
[  526.810947][T10631] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  526.820572][T10631] ext4 filesystem being mounted at /59/file3 supports timestamps until 2038-01-19 (0x7fffffff)
[  526.873003][ T8736] EXT4-fs (loop8): unmounting filesystem.
[  527.026846][T10639] netlink: 'syz.0.1484': attribute type 4 has an invalid length.
[  527.087494][T10642] overlayfs: './file0' not a directory
[  527.147361][T10636] loop0: detected capacity change from 0 to 256
[  527.407991][T10649] futex_wake_op: syz.8.1487 tries to shift op by 144; fix this program
[  527.536817][T10617] loop6: detected capacity change from 0 to 40427
[  527.612011][T10617] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  527.741244][T10617] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  527.921684][T10617] F2FS-fs (loop6): Found nat_bits in checkpoint
[  528.141012][T10358] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  528.198244][T10358] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  528.216978][T10617] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  528.245826][T10358] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  528.271979][T10617] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  528.289337][T10358] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  528.663541][T10358] 8021q: adding VLAN 0 to HW filter on device bond0
[  528.803944][T10358] 8021q: adding VLAN 0 to HW filter on device team0
[  528.858010][ T9494] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  528.878452][ T9494] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  528.954795][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  528.973391][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  528.987867][ T4372] bridge0: port 1(bridge_slave_0) entered blocking state
[  528.995134][ T4372] bridge0: port 1(bridge_slave_0) entered forwarding state
[  529.013930][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  529.026242][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  529.041477][ T4372] bridge0: port 2(bridge_slave_1) entered blocking state
[  529.048796][ T4372] bridge0: port 2(bridge_slave_1) entered forwarding state
[  529.071558][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  529.095652][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  529.146021][ T7022] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  529.146113][ T7022] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  529.160192][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  529.239396][ T7022] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  529.239873][ T7022] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  529.264564][ T7022] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  529.394052][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  529.524738][T10677] loop0: detected capacity change from 0 to 2048
[  529.603679][ T7022] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  529.604268][ T7022] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  529.707555][T10677] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  530.724721][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  530.876743][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  530.938283][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  531.029346][T10358] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  531.124293][T10358] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  531.807360][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  531.845197][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  531.856960][ T9440] EXT4-fs (loop0): unmounting filesystem.
[  531.959641][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  531.968465][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  532.040554][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  532.071310][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  532.105338][T10692] loop8: detected capacity change from 0 to 512
[  532.166076][T10692] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  532.271940][T10692] EXT4-fs error (device loop8): ext4_orphan_get:1405: inode #15: comm syz.8.1499: iget: bogus i_mode (4355)
[  532.379028][T10692] EXT4-fs error (device loop8): ext4_orphan_get:1410: comm syz.8.1499: couldn't read orphan inode 15 (err -117)
[  532.445668][T10692] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  532.469145][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  532.477384][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  532.514333][T10358] 8021q: adding VLAN 0 to HW filter on device batadv0
[  532.691828][T10711] 0: reclassify loop, rule prio 0, protocol 800
[  532.704565][ T8736] EXT4-fs (loop8): unmounting filesystem.
[  532.725782][T10714] loop6: detected capacity change from 0 to 16
[  532.817027][T10714] erofs: (device loop6): mounted with root inode @ nid 36.
[  533.129173][ T5742] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  533.240162][T10727] loop8: detected capacity change from 0 to 2048
[  534.232066][ T4280] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  534.408863][ T4280] usb 1-1: device descriptor read/64, error -71
[  534.551431][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  534.589819][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  534.678199][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  534.707624][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  534.729175][ T4280] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  534.747353][T10358] device veth0_vlan entered promiscuous mode
[  534.757998][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  534.780517][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  534.811224][T10358] device veth1_vlan entered promiscuous mode
[  534.897392][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  534.919039][ T4280] usb 1-1: device descriptor read/64, error -71
[  534.926298][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  534.944768][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  534.964813][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  534.980538][T10358] device veth0_macvtap entered promiscuous mode
[  534.998643][T10358] device veth1_macvtap entered promiscuous mode
[  535.018812][ T5742] usb 7-1: Using ep0 maxpacket: 16
[  535.057547][ T4280] usb usb1-port1: attempt power cycle
[  535.201743][ T5742] usb 7-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  535.213430][ T5742] usb 7-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  535.223431][ T5742] usb 7-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[  535.236494][ T5742] usb 7-1: config 0 interface 0 has no altsetting 0
[  535.243234][ T5742] usb 7-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  535.252471][ T5742] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  535.267253][ T5742] usb 7-1: config 0 descriptor??
[  535.422234][T10358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  535.456877][T10358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.486487][T10358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  535.500040][ T4280] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  535.517824][T10358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.535554][T10358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  535.546524][T10358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.563955][ T4280] usb 1-1: device descriptor read/8, error -71
[  535.584302][T10358] batman_adv: batadv0: Interface activated: batadv_slave_0
[  535.603567][ T9500] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  535.613537][ T9500] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  535.645405][ T9500] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  535.655582][ T9500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  535.672398][T10358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  535.690420][T10358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.712687][T10358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  535.734598][T10358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.758048][T10358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  535.779590][T10358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.810883][T10358] batman_adv: batadv0: Interface activated: batadv_slave_1
[  535.823884][T10358] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  535.833049][T10358] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  535.856505][T10358] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  535.879963][ T5742] hid (null): invalid report_count 52999
[  535.885708][ T5742] hid (null): unknown global tag 0xc
[  535.897039][T10358] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  535.954909][ T5742] hid (null): unknown global tag 0xc
[  536.003002][ T5742] hid (null): global environment stack underflow
[  536.024418][ T4280] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  536.062275][ T4280] usb 1-1: device descriptor read/8, error -71
[  536.072360][ T5742] hid (null): unknown global tag 0xe
[  536.095168][ T5742] hid (null): bogus close delimiter
[  536.110734][T10758] binder: BINDER_SET_CONTEXT_MGR already set
[  536.138902][T10758] binder: 10757:10758 ioctl 4018620d 2000000002c0 returned -16
[  536.209614][ T4280] usb usb1-port1: unable to enumerate USB device
[  536.846561][ T5742] usb 7-1: USB disconnect, device number 5
[  536.882144][T10758] binder: 10757:10758 ioctl c0306201 200000000240 returned -11
[  536.941859][ T9500] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  536.971916][ T9500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  537.031158][T10760] device syzkaller0 left promiscuous mode
[  537.313531][ T4830] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  537.324524][T10774] tipc: Failed to remove unknown binding: 66,0,0/0:2201894647/2201894649
[  537.333871][T10774] tipc: Failed to remove unknown binding: 66,0,0/0:2201894647/2201894648
[  537.346124][T10771] 0: reclassify loop, rule prio 0, protocol 800
[  537.361244][ T4830] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  537.392500][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  537.507949][ T4400] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  537.521657][T10778] 0: reclassify loop, rule prio 0, protocol 800
[  537.536964][ T4400] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  537.569706][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  538.537755][T10817] 0: reclassify loop, rule prio 0, protocol 800
[  542.559244][T10832] netlink: 'syz.6.1526': attribute type 4 has an invalid length.
[  542.846008][T10847] Driver unsupported XDP return value 0 on prog  (id 47) dev N/A, expect packet loss!
[  542.886250][T10850] netlink: 'syz.5.1529': attribute type 21 has an invalid length.
[  542.945921][T10850] netlink: 156 bytes leftover after parsing attributes in process `syz.5.1529'.
[  543.035036][T10854] netlink: 61963 bytes leftover after parsing attributes in process `syz.5.1529'.
[  543.101540][T10862] binder: 10861:10862 ioctl c0306201 200000000240 returned -11
[  543.151288][T10864] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  543.362579][T10869] loop8: detected capacity change from 0 to 256
[  543.472488][T10872] loop5: detected capacity change from 0 to 512
[  543.539879][T10872] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  543.668330][T10872] EXT4-fs (loop5): 1 truncate cleaned up
[  543.687467][T10872] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  543.859013][T10876] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 465: padding at end of block bitmap is not set
[  544.017771][T10876] EXT4-fs (loop5): Remounting filesystem read-only
[  544.677887][ T4289] Bluetooth: hci3: command 0x0406 tx timeout
[  546.674058][T10933] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  547.423179][T10936] overlayfs: missing 'lowerdir'
[  547.984218][T10973] netlink: 'syz.4.1558': attribute type 10 has an invalid length.
[  548.018028][T10973] team0: Device hsr_slave_0 failed to register rx_handler
[  549.256107][T10358] EXT4-fs (loop5): unmounting filesystem.
[  550.528142][T11006] device syzkaller0 entered promiscuous mode
[  551.303120][T11037] loop6: detected capacity change from 0 to 4096
[  551.347473][T11037] EXT4-fs: Ignoring removed mblk_io_submit option
[  551.556404][T11037] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  551.593075][T11037] EXT4-fs (loop6): Test dummy encryption mode enabled
[  551.638367][T11037] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c198, mo2=0003]
[  551.694944][T11037] System zones: 0-5
[  551.730227][T11037] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  553.136869][T11053] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  553.288874][   T41] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  553.684331][   T41] usb 1-1: config 0 interface 0 altsetting 251 has an invalid endpoint with address 0x0, skipping
[  553.696582][   T41] usb 1-1: config 0 interface 0 has no altsetting 0
[  553.713293][   T41] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  553.724639][   T41] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  553.734070][   T41] usb 1-1: Product: syz
[  553.738435][   T41] usb 1-1: Manufacturer: syz
[  553.743528][   T41] usb 1-1: SerialNumber: syz
[  554.217665][   T41] usb 1-1: config 0 descriptor??
[  554.298991][T11064] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  554.844446][   T41] snd-usb-audio: probe of 1-1:0.0 failed with error -22
[  554.961963][   T41] usb 1-1: USB disconnect, device number 9
[  555.249995][T10845] udevd[10845]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  560.214296][T11080] device syzkaller0 left promiscuous mode
[  560.672003][T11121] 9pnet_fd: Insufficient options for proto=fd
[  561.674547][ T7022] EXT4-fs (loop6): unmounting filesystem.
[  562.977759][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  562.984872][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  565.059175][ T4289] Bluetooth: hci2: command 0x0406 tx timeout
[  571.855119][T11390] overlayfs: failed to resolve './cgroup': -2
[  572.622430][T11421] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  572.638673][T11421] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  577.351684][T11512] loop8: detected capacity change from 0 to 512
[  577.407549][T11512] EXT4-fs (loop8): warning: mounting unchecked fs, running e2fsck is recommended
[  577.494586][T11512] EXT4-fs (loop8): 1 truncate cleaned up
[  577.500461][T11512] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  581.130253][T11516] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 465: padding at end of block bitmap is not set
[  581.168674][T11516] EXT4-fs (loop8): Remounting filesystem read-only
[  582.439523][ T8736] EXT4-fs (loop8): unmounting filesystem.
[  583.310138][T11553] fuse: Bad value for 'fd'
[  583.745358][T11566] xt_hashlimit: size too large, truncated to 1048576
[  587.493360][T11632] netlink: 'syz.4.1735': attribute type 29 has an invalid length.
[  587.667758][T11635] loop6: detected capacity change from 0 to 764
[  587.817743][T11635] rock: directory entry would overflow storage
[  587.857389][T11635] rock: sig=0x5850, size=36, remaining=22
[  589.799244][T11657] loop6: detected capacity change from 0 to 512
[  589.873559][T11657] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended
[  589.961257][T11657] EXT4-fs (loop6): 1 truncate cleaned up
[  589.967017][T11657] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  590.968900][T11659] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 465: padding at end of block bitmap is not set
[  591.039002][T11659] EXT4-fs (loop6): Remounting filesystem read-only
[  593.789953][T11632] netlink: 'syz.4.1735': attribute type 29 has an invalid length.
[  594.407338][ T7022] EXT4-fs (loop6): unmounting filesystem.
[  594.470152][T11695] loop5: detected capacity change from 0 to 1024
[  594.480841][T11695] EXT4-fs: Ignoring removed orlov option
[  594.881337][T11695] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  595.505026][T11703] Set syz1 is full, maxelem 1029 reached
[  596.461292][T10358] EXT4-fs (loop5): unmounting filesystem.
[  596.776256][T11733] loop0: detected capacity change from 0 to 512
[  596.819550][T11733] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  596.838588][T11733] EXT4-fs (loop0): 1 truncate cleaned up
[  596.844539][T11733] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  597.646723][ T9440] EXT4-fs (loop0): unmounting filesystem.
[  598.088749][T11764] loop8: detected capacity change from 0 to 1024
[  598.178442][T11764] EXT4-fs: Ignoring removed orlov option
[  598.395628][T11764] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  598.727700][T11770] netlink: 4595 bytes leftover after parsing attributes in process `syz.6.1776'.
[  598.818890][T11770] netlink: 4595 bytes leftover after parsing attributes in process `syz.6.1776'.
[  598.913386][T11772] netlink: 4595 bytes leftover after parsing attributes in process `syz.6.1776'.
[  600.001530][ T8736] EXT4-fs (loop8): unmounting filesystem.
[  601.260525][ T4289] Bluetooth: hci4: link tx timeout
[  601.265745][ T4289] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  601.274196][ T4289] Bluetooth: hci4: link tx timeout
[  602.036092][ T9484] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  602.050590][T11838] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  602.262720][T11850] netlink: 'syz.8.1799': attribute type 29 has an invalid length.
[  602.288406][T11850] netlink: 'syz.8.1799': attribute type 29 has an invalid length.
[  602.319208][T11856] netlink: 'syz.8.1799': attribute type 29 has an invalid length.
[  602.351806][T11850] netlink: 'syz.8.1799': attribute type 29 has an invalid length.
[  602.526430][T11858] loop6: detected capacity change from 0 to 512
[  602.638370][T11858] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended
[  602.661827][T11858] EXT4-fs (loop6): 1 truncate cleaned up
[  602.667711][T11858] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  604.582024][T11887] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1809'.
[  604.982891][ T7022] EXT4-fs (loop6): unmounting filesystem.
[  605.297767][T11898] device syzkaller0 entered promiscuous mode
[  607.192013][T11939] device syzkaller0 left promiscuous mode
[  608.410952][T11963] device syzkaller0 entered promiscuous mode
[  609.965264][T11995] loop6: detected capacity change from 0 to 512
[  610.111320][T11995] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended
[  610.160746][T11995] EXT4-fs (loop6): 1 truncate cleaned up
[  610.234119][T11995] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  611.996403][ T7022] EXT4-fs (loop6): unmounting filesystem.
[  612.104647][T12019] device syzkaller0 entered promiscuous mode
[  612.860719][T12053] loop6: detected capacity change from 0 to 256
[  613.643446][T12058] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1861'.
[  613.705771][T12058] sch_tbf: burst 0 is lower than device nlmon0 mtu (3776) !
[  613.826105][T12066] loop8: detected capacity change from 0 to 512
[  613.919995][T12066] EXT4-fs (loop8): warning: mounting unchecked fs, running e2fsck is recommended
[  614.659946][T12066] EXT4-fs (loop8): 1 truncate cleaned up
[  614.665701][T12066] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  615.129895][T12074] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1863'.
[  615.167051][T12074] netlink: 'syz.5.1863': attribute type 1 has an invalid length.
[  615.209086][T12072] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 465: padding at end of block bitmap is not set
[  615.298635][T12072] EXT4-fs (loop8): Remounting filesystem read-only
[  616.741139][T12097] tipc: Failed to remove unknown binding: 66,0,0/0:3064452955/3064452957
[  616.749883][T12097] tipc: Failed to remove unknown binding: 66,0,0/0:3064452955/3064452956
[  616.778936][ T8736] EXT4-fs (loop8): unmounting filesystem.
[  617.133379][T12101] loop8: detected capacity change from 0 to 128
[  617.375265][T12108] device syzkaller0 entered promiscuous mode
[  618.162901][T12121] binder: 12120:12121 ioctl c0306201 0 returned -14
[  618.589989][T12139] tipc: Failed to remove unknown binding: 66,0,0/0:1928824833/1928824835
[  618.598582][T12139] tipc: Failed to remove unknown binding: 66,0,0/0:1928824833/1928824834
[  618.812476][T12146] loop8: detected capacity change from 0 to 128
[  618.931658][T12152] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  619.041682][T12155] device ip6erspan0 entered promiscuous mode
[  619.127229][T12158] device syzkaller0 entered promiscuous mode
[  619.580128][T12173] tipc: Failed to remove unknown binding: 66,0,0/0:3876863710/3876863712
[  619.606774][T12173] tipc: Failed to remove unknown binding: 66,0,0/0:3876863710/3876863711
[  620.288944][T12200] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1909'.
[  620.387502][T12204] device syzkaller0 left promiscuous mode
[  620.453425][T12204] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  620.789068][T12219] device syzkaller0 entered promiscuous mode
[  621.369063][ T4289] Bluetooth: hci0: command 0x0406 tx timeout
[  621.906737][T12263] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1932'.
[  622.246890][T12275] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  622.480905][T12288] netem: change failed
[  623.177463][T12312] device syzkaller0 left promiscuous mode
[  623.733507][T12336] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  624.305115][T12360] loop0: detected capacity change from 0 to 512
[  624.483868][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  624.490412][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  624.570120][T12360] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  624.674909][T12369] loop8: detected capacity change from 0 to 256
[  625.046846][T12360] EXT4-fs (loop0): 1 truncate cleaned up
[  625.183251][T11555] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  625.221412][T12360] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  626.390288][ T9440] EXT4-fs (loop0): unmounting filesystem.
[  627.007446][T12406] 
[  627.009869][T12406] ======================================================
[  627.016924][T12406] WARNING: possible circular locking dependency detected
[  627.023997][T12406] syzkaller #0 Not tainted
[  627.028539][T12406] ------------------------------------------------------
[  627.035590][T12406] syz.5.1984/12406 is trying to acquire lock:
[  627.041696][T12406] ffffffff970292b8 (nfnl_subsys_ipset){+.+.}-{3:3}, at: ip_set_nfnl_get_byindex+0x63/0x230
[  627.051887][T12406] 
[  627.051887][T12406] but task is already holding lock:
[  627.059298][T12406] ffff88802fcb66b8 (&nft_net->commit_mutex){+.+.}-{3:3}, at: nf_tables_valid_genid+0x37/0x100
[  627.069755][T12406] 
[  627.069755][T12406] which lock already depends on the new lock.
[  627.069755][T12406] 
[  627.080207][T12406] 
[  627.080207][T12406] the existing dependency chain (in reverse order) is:
[  627.089272][T12406] 
[  627.089272][T12406] -> #2 (&nft_net->commit_mutex){+.+.}-{3:3}:
[  627.097584][T12406]        __mutex_lock+0x12d/0xaf0
[  627.102745][T12406]        nf_tables_dumpreset_obj+0x6e/0x90
[  627.108788][T12406]        netlink_dump+0x6a3/0xd00
[  627.113929][T12406]        __netlink_dump_start+0x537/0x6f0
[  627.119705][T12406]        nft_netlink_dump_start_rcu+0xdb/0x1a0
[  627.125936][T12406]        nf_tables_getobj_reset+0x1cb/0x610
[  627.131903][T12406]        nfnetlink_rcv_msg+0x8a0/0x12b0
[  627.137632][T12406]        netlink_rcv_skb+0x1fb/0x450
[  627.142963][T12406]        nfnetlink_rcv+0x2b0/0x2480
[  627.148213][T12406]        netlink_unicast+0x74d/0x8d0
[  627.153556][T12406]        netlink_sendmsg+0x8ad/0xbd0
[  627.158885][T12406]        ____sys_sendmsg+0x5be/0x970
[  627.164306][T12406]        ___sys_sendmsg+0x2a2/0x360
[  627.169556][T12406]        __se_sys_sendmsg+0x1bb/0x2a0
[  627.174981][T12406]        do_syscall_64+0x4c/0xa0
[  627.179999][T12406]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  627.186550][T12406] 
[  627.186550][T12406] -> #1 (nlk_cb_mutex-NETFILTER){+.+.}-{3:3}:
[  627.194868][T12406]        __mutex_lock+0x12d/0xaf0
[  627.199944][T12406]        __netlink_dump_start+0x11f/0x6f0
[  627.205714][T12406]        ip_set_dump+0x152/0x1e0
[  627.210700][T12406]        nfnetlink_rcv_msg+0xbec/0x12b0
[  627.216322][T12406]        netlink_rcv_skb+0x1fb/0x450
[  627.221692][T12406]        nfnetlink_rcv+0x2b0/0x2480
[  627.226976][T12406]        netlink_unicast+0x74d/0x8d0
[  627.232356][T12406]        netlink_sendmsg+0x8ad/0xbd0
[  627.237706][T12406]        ____sys_sendmsg+0x5be/0x970
[  627.243046][T12406]        ___sys_sendmsg+0x2a2/0x360
[  627.248302][T12406]        __se_sys_sendmsg+0x1bb/0x2a0
[  627.253729][T12406]        do_syscall_64+0x4c/0xa0
[  627.258734][T12406]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  627.265212][T12406] 
[  627.265212][T12406] -> #0 (nfnl_subsys_ipset){+.+.}-{3:3}:
[  627.273086][T12406]        __lock_acquire+0x2d07/0x7d10
[  627.278612][T12406]        lock_acquire+0x1bb/0x4a0
[  627.283721][T12406]        __mutex_lock+0x12d/0xaf0
[  627.288809][T12406]        ip_set_nfnl_get_byindex+0x63/0x230
[  627.294762][T12406]        set_target_v1_checkentry+0x88/0x4f0
[  627.300934][T12406]        xt_check_target+0x49d/0xbf0
[  627.306289][T12406]        nft_target_init+0x692/0x9f0
[  627.311726][T12406]        nf_tables_newrule+0x1731/0x2810
[  627.317422][T12406]        nfnetlink_rcv+0x1124/0x2480
[  627.322770][T12406]        netlink_unicast+0x74d/0x8d0
[  627.328136][T12406]        netlink_sendmsg+0x8ad/0xbd0
[  627.333485][T12406]        ____sys_sendmsg+0x5be/0x970
[  627.338826][T12406]        ___sys_sendmsg+0x2a2/0x360
[  627.344089][T12406]        __se_sys_sendmsg+0x1bb/0x2a0
[  627.349511][T12406]        do_syscall_64+0x4c/0xa0
[  627.354499][T12406]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  627.360986][T12406] 
[  627.360986][T12406] other info that might help us debug this:
[  627.360986][T12406] 
[  627.371434][T12406] Chain exists of:
[  627.371434][T12406]   nfnl_subsys_ipset --> nlk_cb_mutex-NETFILTER --> &nft_net->commit_mutex
[  627.371434][T12406] 
[  627.385931][T12406]  Possible unsafe locking scenario:
[  627.385931][T12406] 
[  627.393428][T12406]        CPU0                    CPU1
[  627.398835][T12406]        ----                    ----
[  627.404251][T12406]   lock(&nft_net->commit_mutex);
[  627.409334][T12406]                                lock(nlk_cb_mutex-NETFILTER);
[  627.416933][T12406]                                lock(&nft_net->commit_mutex);
[  627.424534][T12406]   lock(nfnl_subsys_ipset);
[  627.429181][T12406] 
[  627.429181][T12406]  *** DEADLOCK ***
[  627.429181][T12406] 
[  627.437378][T12406] 1 lock held by syz.5.1984/12406:
[  627.442545][T12406]  #0: ffff88802fcb66b8 (&nft_net->commit_mutex){+.+.}-{3:3}, at: nf_tables_valid_genid+0x37/0x100
[  627.453338][T12406] 
[  627.453338][T12406] stack backtrace:
[  627.459272][T12406] CPU: 1 PID: 12406 Comm: syz.5.1984 Not tainted syzkaller #0
[  627.466787][T12406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  627.476899][T12406] Call Trace:
[  627.480296][T12406]  <TASK>
[  627.483342][T12406]  dump_stack_lvl+0x188/0x24e
[  627.488166][T12406]  ? load_image+0x400/0x400
[  627.492812][T12406]  ? show_regs_print_info+0x12/0x12
[  627.498075][T12406]  ? print_circular_bug+0x12b/0x1a0
[  627.503342][T12406]  check_noncircular+0x296/0x330
[  627.508353][T12406]  ? add_chain_block+0x940/0x940
[  627.513353][T12406]  ? lockdep_lock+0xf1/0x1f0
[  627.518058][T12406]  ? _find_first_zero_bit+0xcf/0x100
[  627.523451][T12406]  __lock_acquire+0x2d07/0x7d10
[  627.528378][T12406]  ? __lock_acquire+0x12f4/0x7d10
[  627.533464][T12406]  ? verify_lock_unused+0x140/0x140
[  627.538724][T12406]  ? mark_lock+0x94/0x320
[  627.543128][T12406]  lock_acquire+0x1bb/0x4a0
[  627.547694][T12406]  ? ip_set_nfnl_get_byindex+0x63/0x230
[  627.553296][T12406]  ? __might_sleep+0xd0/0xd0
[  627.557939][T12406]  ? read_lock_is_recursive+0x10/0x10
[  627.563384][T12406]  ? __lock_acquire+0x7d10/0x7d10
[  627.568489][T12406]  __mutex_lock+0x12d/0xaf0
[  627.573048][T12406]  ? ip_set_nfnl_get_byindex+0x63/0x230
[  627.578650][T12406]  ? ip_set_pernet+0x23/0x230
[  627.583383][T12406]  ? ip_set_nfnl_get_byindex+0x63/0x230
[  627.588979][T12406]  ? mutex_lock_nested+0x10/0x10
[  627.593970][T12406]  ? ip_set_pernet+0x23/0x230
[  627.598694][T12406]  ip_set_nfnl_get_byindex+0x63/0x230
[  627.604122][T12406]  set_target_v1_checkentry+0x88/0x4f0
[  627.609646][T12406]  ? set_target_v1+0x3e0/0x3e0
[  627.614476][T12406]  xt_check_target+0x49d/0xbf0
[  627.619297][T12406]  ? __kernel_text_address+0x9/0x30
[  627.624695][T12406]  ? xt_find_jump_offset+0xe0/0xe0
[  627.629880][T12406]  ? __stack_depot_save+0x35/0x460
[  627.635171][T12406]  ? nft_target_init+0x1cf/0x9f0
[  627.640175][T12406]  nft_target_init+0x692/0x9f0
[  627.644992][T12406]  ? nfnetlink_rcv+0x1124/0x2480
[  627.649998][T12406]  ? netlink_unicast+0x74d/0x8d0
[  627.655004][T12406]  ? netlink_sendmsg+0x8ad/0xbd0
[  627.660005][T12406]  ? nft_target_release_ops+0x70/0x70
[  627.665444][T12406]  ? __kmem_cache_alloc_node+0x140/0x260
[  627.671233][T12406]  ? nf_tables_newrule+0x1503/0x2810
[  627.676592][T12406]  ? rcu_is_watching+0x11/0xa0
[  627.681529][T12406]  ? nf_tables_newrule+0x1503/0x2810
[  627.686876][T12406]  ? __kmalloc+0xe1/0x240
[  627.691376][T12406]  nf_tables_newrule+0x1731/0x2810
[  627.696566][T12406]  ? nf_tables_delchain+0xf00/0xf00
[  627.701865][T12406]  ? __lock_acquire+0x7d10/0x7d10
[  627.706965][T12406]  ? mutex_unlock+0x10/0x10
[  627.711537][T12406]  ? __nla_parse+0x3c/0x50
[  627.716015][T12406]  nfnetlink_rcv+0x1124/0x2480
[  627.720868][T12406]  ? nfnetlink_net_exit_batch+0xa0/0xa0
[  627.726503][T12406]  ? ref_tracker_free+0x68c/0x840
[  627.731616][T12406]  ? netlink_deliver_tap+0x2e/0x1b0
[  627.736980][T12406]  ? netlink_deliver_tap+0x2e/0x1b0
[  627.742245][T12406]  netlink_unicast+0x74d/0x8d0
[  627.747070][T12406]  netlink_sendmsg+0x8ad/0xbd0
[  627.751897][T12406]  ? netlink_getsockopt+0x550/0x550
[  627.757149][T12406]  ? aa_sock_msg_perm+0x94/0x150
[  627.762229][T12406]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  627.767636][T12406]  ? security_socket_sendmsg+0x7c/0xa0
[  627.773218][T12406]  ? netlink_getsockopt+0x550/0x550
[  627.778498][T12406]  ____sys_sendmsg+0x5be/0x970
[  627.783326][T12406]  ? __sys_sendmsg_sock+0x30/0x30
[  627.788403][T12406]  ? __import_iovec+0x315/0x500
[  627.793347][T12406]  ? import_iovec+0x6f/0xa0
[  627.797911][T12406]  ___sys_sendmsg+0x2a2/0x360
[  627.802653][T12406]  ? try_to_wake_up+0x67c/0x1080
[  627.807738][T12406]  ? __sys_sendmsg+0x290/0x290
[  627.812576][T12406]  __se_sys_sendmsg+0x1bb/0x2a0
[  627.817479][T12406]  ? __x64_sys_sendmsg+0x80/0x80
[  627.822476][T12406]  ? lockdep_hardirqs_on+0x94/0x140
[  627.827734][T12406]  do_syscall_64+0x4c/0xa0
[  627.832211][T12406]  ? clear_bhb_loop+0x60/0xb0
[  627.836950][T12406]  ? clear_bhb_loop+0x60/0xb0
[  627.841689][T12406]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  627.847643][T12406] RIP: 0033:0x7fc01119ce59
[  627.852201][T12406] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  627.871955][T12406] RSP: 002b:00007fc011fe7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  627.880502][T12406] RAX: ffffffffffffffda RBX: 00007fc011415fa0 RCX: 00007fc01119ce59
[  627.888528][T12406] RDX: 0000000000000800 RSI: 0000200000000300 RDI: 0000000000000003
[  627.896560][T12406] RBP: 00007fc011232d6f R08: 0000000000000000 R09: 0000000000000000
[  627.904578][T12406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  627.912595][T12406] R13: 00007fc011416038 R14: 00007fc011415fa0 R15: 00007ffee06abb08
[  627.920625][T12406]  </TASK>
[  627.940224][T12406] Cannot find add_set index 0 as target