last executing test programs:

10.944281039s ago: executing program 3 (id=459):
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
lsetxattr$security_capability(0x0, &(0x7f0000000100), &(0x7f0000000140)=@v2={0x2000000, [{0x4, 0x3}, {0x4, 0x4}]}, 0x14, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
close_range(r4, 0xffffffffffffffff, 0x0)
socket$unix(0x1, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x4003}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x10, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}]}, @NFTA_IMMEDIATE_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELCHAIN={0x20, 0x5, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xa8}}, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000840)=@newsa={0x13c, 0x10, 0x713, 0x0, 0x0, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in6=@local}, {@in=@dev={0xac, 0x14, 0x14, 0x17}, 0x4d5, 0x33}, @in=@multicast1, {0x3}, {}, {0x0, 0x22}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2}, [@algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x13c}}, 0x0)
sendmsg$nl_route(r0, 0x0, 0x40040d4)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)

8.567130299s ago: executing program 0 (id=465):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYRES8=r0], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, 0x0, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r1, 0x2000012, 0xd, 0x0, &(0x7f0000000280)="63ec33c9e9b986000000000000", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xb}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x4, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="18020000be01000000000000000000008503f07ff3cc3780000000530000009500009400020000516243bf219f80dcee26639761aabde39fa43af73e2f75663775057c86d56937eac71626788a0cc5e196dbc7e477c6edf4f3d326eb017f219dafbe965f7e47621a33a06e1f5824a9b1"], &(0x7f00000000c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$sock_buf(r0, 0x1, 0x3d, 0x0, &(0x7f0000000040))
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x2}, 0x20)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
signalfd4(r3, 0x0, 0x0, 0x80000)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800002, 0xe)
r7 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
sendmsg$nl_route(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x401, 0x4002, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1d188, 0x51}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_VLAN_INGRESS_QOS={0x10, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7, 0x3}}]}]}}}]}, 0x44}}, 0x0)
ioctl$NILFS_IOCTL_SET_SUINFO(r3, 0x40186e8d, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000180)=0x587c, 0x4)
recvmmsg(r2, &(0x7f0000005440)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x0, 0x0)

7.247545626s ago: executing program 3 (id=469):
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4e, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file1\x00', 0x10c00, &(0x7f0000000100)=ANY=[], 0x3, 0x150f, &(0x7f0000000780)="$eJzs3AnYTlX3MPC19t6Hhwx3knmvvQ53MmySJEOSDEmSJMmckCRJEpIpUxKSkDnJHJIpJPM8ZUqSvJIkCQlJ9nept9f7fvW/6r16/5/v/3/W77rOde917bP22fus57nPuc8zfN1hcOW6VSrUZmb4S/CXl+4AkAIA/QAgMwBEAFAiS4ksl/rTaez+1w4i/rMemHalZyCuJKl/6ib1T92k/qmb1D91k/qnblL/1E3qn7pJ/YVIzbZNz3m1bKl3++vP/1N+eZHn//8DyfU/dZP6/29zOt2/s7fU/3+TiyGEfy9D6p+6Sf1TN6l/6ib1T92k/qmb1F+I1OxKP3+W7a9t9RtOyfBX8q/0158QQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiNThXLjMAMCv7Ss9LyGEEEIIIYQQQvznhLRXegZCCCGEEEIIIYT474egQIOBCNJAWkiBdJAeroIMkBEyQWZIwNWQBa6BrHAtZIPskANyQi7IDXnAAoEDhhjyQj5IwnWQH66HAlAQCkFh8FAEisINUAxuhOJwE5SAm6Ek3AKloDSUgbJwK5SD26A83A4V4A6oCJWgMlSBO6Eq3AXV4G6oDvdADbgXasJ9UAvuh9rwANSBB6EuPAT1oD40gIbQCBpDk3/KT/nT+c9BF3geukI36A49oCe8AL2gN/SBvtAPXoT+8BIMgJdhIAyCwfAKDIFXYSi8BsNgOIyA12EkjILRMAbGwjgYD2/ABHgTJsJbMAkmwxSYCtNgOsyAt2EmzILZ8A7MgXdhLsyD+bAAFsJ7sAgWwxJ4H5bCB7AMlsMKWAmrYDWsgbWwDtbDBtgIm2AzbIGtsA0+hO2wA3bCLtgNH8Ee+Bj2wiewDz6F/fDZv5l/9l/zL4YQEFChQoMG02AaTMEUTI/pMQNmwEyYCROYwCyYBbNiVsyG2TAH5sBcmAvzYB4kJGRkzIt5MYlJzI/5sQAWwEJYCD16LIpFsRjeiMWxOJbAElgSS2IpLI2AZbEslkOA8lgeK2AFrIgVsTJWxjvxTrwLq2E1rI7VsQbWwJpYE2thLayNtbEO1sG6WBfrYT1sgA2wETbCJtgEm2JTbIbNsIUBbIktsRW2wtbYGttgG2yLbbEdtsP22B47YAfsiJ2wEz6Hz+Hz+Dx2w4qqB/bEntgLe2Ef7It98UXsjy/hS/gyDsRBOBhfwVfwVRyKZ3AYDscROALLqVE4Gscgq3E4HsfjBJyAE3EiTsLJOBmn4jScjjNwBs7EWTgL38E5+C6+i/NwHi7AhbgQF+FiXIJLcCmexWW4HFfgSlyFq3EVrsV1uBY34EbcgJtxM27Frfghfog7cAfuwl34EX6EH+PH+Al+ggNxP+7HA3gAD+JBPISH8DAexiN4BI/iUTyGx/A4HscTeBJP4Uk8jafxDJ7Fc3gOz+N5vIAX8CJevPTNry4xyqg0Ko1KUSkqvUqvMqgMKpPKpBIqobKoLCqryqqyqWwqh8qhcqlcKo/Ko0iRYhWrvCqvSqqkyq/yqwKqgCqkCimvvCqqiqpiqpgqroqrEupmVVLdokqp0qq5L6vKqnKqhS+vblcVVAVVUVVSlVUVVUVVVVVVNVVNVVfVVQ1VQ9VU96laqgf2wQfUpcrUVYOwnhqMDVRD1Ug1Vq/iw6qpGorNVHPVQj2qhuMwbKWa+tbqCdVGjca26ik1Bp9W7dU47KCeVR1VJ9VZPae6qGa+q+qmJmEP1VNNxV6qt+qj+qqZWEldqlhl9bIaqAapweoVtQBfVUPVa2qYGq5GqNfVSDVKjVZj1Fg1To1Xb6gJ6k01Ub2lJqnJaoqaqqap6WqGelvNVLPUbPWOmqPeVXPVPDVfLVAL1XtqkVqslqj31VL1gVqmlqsVaqVapVarNWqtWqfWqw1qo9qkNqstaqvapj5U29UOtVPtUruV+vVNW+1Tn6r96jN1QP1NHVSfq0PqC3VYfamOqK/UUfW1Oqa+UcfVt+qEOqlOqe/UafW9OqPOqnPqB3Ve/aguqJ/URRUU9AAArbXRkU6j0+oUnU6n11fpDDqjzqQz64S+WmfR1+is+lqdTWfXOXROnUvn1nm01aSdZh3rvDqfTurrdH59vS6gC+pCurD2uoguqm/QxfSNuri+SZfQN+uS+hZdSpfWZXRZfasup2/T5fXtuoK+Q1fUlXRlXUXfqavqu3Q1fbeuru/RNfS9uqa+T9fS9+va+gFdRz+o6+qHdD1dXzfQDXUj3Vg30Q/rpvoR3Uw31y30o7qlfky30o/r1voJ3UY/qdvqp3Q7/bRur5/RHfSzuqPupDvrn/RFHXRX3U131z10T/2C7qV76z66r+6nX9T99Ut6gH5ZD9SD9GD9ih6iX9VD9Wt6mB6uR+jX9Ug9So/WY/RYPU6P12/oCfpNPVG/pSfpyXqKnqqn6em6z99Hmv0n8t/8nfwBPx99q96mP9Tb9Q69U+/Su/VHeo/eo/fqvXqf3qf36/36gD6gD+qD+pA+pA/rw/qIPqKP6qP6mD6mj+vj+oQ+qX/Q3+nT+nt9Rp/VZ/UP+rw+ry/8/RyAQaOMNsZEJo1Ja1JMOpPeXGUymIwmk8lsEuZqk8VcY7Kaa002k93kMDlNLpPb5DHWkHGGTWzymnwmaa4z+c31poApaAqZwsabIqaoueEv5//R/JqYJqapaWqamWamhWlhWpqWppVpZVqb1qaNaWPamramnWln2pv2poPpYDqajqaz6Wy6mC4mAEB30930NC+YXqa36WP6mn7mRdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJLzBKz1Cw1y8xys9ysNCvNarParDVrzXqz3mw0G81ms9ksM7/+guZOs9PsNrvNHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL932RSpSkYlMlCZKE6VEKVH6KH2UIcoQZYoyRYkoEWWJskRZo2ujbFH2KEeUM8oV5Y7yRDaiyEUcxVHeKF+UjK6L8kfXRwWiglGhqHDkoyJR0eiGqFh0Y1Q8uikqEd0clYxuiUpFpaMyUdno1qhcdFtUPro9qhDdEVWMKkWVoyrRnVHV6K6oWnR3VD26J6oR3RvVjO6LakX3R7WjB6I60YNR3eihqF5UP2oQNYwaRY2jJv/R8UM4k/0R39V2s91tD9vTvmB72d62j+1r+9kXbX/7kh1gX7YD7SA72L5ih9hX7VD7mh1mh9sR9nU70o6yo+0YO9aOs+PtG3aCfdNOtG/ZSXaynWKn2ml2up1h37Yz7Sw7275j59h37Vw7z863C+xC+55dZBfbJfZ9u9R+YJfZ5XaFXWlX2dV2jV1r19n1doPdaDfZzXaL3Wq32Q/tdrvD7rS77G77kd1jP7Z77Sd2n/3U7ref2QP2b/ag/dwesl/Yw/ZLe8R+ZY/ar+0x+409br+1J+xJe8p+Z0/b7+0Ze9aesz/Y8/ZHe8H+ZC/acOnm/tLlnQwZSkNpKIVSKD2lpwyUgTJRJkpQgrJQFspKWSkbZaMclINyUS7KQ3noEiamvJSXkpSk/JSfClABKkSFyJOnolSUilExKk7FqQSVoJJUkkpRKSpDly5tt9JtdBvdTrfTHXQHVaJKVIWqUFWqStWoGlWn6lSDalBNqkm1qBbVptpUh+pQXapL9ageNaAG1IgaURNqQk2pKTWjZtSCWlBLakmtqBW1ptbUhtpQW2pL7agdtaf21IE6UEfqSJ2pM3WhLtSVulJ36k49qSf1ol7Uh/pQP+pH/ak/DaABNJAG0mAaTENoCA2loTSMhtMIep1G0igaTWNoLI2j8TSeJtAEmkgTaRJNoik0habRNJpBM2gmzaTZNJvm0ByaS3NpPs2nhbSQFtEiWkJLaCktpWW0jFbQClpFq2gNraF1tI420AbaRJtoC22htLCNttN22kk7aTftpj20h/bSXtpH+2g/7acDdIAO0kE6RIfoMB2mI3SEjtJROkbH6DgdpxN0Ak/RKTpNp+kMnaFzdI7O0490gX6iixQoxaVz6d1VLoPL6DK5zC7FpesGAP+Ic7icLpfL7fI467K57P8Sk3OugCvoCrnCzrsirqi74TdxKVfalXFl3a2unLvNlf9NXNXd5aq5u111d4+r4u78l7iGu9fVdA+5Wq6+q+0aujqusavrHnL1XH3XwDV0jVxj19I95lq5x11r94Rr4578TbzILXbr3Hq3wW10e90n7pz7wR11X7vz7kfX1XVz/dyLrr97yQ1wL7uBbtBv4hHudTfSjXKj3Rg31o37TTzFTXXT3HQ3w73tZrpZv4kXuvfcHLfEzXXz3Hy34Of40pyWuPfdUveBW+aWuxVupVvlVrs1bu0/5rrSbXZb3Fa3x33strsdbqfb5Xa7j36OL61jn/vU7XefuSPuK3fQfe4OuWPusPvy5/jS+o65b9xx96074U66U+47d9p97864sz+v/9Lav3M/uYsuOGBkxZoNR5yG03IKp+P0fBVn4IyciTNzgq/mLHwNZ+VrORtn5xyck3Nxbs7DlokdM8ecl/NxMl9Gzs/XcwEuyIW4MHsuwkX5Bi7GN3JxvolL8M1ckm/hUlyay3BZvpXL8W1cnm/nCnwHV+RKXJmr8J1cle/ianw3V+d7uAbfyzX5Pq7F93NtfoDr8INclx/ielyfG3BDbsSNuQk/zE35EW7GzbkFP8ot+TFuxY9za36C2/CT3Jaf4nb8NLfnZ7gDP8sduRN35ue4Cz/PXbkbd+ce3JNf4F7cm/twX+7HL3J/fokH8Ms8kAfxYH6Fh/CrPJRf42E8nEfw6zySR/FoHsNjeRyP5zd4Ar/JE/ktnsSTeQpP5Wk8nWfw2zyTZ/Fsfofn8Ls8l+fxfF7AC/k9XsSLeQm/z0v5A17Gy3kFr+RVvJrX8Fpex+t5A2/kTbyZt/BW3sYf8nbewTt5F+/mj3gPf8x7+RPex5/yfv6MD/Df+CB/zof4Cz7MX/IR/oqP8td8jL/h4/wtn+CTfIq/49P8PZ/hs3yOf+Dz/CNf4J/4IgeGGGMV69jEUZwmThunxOni9PFVcYY4Y5wpzhwn4qvjLPE1cdb42jhbnD3OEeeMc8W54zyxjSl2McdxnDfOFyfj6+L88fVxgbhgXCguHPu4SFw0viEuFt8YF49vikvEN8cl41viUnHpuExcNr41LhffFpePb48rxHfEFeNKceW4SnxnXDW+K64W3x1Xj++Ji8f3xjXj++Ja8f1x7fiBuE78YFw3fiiuF9ePG8QN40Zx47hJ/HDcNH4kbhY3j1vEj8Yt48fiVvHjcev4ibhN/OQf9nePe8Q94xfiF+IQ7tbzkwuSC5PvJRclFyeXJN9PLk1+kFyWXJ5ckVyZXJVcnVyTXJtcl1yf3JDcmNyU3JzcktyaDKFKWvDoldfe+Min8Wl9ik/n0/urfAaf0WfymX3CX+2z+Gt8Vn+tz+az+xw+p8/lc/s83nryzrOPfV6fzyf9dT6/v94X8AV9IV/Ye1/EF/WNfRPfxDf1j/hmvrlv4R/1j/rH/GP+cf+4f8K38U/6tv4p384/7dv7Z/wz/lnf0Xfynf1zvot/3nf13Xx339339D19L9/L9/F9fD/fz/f3/f0AP8AP9AP9YD/YD/FD/FA/1A/zw/wIP8KP9CP9aD/aj/Vj/Xg/3k/wE/xEP9FP8pP8FD/FT/PT/Aw/w8/0M/1sP9vP8XP8XD/Xz/fz/UK/0C/yi/wSv8Qv9Uv9Mr/Mr/Ar/Cq/yq/xa/w6v85v8Bv8Jr/Jb/Fb/Da/zW/32/1Ov9Pv9rv9Hr/H71V7/T6/z+/3+/0Bf8Af9Af9If+FP+y/9Ef8V/6o/9of89/44/5bf8Kf9Kf8d/60/96f8Wf9Of+DP+9/9Bf8T/6iD3584o3EhMSbiYmJtxKTEpMTUxJTE9MS0xMzEm8nZiZmJWYn3knMSbybmJuYl5ifWJBYmHgvsSixOLEk8X5iaeKDxLLE8sSKxMrEqsTqRAi50wBAyBeS4bqQP1wfCoSCoVAoHHwoEoqGG0KxcGMoHm4KJcLNoWS4JZQKpUOZUD80CA1Do9A4NAkPh6bhkdAsNA8twqOhZXgstAqPh9bhidAmPBnahqdCu/B0aB+eCR3Cs6Fj6BQ6h+dCl/B86Bq6he6hR+gZXgi9Qu/QJ/QN/cKLoX94KQwIL4eBYVAYHF4JQ8KrYWh4LQwLw8OI8HoYGUaF0WFMGBvGhfHhjTAhvBkmhrfCpDA5TAlTw7QwPcwIb4eZYVaYHd4Jc8K7YW6YF+aHBWFheC8sCovDkvB+WBo+CMvC8rAirAyrwuqwJqwN68L6sCFsDJvC5rAlbA3bwodhe9gRdoZdYXf4KOwJH4e94ZOwL3wa9ofPwoHwt3AwfB4OhS/C4fBlOBK+CkfD1+FY+CYcD9+GE+FkOBW+C6fD9+FMOBvOhR/C+fBjuBB+Chflb9aEEEIIIf4U/Qf9Pf6LnF9/EtUTADLuyHn4/+7flO2Xdu+0uVomAOCJbh0e+HWrWLF79+5/33eZhijfPABIXM6/dBv9a7wcWsBj0BqaQ7F/9Kf807F6q07n+Q/GT94MkP6fclLU5fbl8W/83fX3VqPm/P74+OsuUXIeQIF8l3PSweX48vjF/4vxszf9g/mn+3w8QLN/yskAl+PL4xeFR+BJaP0vewohhBBCCCGEEL/orcq0gz/x+TyXuZyTFi7Hv/f5XAghhBBCCCGEEP9/ebpT58cfbt26ebv/eQ1zRY6OAD8/G0lEv5zAP84KmX/Z88qfMWlI4083ruS7khBCCCGEEOK/w+Wb/t/2DbkSExJCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIVKh/xf/TuyXI+GVXqoQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQghxxfyfAAAA//+wXi8u")
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x218888, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

5.7519148s ago: executing program 3 (id=473):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000f40)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c757466383d302c696f636861727365743d63703836302c696f636861727365743d6d616363726f617469616e2c756e695f786c6174653d312c747a3d5554432c6e6f6e756d7461696c3d302c756e695f786c6174653d312c696f636861727365743d63703433372c73686f72746e616d653d77696e6e742c726f6469722c73686f72746e616d653d6d697865642c6e6f636173652c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6d697865642c6572726f72733d72656d6f756e742d726f2c6e6f6e756d7461696c3d302c736d61636b66736465663d757466383d302c64697273796e632c736d61636b66736861743d262c657569643e807d6dc634ae06b292a3825c7626caa45b7a39a81660437a556646a082c54e8cf9c81260f6a760b9f06d5738818ee5a4503b0364b0f4c56abfe2", @ANYRES32, @ANYBLOB="2c6f624a5f726f6c653d80006173682ca8ea26de004d22080834ec21408c1cbd571f6191519244adb50f367988fb2727cc32238fac4fbdc332b1719e340000000004f23246a8d5ec9c21dd657ad6d91f895438297d5da5a51f2163a3aefc9a13608114683a6be3371b75c707284241970a8159ba2bec7414c90ddbdd8218b3ce593b992196b6a3cd4bc2bb6754b654ba0fa3821193cdf866d2630a60f040d612f358308919f24bccb430ad754832a2402e3b7240e7eec9ad32c333f3dca7ab50db1f0415a70ece849f03e8441be2c1c54491c7428bbfdcea758eb7de27821cbc79a45c11b52ff4b704fefa01987a8fa8be2756414f8d10f022600574c68d130d46301ff52bbd08cf61190205"], 0x25, 0x359, &(0x7f0000000bc0)="$eJzs3T1onHUYAPDn+ia5JFiTQSg6nW6ClCbioFNCqVDMoJXDr8XDpn7kzkIOD+KQyy1KcVJcBJ3cOujYWRxE3BxcrSBVcbFbocFX3rv3vnJ3Jhkutvj7DeXh+f+f+z/vB33fhOSf15uxdXk2rty+fSvm5wsxs3Z+Le4UYjlORRIdezHWR3Pj8wDAPe5OmsZfacfhsz9Z7Eae/QBw/2o//9883U8Uj1F87YFptAQATNkRv/5/fmz26tTaAgCmaOT5/9jQ8IFv88/0fiYAALh/vfjKq8+tb0RcKpXmI2ofNsqNcjzTH1+/Em9HNTbjXCzFfkTnRaHztpD9++zFjQvnSpnflqOcVTTKEbVmo9x5U1hP2vXFWImlWM7r0159ktWvtOtLEbHXbK8ftUKjPBuL+fo/L8ZmrMZSPDRSH3Fx48JqKf+Acq1b34xoxXz3ILL+z8ZS/PhGXI1qXI6stt//7kqpdD7dGKpvXC+25wEAAAAAAAAAAAAAAAAAAAAAwDScLfUs9/a/SWvNxgeXDk7ojRfb+/t0hvP9gVqd/YHSYnd3nmvJwf2BhvfnaZRn4tR/euQAAAAAAAAAAAAAAAAAAABw76jvzEWlWt3cru+8vzUYNAcy737/1bcL0R2ayUvfSfpVkSeHPqc7ceCTk+gtkfbK02RoTh4kEd3Je5XrN3odD84p9o5ipDwLiiNDhbynSrV6+tFfPx9X9XcW7LUzSYycluGgkK8/MFR7MEvMR8T+pKrJweohc26maTqpfPezXqbbVj0KETNx7DaOEHx3662Hn6yfeaqd+Sbf9OHxJ5Zeuvnpl39sVarR6rRQrc5t1/fTSVcnvxZZJut1dK1k4P4p5Oe5MOZOGB+0+pnWdn2nkvz058uPfPzDgcnJ+PsnHcy8N3mtrw9m5jpBIWK5exL+rdXZMTf/+OC1u0Nn7LCqhaHMmS/WKjd2f/n9qFd54D8JG3UAAAAAAAAAAAAAAAAAAMCJ6P/S73Gqnn5heh0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMnr//3/gaA1kjlKcLcZo0PFze36xMUXTvRQAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4H/snAAD//82Fa84=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000000)=' ', 0x1, 0x4fed0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x52142, 0x0)
io_setup(0x5, &(0x7f00000002c0)=<r2=>0x0)
io_submit(r2, 0x2000022a, &(0x7f0000002680)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000200)='`', 0x8200, 0x600}])
r3 = openat(0xffffffffffffff9c, 0x0, 0x80801, 0x60)
pwrite64(r3, &(0x7f0000000040), 0x0, 0x8081000)

5.54371905s ago: executing program 0 (id=476):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000001d40)=@base={0x12, 0x6, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x5}, 0x50)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b70300001a00000085"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0xedf0e51957efc755, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0}, &(0x7f0000000400), &(0x7f0000000500)=r1}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

5.465721444s ago: executing program 2 (id=477):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file1\x00', 0x10c00, &(0x7f0000000100)=ANY=[], 0x3, 0x150f, &(0x7f0000000780)="$eJzs3AnYTlX3MPC19t6Hhwx3knmvvQ53MmySJEOSDEmSJMmckCRJEpIpUxKSkDnJHJIpJPM8ZUqSvJIkCQlJ9nept9f7fvW/6r16/5/v/3/W77rOde917bP22fus57nPuc8zfN1hcOW6VSrUZmb4S/CXl+4AkAIA/QAgMwBEAFAiS4ksl/rTaez+1w4i/rMemHalZyCuJKl/6ib1T92k/qmb1D91k/qnblL/1E3qn7pJ/YVIzbZNz3m1bKl3++vP/1N+eZHn//8DyfU/dZP6/29zOt2/s7fU/3+TiyGEfy9D6p+6Sf1TN6l/6ib1T92k/qmb1F+I1OxKP3+W7a9t9RtOyfBX8q/0158QQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiNThXLjMAMCv7Ss9LyGEEEIIIYQQQvznhLRXegZCCCGEEEIIIYT474egQIOBCNJAWkiBdJAeroIMkBEyQWZIwNWQBa6BrHAtZIPskANyQi7IDXnAAoEDhhjyQj5IwnWQH66HAlAQCkFh8FAEisINUAxuhOJwE5SAm6Ek3AKloDSUgbJwK5SD26A83A4V4A6oCJWgMlSBO6Eq3AXV4G6oDvdADbgXasJ9UAvuh9rwANSBB6EuPAT1oD40gIbQCBpDk3/KT/nT+c9BF3geukI36A49oCe8AL2gN/SBvtAPXoT+8BIMgJdhIAyCwfAKDIFXYSi8BsNgOIyA12EkjILRMAbGwjgYD2/ABHgTJsJbMAkmwxSYCtNgOsyAt2EmzILZ8A7MgXdhLsyD+bAAFsJ7sAgWwxJ4H5bCB7AMlsMKWAmrYDWsgbWwDtbDBtgIm2AzbIGtsA0+hO2wA3bCLtgNH8Ee+Bj2wiewDz6F/fDZv5l/9l/zL4YQEFChQoMG02AaTMEUTI/pMQNmwEyYCROYwCyYBbNiVsyG2TAH5sBcmAvzYB4kJGRkzIt5MYlJzI/5sQAWwEJYCD16LIpFsRjeiMWxOJbAElgSS2IpLI2AZbEslkOA8lgeK2AFrIgVsTJWxjvxTrwLq2E1rI7VsQbWwJpYE2thLayNtbEO1sG6WBfrYT1sgA2wETbCJtgEm2JTbIbNsIUBbIktsRW2wtbYGttgG2yLbbEdtsP22B47YAfsiJ2wEz6Hz+Hz+Dx2w4qqB/bEntgLe2Ef7It98UXsjy/hS/gyDsRBOBhfwVfwVRyKZ3AYDscROALLqVE4Gscgq3E4HsfjBJyAE3EiTsLJOBmn4jScjjNwBs7EWTgL38E5+C6+i/NwHi7AhbgQF+FiXIJLcCmexWW4HFfgSlyFq3EVrsV1uBY34EbcgJtxM27Frfghfog7cAfuwl34EX6EH+PH+Al+ggNxP+7HA3gAD+JBPISH8DAexiN4BI/iUTyGx/A4HscTeBJP4Uk8jafxDJ7Fc3gOz+N5vIAX8CJevPTNry4xyqg0Ko1KUSkqvUqvMqgMKpPKpBIqobKoLCqryqqyqWwqh8qhcqlcKo/Ko0iRYhWrvCqvSqqkyq/yqwKqgCqkCimvvCqqiqpiqpgqroqrEupmVVLdokqp0qq5L6vKqnKqhS+vblcVVAVVUVVSlVUVVUVVVVVVNVVNVVfVVQ1VQ9VU96laqgf2wQfUpcrUVYOwnhqMDVRD1Ug1Vq/iw6qpGorNVHPVQj2qhuMwbKWa+tbqCdVGjca26ik1Bp9W7dU47KCeVR1VJ9VZPae6qGa+q+qmJmEP1VNNxV6qt+qj+qqZWEldqlhl9bIaqAapweoVtQBfVUPVa2qYGq5GqNfVSDVKjVZj1Fg1To1Xb6gJ6k01Ub2lJqnJaoqaqqap6WqGelvNVLPUbPWOmqPeVXPVPDVfLVAL1XtqkVqslqj31VL1gVqmlqsVaqVapVarNWqtWqfWqw1qo9qkNqstaqvapj5U29UOtVPtUruV+vVNW+1Tn6r96jN1QP1NHVSfq0PqC3VYfamOqK/UUfW1Oqa+UcfVt+qEOqlOqe/UafW9OqPOqnPqB3Ve/aguqJ/URRUU9AAArbXRkU6j0+oUnU6n11fpDDqjzqQz64S+WmfR1+is+lqdTWfXOXROnUvn1nm01aSdZh3rvDqfTurrdH59vS6gC+pCurD2uoguqm/QxfSNuri+SZfQN+uS+hZdSpfWZXRZfasup2/T5fXtuoK+Q1fUlXRlXUXfqavqu3Q1fbeuru/RNfS9uqa+T9fS9+va+gFdRz+o6+qHdD1dXzfQDXUj3Vg30Q/rpvoR3Uw31y30o7qlfky30o/r1voJ3UY/qdvqp3Q7/bRur5/RHfSzuqPupDvrn/RFHXRX3U131z10T/2C7qV76z66r+6nX9T99Ut6gH5ZD9SD9GD9ih6iX9VD9Wt6mB6uR+jX9Ug9So/WY/RYPU6P12/oCfpNPVG/pSfpyXqKnqqn6em6z99Hmv0n8t/8nfwBPx99q96mP9Tb9Q69U+/Su/VHeo/eo/fqvXqf3qf36/36gD6gD+qD+pA+pA/rw/qIPqKP6qP6mD6mj+vj+oQ+qX/Q3+nT+nt9Rp/VZ/UP+rw+ry/8/RyAQaOMNsZEJo1Ja1JMOpPeXGUymIwmk8lsEuZqk8VcY7Kaa002k93kMDlNLpPb5DHWkHGGTWzymnwmaa4z+c31poApaAqZwsabIqaoueEv5//R/JqYJqapaWqamWamhWlhWpqWppVpZVqb1qaNaWPamramnWln2pv2poPpYDqajqaz6Wy6mC4mAEB30930NC+YXqa36WP6mn7mRdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJLzBKz1Cw1y8xys9ysNCvNarParDVrzXqz3mw0G81ms9ksM7/+guZOs9PsNrvNHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL932RSpSkYlMlCZKE6VEKVH6KH2UIcoQZYoyRYkoEWWJskRZo2ujbFH2KEeUM8oV5Y7yRDaiyEUcxVHeKF+UjK6L8kfXRwWiglGhqHDkoyJR0eiGqFh0Y1Q8uikqEd0clYxuiUpFpaMyUdno1qhcdFtUPro9qhDdEVWMKkWVoyrRnVHV6K6oWnR3VD26J6oR3RvVjO6LakX3R7WjB6I60YNR3eihqF5UP2oQNYwaRY2jJv/R8UM4k/0R39V2s91tD9vTvmB72d62j+1r+9kXbX/7kh1gX7YD7SA72L5ih9hX7VD7mh1mh9sR9nU70o6yo+0YO9aOs+PtG3aCfdNOtG/ZSXaynWKn2ml2up1h37Yz7Sw7275j59h37Vw7z863C+xC+55dZBfbJfZ9u9R+YJfZ5XaFXWlX2dV2jV1r19n1doPdaDfZzXaL3Wq32Q/tdrvD7rS77G77kd1jP7Z77Sd2n/3U7ref2QP2b/ag/dwesl/Yw/ZLe8R+ZY/ar+0x+409br+1J+xJe8p+Z0/b7+0Ze9aesz/Y8/ZHe8H+ZC/acOnm/tLlnQwZSkNpKIVSKD2lpwyUgTJRJkpQgrJQFspKWSkbZaMclINyUS7KQ3noEiamvJSXkpSk/JSfClABKkSFyJOnolSUilExKk7FqQSVoJJUkkpRKSpDly5tt9JtdBvdTrfTHXQHVaJKVIWqUFWqStWoGlWn6lSDalBNqkm1qBbVptpUh+pQXapL9ageNaAG1IgaURNqQk2pKTWjZtSCWlBLakmtqBW1ptbUhtpQW2pL7agdtaf21IE6UEfqSJ2pM3WhLtSVulJ36k49qSf1ol7Uh/pQP+pH/ak/DaABNJAG0mAaTENoCA2loTSMhtMIep1G0igaTWNoLI2j8TSeJtAEmkgTaRJNoik0habRNJpBM2gmzaTZNJvm0ByaS3NpPs2nhbSQFtEiWkJLaCktpWW0jFbQClpFq2gNraF1tI420AbaRJtoC22htLCNttN22kk7aTftpj20h/bSXtpH+2g/7acDdIAO0kE6RIfoMB2mI3SEjtJROkbH6DgdpxN0Ak/RKTpNp+kMnaFzdI7O0490gX6iixQoxaVz6d1VLoPL6DK5zC7FpesGAP+Ic7icLpfL7fI467K57P8Sk3OugCvoCrnCzrsirqi74TdxKVfalXFl3a2unLvNlf9NXNXd5aq5u111d4+r4u78l7iGu9fVdA+5Wq6+q+0aujqusavrHnL1XH3XwDV0jVxj19I95lq5x11r94Rr4578TbzILXbr3Hq3wW10e90n7pz7wR11X7vz7kfX1XVz/dyLrr97yQ1wL7uBbtBv4hHudTfSjXKj3Rg31o37TTzFTXXT3HQ3w73tZrpZv4kXuvfcHLfEzXXz3Hy34Of40pyWuPfdUveBW+aWuxVupVvlVrs1bu0/5rrSbXZb3Fa3x33strsdbqfb5Xa7j36OL61jn/vU7XefuSPuK3fQfe4OuWPusPvy5/jS+o65b9xx96074U66U+47d9p97864sz+v/9Lav3M/uYsuOGBkxZoNR5yG03IKp+P0fBVn4IyciTNzgq/mLHwNZ+VrORtn5xyck3Nxbs7DlokdM8ecl/NxMl9Gzs/XcwEuyIW4MHsuwkX5Bi7GN3JxvolL8M1ckm/hUlyay3BZvpXL8W1cnm/nCnwHV+RKXJmr8J1cle/ianw3V+d7uAbfyzX5Pq7F93NtfoDr8INclx/ielyfG3BDbsSNuQk/zE35EW7GzbkFP8ot+TFuxY9za36C2/CT3Jaf4nb8NLfnZ7gDP8sduRN35ue4Cz/PXbkbd+ce3JNf4F7cm/twX+7HL3J/fokH8Ms8kAfxYH6Fh/CrPJRf42E8nEfw6zySR/FoHsNjeRyP5zd4Ar/JE/ktnsSTeQpP5Wk8nWfw2zyTZ/Fsfofn8Ls8l+fxfF7AC/k9XsSLeQm/z0v5A17Gy3kFr+RVvJrX8Fpex+t5A2/kTbyZt/BW3sYf8nbewTt5F+/mj3gPf8x7+RPex5/yfv6MD/Df+CB/zof4Cz7MX/IR/oqP8td8jL/h4/wtn+CTfIq/49P8PZ/hs3yOf+Dz/CNf4J/4IgeGGGMV69jEUZwmThunxOni9PFVcYY4Y5wpzhwn4qvjLPE1cdb42jhbnD3OEeeMc8W54zyxjSl2McdxnDfOFyfj6+L88fVxgbhgXCguHPu4SFw0viEuFt8YF49vikvEN8cl41viUnHpuExcNr41LhffFpePb48rxHfEFeNKceW4SnxnXDW+K64W3x1Xj++Ji8f3xjXj++Ja8f1x7fiBuE78YFw3fiiuF9ePG8QN40Zx47hJ/HDcNH4kbhY3j1vEj8Yt48fiVvHjcev4ibhN/OQf9nePe8Q94xfiF+IQ7tbzkwuSC5PvJRclFyeXJN9PLk1+kFyWXJ5ckVyZXJVcnVyTXJtcl1yf3JDcmNyU3JzcktyaDKFKWvDoldfe+Min8Wl9ik/n0/urfAaf0WfymX3CX+2z+Gt8Vn+tz+az+xw+p8/lc/s83nryzrOPfV6fzyf9dT6/v94X8AV9IV/Ye1/EF/WNfRPfxDf1j/hmvrlv4R/1j/rH/GP+cf+4f8K38U/6tv4p384/7dv7Z/wz/lnf0Xfynf1zvot/3nf13Xx339339D19L9/L9/F9fD/fz/f3/f0AP8AP9AP9YD/YD/FD/FA/1A/zw/wIP8KP9CP9aD/aj/Vj/Xg/3k/wE/xEP9FP8pP8FD/FT/PT/Aw/w8/0M/1sP9vP8XP8XD/Xz/fz/UK/0C/yi/wSv8Qv9Uv9Mr/Mr/Ar/Cq/yq/xa/w6v85v8Bv8Jr/Jb/Fb/Da/zW/32/1Ov9Pv9rv9Hr/H71V7/T6/z+/3+/0Bf8Af9Af9If+FP+y/9Ef8V/6o/9of89/44/5bf8Kf9Kf8d/60/96f8Wf9Of+DP+9/9Bf8T/6iD3584o3EhMSbiYmJtxKTEpMTUxJTE9MS0xMzEm8nZiZmJWYn3knMSbybmJuYl5ifWJBYmHgvsSixOLEk8X5iaeKDxLLE8sSKxMrEqsTqRAi50wBAyBeS4bqQP1wfCoSCoVAoHHwoEoqGG0KxcGMoHm4KJcLNoWS4JZQKpUOZUD80CA1Do9A4NAkPh6bhkdAsNA8twqOhZXgstAqPh9bhidAmPBnahqdCu/B0aB+eCR3Cs6Fj6BQ6h+dCl/B86Bq6he6hR+gZXgi9Qu/QJ/QN/cKLoX94KQwIL4eBYVAYHF4JQ8KrYWh4LQwLw8OI8HoYGUaF0WFMGBvGhfHhjTAhvBkmhrfCpDA5TAlTw7QwPcwIb4eZYVaYHd4Jc8K7YW6YF+aHBWFheC8sCovDkvB+WBo+CMvC8rAirAyrwuqwJqwN68L6sCFsDJvC5rAlbA3bwodhe9gRdoZdYXf4KOwJH4e94ZOwL3wa9ofPwoHwt3AwfB4OhS/C4fBlOBK+CkfD1+FY+CYcD9+GE+FkOBW+C6fD9+FMOBvOhR/C+fBjuBB+Chflb9aEEEIIIf4U/Qf9Pf6LnF9/EtUTADLuyHn4/+7flO2Xdu+0uVomAOCJbh0e+HWrWLF79+5/33eZhijfPABIXM6/dBv9a7wcWsBj0BqaQ7F/9Kf807F6q07n+Q/GT94MkP6fclLU5fbl8W/83fX3VqPm/P74+OsuUXIeQIF8l3PSweX48vjF/4vxszf9g/mn+3w8QLN/yskAl+PL4xeFR+BJaP0vewohhBBCCCGEEL/orcq0gz/x+TyXuZyTFi7Hv/f5XAghhBBCCCGEEP9/ebpT58cfbt26ebv/eQ1zRY6OAD8/G0lEv5zAP84KmX/Z88qfMWlI4083ruS7khBCCCGEEOK/w+Wb/t/2DbkSExJCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIVKh/xf/TuyXI+GVXqoQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQghxxfyfAAAA//+wXi8u")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x80042, 0x4d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000780)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r4 = io_uring_setup(0x4dec, &(0x7f0000000000)={0x0, 0x54c4, 0x8, 0x0, 0x2ff})
io_uring_register$IORING_UNREGISTER_PERSONALITY(r4, 0xa, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x15, 0x8, 0x4, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
socket$nl_generic(0x10, 0x3, 0x10)

5.234968395s ago: executing program 0 (id=478):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x13, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x130}, 0x94)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000240)=@generic={0x21, "1aee2c4f6843c6782466293e62d4f664c2efa8906f0d97822ac0d88ecdd9d47e182b3b523c6243022c1be9fd662325c023ac48a28ae996c41561bb7e9903c408613b4d29da0b9d5af499caa7759c17c667af8acea6dc52148f1233494efd8f08aaab6382d5e33471a107ec47df5b5312764e134c68842fd1a2078151812e"}, 0x80, &(0x7f00000009c0)=[{0x0}, {&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cd", 0x69}, {&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf748ac63bcc212703d44cb083e962eee9b5d212523c162b42377ebd0bc624bf9425f6f4772e36c6c2fd4f69b65cc435f93c1a490cb75162251e15942b29de8d9d", 0xd1}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654", 0x48}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d212b210a0325f7c289d1a2552d7a3f2176a47e95bc46471fae9167768d58f22ff10ba3cc2050b1ee838ce9e4ac5a1544fec3e291272cfaaa4817539972fb8bb2ede331312f556ecea24236759bf0d51003477ec489820505cea6045a9939974c6f2ee3815378dc0a620982383e84", 0xbd}], 0x5}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000ac0)}, {&(0x7f0000000bc0)="61275006ed747229311198ab94c7e6699587b0d033c2f17d1ccbd45cba520b6888fbad95d4d6ae3cc7172b392f90693e992e52408ba7f1874d1767303d6acb170f216f71908f53a3be1833a25eb1fb2ba3913dcc1de30c5c7e914b13514dea44fb2b964aaa280d5a85512fede488", 0x6e}], 0x3, &(0x7f0000000cc0)=[@mark={{0x14, 0x1, 0x24, 0x9a9}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}, @txtime={{0x18, 0x1, 0x3d, 0x80}}], 0x60}}, {{0x0, 0x0, &(0x7f0000003a40)=[{&(0x7f0000000640)="f3f4c60f4caeeeb0b0c17aa464613c", 0xf}], 0x1}}], 0x3, 0x20000044)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'})
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a", 0x27}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

4.613781978s ago: executing program 0 (id=479):
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
lsetxattr$security_capability(0x0, &(0x7f0000000100), &(0x7f0000000140)=@v2={0x2000000, [{0x4, 0x3}, {0x4, 0x4}]}, 0x14, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
close_range(r4, 0xffffffffffffffff, 0x0)
socket$unix(0x1, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x4003}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x10, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}]}, @NFTA_IMMEDIATE_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELCHAIN={0x20, 0x5, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xa8}}, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000840)=@newsa={0x13c, 0x10, 0x713, 0x0, 0x0, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in6=@local}, {@in=@dev={0xac, 0x14, 0x14, 0x17}, 0x4d5, 0x33}, @in=@multicast1, {0x3}, {}, {0x0, 0x22}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2}, [@algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x13c}}, 0x0)
sendmsg$nl_route(r0, 0x0, 0x40040d4)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)

4.449739925s ago: executing program 3 (id=480):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x80, 0xffffffffffffffff, 0x0, 0x7}, 0x38)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x9}, 0x20)
ptrace$PTRACE_SETSIGMASK(0x420b, r0, 0x8, &(0x7f0000000000)={[0xffffffffffffffff]})
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r4, 0x401c5504, &(0x7f00000002c0)={0x3f})
ioctl$UI_SET_EVBIT(r4, 0x40045564, 0x3)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2004de, &(0x7f0000000100), 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x4c142, 0x0)
sendfile(r5, r5, 0x0, 0xe3aa6ea)

4.005271599s ago: executing program 2 (id=481):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)={0x18, 0x1d, 0x21, 0x70bd27, 0x2, {0x7}, [@typed={0x4, 0x2}]}, 0x18}, 0x1, 0x0, 0x0, 0x22000044}, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x37, [0xfffffff8, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x4, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x1, 0x8, 0xd, 0x0, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10000, 0x0, 0x91, 0x4, 0x4, 0x16, 0x8, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x2, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x9, 0x4], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x809, 0x4, 0xa7, 0x1000, 0x0, 0x200b398, 0x400080, 0x1, 0x4, 0x1c, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x1, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x1, 0x8000003, 0x4e, 0x9, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x2, 0x400, 0x3e55, 0x5, 0xd3, 0x8, 0x97f7, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x7f, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x5, 0x1], [0xa772, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x7, 0x1e, 0x9, 0x81, 0x3, 0x9d82, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x100009, 0xc, 0xffffffff, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x1, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x6, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x4e2080, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f0000000400)={0x1, 0x0, [{0x7, 0x7, 0x1, 0x100, 0x8f, 0x2, 0x7}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0xfffffffffffffffe, 0x40000000000180, 0x2, 0x6, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x4, 0x5, 0x4, 0x8], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000280)={0x2, 0x0, [{0xb, 0x5, 0x1, 0x400, 0x1, 0x2, 0x3}, {0xc0000001, 0xcb7, 0x3, 0x73, 0x3}]})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x50, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

3.637336717s ago: executing program 1 (id=483):
r0 = syz_create_resource$binfmt(&(0x7f0000000000)='./file1\x00')
r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
write$binfmt_script(r1, &(0x7f00000000c0)={'#! ', './file1', [{}, {}]}, 0xd)
close(r1)
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0)

3.405876989s ago: executing program 1 (id=484):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
r3 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f0000001c00), 0x12)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x18, 0x1c, &(0x7f0000000100)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xfff8, 0x0, 0x0, 0x0, 0x10001}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x30000000}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x50, 0x6000000}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfff0}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x20}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0xf1}, {0x7, 0x1, 0x2, 0x9, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x3, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.291080705s ago: executing program 2 (id=485):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYRES8=r0], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, 0x0, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r1, 0x2000012, 0xe, 0x0, &(0x7f0000000280)="63ec33c9e9b98600000000000000", 0x0, 0x2, 0x0, 0x0, 0xa, 0x0, 0x0, 0x1, 0x0, 0xb}, 0x1f)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getsockopt$sock_buf(r0, 0x1, 0x3d, 0x0, &(0x7f0000000040))
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x2}, 0x20)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
signalfd4(r3, 0x0, 0x0, 0x80000)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800002, 0xe)
r7 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
sendmsg$nl_route(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x401, 0x4002, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1d188, 0x51}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_VLAN_INGRESS_QOS={0x10, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7, 0x3}}]}]}}}]}, 0x44}}, 0x0)
ioctl$NILFS_IOCTL_SET_SUINFO(r3, 0x40186e8d, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000180)=0x587c, 0x4)
recvmmsg(r2, &(0x7f0000005440)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x0, 0x0)

2.309093404s ago: executing program 1 (id=486):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000001d40)=@base={0x12, 0x6, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x5}, 0x50)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b70300001a00000085"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0xedf0e51957efc755, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0}, &(0x7f0000000400), &(0x7f0000000500)=r1}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

2.192919059s ago: executing program 3 (id=487):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x13, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x130}, 0x94)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000240)=@generic={0x21, "1aee2c4f6843c6782466293e62d4f664c2efa8906f0d97822ac0d88ecdd9d47e182b3b523c6243022c1be9fd662325c023ac48a28ae996c41561bb7e9903c408613b4d29da0b9d5af499caa7759c17c667af8acea6dc52148f1233494efd8f08aaab6382d5e33471a107ec47df5b5312764e134c68842fd1a2078151812e"}, 0x80, &(0x7f00000009c0)=[{0x0}, {&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cd", 0x69}, {&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf748ac63bcc212703d44cb083e962eee9b5d212523c162b42377ebd0bc624bf9425f6f4772e36c6c2fd4f69b65cc435f93c1a490cb75162251e15942b29de8d9d", 0xd1}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654", 0x48}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d212b210a0325f7c289d1a2552d7a3f2176a47e95bc46471fae9167768d58f22ff10ba3cc2050b1ee838ce9e4ac5a1544fec3e291272cfaaa4817539972fb8bb2ede331312f556ecea24236759bf0d51003477ec489820505cea6045a9939974c6f2ee3815378dc0a620982383e84", 0xbd}], 0x5}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000ac0)}, {&(0x7f0000000bc0)="61275006ed747229311198ab94c7e6699587b0d033c2f17d1ccbd45cba520b6888fbad95d4d6ae3cc7172b392f90693e992e52408ba7f1874d1767303d6acb170f216f71908f53a3be1833a25eb1fb2ba3913dcc1de30c5c7e914b13514dea44fb2b964aaa280d5a85512fede488", 0x6e}], 0x3, &(0x7f0000000cc0)=[@mark={{0x14, 0x1, 0x24, 0x9a9}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}, @txtime={{0x18, 0x1, 0x3d, 0x80}}], 0x60}}, {{0x0, 0x0, &(0x7f0000003a40)=[{&(0x7f0000000640)="f3f4c60f4caeeeb0b0c17aa464613c", 0xf}], 0x1}}], 0x3, 0x20000044)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'})
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a", 0x27}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

2.144076352s ago: executing program 1 (id=488):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x1008002, &(0x7f0000000040), 0x3, 0x5eb, &(0x7f0000000c00)="$eJzs3ctvFEcaAPCvxw9sjNYDWu0ue1gsrVYg7WJjAysU5QDXCFnkoVxyiYMNIRiwsKPEJBJGIpdIUS5RFCmnHEL+iwSFK6fklEMuOUVIKIk4RspEPdNtPHaPX9jTiP79pGG6q6Zd1djfVHVNVU8AlTWS/lOLOBgRc0nEcLK0nNcbWeZI63WPfnv/fPpIotF4+Zckkiwtf32SPQ9lBw9ExHffJnGgZ22584s3Lk/Nzs5cz/bHFq7Mjc0v3jh66crUxZmLM1cn/j9x6uSJk6fGj23rvG4WpJ29/dY7wx9Ovvbl578n41/9OJnE6Xghe+HK89gpIzHS/D9J1mYNndrpwkrSk/2dNBqNRp6W9JZbJzYv//31RcTfYzh64vEvbzg+eLHUygG7qpG03ruBKkrEP1RU3g/Ir+1XXwfXSumVAN3w8ExrAGBt/Pe2xgZjoDk2sPdREiuHdZKI2N7IXLt9EXH/3uTtC/cmb8cujcMBxZZuRcQ/iuI/acZ/PQai3oz/Wlv8p/2Cc9lzmv7SNstfPVQs/qF7WvE/sG78R4f4fz19vtmK4Te2WX798eabg23xP7jdUwIAAAAAAIDKunsmIv5X9Pl/bXn+TxTM/xmKiNM7UP7Iqv21n//XHuxAMUCBh2cini+c/1vLZ//We1YsYa1HX3Lh0uzMsYj4S0Qcib496f74OmUc/ejAZ53yRrL5f/kjLf9+Nhcwq8eD3j3tx0xPLUw9wSkDmYe3Iv5ZOP83WW7/k4L2P31nmNtkGQf+c+dcp7yN4x/YLY0vIg4Xtv+P71qRrH9/jrFmf2As7xWs9a/3Pv66U/nbjX+3mIAnl7b/e9eP/3qy8n4981sv4/hib6NT3nb7//3JK827CvVnae9OLSxcH4/oT872pKlt6RNbrzM8i/J4yOMljf8j/15//K+o/z8YEUurfnbya/ua4tzf/hj6qVN99P+hPGn8T2+p/d/6xsSd+jedyt9c+3+i2dYfyVKM/0HLp3mY9renF4Rjb1FWt+sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+CWkTsi6Q2urxdq42ORgxFxF9jb2322vzCfy9ce/vqdJrX/P7/Wv5Nv8Ot/ST//v/6iv2JVfvHI2J/RHzSM9jcHz1/bXa67JMHAAAAAAAAAAAAAAAAAACAp8RQh/X/qZ97yq4dsOt6y64AUJqC+P++jHoA3af9h+oS/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD8AAAAAADxT9h+6+0MSEUvPDTYfqf4sr6/UmgG7rVZ2BYDSuMUPVJepP1BdrvGBZIP8gY4HbXTkeubOP8HBAAAAAAAAAAAAAFA5hw9a/w9VZf0/VJf1/1Bd+fr/QyXXA+g+1/hAbLCSv3D9/4ZHAQAAAAAAAAAAAAA7aX7xxuWp2dmZ6zZefTqq0c2NRqNxM/0reFrqs/MbSTZDvSuF5lPhu3+m/Zs5wXyt3+Z+cnnvSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLs/AwAA//+JjCTl")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
umount2(&(0x7f00000002c0)='./file0\x00', 0x9)

2.142696922s ago: executing program 2 (id=489):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYRES8=r0], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007500000018", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb70300"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r2, 0x2000012, 0xe, 0x0, &(0x7f0000000280)="63ec33c9e9b98600000000000000", 0x0, 0x2, 0x0, 0x0, 0xa, 0x0, 0x0, 0x1, 0x0, 0xb}, 0x1f)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x4, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="18020000be01000000000000000000008503f07ff3cc3780000000530000009500009400020000516243bf219f80dcee26639761aabde39fa43af73e2f75663775057c86d56937eac71626788a0cc5e196dbc7e477c6edf4f3d326eb017f219dafbe965f7e47621a33a06e1f5824a9b1"], &(0x7f00000000c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$sock_buf(r0, 0x1, 0x3d, 0x0, &(0x7f0000000040))
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x2}, 0x20)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
signalfd4(r5, 0x0, 0x0, 0x80000)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r6 = getpid()
sched_setscheduler(r6, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800002, 0xe)
r9 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r9, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r9, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
sendmsg$nl_route(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x401, 0x4002, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1d188, 0x51}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_VLAN_INGRESS_QOS={0x10, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7, 0x3}}]}]}}}]}, 0x44}}, 0x0)
ioctl$NILFS_IOCTL_SET_SUINFO(r5, 0x40186e8d, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000000)={'team_slave_0\x00', &(0x7f0000002fc0)=@ethtool_stats})
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000180)=0x587c, 0x4)
recvmmsg(r3, &(0x7f0000005440)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x0, 0x0)

1.813640319s ago: executing program 0 (id=490):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x328, 0x0, 0x4c, 0x1a, 0x0, 0x73, 0x280, 0x258, 0x258, 0x280, 0x258, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @local, [], [], 'wg2\x00', 'macvlan1\x00', {}, {}, 0x1, 0x0, 0x1, 0x44}, 0x0, 0x100, 0x148, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x2, 0x0, 0xc}}, @inet=@rpfilter={{0x28}, {0xb}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xc72, 'syz0\x00', {0x1}}}}, {{@ipv6={@mcast1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2a}}, [0xffffff00, 0xff, 0xff000000, 0xffffff00], [0xff, 0xffffff00, 0xff000000, 0xff], '\x00', 'tunl0\x00', {0xff}, {0xff}, 0x88, 0x0, 0x3, 0x1}, 0x0, 0xd8, 0x110, 0x0, {}, [@common=@ah={{0x30}, {[0x0, 0x4d4], 0x0, 0x2e, 0x3}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x0, 0x0, 0x4}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x388)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="001c86dd0700100000004000000060ec97000fc83a"], 0xffe)

1.013832389s ago: executing program 3 (id=491):
openat$ppp(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x8000000000000)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000006c0)={[{@shortname_win95}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'cp862'}}, {@numtail}, {@shortname_lower}, {@utf8}, {@uni_xlate}, {@fat=@check_strict}, {@shortname_win95}, {@fat=@tz_utc}]}, 0x1, 0x370, &(0x7f0000002980)="$eJzs3U9oHFUYAPBvO/lbaJODUBSE0ZugoX/woHhIKSkU96KyVD2Ii01VsrGQxcX00G28iEfBo4LgRTzowUPPIijizYNXK2hVPGhvBYtPdnd2d7a7SSMlldDf77B8+d77Zt6bvGQnm+zLy8uxdm46zl+/fi3m5ioxtXxqOW5UYjGy6Lsc42Ym5ACA/eFGSvFX6tllSWWPhwQA7LHu8/+rh0qZt7/eqX/y7A8A+17x8//8Tn3mxlO/PNV5vLB34wIA9s7Y6/8PjzTPjP6qf6r0VwEAwH713AsvPn2yGvFsns9FrL/TqrVq8eSw/eT5eD0asRpHYyFuRvRuFDoPle7j6TPVlaN5nrfj18WoRcRHrVrEertV690pnMy69bNxLBZisagv7jZSStnpL6orx/KuiLjc7p4/1iut2nQcLM7/48FYjeORx31j9RFnqivH8+IAtfV+fTtiK+biQG8SnfEvxUJ8/0pciEacmz8bKfVva6orl47l+alUHalv1Wbj3OAqTHgFBAAAAAAAAAAAAAAAAAAAAAAA7sBSPrA42P8mDffvWVqa0N7dH6dXX+wPtNXbHyjNpkjpz7ceq72bxcj+QLfuz9OqTfV35wEAAAAAAAAAAAAAAAAAAIB7XnNzJuqNxupGc/PiWjlobzQ3D0REJ/PGt599NR/jfW4TTBXnKDXlReriWj1l/c4pG+lTBFnn5P3Mp1cGIy73mR3MYuIwZrdvajQOPfTzB8PMg1n/yP8M+2QxeYLZLcMoB+uHe0MaZKaHU972ip0oguO3uapXU0rbHefSS+NVUYmY+u+fuJ2D1Am+ufba/SeaRx7vZr5MPY88unD26vsf/75Wb3TO3NH4ZGajeTOt1YuPJy+27YOstH4qxTWslFfC1E7lW6OZevbDH88/8N53uzt7KmfenNAn603n843mZqX4Suk2zfSCTu6WqvnGmWxsJUxPWPx3FkxcbEc+XK5fufTTb7s9TumbhI06AAAAAAAAAAAAAAAAAADgrii9V7xQvNl3eqeqJ54pgrm9HR0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3B3D//9fCrbGMrsJ/m7HeNPs6kYz4vD/PU0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO5x/wYAAP//Q7dpOg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
fadvise64(r3, 0x8, 0x9, 0x0)
io_uring_setup(0x5ac8, &(0x7f0000000300)={0x0, 0xe6f9, 0x1000, 0x2, 0x371, 0x0, r3})
write$P9_RGETLOCK(0xffffffffffffffff, 0x0, 0xffffff6a)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x8, [@typedef={0x3}, @var={0x4, 0x0, 0x0, 0xe, 0x1}]}, {0x0, [0x0, 0x0, 0x61, 0x2e, 0x2e, 0x2e]}}, &(0x7f0000000040)=""/176, 0x3c, 0xb0, 0x1}, 0x20)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x40010003, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0x1b)

983.615471ms ago: executing program 2 (id=492):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0xe, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000020000000bca30000000000002403000040feffff720a00fe0000000071a4f0ff000000001f030000000000002e0a0200000000002600000000ff000e61141800000000001d430000000000007a0a00fe00581c1f61147c0000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a1290000c6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fdb6153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedca968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff46248843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae543d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80aba439772bf60a1db18c472dafc5569adc2c406f39f82928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf4f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad2effd634580d81d74f3eb6bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08a1a4b94cb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f1d2156befec432e8e993c79027b7ef285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdc0500000000000000b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb87d9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d33a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e28488b0522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff18344f6d8cc479faac14666be84815c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b669615f2710eb8df39fc8c04d2c9c196fa6facfea613569a35cde6451f2edf55ce25c7d72ec7ea85a92458c0559ca3a94737d495bd4671a55a70bc544d71d8e0257707a31936f1adf224077310a86bf447ec92c650acca8c6b0721020894b06178c32f4472d17174d6eb2b067030c5d2c12583f46d2da7fba42d4083259c7cdc8bf8968df00fa160ea3f8309a1f4299c248865d3c809356c3edfe9c98a2410d219d60092bd136da2d511b8078850d55adc73063bafa65be0f7024e75a5a44fe50f2247fac6c50274c9a45e16b33a1f93634ad775d75e649c2f29204"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000000c0), 0x10}, 0x94)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x328, 0x0, 0x4c, 0x1a, 0x0, 0x73, 0x280, 0x258, 0x258, 0x280, 0x258, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @local, [], [], 'wg2\x00', 'macvlan1\x00', {}, {}, 0x1, 0x0, 0x1, 0x44}, 0x0, 0x100, 0x148, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x2, 0x0, 0xc}}, @inet=@rpfilter={{0x28}, {0xb}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xc72, 'syz0\x00', {0x1}}}}, {{@ipv6={@mcast1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2a}}, [0xffffff00, 0xff, 0xff000000, 0xffffff00], [0xff, 0xffffff00, 0xff000000, 0xff], '\x00', 'tunl0\x00', {0xff}, {0xff}, 0x88, 0x0, 0x3, 0x1}, 0x0, 0xd8, 0x110, 0x0, {}, [@common=@ah={{0x30}, {[0x0, 0x4d4], 0x0, 0x2e, 0x3}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x0, 0x0, 0x4}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x388)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
setsockopt$TIPC_MCAST_BROADCAST(r2, 0x10f, 0x85)
write$tun(r0, 0x0, 0xffe)
r3 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00')
lseek(r3, 0x4, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
ioctl$AUTOFS_IOC_FAIL(r4, 0x9361, 0x8000000000000000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = fsopen(0x0, 0x0)
ioctl$UI_END_FF_UPLOAD(r3, 0x406855c9, &(0x7f00000002c0)={0x3, 0x1, {0x52, 0x7, 0x1, {0x200, 0xd4e}, {0xff04, 0x6}, @period={0x58, 0x9, 0x2, 0x9, 0x6, {0x8, 0x5, 0x8, 0x8000}, 0x9, &(0x7f0000000280)=[0x9, 0xd6b0, 0x5, 0x9, 0x0, 0x1, 0x0, 0xffff, 0x7]}}, {0x57, 0x8, 0x7fff, {0xcf3, 0x8000}, {0x3, 0x9}, @rumble={0x4, 0xb}}})
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000003980)={r6, 0xffffffffffffffff, 0x16, 0x0, @val=@tracing={0xffffffffffffffff, 0x7}}, 0x20)
setsockopt$inet6_IPV6_DSTOPTS(r5, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00'})
getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0xcd, &(0x7f00000001c0)=""/36, &(0x7f0000000240)=0x24)
getdents64(r3, 0xffffffffffffffff, 0x43)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x300f401, 0x0, 0x2, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})

937.794253ms ago: executing program 1 (id=493):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)={0x18, 0x1d, 0x21, 0x70bd27, 0x2, {0x7}, [@typed={0x4, 0x2}]}, 0x18}, 0x1, 0x0, 0x0, 0x22000044}, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x37, [0xfffffff8, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x4, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x1, 0x8, 0xd, 0x0, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10000, 0x0, 0x91, 0x4, 0x4, 0x16, 0x8, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x2, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x9, 0x4], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x809, 0x4, 0xa7, 0x1000, 0x0, 0x200b398, 0x400080, 0x1, 0x4, 0x1c, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x1, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x1, 0x8000003, 0x4e, 0x9, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x2, 0x400, 0x3e55, 0x5, 0xd3, 0x8, 0x97f7, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x7f, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x5, 0x1], [0xa772, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x7, 0x1e, 0x9, 0x81, 0x3, 0x9d82, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x100009, 0xc, 0xffffffff, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x1, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x6, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x4e2080, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f0000000400)={0x1, 0x0, [{0x7, 0x7, 0x1, 0x100, 0x8f, 0x2, 0x7}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0xfffffffffffffffe, 0x40000000000180, 0x2, 0x6, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x4, 0x5, 0x4, 0x8], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000280)={0x2, 0x0, [{0xb, 0x5, 0x1, 0x400, 0x1, 0x2, 0x3}, {0xc0000001, 0xcb7, 0x3, 0x73, 0x3}]})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x50, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

618.523069ms ago: executing program 0 (id=494):
unshare(0x62020600)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000b80)='./file0\x00', 0x800744, &(0x7f0000000300)={[{@data_err_ignore}, {@oldalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nobh}, {@errors_remount}, {@nodiscard}, {@grpid}]}, 0x1, 0x47a, &(0x7f00000006c0)="$eJzs28uPFMUfAPBv9z6AH4/lh/gAUVeJyUbjLrugcvCi0cQYjCZ6wOM6O5ANA2vY1QgSWYzxZGJI9Ew8Gv0LvBkTo55MuHryZEiIcgE8remebpgdZni4M8yy8/kkPVPVXT1VNdWP6qqZAPrWaPaSRGyKiN8jYqQeXZ5gtP525dKpytVLpypJLC299VeSp7t86VSlTFrut7GIjKUR6adJkcly8ydOHpmu1arHi/jEwtH3JuZPnHzmg6PTh6uHq8em9u/ft3fy+eemnu1IPbN6Xd758dyuHa++c/b1ysGz7/7yXVbeTcX2xnp0ymhW8b+Xcs3bnux0Zj22uSGcDPawINyRgYjImmsoP/9HYiCuN95IvPJJTwsHdFV2b1rXfvPiErCGJdHrEgC9Ud7os+ffcrlLXY9V4eKL9QegrN5XiqW+ZTDSIs1Q0/NtJ41GxMHFf85lS3RpHAIAoNHnla8ODEfER1e/fS3re4xERDke9ED++kf+uqWYQ9kaEf+PiG0RcV9EbI+I+4u0D0bEQyssz439n/TCCj/yprL+3wvF3Nby/l/Z+4utA0Vsc17/oeTQbK26J9bl38lYDK3L4pM3yeOHl89/0W5bY/8vW7L8y75gUY4Lg00DdDPTC9N5p7QDLp6J2DnYqv7JtZmAJCJ2RMTOO/voLWVg9qlvdrVL1Lr+l8/dVg4dmGda+jqr3mJW/8Voqn8paZyfnL1hfnJifdSqeybqR0Urv/722Zvt8r91+3fXxWr9vaH9m5NsTRrna+c7m/9/PP7T4eTtfJ55uFj34fTCwvHJiOHkQB5ftn7q+r5lvEyfHf9ju1uf/9uKfbL6PxwR2UH8SEQ8GhGPFWV/PCKeiIjdN6njzy/duv6R9qj9z0TMtLz+XTv+m9r/zgMDR376vl3+t9f++/LQWLEmv/7dQqviZJeL5gKu5LsDAACAe0Wa/wY+ScevhdN0fLz+G/7t8b+0Nje/8PShufePzcT5LfXxz7Qc6RopxkNrs7XqZLJYfGJ9fHSqGCsux0v3FuPGXw5syOPjlbnaTI/rDv1uY5vzP/PnQK9LB3TZhpZrp4bvekGAHmieR0+XR0+/ES4GsFb5vzb0r/L8b/O83/g/GGCNcf+H/tXq/D/dFDcXAGuT+z/0L+c/9Kn0xxXs7KkA7nXu/9CXVvK//i4G1q+OYvQmsFobJQ9ElIF0VZRHoEuBXl+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOuPfAAAA//+Pc+dq")
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x380407b, 0x0, 0x1, 0x0, &(0x7f0000000140))
mkdir(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x22)
rename(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f00000007c0)='./file0\x00')

530.392183ms ago: executing program 2 (id=495):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
r3 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f0000001c00), 0x12)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x18, 0x1c, &(0x7f0000000100)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xfff8, 0x0, 0x0, 0x0, 0x10001}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x30000000}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x50, 0x6000000}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfff0}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x20}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0xf1}, {0x7, 0x1, 0x2, 0x9, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x3, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

0s ago: executing program 1 (id=496):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000001d40)=@base={0x12, 0x6, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x5}, 0x50)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b70300001a0000008500000033"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0xedf0e51957efc755, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0}, &(0x7f0000000400), &(0x7f0000000500)=r1}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

kernel console output (not intermixed with test programs):

no interfaces have a carrier
[   53.833571][ T5433] 8021q: adding VLAN 0 to HW filter on device bond0
[   53.862792][ T5433] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting crond: OK
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.0.223' (ED25519) to the list of known hosts.
syzkaller login: [   79.663148][ T5755] cgroup: Unknown subsys name 'net'
[   79.803078][ T5755] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   81.452621][ T5755] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   83.218722][ T5771] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   83.223611][ T5779] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   83.233780][ T5770] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   83.239476][ T5779] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   83.248286][ T5770] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   83.252215][ T5779] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   83.262701][ T5770] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   83.264582][ T5779] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   83.274771][ T5770] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   83.285609][ T5779] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   83.293739][ T5779] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   83.300974][ T5771] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   83.302541][ T5779] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   83.313316][ T5771] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   83.316217][ T5779] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   83.326497][ T5771] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   83.337342][ T5779] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   83.351637][ T5779] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   83.362126][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   83.369518][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   83.378090][ T5771] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   83.386022][ T5771] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   83.393548][ T5771] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   83.401669][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   83.802766][ T5775] chnl_net:caif_netlink_parms(): no params data found
[   83.957900][ T5774] chnl_net:caif_netlink_parms(): no params data found
[   84.011442][ T5775] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.019342][ T5775] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.027006][ T5775] bridge_slave_0: entered allmulticast mode
[   84.034389][ T5775] bridge_slave_0: entered promiscuous mode
[   84.056438][ T5767] chnl_net:caif_netlink_parms(): no params data found
[   84.076803][ T5775] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.084218][ T5775] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.091470][ T5775] bridge_slave_1: entered allmulticast mode
[   84.101526][ T5775] bridge_slave_1: entered promiscuous mode
[   84.161613][ T5766] chnl_net:caif_netlink_parms(): no params data found
[   84.196247][ T5775] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.226162][ T5775] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.313006][ T5774] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.320423][ T5774] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.327717][ T5774] bridge_slave_0: entered allmulticast mode
[   84.338740][ T5774] bridge_slave_0: entered promiscuous mode
[   84.374698][ T5775] team0: Port device team_slave_0 added
[   84.381609][ T5774] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.389598][ T5774] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.397623][ T5774] bridge_slave_1: entered allmulticast mode
[   84.404950][ T5774] bridge_slave_1: entered promiscuous mode
[   84.433187][ T5775] team0: Port device team_slave_1 added
[   84.460634][ T5767] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.468085][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.475358][ T5767] bridge_slave_0: entered allmulticast mode
[   84.483831][ T5767] bridge_slave_0: entered promiscuous mode
[   84.504499][ T5766] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.511634][ T5766] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.519110][ T5766] bridge_slave_0: entered allmulticast mode
[   84.526612][ T5766] bridge_slave_0: entered promiscuous mode
[   84.535428][ T5766] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.542638][ T5766] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.550292][ T5766] bridge_slave_1: entered allmulticast mode
[   84.557521][ T5766] bridge_slave_1: entered promiscuous mode
[   84.584360][ T5775] batman_adv: batadv0: Adding interface: batadv_slave_0
[   84.591465][ T5775] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.619538][ T5775] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   84.631643][ T5767] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.641799][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.649208][ T5767] bridge_slave_1: entered allmulticast mode
[   84.656732][ T5767] bridge_slave_1: entered promiscuous mode
[   84.694832][ T5774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.707166][ T5774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.717521][ T5775] batman_adv: batadv0: Adding interface: batadv_slave_1
[   84.724865][ T5775] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.751003][ T5775] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.781033][ T5767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.820574][ T5766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.832118][ T5767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.846001][ T5774] team0: Port device team_slave_0 added
[   84.855840][ T5766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.898512][ T5774] team0: Port device team_slave_1 added
[   84.932033][ T5767] team0: Port device team_slave_0 added
[   84.941548][ T5767] team0: Port device team_slave_1 added
[   84.986620][ T5775] hsr_slave_0: entered promiscuous mode
[   84.993412][ T5775] hsr_slave_1: entered promiscuous mode
[   85.015723][ T5766] team0: Port device team_slave_0 added
[   85.023876][ T5766] team0: Port device team_slave_1 added
[   85.030630][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.038090][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.064666][ T5774] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.117075][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.126987][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.153544][ T5774] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.189940][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.197843][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.225095][ T5767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.238751][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.245933][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.273641][ T5767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.332266][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.339734][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.366200][ T5766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.389016][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.396104][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.423271][ T5779] Bluetooth: hci2: command tx timeout
[   85.423290][   T51] Bluetooth: hci0: command tx timeout
[   85.431019][ T5766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.494328][   T51] Bluetooth: hci3: command tx timeout
[   85.499392][ T5779] Bluetooth: hci1: command tx timeout
[   85.516003][ T5767] hsr_slave_0: entered promiscuous mode
[   85.522461][ T5767] hsr_slave_1: entered promiscuous mode
[   85.529078][ T5767] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   85.537431][ T5767] Cannot create hsr debugfs directory
[   85.551158][ T5774] hsr_slave_0: entered promiscuous mode
[   85.558446][ T5774] hsr_slave_1: entered promiscuous mode
[   85.565138][ T5774] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   85.572756][ T5774] Cannot create hsr debugfs directory
[   85.663005][ T5766] hsr_slave_0: entered promiscuous mode
[   85.670286][ T5766] hsr_slave_1: entered promiscuous mode
[   85.676754][ T5766] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   85.684887][ T5766] Cannot create hsr debugfs directory
[   86.017007][ T5775] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   86.040274][ T5775] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   86.059366][ T5775] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   86.070431][ T5775] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   86.143386][ T5774] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   86.154803][ T5774] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   86.168296][ T5774] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   86.182529][ T5774] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   86.292604][ T5767] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   86.309389][ T5767] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   86.342828][ T5767] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   86.361519][ T5767] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   86.421729][ T5766] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   86.447810][ T5766] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   86.458415][ T5766] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   86.474910][ T5766] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   86.565289][ T5775] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.608901][ T5775] 8021q: adding VLAN 0 to HW filter on device team0
[   86.634317][ T3439] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.641818][ T3439] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.677564][ T5774] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.705422][ T3439] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.712554][ T3439] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.776355][ T5774] 8021q: adding VLAN 0 to HW filter on device team0
[   86.809029][ T3439] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.816253][ T3439] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.827459][ T3439] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.834746][ T3439] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.851160][ T5767] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.897224][ T5766] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.917055][ T5775] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   86.966150][ T5767] 8021q: adding VLAN 0 to HW filter on device team0
[   87.020767][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.028134][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.070576][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.078216][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.127740][ T5766] 8021q: adding VLAN 0 to HW filter on device team0
[   87.200854][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.208125][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.296912][ T1013] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.304130][ T1013] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.424084][ T5766] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   87.443979][ T5766] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   87.504074][ T5779] Bluetooth: hci2: command tx timeout
[   87.509562][ T5779] Bluetooth: hci0: command tx timeout
[   87.574475][ T5779] Bluetooth: hci1: command tx timeout
[   87.579959][ T5779] Bluetooth: hci3: command tx timeout
[   87.638780][ T5775] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.875262][ T5774] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.943783][ T5775] veth0_vlan: entered promiscuous mode
[   87.997902][ T5775] veth1_vlan: entered promiscuous mode
[   88.047248][ T5774] veth0_vlan: entered promiscuous mode
[   88.101885][ T5774] veth1_vlan: entered promiscuous mode
[   88.118267][ T5767] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.137340][ T5775] veth0_macvtap: entered promiscuous mode
[   88.151657][ T5775] veth1_macvtap: entered promiscuous mode
[   88.219747][ T5775] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.237933][ T5775] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.248950][ T5767] veth0_vlan: entered promiscuous mode
[   88.264416][ T5766] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.278485][ T5775] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.287965][ T5775] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.297607][ T5775] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.306750][ T5775] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.328729][ T5767] veth1_vlan: entered promiscuous mode
[   88.381110][ T5774] veth0_macvtap: entered promiscuous mode
[   88.405596][ T5774] veth1_macvtap: entered promiscuous mode
[   88.441646][ T5767] veth0_macvtap: entered promiscuous mode
[   88.472731][ T5767] veth1_macvtap: entered promiscuous mode
[   88.523108][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   88.535123][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.547897][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.556002][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   88.567052][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.579707][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   88.590467][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.603004][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.630402][ T5766] veth0_vlan: entered promiscuous mode
[   88.655090][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   88.668463][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.678753][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.686557][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.701567][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.710636][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   88.721828][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.732055][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   88.742644][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.754366][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.766617][ T5774] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.775709][ T5774] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.785116][ T5774] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.794625][ T5774] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.811918][ T5766] veth1_vlan: entered promiscuous mode
[   88.844197][ T5767] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.852963][ T5767] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.869972][ T5767] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.878824][ T5767] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.899871][ T1013] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.908307][ T1013] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.000001][ T5766] veth0_macvtap: entered promiscuous mode
[   89.046738][ T5766] veth1_macvtap: entered promiscuous mode
[   89.140461][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.147575][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.163765][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.172143][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.188400][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.200351][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.227792][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.240972][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.261069][ T5838] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   89.278039][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.317955][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.336935][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.351654][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.367828][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.378998][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.393016][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.411248][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.430836][ T5766] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.446889][ T5766] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.455740][ T5766] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.464897][ T5766] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.489815][ T1130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.502544][ T1130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.574899][ T5779] Bluetooth: hci0: command tx timeout
[   89.580387][ T5779] Bluetooth: hci2: command tx timeout
[   89.635188][ T3439] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.643747][ T3439] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.655272][ T5779] Bluetooth: hci3: command tx timeout
[   89.660751][ T5779] Bluetooth: hci1: command tx timeout
[   89.672132][ T5842] syz.2.5[5842]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   89.673395][ T1130] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.691200][ T5842] loop2: detected capacity change from 0 to 128
[   89.748383][ T1130] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.977958][   T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.005672][   T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.051201][ T5847] loop0: detected capacity change from 0 to 128
[   90.103000][ T5847] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   90.138601][ T3439] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.185520][ T5847] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   90.214442][ T3439] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.315384][ T5817] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   90.475902][ T5774] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   90.547269][ T5817] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   90.579097][ T5817] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[   90.600203][ T5854] xt_hashlimit: size too large, truncated to 1048576
[   90.610863][ T5817] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   90.643515][ T5817] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   90.667649][ T5817] usb 3-1: SerialNumber: syz
[   90.923904][ T5817] usb 3-1: 0:2 : does not exist
[   90.992433][ T5817] usb 3-1: USB disconnect, device number 2
[   91.138344][ T5852] udevd[5852]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   91.221446][ T5862] loop0: detected capacity change from 0 to 256
[   91.311606][ T5862] FAT-fs (loop0): Directory bread(block 64) failed
[   91.331193][ T5862] FAT-fs (loop0): Directory bread(block 65) failed
[   91.359745][ T5862] FAT-fs (loop0): Directory bread(block 66) failed
[   91.409723][ T5850] loop1: detected capacity change from 0 to 40427
[   91.419034][ T5862] FAT-fs (loop0): Directory bread(block 67) failed
[   91.458176][ T5862] FAT-fs (loop0): Directory bread(block 68) failed
[   91.460515][ T5850] F2FS-fs (loop1): invalid crc value
[   91.481460][ T5862] FAT-fs (loop0): Directory bread(block 69) failed
[   91.500624][ T5862] FAT-fs (loop0): Directory bread(block 70) failed
[   91.513017][ T5862] FAT-fs (loop0): Directory bread(block 71) failed
[   91.521294][ T5862] FAT-fs (loop0): Directory bread(block 72) failed
[   91.539305][ T5850] F2FS-fs (loop1): Found nat_bits in checkpoint
[   91.549513][ T5862] FAT-fs (loop0): Directory bread(block 73) failed
[   91.654446][ T5779] Bluetooth: hci2: command tx timeout
[   91.659938][ T5779] Bluetooth: hci0: command tx timeout
[   91.735602][ T5779] Bluetooth: hci1: command tx timeout
[   91.741090][ T5779] Bluetooth: hci3: command tx timeout
[   91.938723][ T5850] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   92.368149][   T28] audit: type=1800 audit(1776930850.840:2): pid=5870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.9" name="bus" dev="loop0" ino=1048592 res=0 errno=0
[   92.735506][    T9] cfg80211: failed to load regulatory.db
[   93.033700][ T5872] loop0: detected capacity change from 0 to 512
[   93.103753][ T5872] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[   93.174902][ T5872] EXT4-fs (loop0): 1 truncate cleaned up
[   93.209631][ T5872] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.288739][ T5872] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[   93.406755][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.635228][ T5876] loop0: detected capacity change from 0 to 512
[   93.660687][ T5876] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   93.718716][ T5876] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   93.771948][ T5876] EXT4-fs error (device loop0): ext4_orphan_get:1430: comm syz.0.12: bad orphan inode 131083
[   93.797740][ T5876] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.899153][   T28] audit: type=1800 audit(2000000000.280:3): pid=5876 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.12" name="file1" dev="loop0" ino=19 res=0 errno=0
[   94.000273][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.183300][   T28] audit: type=1326 audit(2000000000.560:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5878 comm="syz.0.13" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42cdf9c819 code=0x7ffc0000
[   94.269763][   T28] audit: type=1326 audit(2000000000.560:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5878 comm="syz.0.13" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42cdf9c819 code=0x7ffc0000
[   94.344117][   T28] audit: type=1326 audit(2000000000.570:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5878 comm="syz.0.13" exe="/root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7f42cdf9c819 code=0x7ffc0000
[   94.388380][   T28] audit: type=1326 audit(2000000000.570:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5878 comm="syz.0.13" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42cdf9c819 code=0x7ffc0000
[   94.615377][ T5883] hub 8-0:1.0: USB hub found
[   94.622170][ T5883] hub 8-0:1.0: 1 port detected
[   95.417964][ T5767] syz-executor: attempt to access beyond end of device
[   95.417964][ T5767] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   95.435446][ T5767] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   95.442610][ T5767] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   95.834060][ T5889] loop2: detected capacity change from 0 to 512
[   95.889627][ T5889] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   96.006133][ T5889] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002]
[   96.023171][ T5889] System zones: 1-12
[   96.036611][ T5889] EXT4-fs (loop2): 1 truncate cleaned up
[   96.051228][ T5889] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.594836][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.674453][ T5893] tipc: Started in network mode
[   96.679525][ T5893] tipc: Node identity ca93f95e6b93, cluster identity 4711
[   96.752857][ T5893] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   96.775652][ T5897] syzkaller0: entered promiscuous mode
[   96.781201][ T5897] syzkaller0: entered allmulticast mode
[   96.874205][ T5893] Zero length message leads to an empty skb
[   96.921771][ T5893] tipc: Resetting bearer <eth:syzkaller0>
[   96.944876][ T5892] tipc: Resetting bearer <eth:syzkaller0>
[   97.000946][ T5892] tipc: Disabling bearer <eth:syzkaller0>
[  100.131718][ T5924] process 'syz.0.24' launched './file0' with NULL argv: empty string added
[  100.199531][ T5924] capability: warning: `syz.0.24' uses 32-bit capabilities (legacy support in use)
[  100.526906][ T5935] loop1: detected capacity change from 0 to 512
[  100.557852][ T5935] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  100.784308][ T5935] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002]
[  100.793151][ T5935] System zones: 1-12
[  100.820379][ T5935] EXT4-fs (loop1): 1 truncate cleaned up
[  100.833635][ T5935] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.320555][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.463648][ T5940] overlayfs: failed to resolve './file0': -2
[  101.671367][ T5944] tipc: Started in network mode
[  101.680368][ T5944] tipc: Node identity c6b87f5ba1a, cluster identity 4711
[  101.689826][ T5944] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  101.698288][ T5944] syzkaller0: entered promiscuous mode
[  101.703808][ T5944] syzkaller0: entered allmulticast mode
[  101.757909][ T5944] tipc: Resetting bearer <eth:syzkaller0>
[  101.788078][ T5943] tipc: Resetting bearer <eth:syzkaller0>
[  101.853774][ T5943] tipc: Disabling bearer <eth:syzkaller0>
[  102.347218][ T5953] hub 8-0:1.0: USB hub found
[  102.352966][ T5953] hub 8-0:1.0: 1 port detected
[  103.202244][ T5956] loop0: detected capacity change from 0 to 2048
[  103.211506][ T5956] EXT4-fs: Ignoring removed oldalloc option
[  103.294798][ T5956] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a802c028, mo2=0002]
[  103.382768][ T5963] hub 8-0:1.0: USB hub found
[  103.388660][ T5963] hub 8-0:1.0: 1 port detected
[  103.484769][ T5956] System zones: 0-7
[  103.713881][ T5956] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.920501][ T5966] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  104.118215][ T5967] loop3: detected capacity change from 0 to 128
[  104.142479][ T5956] EXT4-fs error (device loop0): ext4_find_extent:945: inode #2: comm syz.0.34: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  104.201005][ T5956] EXT4-fs (loop0): Remounting filesystem read-only
[  104.250392][ T5780] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  104.261953][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.293891][ T5964] 9pnet: p9_errstr2errno: server reported unknown error Àñ'IÓ$íÛ·=¼
[  104.928830][ T5993] loop0: detected capacity change from 0 to 16
[  104.997421][ T5993] erofs: (device loop0): mounted with root inode @ nid 36.
[  105.078588][ T5995] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  105.272966][ T6002] Invalid argument reading file caps for ./file0
[  105.864581][ T5999] loop1: detected capacity change from 0 to 40427
[  105.879817][ T5999] F2FS-fs (loop1): build fault injection attr: rate: 684, type: 0x7ffff
[  105.893116][ T5999] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x35f7
[  105.914219][ T5999] F2FS-fs (loop1): Image doesn't support compression
[  105.930562][ T5999] F2FS-fs (loop1): invalid crc value
[  105.943224][ T5999] F2FS-fs (loop1): Found nat_bits in checkpoint
[  106.112055][ T5999] F2FS-fs (loop1): Start checkpoint disabled!
[  106.145339][ T5999] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  106.233471][ T5999] syz.1.48: attempt to access beyond end of device
[  106.233471][ T5999] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  106.337026][ T5999] syz.1.48: attempt to access beyond end of device
[  106.337026][ T5999] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  106.554504][ T6020] netlink: 16 bytes leftover after parsing attributes in process `syz.2.59'.
[  106.580211][ T6020] netlink: 64 bytes leftover after parsing attributes in process `syz.2.59'.
[  106.618273][ T1130] kworker/u4:6: attempt to access beyond end of device
[  106.618273][ T1130] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  106.623856][ T6022] loop3: detected capacity change from 0 to 1024
[  106.661080][ T1130] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  106.672895][ T6022] =======================================================
[  106.672895][ T6022] WARNING: The mand mount option has been deprecated and
[  106.672895][ T6022]          and is ignored by this kernel. Remove the mand
[  106.672895][ T6022]          option from the mount to silence this warning.
[  106.672895][ T6022] =======================================================
[  106.707935][ T1130] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  106.734682][ T6022] ext4: Unknown parameter 'nouser_xattr'
[  107.079433][ T6032] loop2: detected capacity change from 0 to 512
[  107.292638][ T6032] EXT4-fs (loop2): Test dummy encryption mode enabled
[  107.311984][ T6032] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  107.400992][ T6032] EXT4-fs error (device loop2): ext4_orphan_get:1430: comm syz.2.64: bad orphan inode 131083
[  107.437173][ T6032] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.790005][ T6032] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  107.961118][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.002618][ T6063] overlayfs: failed to resolve './file0': -2
[  109.138484][ T6066] loop2: detected capacity change from 0 to 4096
[  109.152430][ T6066] ext4: Bad value for 'barrier'
[  109.621710][ T6080] loop2: detected capacity change from 0 to 2048
[  109.667700][ T6080] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.697904][ T6080] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  109.716289][ T6080] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 34 with error 28
[  109.729437][ T6080] EXT4-fs (loop2): This should not happen!! Data will be lost
[  109.729437][ T6080] 
[  109.739611][ T6080] EXT4-fs (loop2): Total free blocks count 0
[  109.746135][ T6080] EXT4-fs (loop2): Free/Dirty block details
[  109.753424][ T6080] EXT4-fs (loop2): free_blocks=4096
[  109.758802][ T6080] EXT4-fs (loop2): dirty_blocks=48
[  109.764070][ T6080] EXT4-fs (loop2): Block reservation details
[  109.770091][ T6080] EXT4-fs (loop2): i_reserved_data_blocks=3
[  109.838655][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.839891][ T6110] loop3: detected capacity change from 0 to 1024
[  110.859859][ T6110] EXT4-fs (loop3): bad geometry: bigalloc file system with non-zero first_data_block
[  110.859859][ T6110] 
[  110.974137][    T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  110.983708][ T6112] loop1: detected capacity change from 0 to 256
[  111.042013][ T6112] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  111.067590][ T6112] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  111.084928][ T6114] loop3: detected capacity change from 0 to 128
[  111.105344][ T6114] EXT4-fs (loop3): Test dummy encryption mode enabled
[  111.127215][ T6112] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c91aa, utbl_chksum : 0xe619d30d)
[  111.184051][    T9] usb 1-1: Using ep0 maxpacket: 32
[  111.211219][    T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  111.231757][ T6114] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  111.260983][    T9] usb 1-1: config 1 interface 0 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  111.296554][    T9] usb 1-1: config 1 interface 0 has no altsetting 0
[  111.314162][ T6114] ext4 filesystem being mounted at /14/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  111.341832][    T9] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  111.363495][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  111.382226][    T9] usb 1-1: Product: syz
[  111.392386][    T9] usb 1-1: Manufacturer: syz
[  111.412655][    T9] usb 1-1: SerialNumber: syz
[  111.647042][ T5766] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  111.661814][    T9] cdc_ether: probe of 1-1:1.0 failed with error -22
[  111.713436][    T9] usb 1-1: USB disconnect, device number 2
[  111.999688][ T6129] UHID_CREATE from different security context by process 64 (syz.2.94), this is not allowed.
[  112.143789][ T6134] loop1: detected capacity change from 0 to 512
[  112.181621][ T6134] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  112.227987][ T6134] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:478: comm syz.1.97: Invalid block bitmap block 0 in block_group 0
[  112.244096][ T6134] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6655: Corrupt filesystem
[  112.253895][ T6134] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #11: comm syz.1.97: attempt to clear invalid blocks 983261 len 1
[  112.268921][ T6134] EXT4-fs error (device loop1): __ext4_get_inode_loc:4496: comm syz.1.97: Invalid inode table block 0 in block_group 0
[  112.289803][ T6134] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5939: Corrupt filesystem
[  112.300726][ T6134] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[  112.313033][ T6134] EXT4-fs error (device loop1): __ext4_get_inode_loc:4496: comm syz.1.97: Invalid inode table block 0 in block_group 0
[  112.328576][ T6134] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5939: Corrupt filesystem
[  112.360864][ T6134] EXT4-fs error (device loop1): ext4_truncate:4301: inode #11: comm syz.1.97: mark_inode_dirty error
[  112.398110][ T6134] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[  112.429860][ T6134] EXT4-fs error (device loop1): __ext4_get_inode_loc:4496: comm syz.1.97: Invalid inode table block 0 in block_group 0
[  112.458054][ T6134] EXT4-fs (loop1): 1 truncate cleaned up
[  112.466017][ T6134] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  112.494222][ T6141] loop0: detected capacity change from 0 to 256
[  112.507719][ T6141] FAT-fs (loop0): Directory bread(block 1285) failed
[  112.568128][ T6141] FAT-fs (loop0): Directory bread(block 1286) failed
[  112.604260][ T6141] FAT-fs (loop0): Directory bread(block 1287) failed
[  112.617475][ T6134] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.97: Invalid inode bitmap blk 0 in block_group 0
[  112.657385][ T6141] FAT-fs (loop0): Directory bread(block 1288) failed
[  112.708396][ T6141] FAT-fs (loop0): Directory bread(block 1285) failed
[  112.739147][ T6141] FAT-fs (loop0): Directory bread(block 1286) failed
[  112.757217][ T6141] FAT-fs (loop0): Directory bread(block 1287) failed
[  112.771106][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.787819][ T6141] FAT-fs (loop0): Directory bread(block 1288) failed
[  112.810034][ T6141] FAT-fs (loop0): Directory bread(block 1285) failed
[  112.844319][ T6141] FAT-fs (loop0): Directory bread(block 1286) failed
[  113.293539][ T6153] loop1: detected capacity change from 0 to 512
[  113.330040][ T6153] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  113.372006][ T6153] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002]
[  113.380765][ T6153] System zones: 1-12
[  113.388788][ T6153] EXT4-fs (loop1): 1 truncate cleaned up
[  113.402196][ T6153] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.357106][ T6164] loop3: detected capacity change from 0 to 512
[  114.466871][ T6164] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  114.505803][ T6164] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002]
[  114.514139][ T6164] System zones: 1-12
[  114.523888][ T6164] EXT4-fs (loop3): 1 truncate cleaned up
[  114.536908][ T6164] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.363004][ T6171] ieee802154 phy0 wpan0: encryption failed: -22
[  117.381035][ T6156] tap2: tun_chr_ioctl cmd 21731
[  117.408546][ T6179] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  117.525427][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.034261][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.138677][ T6199] hub 8-0:1.0: USB hub found
[  118.144971][ T6199] hub 8-0:1.0: 1 port detected
[  118.274374][ T6197] loop1: detected capacity change from 0 to 256
[  119.139119][ T6204] tipc: Started in network mode
[  119.160217][ T6204] tipc: Node identity 72217cfa223c, cluster identity 4711
[  119.187546][ T6204] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  119.206819][ T6204] syzkaller0: entered promiscuous mode
[  119.212362][ T6204] syzkaller0: entered allmulticast mode
[  119.326478][ T6211] tipc: Resetting bearer <eth:syzkaller0>
[  119.333443][ T6214] loop3: detected capacity change from 0 to 256
[  119.388744][ T6214] FAT-fs (loop3): Directory bread(block 64) failed
[  119.410539][ T6214] FAT-fs (loop3): Directory bread(block 65) failed
[  119.443371][ T6214] FAT-fs (loop3): Directory bread(block 66) failed
[  119.472768][ T6214] FAT-fs (loop3): Directory bread(block 67) failed
[  119.493729][ T6214] FAT-fs (loop3): Directory bread(block 68) failed
[  119.516327][ T6214] FAT-fs (loop3): Directory bread(block 69) failed
[  119.523069][ T6214] FAT-fs (loop3): Directory bread(block 70) failed
[  119.534299][ T6203] tipc: Resetting bearer <eth:syzkaller0>
[  119.554125][ T6214] FAT-fs (loop3): Directory bread(block 71) failed
[  119.560853][ T6214] FAT-fs (loop3): Directory bread(block 72) failed
[  119.581190][ T6214] FAT-fs (loop3): Directory bread(block 73) failed
[  119.622364][ T6203] tipc: Disabling bearer <eth:syzkaller0>
[  120.323328][   T28] audit: type=1800 audit(2000000026.410:8): pid=6220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.120" name="bus" dev="loop3" ino=1048594 res=0 errno=0
[  120.879709][ T6230] loop2: detected capacity change from 0 to 512
[  120.959744][ T6230] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.013663][ T6230] ext4 filesystem being mounted at /29/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.298357][ T6237] loop3: detected capacity change from 0 to 512
[  121.664287][ T6237] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c018, mo2=0002]
[  121.842834][ T6237] System zones: 1-20
[  121.897650][ T6237] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.098307][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.201388][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.701530][ T6256] loop2: detected capacity change from 0 to 256
[  122.841747][ T6256] FAT-fs (loop2): Directory bread(block 64) failed
[  122.874235][ T6256] FAT-fs (loop2): Directory bread(block 65) failed
[  122.880968][ T6256] FAT-fs (loop2): Directory bread(block 66) failed
[  122.887866][ T6256] FAT-fs (loop2): Directory bread(block 67) failed
[  122.894636][ T6256] FAT-fs (loop2): Directory bread(block 68) failed
[  122.901303][ T6256] FAT-fs (loop2): Directory bread(block 69) failed
[  122.908028][ T6256] FAT-fs (loop2): Directory bread(block 70) failed
[  122.914758][ T6256] FAT-fs (loop2): Directory bread(block 71) failed
[  122.922408][ T6256] FAT-fs (loop2): Directory bread(block 72) failed
[  122.929095][ T6256] FAT-fs (loop2): Directory bread(block 73) failed
[  123.197379][ T6258] loop0: detected capacity change from 0 to 512
[  123.429882][ T6258] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  123.685432][ T6258] EXT4-fs (loop0): 1 truncate cleaned up
[  123.692189][ T6258] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.200428][   T28] audit: type=1800 audit(2000000030.240:9): pid=6261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.132" name="bus" dev="loop2" ino=1048595 res=0 errno=0
[  124.550018][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.843897][ T6268] loop2: detected capacity change from 0 to 1024
[  124.878454][ T6268] EXT4-fs (loop2): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[  124.944412][ T6268] EXT4-fs error (device loop2): ext4_map_blocks:610: inode #3: block 2: comm syz.2.136: lblock 2 mapped to illegal pblock 2 (length 1)
[  124.996570][ T6268] Quota error (device loop2): qtree_write_dquot: dquota write failed
[  125.005400][ T6268] EXT4-fs error (device loop2): ext4_map_blocks:610: inode #3: block 48: comm syz.2.136: lblock 0 mapped to illegal pblock 48 (length 1)
[  125.039824][ T6268] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  125.050170][ T6268] EXT4-fs error (device loop2): ext4_acquire_dquot:6953: comm syz.2.136: Failed to acquire dquot type 0
[  125.062785][ T6268] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5939: Corrupt filesystem
[  125.096830][ T6268] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.136: mark_inode_dirty error
[  125.115802][ T6268] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  125.144367][ T6268] EXT4-fs (loop2): 1 orphan inode deleted
[  125.156449][ T6268] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.170435][   T11] EXT4-fs error (device loop2): ext4_map_blocks:610: inode #3: block 1: comm kworker/u4:0: lblock 1 mapped to illegal pblock 1 (length 1)
[  125.202759][   T11] Quota error (device loop2): remove_tree: Can't read quota data block 1
[  125.246319][   T11] EXT4-fs error (device loop2): ext4_release_dquot:6989: comm kworker/u4:0: Failed to release dquot type 0
[  125.330324][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.396889][   T59] EXT4-fs error (device loop2): ext4_map_blocks:610: inode #3: block 1: comm kworker/u4:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  125.417361][   T59] Quota error (device loop2): remove_tree: Can't read quota data block 1
[  125.426712][   T59] EXT4-fs error (device loop2): ext4_release_dquot:6989: comm kworker/u4:4: Failed to release dquot type 0
[  125.441839][ T5775] EXT4-fs error (device loop2): __ext4_get_inode_loc:4496: comm syz-executor: Invalid inode table block 1 in block_group 0
[  125.497741][ T5775] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5939: Corrupt filesystem
[  125.526756][ T5775] EXT4-fs error (device loop2): ext4_quota_off:7237: inode #3: comm syz-executor: mark_inode_dirty error
[  125.924644][ T6287] loop2: detected capacity change from 0 to 256
[  125.955400][ T6284] kvm: user requested TSC rate below hardware speed
[  126.003803][ T6287] FAT-fs (loop2): Directory bread(block 64) failed
[  126.015202][ T6287] FAT-fs (loop2): Directory bread(block 65) failed
[  126.022025][ T6287] FAT-fs (loop2): Directory bread(block 66) failed
[  126.029245][ T6287] FAT-fs (loop2): Directory bread(block 67) failed
[  126.058753][ T6287] FAT-fs (loop2): Directory bread(block 68) failed
[  126.075232][ T6287] FAT-fs (loop2): Directory bread(block 69) failed
[  126.082034][ T6287] FAT-fs (loop2): Directory bread(block 70) failed
[  126.124111][ T6287] FAT-fs (loop2): Directory bread(block 71) failed
[  126.130919][ T6287] FAT-fs (loop2): Directory bread(block 72) failed
[  126.182113][ T6287] FAT-fs (loop2): Directory bread(block 73) failed
[  126.502169][ T6292] hub 8-0:1.0: USB hub found
[  126.509959][ T6292] hub 8-0:1.0: 1 port detected
[  127.234441][   T28] audit: type=1800 audit(2000000033.050:10): pid=6293 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.142" name="bus" dev="loop2" ino=1048596 res=0 errno=0
[  127.627580][ T6296] kvm: vcpu 2: requested 148514 ns lapic timer period limited to 200000 ns
[  127.664509][ T6296] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (200000 ns). Using initial count to start timer.
[  128.154660][ T6307] loop2: detected capacity change from 0 to 4096
[  128.172301][ T6307] EXT4-fs: inline encryption not supported
[  128.191555][ T6307] EXT4-fs: Ignoring removed bh option
[  128.254048][ T6307] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  128.262580][ T6307] EXT4-fs (loop2): Test dummy encryption mode enabled
[  128.302655][ T6307] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  128.354958][ T6307] System zones: 0-5
[  128.405572][ T6307] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.803810][ T6307] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  128.897707][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.340674][ T6321] loop0: detected capacity change from 0 to 512
[  129.369400][ T6321] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  129.520269][ T6321] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002]
[  129.529032][ T6321] System zones: 1-12
[  129.537360][ T6321] EXT4-fs (loop0): 1 truncate cleaned up
[  129.553962][ T6321] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.809923][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.914496][ T6333] syz.3.152 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  131.797037][ T6336] loop1: detected capacity change from 0 to 512
[  131.870037][ T6336] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  131.888927][ T6336] EXT4-fs (loop1): 1 truncate cleaned up
[  131.899599][ T6336] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.987383][ T6339] loop0: detected capacity change from 0 to 128
[  132.009504][ T6341] loop3: detected capacity change from 0 to 256
[  132.028477][ T6341] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  132.061192][ T6339] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  132.073729][ T6341] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  132.137759][ T6339] ext4 filesystem being mounted at /48/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  132.184339][ T6341] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x8a2de5d7, utbl_chksum : 0xe619d30d)
[  132.237064][ T6339] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:406: inode #2: comm syz.0.154: No space for directory leaf checksum. Please run e2fsck -D.
[  132.274917][ T6339] EXT4-fs error (device loop0): __ext4_find_entry:1696: inode #2: comm syz.0.154: checksumming directory block 0
[  132.380074][ T5774] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  132.536566][ T6344] overlayfs: conflicting options: nfs_export=on,metacopy=on
[  132.721257][ T6348] loop3: detected capacity change from 0 to 256
[  132.789345][ T6348] FAT-fs (loop3): Directory bread(block 64) failed
[  132.813389][ T6348] FAT-fs (loop3): Directory bread(block 65) failed
[  132.834150][ T6348] FAT-fs (loop3): Directory bread(block 66) failed
[  132.852875][ T6348] FAT-fs (loop3): Directory bread(block 67) failed
[  132.878350][ T6348] FAT-fs (loop3): Directory bread(block 68) failed
[  132.894171][ T6348] FAT-fs (loop3): Directory bread(block 69) failed
[  132.921126][ T6348] FAT-fs (loop3): Directory bread(block 70) failed
[  132.945349][ T6348] FAT-fs (loop3): Directory bread(block 71) failed
[  132.952050][ T6348] FAT-fs (loop3): Directory bread(block 72) failed
[  132.986275][ T6348] FAT-fs (loop3): Directory bread(block 73) failed
[  133.029518][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  133.041550][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  133.511402][   T28] audit: type=1800 audit(2000000039.860:11): pid=6350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.158" name="bus" dev="loop3" ino=1048599 res=0 errno=0
[  134.030022][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.281277][   T28] audit: type=1326 audit(2000000040.660:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6351 comm="syz.3.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa07519c819 code=0x7ffc0000
[  134.304906][ T6352] loop3: detected capacity change from 0 to 512
[  134.467896][   T28] audit: type=1326 audit(2000000040.660:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6351 comm="syz.3.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa07519c819 code=0x7ffc0000
[  134.810092][   T28] audit: type=1326 audit(2000000040.660:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6351 comm="syz.3.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fa07519c819 code=0x7ffc0000
[  134.842008][ T6352] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.922550][ T6352] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.963228][   T28] audit: type=1326 audit(2000000040.670:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6351 comm="syz.3.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa07519c582 code=0x7ffc0000
[  135.144346][   T28] audit: type=1326 audit(2000000040.670:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6351 comm="syz.3.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa07515d04e code=0x7ffc0000
[  135.312015][   T28] audit: type=1326 audit(2000000040.680:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6351 comm="syz.3.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fa07519c647 code=0x7ffc0000
[  135.492330][   T28] audit: type=1326 audit(2000000040.690:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6351 comm="syz.3.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa07515d04e code=0x7ffc0000
[  135.605616][ T6362] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  135.634821][   T28] audit: type=1326 audit(2000000040.690:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6351 comm="syz.3.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa07519c4ab code=0x7ffc0000
[  135.667780][ T6362] syzkaller0: entered promiscuous mode
[  135.673330][ T6362] syzkaller0: entered allmulticast mode
[  135.752469][ T6364] loop2: detected capacity change from 0 to 256
[  135.773760][   T28] audit: type=1326 audit(2000000040.690:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6351 comm="syz.3.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa07515d04e code=0x7ffc0000
[  135.835615][ T6362] tipc: Resetting bearer <eth:syzkaller0>
[  135.915932][ T6361] tipc: Resetting bearer <eth:syzkaller0>
[  135.922826][ T6364] FAT-fs (loop2): Directory bread(block 64) failed
[  136.054105][ T6364] FAT-fs (loop2): Directory bread(block 65) failed
[  136.068971][ T6364] FAT-fs (loop2): Directory bread(block 66) failed
[  136.094237][ T6364] FAT-fs (loop2): Directory bread(block 67) failed
[  136.115718][ T6364] FAT-fs (loop2): Directory bread(block 68) failed
[  136.122333][ T6364] FAT-fs (loop2): Directory bread(block 69) failed
[  136.135004][ T6361] tipc: Disabling bearer <eth:syzkaller0>
[  136.150022][ T6364] FAT-fs (loop2): Directory bread(block 70) failed
[  136.159119][ T6364] FAT-fs (loop2): Directory bread(block 71) failed
[  136.264942][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.275436][ T6364] FAT-fs (loop2): Directory bread(block 72) failed
[  136.282138][ T6364] FAT-fs (loop2): Directory bread(block 73) failed
[  138.106491][ T6381] hub 8-0:1.0: USB hub found
[  138.112395][ T6381] hub 8-0:1.0: 1 port detected
[  138.409437][ T6383] loop1: detected capacity change from 0 to 512
[  138.570025][ T6383] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  138.659971][ T6387] loop2: detected capacity change from 0 to 256
[  138.710384][ T6386] netlink: 68 bytes leftover after parsing attributes in process `syz.0.169'.
[  138.735501][ T6383] EXT4-fs (loop1): 1 truncate cleaned up
[  138.797014][ T6387] FAT-fs (loop2): Directory bread(block 64) failed
[  138.803723][ T6387] FAT-fs (loop2): Directory bread(block 65) failed
[  138.811057][ T6383] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.114361][ T6387] FAT-fs (loop2): Directory bread(block 66) failed
[  139.120971][ T6387] FAT-fs (loop2): Directory bread(block 67) failed
[  140.154204][ T6387] FAT-fs (loop2): Directory bread(block 68) failed
[  140.160920][ T6387] FAT-fs (loop2): Directory bread(block 69) failed
[  140.223937][    C0] sched: RT throttling activated
[  140.434311][ T6387] FAT-fs (loop2): Directory bread(block 70) failed
[  140.440952][ T6387] FAT-fs (loop2): Directory bread(block 71) failed
[  140.559319][ T6387] FAT-fs (loop2): Directory bread(block 72) failed
[  140.644208][ T6387] FAT-fs (loop2): Directory bread(block 73) failed
[  141.256774][   T28] kauditd_printk_skb: 18 callbacks suppressed
[  141.256790][   T28] audit: type=1800 audit(2000000047.550:39): pid=6418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.168" name="bus" dev="loop2" ino=1048601 res=0 errno=0
[  142.268948][ T6429] loop0: detected capacity change from 0 to 128
[  142.325151][ T6429] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  142.343790][ T6433] overlayfs: missing 'lowerdir'
[  142.349532][ T6429] ext4 filesystem being mounted at /56/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  142.428306][ T6429] syz.0.176 (pid 6429) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  142.575957][ T6438] hub 8-0:1.0: USB hub found
[  142.582541][ T6438] hub 8-0:1.0: 1 port detected
[  143.226804][ T6429] fscrypt (loop0, inode 12): Error allocating 'adiantum(xchacha12,aes)' transform: -4
[  143.442321][ T5774] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  143.478890][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.508956][ T6444] netlink: 68 bytes leftover after parsing attributes in process `syz.3.179'.
[  144.618421][ T6462] loop1: detected capacity change from 0 to 256
[  145.101383][ T6462] FAT-fs (loop1): Directory bread(block 64) failed
[  145.151118][ T6462] FAT-fs (loop1): Directory bread(block 65) failed
[  145.187541][ T6462] FAT-fs (loop1): Directory bread(block 66) failed
[  145.205914][ T6462] FAT-fs (loop1): Directory bread(block 67) failed
[  145.212866][ T6462] FAT-fs (loop1): Directory bread(block 68) failed
[  145.224136][ T6462] FAT-fs (loop1): Directory bread(block 69) failed
[  145.233190][ T6462] FAT-fs (loop1): Directory bread(block 70) failed
[  145.251529][ T6462] FAT-fs (loop1): Directory bread(block 71) failed
[  145.261802][ T6462] FAT-fs (loop1): Directory bread(block 72) failed
[  145.277815][ T6462] FAT-fs (loop1): Directory bread(block 73) failed
[  146.438649][   T28] audit: type=1800 audit(2000000052.230:40): pid=6469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.182" name="bus" dev="loop1" ino=1048602 res=0 errno=0
[  148.413074][ T6478] hub 8-0:1.0: USB hub found
[  148.420207][ T6478] hub 8-0:1.0: 1 port detected
[  148.626646][ T6479] loop0: detected capacity change from 0 to 512
[  149.175354][ T6479] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  149.200355][ T6479] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002]
[  149.208624][ T6479] System zones: 1-12
[  149.238379][ T6479] EXT4-fs (loop0): 1 truncate cleaned up
[  149.245584][ T6479] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.367413][ T6487] loop2: detected capacity change from 0 to 512
[  149.434745][ T6490] overlayfs: missing 'lowerdir'
[  149.459170][ T6487] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.700229][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.783679][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.229667][ T6506] loop0: detected capacity change from 0 to 256
[  150.410880][ T6506] FAT-fs (loop0): Directory bread(block 64) failed
[  150.430979][ T6506] FAT-fs (loop0): Directory bread(block 65) failed
[  150.458370][ T6506] FAT-fs (loop0): Directory bread(block 66) failed
[  150.478975][ T6506] FAT-fs (loop0): Directory bread(block 67) failed
[  150.498990][ T6506] FAT-fs (loop0): Directory bread(block 68) failed
[  150.523512][ T6506] FAT-fs (loop0): Directory bread(block 69) failed
[  150.555685][ T6506] FAT-fs (loop0): Directory bread(block 70) failed
[  150.581622][ T6511] loop1: detected capacity change from 0 to 2048
[  150.597747][ T6506] FAT-fs (loop0): Directory bread(block 71) failed
[  150.624207][ T6506] FAT-fs (loop0): Directory bread(block 72) failed
[  150.654135][ T6506] FAT-fs (loop0): Directory bread(block 73) failed
[  150.709022][ T6511] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  151.886200][ T6511] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.197: bg 0: block 234: padding at end of block bitmap is not set
[  152.077280][   T28] audit: type=1800 audit(2000000058.390:41): pid=6521 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.195" name="bus" dev="loop0" ino=1048603 res=0 errno=0
[  152.244582][ T6511] overlayfs: failed to verify origin (/, ino=2, err=-28)
[  152.276113][ T6511] overlayfs: failed to verify upper root origin
[  152.514268][ T6524] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  152.533838][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.036783][ T6534] kvm: user requested TSC rate below hardware speed
[  153.086134][ T6534] kvm: vcpu 2: requested 148514 ns lapic timer period limited to 200000 ns
[  153.115139][ T6534] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (200000 ns). Using initial count to start timer.
[  154.150323][   T23] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  154.170433][   T23] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  154.191253][   T23] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  154.215527][   T23] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  154.232923][ T6547] loop0: detected capacity change from 0 to 512
[  154.234787][   T23] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  154.260308][ T6547] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  154.268949][   T23] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  154.268981][   T23] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  154.269007][   T23] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  154.269032][   T23] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  154.332754][   T23] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  154.350967][   T23] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  154.360786][ T6547] EXT4-fs error (device loop0): ext4_orphan_get:1404: inode #15: comm syz.0.207: iget: bad i_size value: 38620345925642
[  154.375090][   T23] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  154.382554][   T23] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  154.390560][   T23] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  154.398417][   T23] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  154.406390][   T23] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  154.413829][   T23] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  154.430315][   T23] hid-generic 0006:0004:0009.0001: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0
[  154.465664][ T6547] EXT4-fs error (device loop0): ext4_orphan_get:1409: comm syz.0.207: couldn't read orphan inode 15 (err -117)
[  154.481963][ T6547] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.605840][ T6547] EXT4-fs error (device loop0): ext4_validate_block_bitmap:430: comm syz.0.207: bg 0: block 5: invalid block bitmap
[  154.746890][ T6550] fido_id[6550]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  154.790348][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.914787][ T6555] loop1: detected capacity change from 0 to 256
[  154.990085][ T6555] FAT-fs (loop1): Directory bread(block 64) failed
[  155.016411][ T6555] FAT-fs (loop1): Directory bread(block 65) failed
[  155.023117][ T6555] FAT-fs (loop1): Directory bread(block 66) failed
[  155.065010][ T6555] FAT-fs (loop1): Directory bread(block 67) failed
[  155.085636][ T6555] FAT-fs (loop1): Directory bread(block 68) failed
[  155.092702][ T6555] FAT-fs (loop1): Directory bread(block 69) failed
[  155.132345][ T6555] FAT-fs (loop1): Directory bread(block 70) failed
[  155.155369][ T6555] FAT-fs (loop1): Directory bread(block 71) failed
[  155.162823][ T6555] FAT-fs (loop1): Directory bread(block 72) failed
[  155.190949][ T6555] FAT-fs (loop1): Directory bread(block 73) failed
[  155.480761][   T28] audit: type=1800 audit(2000000061.860:42): pid=6554 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.209" name="bus" dev="loop1" ino=1048604 res=0 errno=0
[  155.545687][ T6562] netlink: 68 bytes leftover after parsing attributes in process `syz.0.212'.
[  155.933210][ T6566] loop0: detected capacity change from 0 to 512
[  155.963530][ T6566] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  156.007850][ T6566] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002]
[  156.016541][ T6566] System zones: 1-12
[  156.036808][ T6566] EXT4-fs (loop0): 1 truncate cleaned up
[  156.049361][ T6566] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.739392][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.046332][ T6573] loop1: detected capacity change from 0 to 4096
[  157.065174][ T6573] EXT4-fs: inline encryption not supported
[  157.101423][ T6573] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  157.146776][ T6573] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=8856c019, mo2=0003]
[  157.170489][ T6575] loop0: detected capacity change from 0 to 256
[  157.195616][ T6573] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.239003][ T6575] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36a12e94, utbl_chksum : 0xe619d30d)
[  157.697527][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.741970][ T6587] loop0: detected capacity change from 0 to 256
[  157.831398][ T6587] FAT-fs (loop0): Directory bread(block 64) failed
[  157.874108][ T6587] FAT-fs (loop0): Directory bread(block 65) failed
[  157.901203][ T6587] FAT-fs (loop0): Directory bread(block 66) failed
[  157.914730][ T6587] FAT-fs (loop0): Directory bread(block 67) failed
[  157.921503][ T6587] FAT-fs (loop0): Directory bread(block 68) failed
[  157.955613][ T6587] FAT-fs (loop0): Directory bread(block 69) failed
[  157.964157][ T6590] netlink: 68 bytes leftover after parsing attributes in process `syz.1.221'.
[  157.988600][ T6587] FAT-fs (loop0): Directory bread(block 70) failed
[  158.013516][ T6592] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  158.029238][ T6587] FAT-fs (loop0): Directory bread(block 71) failed
[  158.045207][ T6587] FAT-fs (loop0): Directory bread(block 72) failed
[  158.069467][ T6587] FAT-fs (loop0): Directory bread(block 73) failed
[  158.466503][   T28] audit: type=1800 audit(2000000064.840:43): pid=6598 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.222" name="bus" dev="loop0" ino=1048605 res=0 errno=0
[  158.594792][ T6596] loop2: detected capacity change from 0 to 4096
[  158.660796][ T6596] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.150060][   T28] audit: type=1800 audit(2000000065.530:44): pid=6603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.225" name="file1" dev="loop2" ino=15 res=0 errno=0
[  159.379672][ T6583] loop3: detected capacity change from 0 to 40427
[  159.397703][ T6583] F2FS-fs (loop3): inline encryption not supported
[  159.412434][ T6583] F2FS-fs (loop3): invalid crc value
[  159.422989][ T6583] F2FS-fs (loop3): Found nat_bits in checkpoint
[  159.508409][ T6583] F2FS-fs (loop3): Start checkpoint disabled!
[  159.530911][ T6583] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  159.586958][ T6583] syz.3.218: attempt to access beyond end of device
[  159.586958][ T6583] loop3: rw=2049, sector=53248, nr_sectors = 136 limit=40427
[  159.630382][   T28] audit: type=1800 audit(2000000066.010:45): pid=6596 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.225" name="file1" dev="loop2" ino=15 res=0 errno=0
[  159.664913][ T6583] syz.3.218: attempt to access beyond end of device
[  159.664913][ T6583] loop3: rw=2049, sector=53376, nr_sectors = 8 limit=40427
[  159.880575][   T12] kworker/u4:1: attempt to access beyond end of device
[  159.880575][   T12] loop3: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  159.898041][   T12] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  159.906690][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.916725][   T12] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  159.984230][   T12] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  159.992356][   T12] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  161.505785][ T6623] netlink: 68 bytes leftover after parsing attributes in process `syz.1.232'.
[  161.696383][ T6627] loop3: detected capacity change from 0 to 256
[  161.750405][ T6629] loop1: detected capacity change from 0 to 512
[  161.815428][ T6629] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.830169][ T6627] FAT-fs (loop3): Directory bread(block 64) failed
[  161.881454][ T6627] FAT-fs (loop3): Directory bread(block 65) failed
[  161.944977][ T6613] loop0: detected capacity change from 0 to 40427
[  161.953322][ T6627] FAT-fs (loop3): Directory bread(block 66) failed
[  161.961827][ T6627] FAT-fs (loop3): Directory bread(block 67) failed
[  161.968491][ T6613] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  161.984507][ T6627] FAT-fs (loop3): Directory bread(block 68) failed
[  161.991100][ T6627] FAT-fs (loop3): Directory bread(block 69) failed
[  162.034409][ T6613] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  162.045761][ T6627] FAT-fs (loop3): Directory bread(block 70) failed
[  162.052359][ T6627] FAT-fs (loop3): Directory bread(block 71) failed
[  162.079285][ T6633] loop2: detected capacity change from 0 to 256
[  162.085554][ T6627] FAT-fs (loop3): Directory bread(block 72) failed
[  162.085635][ T6627] FAT-fs (loop3): Directory bread(block 73) failed
[  162.108478][ T6613] F2FS-fs (loop0): invalid crc value
[  162.117717][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.137355][ T6613] F2FS-fs (loop0): Mismatch valid blocks 0 vs. 1
[  162.236482][ T6613] F2FS-fs (loop0): Failed to initialize F2FS segment manager (-117)
[  162.443612][ T6633] FAT-fs (loop2): Directory bread(block 64) failed
[  162.456996][   T28] audit: type=1800 audit(2000000068.810:46): pid=6635 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.234" name="bus" dev="loop3" ino=1048606 res=0 errno=0
[  162.491896][ T6633] FAT-fs (loop2): Directory bread(block 65) failed
[  162.515014][ T6633] FAT-fs (loop2): Directory bread(block 66) failed
[  162.542666][ T6633] FAT-fs (loop2): Directory bread(block 67) failed
[  162.573297][ T6633] FAT-fs (loop2): Directory bread(block 68) failed
[  162.580492][ T6633] FAT-fs (loop2): Directory bread(block 69) failed
[  162.604183][ T6633] FAT-fs (loop2): Directory bread(block 70) failed
[  162.634306][ T6633] FAT-fs (loop2): Directory bread(block 71) failed
[  162.676248][ T6633] FAT-fs (loop2): Directory bread(block 72) failed
[  162.682874][ T6633] FAT-fs (loop2): Directory bread(block 73) failed
[  162.732697][ T6637] loop1: detected capacity change from 0 to 1024
[  162.767232][ T6637] EXT4-fs: Ignoring removed mblk_io_submit option
[  162.858365][ T6637] EXT4-fs (loop1): bad geometry: bigalloc file system with non-zero first_data_block
[  162.858365][ T6637] 
[  165.671893][ T6652] loop1: detected capacity change from 0 to 512
[  165.868000][ T6652] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  165.902093][ T6652] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002]
[  165.910521][ T6652] System zones: 1-12
[  165.936871][ T6652] EXT4-fs (loop1): 1 truncate cleaned up
[  165.944046][ T6652] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.161610][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.413760][ T6660] loop0: detected capacity change from 0 to 512
[  166.574925][ T6665] loop1: detected capacity change from 0 to 256
[  166.673068][ T6667] hub 8-0:1.0: USB hub found
[  166.679077][ T6667] hub 8-0:1.0: 1 port detected
[  166.893316][ T6660] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.042012][ T6665] FAT-fs (loop1): Directory bread(block 64) failed
[  167.137588][ T6665] FAT-fs (loop1): Directory bread(block 65) failed
[  167.252239][ T6665] FAT-fs (loop1): Directory bread(block 66) failed
[  167.471887][ T6665] FAT-fs (loop1): Directory bread(block 67) failed
[  167.549403][ T6665] FAT-fs (loop1): Directory bread(block 68) failed
[  167.559656][ T6665] FAT-fs (loop1): Directory bread(block 69) failed
[  167.584195][ T6665] FAT-fs (loop1): Directory bread(block 70) failed
[  167.594030][ T6665] FAT-fs (loop1): Directory bread(block 71) failed
[  167.604649][ T6665] FAT-fs (loop1): Directory bread(block 72) failed
[  167.611269][ T6665] FAT-fs (loop1): Directory bread(block 73) failed
[  167.770411][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.002917][   T28] audit: type=1800 audit(2000000074.380:47): pid=6676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.246" name="bus" dev="loop1" ino=1048607 res=0 errno=0
[  168.250219][ T6683] loop0: detected capacity change from 0 to 16
[  168.311860][ T6684] loop2: detected capacity change from 0 to 512
[  168.324701][ T6683] erofs: (device loop0): mounted with root inode @ nid 36.
[  168.357401][ T6684] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  168.401711][ T6684] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002]
[  168.410020][ T6684] System zones: 1-12
[  168.425007][ T6684] EXT4-fs (loop2): 1 truncate cleaned up
[  168.434684][ T6684] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.004517][ T6698] capability: warning: `syz.0.251' uses deprecated v2 capabilities in a way that may be insecure
[  169.576443][ T6702] hub 8-0:1.0: USB hub found
[  169.582408][ T6702] hub 8-0:1.0: 1 port detected
[  170.955438][ T6717] loop3: detected capacity change from 0 to 256
[  171.019288][ T6717] FAT-fs (loop3): Directory bread(block 64) failed
[  171.036320][ T6717] FAT-fs (loop3): Directory bread(block 65) failed
[  171.055509][ T6717] FAT-fs (loop3): Directory bread(block 66) failed
[  171.072919][ T6717] FAT-fs (loop3): Directory bread(block 67) failed
[  171.100887][ T6717] FAT-fs (loop3): Directory bread(block 68) failed
[  171.109165][ T6717] FAT-fs (loop3): Directory bread(block 69) failed
[  171.138767][ T6717] FAT-fs (loop3): Directory bread(block 70) failed
[  171.148794][ T6717] FAT-fs (loop3): Directory bread(block 71) failed
[  171.191992][ T6717] FAT-fs (loop3): Directory bread(block 72) failed
[  171.239527][ T6717] FAT-fs (loop3): Directory bread(block 73) failed
[  171.291449][ T6723] loop0: detected capacity change from 0 to 128
[  171.423642][ T6725] tipc: Can't bind to reserved service type 1
[  171.570468][ T6723] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  171.616073][   T28] audit: type=1800 audit(2000000078.000:48): pid=6728 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.263" name="bus" dev="loop3" ino=1048608 res=0 errno=0
[  171.648036][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.659857][ T6723] ext4 filesystem being mounted at /82/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  172.067707][ T6732] hub 8-0:1.0: USB hub found
[  172.073746][ T6732] hub 8-0:1.0: 1 port detected
[  173.524344][ T5774] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  173.984767][ T5835] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  174.185932][ T5835] usb 2-1: config index 0 descriptor too short (expected 45, got 36)
[  174.195546][ T5835] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  174.211233][ T5835] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  174.212094][ T6758] loop3: detected capacity change from 0 to 512
[  174.224364][ T5835] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  174.249842][ T5835] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.286845][ T6758] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.307269][ T5835] usb 2-1: config 0 descriptor??
[  174.443767][ T6760] loop0: detected capacity change from 0 to 8192
[  174.482586][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.620928][ T6763] loop3: detected capacity change from 0 to 256
[  174.719216][ T6763] FAT-fs (loop3): Directory bread(block 64) failed
[  174.749409][ T6763] FAT-fs (loop3): Directory bread(block 65) failed
[  174.784205][ T6763] FAT-fs (loop3): Directory bread(block 66) failed
[  174.820964][ T6763] FAT-fs (loop3): Directory bread(block 67) failed
[  174.858414][ T6763] FAT-fs (loop3): Directory bread(block 68) failed
[  174.888310][ T6763] FAT-fs (loop3): Directory bread(block 69) failed
[  174.899605][ T6766] netlink: 104 bytes leftover after parsing attributes in process `syz.0.280'.
[  174.914409][ T6763] FAT-fs (loop3): Directory bread(block 70) failed
[  174.922161][ T6763] FAT-fs (loop3): Directory bread(block 71) failed
[  174.939254][ T6763] FAT-fs (loop3): Directory bread(block 72) failed
[  174.954015][ T6763] FAT-fs (loop3): Directory bread(block 73) failed
[  175.020193][ T5835] usb 2-1: string descriptor 0 read error: -71
[  175.037788][ T5835] usb 2-1: USB disconnect, device number 2
[  175.487692][   T28] audit: type=1800 audit(2000000081.860:49): pid=6763 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.279" name="bus" dev="loop3" ino=1048609 res=0 errno=0
[  176.058357][ T6786] loop1: detected capacity change from 0 to 512
[  176.097868][ T6786] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  176.215729][ T6786] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002]
[  176.224718][ T6786] System zones: 1-12
[  176.237720][ T6786] EXT4-fs (loop1): 1 truncate cleaned up
[  176.249842][ T6786] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.461382][ T6784] loop3: detected capacity change from 0 to 1024
[  176.823305][ T6784] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.878534][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.963876][ T6793] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  177.028472][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.421267][ T6806] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  177.444189][ T6806] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  177.489035][ T6808] loop1: detected capacity change from 0 to 256
[  177.592957][ T6808] FAT-fs (loop1): Directory bread(block 64) failed
[  177.624039][ T6808] FAT-fs (loop1): Directory bread(block 65) failed
[  177.630767][ T6808] FAT-fs (loop1): Directory bread(block 66) failed
[  177.684460][ T6808] FAT-fs (loop1): Directory bread(block 67) failed
[  177.714113][ T6808] FAT-fs (loop1): Directory bread(block 68) failed
[  177.736335][ T6808] FAT-fs (loop1): Directory bread(block 69) failed
[  177.743032][ T6808] FAT-fs (loop1): Directory bread(block 70) failed
[  177.776582][ T6808] FAT-fs (loop1): Directory bread(block 71) failed
[  177.783298][ T6808] FAT-fs (loop1): Directory bread(block 72) failed
[  177.808656][ T6808] FAT-fs (loop1): Directory bread(block 73) failed
[  178.044380][ T6822] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  178.274184][   T28] audit: type=1800 audit(2000000084.600:50): pid=6828 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.293" name="bus" dev="loop1" ino=1048610 res=0 errno=0
[  179.925958][ T6851] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  179.933849][ T6851] IPv6: NLM_F_CREATE should be set when creating new route
[  179.941268][ T6851] IPv6: NLM_F_CREATE should be set when creating new route
[  180.314364][ T6860] netlink: 'syz.2.311': attribute type 10 has an invalid length.
[  180.322250][ T6860] netlink: 40 bytes leftover after parsing attributes in process `syz.2.311'.
[  180.332569][ T6860] batadv0: entered promiscuous mode
[  180.337909][ T6860] batadv0: entered allmulticast mode
[  180.346711][ T6860] bridge0: port 3(batadv0) entered blocking state
[  180.353874][ T6860] bridge0: port 3(batadv0) entered disabled state
[  180.374310][ T6860] bridge0: port 3(batadv0) entered blocking state
[  180.381541][ T6860] bridge0: port 3(batadv0) entered forwarding state
[  180.836882][ T4451] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  180.846993][ T4451] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  181.260382][ T6866] hub 8-0:1.0: USB hub found
[  181.266390][ T6866] hub 8-0:1.0: 1 port detected
[  181.984576][ T6870] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  182.212725][ T6875] loop2: detected capacity change from 0 to 512
[  182.392193][ T6875] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  182.485204][ T6875] EXT4-fs (loop2): 1 truncate cleaned up
[  182.498716][ T6875] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.937112][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.010196][ T6883] loop3: detected capacity change from 0 to 512
[  183.096354][ T6883] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.187301][ T6883] ext4 filesystem being mounted at /75/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  184.138262][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.292838][ T6900] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  184.333992][ T6900] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  185.872710][ T6919] hub 8-0:1.0: USB hub found
[  185.886642][ T6916] loop3: detected capacity change from 0 to 512
[  185.894986][ T6919] hub 8-0:1.0: 1 port detected
[  186.114528][ T6916] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  186.203649][ T6916] EXT4-fs (loop3): 1 truncate cleaned up
[  186.210783][ T6916] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  186.508691][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.903136][ T6944] loop1: detected capacity change from 0 to 256
[  188.057402][ T6949] overlayfs: missing 'lowerdir'
[  188.072669][ T6945] loop2: detected capacity change from 0 to 16
[  188.090317][ T6945] erofs: (device loop2): mounted with root inode @ nid 36.
[  188.911454][ T6960] hub 8-0:1.0: USB hub found
[  188.918073][ T6960] hub 8-0:1.0: 1 port detected
[  189.099178][ T6962] loop1: detected capacity change from 0 to 512
[  189.753580][ T6962] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  189.822285][ T6962] EXT4-fs (loop1): 1 truncate cleaned up
[  189.829806][ T6962] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.097439][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.391243][ T6980] loop3: detected capacity change from 0 to 128
[  191.108059][ T6983] loop1: detected capacity change from 0 to 512
[  191.310654][ T6985] overlayfs: missing 'lowerdir'
[  191.346417][ T6989] netlink: 104 bytes leftover after parsing attributes in process `syz.0.350'.
[  191.541641][ T6997] loop0: detected capacity change from 0 to 256
[  191.652500][ T7001] hub 8-0:1.0: USB hub found
[  191.658641][ T7001] hub 8-0:1.0: 1 port detected
[  191.866368][ T6997] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  193.710684][ T7015] loop3: detected capacity change from 0 to 256
[  193.754034][ T7015] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  193.794010][ T7015] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  193.852104][ T7015] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  194.495312][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  194.502778][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  194.867582][ T7024] overlayfs: missing 'lowerdir'
[  195.055254][ T7032] loop2: detected capacity change from 0 to 512
[  195.065861][ T7032] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  196.656742][ T7033] hub 8-0:1.0: USB hub found
[  196.661922][ T7033] hub 8-0:1.0: 1 port detected
[  196.760316][ T7035] hub 8-0:1.0: USB hub found
[  196.766273][ T7035] hub 8-0:1.0: 1 port detected
[  197.556816][ T7045] hub 8-0:1.0: USB hub found
[  197.562649][ T7045] hub 8-0:1.0: 1 port detected
[  199.204899][  T966] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  199.694131][  T966] usb 4-1: Using ep0 maxpacket: 8
[  199.703553][  T966] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  199.712765][  T966] usb 4-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[  199.752180][  T966] usb 4-1: config 179 has no interface number 0
[  199.767925][ T7065] loop1: detected capacity change from 0 to 8192
[  199.769308][  T966] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  199.787465][  T966] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.839453][ T7065]  loop1: p1 p2
[  199.863510][ T7065] loop1: p2 start 620761102 is beyond EOD, truncated
[  200.041213][ T7075] hub 8-0:1.0: USB hub found
[  200.047107][ T7075] hub 8-0:1.0: 1 port detected
[  201.094418][ T5852] udevd[5852]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  201.200881][ T7087] netlink: 108 bytes leftover after parsing attributes in process `syz.2.384'.
[  201.251213][  T966] usb 4-1: USB disconnect, device number 2
[  202.282691][ T7107] overlayfs: failed to clone upperpath
[  203.640761][ T7118] loop3: detected capacity change from 0 to 256
[  203.678474][ T7119] loop0: detected capacity change from 0 to 512
[  203.772600][ T7119] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  204.102521][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.993603][ T7159] loop3: detected capacity change from 0 to 512
[  206.021979][ T7159] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  206.057512][ T7159] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002]
[  206.066361][ T7159] System zones: 1-12
[  206.139492][ T7159] EXT4-fs (loop3): 1 truncate cleaned up
[  206.151018][ T7159] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  206.789788][ T5776] Bluetooth: hci0: command 0x0406 tx timeout
[  206.852768][ T7165] loop2: detected capacity change from 0 to 256
[  206.860100][ T7165] exfat: Deprecated parameter 'utf8'
[  206.868019][ T5770] Bluetooth: hci1: command 0x0406 tx timeout
[  206.868106][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  206.880156][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  206.910717][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.967618][ T7165] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  207.411881][ T7150] loop0: detected capacity change from 0 to 40427
[  207.427748][ T7150] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  207.427775][ T7150] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  207.432222][ T7150] F2FS-fs (loop0): invalid crc value
[  207.440897][ T7150] F2FS-fs (loop0): Found nat_bits in checkpoint
[  207.555574][ T7150] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  207.555604][ T7150] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  207.645792][ T7150] syz.0.401: attempt to access beyond end of device
[  207.645792][ T7150] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  207.663361][ T7150] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  207.672885][ T7150] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  207.864931][ T7183] loop2: detected capacity change from 0 to 1024
[  207.939419][ T7183] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  208.014604][ T7183] ext4 filesystem being mounted at /111/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  209.385596][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  210.236147][ T7252] loop0: detected capacity change from 0 to 1024
[  210.278301][ T7252] EXT4-fs: inline encryption not supported
[  210.332641][ T7252] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  210.377463][ T7252] EXT4-fs (loop0): orphan cleanup on readonly fs
[  210.498001][ T7255] loop1: detected capacity change from 0 to 512
[  210.722647][ T7255] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  210.826616][ T7255] EXT4-fs (loop1): 1 truncate cleaned up
[  210.841003][ T7255] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.916399][   T28] audit: type=1800 audit(2000000117.280:51): pid=7255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.414" name="file1" dev="loop1" ino=15 res=0 errno=0
[  210.936847][    C1] vkms_vblank_simulate: vblank timer overrun
[  211.183864][ T7252] EXT4-fs error (device loop0): ext4_map_blocks:720: inode #3: block 5: comm syz.0.407: lblock 5 mapped to illegal pblock 5 (length 1)
[  211.280357][ T7252] Quota error (device loop0): write_blk: dquota write failed
[  211.327737][ T7252] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  211.356852][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.387740][ T7252] EXT4-fs error (device loop0): ext4_acquire_dquot:6953: comm syz.0.407: Failed to acquire dquot type 0
[  211.441790][ T7252] EXT4-fs error (device loop0): ext4_free_blocks:6694: comm syz.0.407: Freeing blocks not in datazone - block = 0, count = 4096
[  211.505890][ T7252] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.407: Invalid inode bitmap blk 0 in block_group 0
[  211.534207][ T7227] EXT4-fs error (device loop0): ext4_map_blocks:610: inode #3: block 5: comm kworker/u4:20: lblock 5 mapped to illegal pblock 5 (length 1)
[  211.567263][ T7227] Quota error (device loop0): remove_tree: Can't read quota data block 5
[  211.579493][ T7252] EXT4-fs error (device loop0) in ext4_free_inode:363: Corrupt filesystem
[  211.579507][ T7227] EXT4-fs error (device loop0): ext4_release_dquot:6989: comm kworker/u4:20: Failed to release dquot type 0
[  211.620760][ T7252] EXT4-fs (loop0): 1 orphan inode deleted
[  211.627782][ T7261] overlayfs: failed to clone upperpath
[  211.659965][ T7252] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  211.815058][ T7252] EXT4-fs (loop0): shut down requested (2)
[  211.840456][ T7263] syz_tun: entered promiscuous mode
[  211.877136][ T7263] netlink: 8 bytes leftover after parsing attributes in process `syz.2.417'.
[  211.905730][ T7263] syz_tun: left promiscuous mode
[  211.975601][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.040866][ T7243] loop3: detected capacity change from 0 to 40427
[  212.095447][ T7243] F2FS-fs (loop3): invalid crc value
[  212.151245][ T7243] F2FS-fs (loop3): Found nat_bits in checkpoint
[  212.232643][ T7270] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  212.655555][ T7281] kvm: user requested TSC rate below hardware speed
[  213.905707][ T7293] netlink: 24 bytes leftover after parsing attributes in process `syz.2.426'.
[  214.044705][ T7298] loop2: detected capacity change from 0 to 512
[  214.120019][ T7298] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  214.213254][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.223707][ T5818] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  214.417816][ T5818] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  214.434018][ T5818] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  214.451785][ T5818] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  214.475402][ T5818] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  214.494032][ T5818] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.516809][ T5818] usb 4-1: config 0 descriptor??
[  214.912200][ T7302] loop2: detected capacity change from 0 to 40427
[  214.941977][ T7302] F2FS-fs (loop2): invalid crc value
[  214.970462][ T7302] F2FS-fs (loop2): Found nat_bits in checkpoint
[  215.013053][ T5818] plantronics 0003:047F:FFFF.0002: unknown main item tag 0xd
[  215.048315][ T5818] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  215.102933][ T7302] F2FS-fs (loop2): Start checkpoint disabled!
[  215.131985][ T7302] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  215.162444][ T5818] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  215.391134][ T5818] usb 4-1: USB disconnect, device number 3
[  215.470519][ T7219] kworker/u4:17: attempt to access beyond end of device
[  215.470519][ T7219] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  215.489843][ T7219] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  215.501685][ T7219] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  218.406852][ T7322] kvm: user requested TSC rate below hardware speed
[  218.433058][ T7322] kvm: vcpu 2: requested 148514 ns lapic timer period limited to 200000 ns
[  218.441912][ T7322] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (200000 ns). Using initial count to start timer.
[  219.439073][ T7327] netlink: 'syz.2.437': attribute type 10 has an invalid length.
[  219.447060][ T7327] netlink: 40 bytes leftover after parsing attributes in process `syz.2.437'.
[  219.886924][ T7343] loop3: detected capacity change from 0 to 256
[  219.945424][ T7347] overlayfs: failed to clone upperpath
[  220.021296][ T7343] FAT-fs (loop3): Directory bread(block 64) failed
[  220.044167][ T7343] FAT-fs (loop3): Directory bread(block 65) failed
[  220.069574][ T7343] FAT-fs (loop3): Directory bread(block 66) failed
[  220.094647][ T7343] FAT-fs (loop3): Directory bread(block 67) failed
[  220.102470][ T7343] FAT-fs (loop3): Directory bread(block 68) failed
[  220.134017][ T7343] FAT-fs (loop3): Directory bread(block 69) failed
[  220.140753][ T7343] FAT-fs (loop3): Directory bread(block 70) failed
[  220.187247][ T7343] FAT-fs (loop3): Directory bread(block 71) failed
[  220.207656][ T7343] FAT-fs (loop3): Directory bread(block 72) failed
[  220.224553][ T7343] FAT-fs (loop3): Directory bread(block 73) failed
[  220.805882][ T7362] netlink: 'syz.1.448': attribute type 10 has an invalid length.
[  220.815080][ T7362] netlink: 40 bytes leftover after parsing attributes in process `syz.1.448'.
[  220.824529][ T7362] batadv0: entered promiscuous mode
[  220.830486][ T7362] batadv0: entered allmulticast mode
[  220.865812][ T7362] bridge0: port 3(batadv0) entered blocking state
[  220.876333][ T7362] bridge0: port 3(batadv0) entered disabled state
[  221.012618][ T7362] bridge0: port 3(batadv0) entered blocking state
[  221.019260][ T7362] bridge0: port 3(batadv0) entered forwarding state
[  221.588463][ T1130] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  221.597845][ T1130] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  222.015121][ T7381] overlayfs: failed to clone upperpath
[  223.083001][ T7389] loop0: detected capacity change from 0 to 512
[  223.215424][ T7389] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  223.242667][ T7389] ext4 filesystem being mounted at /120/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.260450][ T7401] loop1: detected capacity change from 0 to 512
[  223.320641][ T7401] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.762023][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.943800][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  224.386795][ T7419] overlayfs: failed to clone upperpath
[  224.414777][ T7420] overlayfs: failed to clone upperpath
[  224.570824][ T7424] loop2: detected capacity change from 0 to 256
[  225.225577][ T7424] FAT-fs (loop2): Directory bread(block 64) failed
[  225.232199][ T7424] FAT-fs (loop2): Directory bread(block 65) failed
[  225.298711][ T7424] FAT-fs (loop2): Directory bread(block 66) failed
[  225.328977][ T7424] FAT-fs (loop2): Directory bread(block 67) failed
[  225.354096][ T7424] FAT-fs (loop2): Directory bread(block 68) failed
[  225.360714][ T7424] FAT-fs (loop2): Directory bread(block 69) failed
[  225.415661][ T7424] FAT-fs (loop2): Directory bread(block 70) failed
[  225.422960][ T7424] FAT-fs (loop2): Directory bread(block 71) failed
[  225.439963][ T7424] FAT-fs (loop2): Directory bread(block 72) failed
[  225.454007][ T7424] FAT-fs (loop2): Directory bread(block 73) failed
[  225.802895][ T7428] pim6reg1: entered promiscuous mode
[  225.809848][ T7428] pim6reg1: entered allmulticast mode
[  226.078366][ T7435] hub 8-0:1.0: USB hub found
[  226.085151][ T7435] hub 8-0:1.0: 1 port detected
[  226.130692][   T28] audit: type=1800 audit(2000000132.360:52): pid=7434 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.463" name="bus" dev="loop2" ino=1048616 res=0 errno=0
[  227.029622][ T7444] loop3: detected capacity change from 0 to 256
[  227.178126][ T7444] exFAT-fs (loop3): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d)
[  227.438043][ T7448] loop1: detected capacity change from 0 to 512
[  227.629287][ T7448] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  227.731205][ T7448] EXT4-fs (loop1): 1 truncate cleaned up
[  227.739766][ T7448] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.156005][ T7453] loop2: detected capacity change from 0 to 16
[  228.177890][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.207817][ T7453] erofs: (device loop2): mounted with root inode @ nid 36.
[  228.261165][ T7453] erofs: (device loop2): erofs_read_inode: bogus i_mode (4355) @ nid 46
[  228.509633][ T7457] loop3: detected capacity change from 0 to 256
[  228.577817][ T7457] FAT-fs (loop3): Directory bread(block 64) failed
[  228.605052][ T7457] FAT-fs (loop3): Directory bread(block 65) failed
[  228.611765][ T7457] FAT-fs (loop3): Directory bread(block 66) failed
[  228.653522][ T7457] FAT-fs (loop3): Directory bread(block 67) failed
[  228.661139][ T7457] FAT-fs (loop3): Directory bread(block 68) failed
[  228.669734][ T7461] loop1: detected capacity change from 0 to 256
[  228.694092][ T7457] FAT-fs (loop3): Directory bread(block 69) failed
[  228.752075][ T7457] FAT-fs (loop3): Directory bread(block 70) failed
[  228.768623][ T7465] loop2: detected capacity change from 0 to 256
[  228.784530][ T7457] FAT-fs (loop3): Directory bread(block 71) failed
[  228.791246][ T7457] FAT-fs (loop3): Directory bread(block 72) failed
[  228.805500][ T7461] FAT-fs (loop1): Directory bread(block 64) failed
[  228.812101][ T7461] FAT-fs (loop1): Directory bread(block 65) failed
[  228.822796][ T7457] FAT-fs (loop3): Directory bread(block 73) failed
[  228.845024][ T7465] exFAT-fs (loop2): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d)
[  228.866122][ T7461] FAT-fs (loop1): Directory bread(block 66) failed
[  228.881075][ T7461] FAT-fs (loop1): Directory bread(block 67) failed
[  228.904210][ T7461] FAT-fs (loop1): Directory bread(block 68) failed
[  228.934128][ T7465] syz.2.477: attempt to access beyond end of device
[  228.934128][ T7465] loop2: rw=524288, sector=4280, nr_sectors = 1 limit=256
[  228.944089][ T7461] FAT-fs (loop1): Directory bread(block 69) failed
[  228.960789][ T7457] syz.3.473: attempt to access beyond end of device
[  228.960789][ T7457] loop3: rw=524288, sector=1192, nr_sectors = 4 limit=256
[  228.978440][ T7465] syz.2.477: attempt to access beyond end of device
[  228.978440][ T7465] loop2: rw=0, sector=4280, nr_sectors = 1 limit=256
[  229.017067][ T7457] syz.3.473: attempt to access beyond end of device
[  229.017067][ T7457] loop3: rw=0, sector=1192, nr_sectors = 4 limit=256
[  229.024603][ T7461] FAT-fs (loop1): Directory bread(block 70) failed
[  229.055435][ T7461] FAT-fs (loop1): Directory bread(block 71) failed
[  229.062938][ T7461] FAT-fs (loop1): Directory bread(block 72) failed
[  229.071786][ T7461] FAT-fs (loop1): Directory bread(block 73) failed
[  229.130399][ T7457] syz.3.473: attempt to access beyond end of device
[  229.130399][ T7457] loop3: rw=0, sector=1192, nr_sectors = 4 limit=256
[  229.194136][   T28] audit: type=1800 audit(2000000135.480:54): pid=7457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.473" name="file1" dev="loop3" ino=1048618 res=0 errno=0
[  229.349844][   T28] audit: type=1800 audit(2000000135.420:53): pid=7465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.477" name="file1" dev="loop2" ino=1048617 res=0 errno=0
[  229.404094][ T7469] exFAT-fs (loop2): hint_cluster is invalid (521), rewind to the first cluster
[  229.413817][ T7469] exFAT-fs (loop2): error, invalid access to FAT (entry 0x00000208)
[  229.423029][ T7469] exFAT-fs (loop2): Filesystem has been set read-only
[  229.429928][ T7469] exFAT-fs (loop2): error, failed to bmap (inode : ffff8880773ea860 iblock : 9, err : -5)
[  229.441155][ T7469] exFAT-fs (loop2): error, invalid access to FAT (entry 0x00000208)
[  229.847164][   T28] audit: type=1800 audit(2000000136.220:55): pid=7472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.475" name="bus" dev="loop1" ino=1048619 res=0 errno=0
[  230.443522][ T7480] loop3: detected capacity change from 0 to 512
[  230.451655][ T7480] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  230.469522][ T7480] EXT4-fs (loop3): 1 truncate cleaned up
[  230.477088][ T7480] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.501212][   T28] audit: type=1800 audit(2000000136.870:56): pid=7480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.480" name="file1" dev="loop3" ino=15 res=0 errno=0
[  231.176634][ T7499] hub 8-0:1.0: USB hub found
[  231.182017][ T7499] hub 8-0:1.0: 1 port detected
[  231.936226][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.028805][ T7504] loop1: detected capacity change from 0 to 1024
[  232.161258][ T7504] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  232.364319][ T7512] hub 8-0:1.0: USB hub found
[  232.370183][ T7512] hub 8-0:1.0: 1 port detected
[  233.161477][ T7516] loop3: detected capacity change from 0 to 256
[  233.206934][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.283770][ T7516] FAT-fs (loop3): Directory bread(block 64) failed
[  233.307202][ T7516] FAT-fs (loop3): Directory bread(block 65) failed
[  233.324229][ T7516] FAT-fs (loop3): Directory bread(block 66) failed
[  233.330848][ T7516] FAT-fs (loop3): Directory bread(block 67) failed
[  233.343157][ T7520] overlayfs: failed to resolve './file1': -2
[  233.368418][ T7516] FAT-fs (loop3): Directory bread(block 68) failed
[  233.382799][ T7516] FAT-fs (loop3): Directory bread(block 69) failed
[  233.428076][ T7516] FAT-fs (loop3): Directory bread(block 70) failed
[  233.444321][ T7516] FAT-fs (loop3): Directory bread(block 71) failed
[  233.451141][ T7516] FAT-fs (loop3): Directory bread(block 72) failed
[  233.493359][ T7516] FAT-fs (loop3): Directory bread(block 73) failed
[  233.727956][ T7528] loop0: detected capacity change from 0 to 512
[  233.812449][ T7528] EXT4-fs: Ignoring removed oldalloc option
[  233.840858][ T7528] EXT4-fs: Ignoring removed nobh option
[  234.082236][   T28] audit: type=1800 audit(2000000140.440:57): pid=7535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.491" name="bus" dev="loop3" ino=1048620 res=0 errno=0
[  234.197489][ T7528] 
[  234.199905][ T7528] ======================================================
[  234.206952][ T7528] WARNING: possible circular locking dependency detected
[  234.214010][ T7528] syzkaller #0 Not tainted
[  234.218454][ T7528] ------------------------------------------------------
[  234.225500][ T7528] syz.0.494/7528 is trying to acquire lock:
[  234.231430][ T7528] ffff88807594ec58 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x1a4/0x350
[  234.241625][ T7528] 
[  234.241625][ T7528] but task is already holding lock:
[  234.249029][ T7528] ffff888059e9bcc8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0
[  234.258971][ T7528] 
[  234.258971][ T7528] which lock already depends on the new lock.
[  234.258971][ T7528] 
[  234.269438][ T7528] 
[  234.269438][ T7528] the existing dependency chain (in reverse order) is:
[  234.278662][ T7528] 
[  234.278662][ T7528] -> #1 (&ei->xattr_sem){++++}-{3:3}:
[  234.286283][ T7528]        down_write+0x97/0x200
[  234.291094][ T7528]        ext4_destroy_inline_data+0x28/0xe0
[  234.297038][ T7528]        ext4_do_writepages+0x4f0/0x3990
[  234.302804][ T7528]        ext4_writepages+0x1dd/0x350
[  234.308135][ T7528]        do_writepages+0x3b3/0x630
[  234.313290][ T7528]        filemap_fdatawrite_wbc+0x122/0x180
[  234.319232][ T7528]        file_write_and_wait_range+0x197/0x280
[  234.325424][ T7528]        generic_buffers_fsync_noflush+0x6f/0x160
[  234.331885][ T7528]        ext4_sync_file+0x45b/0xd30
[  234.337150][ T7528]        ext4_buffered_write_iter+0x2c0/0x350
[  234.343276][ T7528]        ext4_file_write_iter+0x1d9/0x1880
[  234.349128][ T7528]        vfs_write+0x46c/0x990
[  234.353945][ T7528]        __x64_sys_pwrite64+0x19b/0x230
[  234.359551][ T7528]        do_syscall_64+0x55/0xa0
[  234.364539][ T7528]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  234.371103][ T7528] 
[  234.371103][ T7528] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[  234.379585][ T7528]        __lock_acquire+0x2df1/0x7d40
[  234.385002][ T7528]        lock_acquire+0x19e/0x420
[  234.390071][ T7528]        percpu_down_read+0x44/0x1a0
[  234.395409][ T7528]        ext4_writepages+0x1a4/0x350
[  234.400743][ T7528]        do_writepages+0x3b3/0x630
[  234.405994][ T7528]        __writeback_single_inode+0x153/0xec0
[  234.412112][ T7528]        writeback_single_inode+0x21f/0x760
[  234.418079][ T7528]        write_inode_now+0x183/0x210
[  234.423413][ T7528]        iput+0x5ae/0x920
[  234.427778][ T7528]        ext4_xattr_block_set+0x273f/0x32b0
[  234.433732][ T7528]        ext4_expand_extra_isize_ea+0x12c5/0x1e80
[  234.440203][ T7528]        __ext4_expand_extra_isize+0x306/0x400
[  234.446416][ T7528]        __ext4_mark_inode_dirty+0x45d/0x6e0
[  234.452446][ T7528]        ext4_evict_inode+0x7f3/0xea0
[  234.457893][ T7528]        evict+0x4ca/0x8d0
[  234.462357][ T7528]        ext4_orphan_cleanup+0xbec/0x1420
[  234.468141][ T7528]        ext4_fill_super+0x5eea/0x67b0
[  234.473642][ T7528]        get_tree_bdev+0x3f3/0x520
[  234.478786][ T7528]        vfs_get_tree+0x8c/0x280
[  234.483764][ T7528]        do_new_mount+0x24b/0xa40
[  234.488817][ T7528]        __se_sys_mount+0x2e7/0x3d0
[  234.494061][ T7528]        do_syscall_64+0x55/0xa0
[  234.499051][ T7528]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  234.505515][ T7528] 
[  234.505515][ T7528] other info that might help us debug this:
[  234.505515][ T7528] 
[  234.515785][ T7528]  Possible unsafe locking scenario:
[  234.515785][ T7528] 
[  234.523305][ T7528]        CPU0                    CPU1
[  234.528745][ T7528]        ----                    ----
[  234.534136][ T7528]   lock(&ei->xattr_sem);
[  234.538516][ T7528]                                lock(&sbi->s_writepages_rwsem);
[  234.546285][ T7528]                                lock(&ei->xattr_sem);
[  234.553184][ T7528]   rlock(&sbi->s_writepages_rwsem);
[  234.558516][ T7528] 
[  234.558516][ T7528]  *** DEADLOCK ***
[  234.558516][ T7528] 
[  234.566687][ T7528] 3 locks held by syz.0.494/7528:
[  234.571738][ T7528]  #0: ffff888079f580e0 (&type->s_umount_key#31){++++}-{3:3}, at: get_tree_bdev+0x353/0x520
[  234.581900][ T7528]  #1: ffff888079f58608 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2bf/0xea0
[  234.591489][ T7528]  #2: ffff888059e9bcc8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0
[  234.601904][ T7528] 
[  234.601904][ T7528] stack backtrace:
[  234.607836][ T7528] CPU: 0 PID: 7528 Comm: syz.0.494 Not tainted syzkaller #0
[  234.615175][ T7528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  234.625393][ T7528] Call Trace:
[  234.628733][ T7528]  <TASK>
[  234.631697][ T7528]  dump_stack_lvl+0x18c/0x250
[  234.636473][ T7528]  ? load_image+0x420/0x420
[  234.641032][ T7528]  ? show_regs_print_info+0x20/0x20
[  234.646297][ T7528]  ? print_circular_bug+0x12b/0x1a0
[  234.651556][ T7528]  check_noncircular+0x2fc/0x400
[  234.656547][ T7528]  ? look_up_lock_class+0x75/0x140
[  234.661720][ T7528]  ? print_deadlock_bug+0x5d0/0x5d0
[  234.666963][ T7528]  ? lockdep_lock+0xf5/0x230
[  234.671606][ T7528]  ? _find_first_zero_bit+0xd3/0x100
[  234.676937][ T7528]  __lock_acquire+0x2df1/0x7d40
[  234.681844][ T7528]  ? mark_lock+0x94/0x320
[  234.686224][ T7528]  ? verify_lock_unused+0x140/0x140
[  234.691474][ T7528]  ? __lock_acquire+0x1347/0x7d40
[  234.696549][ T7528]  ? verify_lock_unused+0x140/0x140
[  234.701805][ T7528]  lock_acquire+0x19e/0x420
[  234.706343][ T7528]  ? ext4_writepages+0x1a4/0x350
[  234.711332][ T7528]  ? __might_sleep+0xe0/0xe0
[  234.715962][ T7528]  ? read_lock_is_recursive+0x20/0x20
[  234.721369][ T7528]  ? mark_lock+0x94/0x320
[  234.725746][ T7528]  ? __lock_acquire+0x1347/0x7d40
[  234.730821][ T7528]  percpu_down_read+0x44/0x1a0
[  234.735634][ T7528]  ? ext4_writepages+0x1a4/0x350
[  234.740623][ T7528]  ext4_writepages+0x1a4/0x350
[  234.745450][ T7528]  ? ext4_read_folio+0x2f0/0x2f0
[  234.750452][ T7528]  ? __rwlock_init+0x150/0x150
[  234.755266][ T7528]  ? do_raw_spin_unlock+0x121/0x230
[  234.760519][ T7528]  ? ext4_read_folio+0x2f0/0x2f0
[  234.765506][ T7528]  do_writepages+0x3b3/0x630
[  234.770202][ T7528]  ? folio_clear_dirty_for_io+0xc30/0xc30
[  234.775982][ T7528]  ? writeback_single_inode+0x214/0x760
[  234.781591][ T7528]  ? __lock_acquire+0x7d40/0x7d40
[  234.786655][ T7528]  ? do_raw_spin_lock+0x11f/0x2c0
[  234.791738][ T7528]  __writeback_single_inode+0x153/0xec0
[  234.797360][ T7528]  writeback_single_inode+0x21f/0x760
[  234.802796][ T7528]  ? write_inode_now+0x210/0x210
[  234.807793][ T7528]  write_inode_now+0x183/0x210
[  234.812613][ T7528]  ? bdi_split_work_to_wbs+0x910/0x910
[  234.818136][ T7528]  ? do_raw_spin_unlock+0x121/0x230
[  234.823396][ T7528]  iput+0x5ae/0x920
[  234.827247][ T7528]  ext4_xattr_block_set+0x273f/0x32b0
[  234.832689][ T7528]  ? __might_sleep+0xe0/0xe0
[  234.837338][ T7528]  ? xattr_find_entry+0x12b/0x2f0
[  234.842411][ T7528]  ? ext4_xattr_block_find+0x350/0x350
[  234.847919][ T7528]  ? ext4_xattr_block_find+0x2d4/0x350
[  234.853438][ T7528]  ext4_expand_extra_isize_ea+0x12c5/0x1e80
[  234.859441][ T7528]  __ext4_expand_extra_isize+0x306/0x400
[  234.865145][ T7528]  __ext4_mark_inode_dirty+0x45d/0x6e0
[  234.870757][ T7528]  ext4_evict_inode+0x7f3/0xea0
[  234.875662][ T7528]  ? _raw_spin_unlock+0x28/0x40
[  234.880658][ T7528]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  234.886610][ T7528]  ? do_raw_spin_unlock+0x121/0x230
[  234.891860][ T7528]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  234.897840][ T7528]  evict+0x4ca/0x8d0
[  234.901796][ T7528]  ? proc_nr_inodes+0x230/0x230
[  234.906691][ T7528]  ? do_raw_spin_unlock+0x121/0x230
[  234.911937][ T7528]  ? _raw_spin_unlock+0x28/0x40
[  234.916828][ T7528]  ? iput+0x706/0x920
[  234.920853][ T7528]  ext4_orphan_cleanup+0xbec/0x1420
[  234.926108][ T7528]  ? ext4_orphan_del+0xbf0/0xbf0
[  234.931098][ T7528]  ? ext4_register_li_request+0x183/0x940
[  234.936869][ T7528]  ? errseq_check_and_advance+0x66/0x120
[  234.942552][ T7528]  ext4_fill_super+0x5eea/0x67b0
[  234.947557][ T7528]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  234.953863][ T7528]  ? __might_sleep+0xe0/0xe0
[  234.958519][ T7528]  ? read_lock_is_recursive+0x20/0x20
[  234.964071][ T7528]  ? snprintf+0xe9/0x140
[  234.968386][ T7528]  ? down_read_killable+0x340/0x340
[  234.973668][ T7528]  ? setup_bdev_super+0x56b/0x660
[  234.978749][ T7528]  get_tree_bdev+0x3f3/0x520
[  234.983393][ T7528]  ? vfs_parse_fs_string+0x170/0x170
[  234.988828][ T7528]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  234.995154][ T7528]  ? setup_bdev_super+0x660/0x660
[  235.000237][ T7528]  ? apparmor_capable+0x137/0x1a0
[  235.005348][ T7528]  ? bpf_lsm_capable+0x9/0x10
[  235.010084][ T7528]  ? security_capable+0x89/0xb0
[  235.015001][ T7528]  vfs_get_tree+0x8c/0x280
[  235.019473][ T7528]  do_new_mount+0x24b/0xa40
[  235.024125][ T7528]  __se_sys_mount+0x2e7/0x3d0
[  235.028856][ T7528]  ? __x64_sys_mount+0xc0/0xc0
[  235.033689][ T7528]  ? lockdep_hardirqs_on+0x98/0x150
[  235.039029][ T7528]  ? __x64_sys_mount+0x20/0xc0
[  235.043857][ T7528]  do_syscall_64+0x55/0xa0
[  235.048335][ T7528]  ? clear_bhb_loop+0x40/0x90
[  235.053070][ T7528]  ? clear_bhb_loop+0x40/0x90
[  235.057826][ T7528]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  235.063807][ T7528] RIP: 0033:0x7f42cdf9da8a
[  235.068282][ T7528] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  235.087952][ T7528] RSP: 002b:00007f42ceefbe58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  235.096423][ T7528] RAX: ffffffffffffffda RBX: 00007f42ceefbee0 RCX: 00007f42cdf9da8a
[  235.104439][ T7528] RDX: 00002000000001c0 RSI: 0000200000000b80 RDI: 00007f42ceefbea0
[  235.112458][ T7528] RBP: 00002000000001c0 R08: 00007f42ceefbee0 R09: 0000000000800744
[  235.120485][ T7528] R10: 0000000000800744 R11: 0000000000000246 R12: 0000200000000b80
[  235.128509][ T7528] R13: 00007f42ceefbea0 R14: 000000000000047a R15: 000000000000002c
[  235.136545][ T7528]  </TASK>
[  235.174343][ T7528] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #11: comm syz.0.494: iget: bad extra_isize 90 (inode size 256)
[  235.188139][ T7528] EXT4-fs (loop0): Remounting filesystem read-only
[  235.197220][ T7528] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  235.213805][ T7528] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -5)
[  235.225842][ T7528] EXT4-fs (loop0): 1 orphan inode deleted
[  235.232922][ T7528] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.339136][ T7526] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.