last executing test programs:

4m57.645179422s ago: executing program 2 (id=204):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000001500), 0x4)

4m57.608437076s ago: executing program 2 (id=205):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$kcm(0x10, 0x2, 0x0)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x0, {0x4, @local, 'erspan0\x00'}}, 0x1e)
socket$pppoe(0x18, 0x1, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './mnt\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x35, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x6, 0x8, 0x0, 0x3}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x16, 0xc, &(0x7f0000000280)=ANY=[@ANYRES8=r4, @ANYRESDEC=r3, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
r7 = socket(0x1e, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r8=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000000f00000008000300", @ANYRES32=r8, @ANYRESDEC=r7], 0x2c}}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x3, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00')
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="bc0000002b00010000000000ffdbdf25aa0000800c0000000000000000000000140001000100000000000000000000000000000150bb2d6f67d29d6fabadb107d0def49c88e804abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe940000"], 0xbc}], 0x1}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={0x0, 0xffffffffffffff8a}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff0000056842bb002552d215f6", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e00000018000280140011"], 0x48}}, 0x0)
socket(0x10, 0x3, 0x0)
pwritev(r9, &(0x7f0000000500)=[{&(0x7f0000000000)='0', 0x1}], 0x1, 0x0, 0x0)
read$FUSE(r9, 0x0, 0x0)

4m56.586354006s ago: executing program 2 (id=242):
r0 = socket(0x2a, 0x2, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000000))

4m56.502620695s ago: executing program 2 (id=246):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x1)

4m56.501987565s ago: executing program 2 (id=248):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x30, 0x2c, 0xd2b, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x1, 0x4}, {}, {0xe, 0x1}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x893}, 0x20040084)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000011100)=@newtfilter={0x4c, 0x2c, 0xd2b, 0x70bd2a, 0x25df9bfd, {0x0, 0x0, 0x0, r5, {0x9, 0xfff1}, {}, {0xe, 0x1}}, [@filter_kind_options=@f_fw={{0x7}, {0x20, 0x2, [@TCA_FW_INDEV={0x14, 0x3, 'veth1_to_team\x00'}, @TCA_FW_MASK={0x8, 0x5, 0x15ac}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40}, 0x8000)

4m56.311136504s ago: executing program 4 (id=258):
r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0xc8080)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000000)=0x639)
read$FUSE(r0, &(0x7f0000001ac0)={0x2020}, 0x2020)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

4m56.126399742s ago: executing program 2 (id=263):
setrlimit(0x40000000000008, &(0x7f0000000000))
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)

4m56.048964489s ago: executing program 32 (id=263):
setrlimit(0x40000000000008, &(0x7f0000000000))
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)

4m54.883809314s ago: executing program 1 (id=275):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x2002)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x8})
close(0x3)

4m54.540841178s ago: executing program 1 (id=276):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5543, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0xb}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="00000b0000000b00d0e4c3a66cb0162a38"], 0x0, 0x0, 0x0, 0x0}, 0x0)

4m53.950611746s ago: executing program 1 (id=280):
r0 = socket(0x40000000015, 0x5, 0x0)
unshare(0x2c020400)
setsockopt$inet6_tcp_int(r0, 0x6, 0x4, 0x0, 0x0)

4m53.91345338s ago: executing program 1 (id=282):
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0xfffffffffffffdbc, 0x2, {{0x1, 0xd, 0x0, 0x9, 0x8}, 0x6, 0x1, 0x1, 0x4, 0x8, 0xe, 0x7, 0x1d, 0x3, 0x9, {0xa2d6, 0x200, 0xb, 0x40, 0x2, 0x1ff}}}}]}, 0x78}}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000027c0)=@newtfilter={0x8b0, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r5, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x87c, 0x2, [@TCA_MATCHALL_ACT={0x878, 0x2, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1ff, 0x3, 0x10000, 0x81, 0x7f, 0xfffffffb, 0x4, 0x2, 0xffffffc0, 0x5, 0x2234, 0x7f, 0x81b, 0x800, 0x8, 0x0, 0x3, 0x7ed53619, 0x1, 0x2, 0x9644, 0x4, 0x58b, 0x852, 0x3ff, 0x46, 0x2, 0x1, 0x0, 0x80000000, 0x10001, 0x790, 0x5, 0xab2, 0xfffffff9, 0x1a77, 0x9, 0x3, 0x400, 0x63c, 0x4, 0xffffffff, 0x1, 0x5, 0x1, 0x5b1f, 0x7b0, 0x7, 0x100, 0x6, 0xd, 0xff, 0x3, 0x10000, 0x6, 0x6b7, 0x1ff, 0x80, 0x4, 0x7, 0x3, 0xa14, 0x3, 0x2, 0x80000000, 0x81, 0x7, 0x8, 0x5, 0x10001, 0xf7, 0x3, 0xfffffff9, 0x9, 0x4, 0x8, 0xfff, 0x3, 0x1, 0x6, 0x7, 0x8, 0x100, 0xc0000000, 0x6, 0x6, 0x6, 0x8, 0x80000001, 0x8, 0x1d24, 0x2, 0x9, 0x0, 0x7f, 0x7, 0x863c, 0xff, 0x24, 0x5, 0x7, 0x6, 0x7a, 0x8, 0x0, 0x7, 0x470, 0x7f, 0x6, 0x0, 0x1, 0x0, 0x4, 0x9, 0x61, 0x200, 0x6, 0x2, 0x2, 0x6, 0x10001, 0x8, 0x7, 0xf, 0xda56, 0x7ffffffe, 0x80, 0x2f0cb955, 0x7, 0xfed, 0xf, 0x6ae, 0x2, 0x1, 0x9, 0x8001, 0x0, 0xec000, 0x0, 0x1, 0x2, 0xfffffffb, 0x7, 0x8, 0x4, 0x1, 0xffffcf1b, 0x282, 0x5517bc7b, 0x3, 0x4, 0xb6b, 0x5, 0x0, 0xac, 0x9, 0x6, 0x10, 0x9, 0x8, 0x80000001, 0x0, 0x74, 0x6, 0x7fffffff, 0x0, 0xa, 0x6, 0xffffffff, 0x8, 0x2, 0x7, 0x7f, 0x5, 0x3, 0xa, 0x1, 0x200, 0x9, 0x300, 0x5, 0x3, 0x6, 0xffffffff, 0xffb, 0xff, 0x5, 0x8, 0x3, 0x2, 0x5, 0xfca, 0x399d, 0x6, 0x8ab2, 0x18000, 0x2, 0xfffffff9, 0x2, 0x2, 0x528c, 0x5, 0x200, 0xac, 0xf, 0xd05, 0x9a2ce73, 0x4, 0x6, 0xe074, 0x6b10, 0x5, 0x1, 0x6, 0xb, 0xa26, 0xaf6, 0x0, 0xec, 0x8, 0xde16, 0xc418, 0xffffffff, 0xffffffff, 0x9, 0x4, 0x1, 0x5, 0x354d, 0x5, 0x2, 0x1, 0x7, 0x1, 0x177, 0x7, 0x0, 0x80, 0x5, 0x8, 0xfffffffb, 0x9, 0xe7b, 0x0, 0x7, 0x42bf, 0x10000, 0x9, 0x9, 0x6, 0x8004b75, 0x80000001, 0x1000, 0x5915, 0x10001, 0x1]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1080, 0x4, 0x80000ec2, 0x6, 0x8, 0x400, 0x5, 0x1, 0x7, 0x470, 0x487, 0x100, 0xa99, 0xffffff01, 0x5, 0x37f, 0x8, 0x6, 0x3, 0x3, 0x800, 0xd2f5, 0x40, 0x4, 0x4, 0x5, 0x7, 0x12, 0x2, 0x8, 0x101, 0xffffffff, 0x2, 0x10000, 0xa6, 0x3, 0x10000, 0x5, 0x4, 0x0, 0x3, 0x0, 0xd, 0x6, 0x98, 0x8, 0x6, 0x9, 0x1000, 0xb3000, 0xf, 0x3, 0x9, 0xb4, 0x94d, 0x9, 0x8, 0x6, 0x100, 0xec0, 0xffff, 0x4, 0x2, 0x3ff, 0x3e, 0xb827, 0x0, 0x0, 0x365, 0x8, 0x8, 0xf, 0x1, 0xfffffffe, 0xfffffff6, 0x93, 0x7ff, 0x92, 0x0, 0x7, 0xfffffffc, 0x7ff, 0x9, 0x2, 0x0, 0x2, 0x8, 0x1, 0x3, 0x9, 0xc, 0x7, 0x3, 0x3, 0x400, 0x100000, 0x7f, 0x2, 0x8, 0x4, 0x7, 0x4, 0x7, 0xfffffffa, 0x101, 0xadd9, 0xe, 0x0, 0x7, 0x7fffffff, 0x2, 0x4, 0x0, 0x5, 0x4, 0x3, 0x8, 0x9, 0x6, 0x6, 0x2, 0xb, 0x3, 0x7f, 0xffff, 0x401, 0x1685, 0xa252, 0x2, 0x200, 0x3, 0x1, 0x400, 0xfffffffc, 0xfffffffc, 0x1000, 0x7ff, 0x1, 0x1f6, 0x751, 0x7, 0x40000000, 0x4, 0xffffdbb7, 0x50, 0xf, 0xf, 0xe, 0x3, 0x0, 0x81, 0xfff80000, 0x7a7, 0x1, 0x6, 0x3, 0x8, 0x4, 0x5, 0x2, 0x0, 0x4e8, 0x80, 0x4, 0x8, 0x5, 0x0, 0x5, 0x7fff, 0x7, 0x8, 0x6a4941c5, 0x2ea567b4, 0x8, 0x80000000, 0x9, 0x40, 0x2, 0xfff, 0x8, 0x3, 0x1, 0x1, 0x0, 0x0, 0xd3bed341, 0x691f, 0x0, 0x2, 0x9, 0x6, 0x0, 0x1ff, 0x3, 0x3, 0x6, 0x5fc8462f, 0x0, 0x7, 0xffff, 0xfffffffc, 0x5, 0x0, 0xb9a6, 0x522, 0x2, 0x2, 0x900, 0x8, 0xbb99, 0xb8000000, 0x8, 0xffffff01, 0xc0a1, 0x8, 0x8, 0xa, 0x59, 0x9, 0x2, 0x101, 0x5f502dc7, 0x7, 0x0, 0x4, 0x6, 0x80000001, 0x3, 0xffffff97, 0x2, 0xfff, 0x1, 0x40, 0x8, 0x3, 0x710, 0x8, 0x1, 0xfffff339, 0x3, 0x8001, 0x1, 0x8001, 0x9, 0x8, 0xfffffffa, 0x8, 0x9, 0x3, 0xe, 0x10000, 0x9, 0x9, 0x7, 0xfffffff8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffe00, 0x6, 0x5, 0x1, 0xdbec, {0x8, 0x0, 0xb55, 0x5, 0x7, 0x5}, {0x6, 0x0, 0xd, 0x5, 0x1, 0x5d17}, 0x2, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x8b0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket(0x2, 0x5, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
r7 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmmsg$inet(r2, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @dev={0xac, 0x14, 0x14, 0x41}, @empty}}}], 0x20}}], 0x27, 0x0)

4m53.530607758s ago: executing program 4 (id=284):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd24, 0x25dfdafd, {0x0, 0x0, 0x0, r3, {0xc, 0xc}, {0x0, 0xfff1}, {0x99d411631b5903aa, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041080)

4m42.890039586s ago: executing program 1 (id=287):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
mremap(&(0x7f0000724000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000290000/0x4000)=nil)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x1, 0x2)

4m42.821923132s ago: executing program 4 (id=290):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
eventfd2(0x8001, 0x0)

4m42.698536064s ago: executing program 4 (id=291):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x4, 0x0, 0x200003, 0x0, {0xa, 0x4e21, 0x3, @dev={0xfe, 0x80, '\x00', 0xf}, 0x1814b150}}}, 0x3a)
close(r0)
getsockname(r1, 0x0, 0x0)

4m42.696770985s ago: executing program 4 (id=293):
syz_usb_connect(0x5, 0x24, &(0x7f0000000100)={{0x12, 0x1, 0x201, 0x1b, 0x4, 0x71, 0x20, 0x45b, 0x212, 0x1836, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x5, 0xc, 0x80, 0xfa, [{{0x9, 0x4, 0xc4, 0xc8, 0x0, 0x84, 0x40, 0xa0, 0x7f}}]}}]}}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0})

4m42.094156264s ago: executing program 4 (id=298):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=@newtaction={0x50, 0x30, 0x709, 0x0, 0x0, {}, [{0x3c, 0x1, [@m_vlan={0x38, 0x1, 0x0, 0x0, {{0x9}, {0xc, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x50}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=ANY=[@ANYBLOB="5400000011000008adbd7000ffcfdf2507000000", @ANYRES32=0x0, @ANYBLOB="406000001040000008000d00030000001800198014000500180b81e59214bb7c0a3144813e426be104001400080005"], 0x54}, 0x1, 0x0, 0x0, 0x51}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="1c0000f5"], 0xfd1)

4m42.005140083s ago: executing program 1 (id=300):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd24, 0x25dfdafd, {0x0, 0x0, 0x0, r3, {0xc, 0xc}, {0x0, 0xfff1}, {0x99d411631b5903aa, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041080)

4m26.581787692s ago: executing program 33 (id=300):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd24, 0x25dfdafd, {0x0, 0x0, 0x0, r3, {0xc, 0xc}, {0x0, 0xfff1}, {0x99d411631b5903aa, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041080)

4m26.564659044s ago: executing program 34 (id=298):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=@newtaction={0x50, 0x30, 0x709, 0x0, 0x0, {}, [{0x3c, 0x1, [@m_vlan={0x38, 0x1, 0x0, 0x0, {{0x9}, {0xc, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x50}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=ANY=[@ANYBLOB="5400000011000008adbd7000ffcfdf2507000000", @ANYRES32=0x0, @ANYBLOB="406000001040000008000d00030000001800198014000500180b81e59214bb7c0a3144813e426be104001400080005"], 0x54}, 0x1, 0x0, 0x0, 0x51}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="1c0000f5"], 0xfd1)

1m50.35445539s ago: executing program 6 (id=2402):
syz_usb_connect$uac1(0x0, 0xa5, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902930003010000000904000000010100000a2401000000020102132406000006090000000000000000000000000924030000000000070924050000f8431cfd092403000203fc041d0624050400"], 0x0)

1m49.410169033s ago: executing program 6 (id=2408):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000000), &(0x7f0000000180)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r3}, 0x18)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x26, &(0x7f0000000000))

1m49.410067653s ago: executing program 6 (id=2409):
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@link_local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "8000", 0x18, 0x3a, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2, {[], @mld={0x60b5013d8879f93, 0x0, 0x0, 0x0, 0x0, @mcast1}}}}}}, 0x0)

1m49.409934723s ago: executing program 6 (id=2410):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000002c0)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0x1, 0x53b, &(0x7f0000000b80)="$eJzs3cFvHFcZAPBvNl7HSZzaBQ5QqaWiRUkF2Y1r2locSpEQnCohyj0Ye2NZWXste93GVgXrvwAJIUDiBBcuSPwBSCgSF44IKRKcQSoCIUhBggN00OzO2mY9a2/SjTde/37SZN6b2Znvexu/2Zmdp9kAzq3nI+KNiPggTdOXImImX17Kp2h1pux17z94dymbkkjTt/6WRJIv6+4ryedX8s2mIuJrX4n4ZnI07tbO7p3Fer22mderzbWN6tbO7o3VtcWV2kptfX5+7tWF1xZeWbg5lHZejYjXv/Sn73/np19+/ZeffeePt/5y/VtZWtP5+sPteEgTx63sNL18capng81HDPYkytpT7lYuDbbN3mPMBwCA/rJz/I9ExKci4qWYiQvHn84CAAAAZ1D6hen4TxKRFpvssxwAAAA4Q0rtMbBJqZKPBZiOUqlS6Yzh/VhcLtUbW83P3G5sry93xsrORrl0e7Veu5mPFZ6NcpLV59rlg/rLPfX5iHg6Ir43c6ldryw16suj/vIDAAAAzokrPdf//5zpXP8DAAAAY2Z21AkAAAAAj53rfwAAABh/rv8BAABgrH31zTezKe3+/vXy2zvbdxpv31iubd2prG0vVZYamxuVlUZjpf3MvrWT9ldvNDY+F+vbd6vN2lazenVn99ZaY3u9eWs1pk6lQQAAAMART3/y3u+TiGh9/lJ7ykyOOingVEzsl5J8XtD7//BUZ/7eKSUFnIoLA7zmvYvFy50nwNk20bugT18Hxk951AkAI5ecsL7v4J3fdGalIecDAAAM37VPFN//P/l8vuWUH844nRjOr577/+nMqBIBTl37/v+gA3mcLMBYKQ80AhAYZx/2/v/J0vShEgIAAIZuuj0lpUr+9d50lEqVSsTV9s8ClJPbq/XazYh4KiJ+N1O+mNXn2lsmJ14zAAAAAAAAAAAAAAAAAAAAAAAAAAAdaZpECgAAAIy1iNKfk191nuV/bebF6d7vByaTf7d/EngyIt750Vs/uLvYbG7OZcv/vr+8+cN8+cuj+AYDAAAA6NW9Tm/P/zXqbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYN+8/eHepOw3w8kvDivvXL0bEbFH8iZhqz6eiHBGX/5HExKHtkoi4MIT4rb2I+HhR/CRLaz9kUfxhvAmtvaSVthXGj9n8XSiKf2UI8eE8u5cdf94o6v+leL49L+5/ExH/V39U/Y9/sX/8u9Cn/18dMMYz939e7Rt/L+KZieLjXzd+0if+CwPG/8bXd3f7rUt/HHGt+/nTPuIdjnBQqjbXNqpbO7s3VtcWV2ortfX5+blXF15beGXhZvX2ar2W/1sY47vP/uKD49p/ufDzL8mz6d/+Fwv2V/SZ9N/7dx98tFtpHY1//YWC+L/+Sf6Ko/FLeZxP5+Vs/bVuudUpH/bcz3773HHtXz5of/lh/v+v99tpryMd5dlB/3QAgMdga2f3zmK9Xtsc20J2lf4EpPEohcl4ItIY38K3s8L9Ye0wTdM061MFq+5FxCD7SWLILS0V53NQ6HsEGPWRCQAAGLaDk/5RZwIAAAAAAAAAAAAAAAAAAADn12k8Za035sEjkJNhPEIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAo/hcAAP//Yw3Xfw==")
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000002d80)=[{{&(0x7f0000000080)=@file={0x1, '.\x02\x00'}, 0x6e, 0x0}}], 0x1, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r2, 0x6628)

1m49.404040194s ago: executing program 6 (id=2411):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80040, 0x8)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0xc92480, 0x2, 0x0, 0xd, 0x0, 0x0, 0x0, 0x10, 0x5}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
fallocate(r2, 0x20, 0x6, 0x33)

1m49.306474294s ago: executing program 6 (id=2414):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000027c0)=@newtfilter={0x8b0, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r6, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x87c, 0x2, [@TCA_MATCHALL_ACT={0x878, 0x2, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1ff, 0x3, 0x10000, 0x81, 0x7f, 0xfffffffb, 0x4, 0x2, 0xffffffc0, 0x5, 0x2234, 0x7f, 0x81b, 0x800, 0x8, 0x0, 0x3, 0x7ed53619, 0x1, 0x2, 0x9644, 0x4, 0x58b, 0x852, 0x3ff, 0x46, 0x2, 0x1, 0x0, 0x80000000, 0x10001, 0x790, 0x5, 0xab2, 0xfffffff9, 0x1a77, 0x9, 0x3, 0x400, 0x63c, 0x4, 0xffffffff, 0x1, 0x5, 0x1, 0x5b1f, 0x7b0, 0x7, 0x100, 0x6, 0xd, 0xff, 0x3, 0x10000, 0x6, 0x6b7, 0x1ff, 0x80, 0x4, 0x7, 0x3, 0xa14, 0x3, 0x2, 0x80000000, 0x81, 0x7, 0x8, 0x5, 0x10001, 0xf7, 0x3, 0xfffffff9, 0x9, 0x4, 0x8, 0xfff, 0x3, 0x1, 0x6, 0x7, 0x8, 0x100, 0xc0000000, 0x6, 0x6, 0x6, 0x8, 0x80000001, 0x8, 0x1d24, 0x2, 0x9, 0x0, 0x7f, 0x7, 0x863c, 0xff, 0x24, 0x5, 0x7, 0x6, 0x7a, 0x8, 0x0, 0x7, 0x470, 0x7f, 0x6, 0x0, 0x1, 0x0, 0x4, 0x9, 0x61, 0x200, 0x6, 0x2, 0x2, 0x6, 0x10001, 0x8, 0x7, 0xf, 0xda56, 0x7ffffffe, 0x80, 0x2f0cb955, 0x7, 0xfed, 0xf, 0x6ae, 0x2, 0x1, 0x9, 0x8001, 0x0, 0xec000, 0x0, 0x1, 0x2, 0xfffffffb, 0x7, 0x8, 0x4, 0x1, 0xffffcf1b, 0x282, 0x5517bc7b, 0x3, 0x4, 0xb6b, 0x5, 0x0, 0xac, 0x9, 0x6, 0x10, 0x9, 0x8, 0x80000001, 0x0, 0x74, 0x6, 0x7fffffff, 0x0, 0xa, 0x6, 0xffffffff, 0x8, 0x2, 0x7, 0x7f, 0x5, 0x3, 0xa, 0x1, 0x200, 0x9, 0x300, 0x5, 0x3, 0x6, 0xffffffff, 0xffb, 0xff, 0x5, 0x8, 0x3, 0x2, 0x5, 0xfca, 0x399d, 0x6, 0x8ab2, 0x18000, 0x2, 0xfffffff9, 0x2, 0x2, 0x528c, 0x5, 0x200, 0xac, 0xf, 0xd05, 0x9a2ce73, 0x4, 0x6, 0xe074, 0x6b10, 0x5, 0x1, 0x6, 0xb, 0xa26, 0xaf6, 0x0, 0xec, 0x8, 0xde16, 0xc418, 0xffffffff, 0xffffffff, 0x9, 0x4, 0x1, 0x5, 0x354d, 0x5, 0x2, 0x1, 0x7, 0x1, 0x177, 0x7, 0x0, 0x80, 0x5, 0x8, 0xfffffffb, 0x9, 0xe7b, 0x0, 0x7, 0x42bf, 0x10000, 0x9, 0x9, 0x6, 0x8004b75, 0x80000001, 0x1000, 0x5915, 0x10001, 0x1]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1080, 0x4, 0x80000ec2, 0x6, 0x8, 0x400, 0x5, 0x1, 0x7, 0x470, 0x487, 0x100, 0xa99, 0xffffff01, 0x5, 0x37f, 0x8, 0x6, 0x3, 0x3, 0x800, 0xd2f5, 0x40, 0x4, 0x4, 0x5, 0x7, 0x12, 0x2, 0x8, 0x101, 0xffffffff, 0x2, 0x10000, 0xa6, 0x3, 0x10000, 0x5, 0x4, 0x0, 0x3, 0x0, 0xd, 0x6, 0x98, 0x8, 0x6, 0x9, 0x1000, 0xb3000, 0xf, 0x3, 0x9, 0xb4, 0x94d, 0x9, 0x8, 0x6, 0x100, 0xec0, 0xffff, 0x4, 0x2, 0x3ff, 0x3e, 0xb827, 0x0, 0x0, 0x365, 0x8, 0x8, 0xf, 0x1, 0xfffffffe, 0xfffffff6, 0x93, 0x7ff, 0x92, 0x0, 0x7, 0xfffffffc, 0x7ff, 0x9, 0x2, 0x0, 0x2, 0x8, 0x1, 0x3, 0x9, 0xc, 0x7, 0x3, 0x3, 0x400, 0x100000, 0x7f, 0x2, 0x8, 0x4, 0x7, 0x4, 0x7, 0xfffffffa, 0x101, 0xadd9, 0xe, 0x0, 0x7, 0x7fffffff, 0x2, 0x4, 0x0, 0x5, 0x4, 0x3, 0x8, 0x9, 0x6, 0x6, 0x2, 0xb, 0x3, 0x7f, 0xffff, 0x401, 0x1685, 0xa252, 0x2, 0x200, 0x3, 0x1, 0x400, 0xfffffffc, 0xfffffffc, 0x1000, 0x7ff, 0x1, 0x1f6, 0x751, 0x7, 0x40000000, 0x4, 0xffffdbb7, 0x50, 0xf, 0xf, 0xe, 0x3, 0x0, 0x81, 0xfff80000, 0x7a7, 0x1, 0x6, 0x3, 0x8, 0x4, 0x5, 0x2, 0x0, 0x4e8, 0x80, 0x4, 0x8, 0x5, 0x0, 0x5, 0x7fff, 0x7, 0x8, 0x6a4941c5, 0x2ea567b4, 0x8, 0x80000000, 0x9, 0x40, 0x2, 0xfff, 0x8, 0x3, 0x1, 0x1, 0x0, 0x0, 0xd3bed341, 0x691f, 0x0, 0x2, 0x9, 0x6, 0x0, 0x1ff, 0x3, 0x3, 0x6, 0x5fc8462f, 0x0, 0x7, 0xffff, 0xfffffffc, 0x5, 0x0, 0xb9a6, 0x522, 0x2, 0x2, 0x900, 0x8, 0xbb99, 0xb8000000, 0x8, 0xffffff01, 0xc0a1, 0x8, 0x8, 0xa, 0x59, 0x9, 0x2, 0x101, 0x5f502dc7, 0x7, 0x0, 0x4, 0x6, 0x80000001, 0x3, 0xffffff97, 0x2, 0xfff, 0x1, 0x40, 0x8, 0x3, 0x710, 0x8, 0x1, 0xfffff339, 0x3, 0x8001, 0x1, 0x8001, 0x9, 0x8, 0xfffffffa, 0x8, 0x9, 0x3, 0xe, 0x10000, 0x9, 0x9, 0x7, 0xfffffff8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffe00, 0x6, 0x5, 0x1, 0xdbec, {0x8, 0x0, 0xb55, 0x5, 0x7, 0x5}, {0x6, 0x0, 0xd, 0x5, 0x1, 0x5d17}, 0x2, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x8b0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r7)
socket(0x2, 0x5, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
r8 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmmsg$inet(r3, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @dev={0xac, 0x14, 0x14, 0x41}, @empty}}}], 0x20}}], 0x27, 0x0)

1m34.279489224s ago: executing program 35 (id=2414):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000027c0)=@newtfilter={0x8b0, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r6, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x87c, 0x2, [@TCA_MATCHALL_ACT={0x878, 0x2, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1ff, 0x3, 0x10000, 0x81, 0x7f, 0xfffffffb, 0x4, 0x2, 0xffffffc0, 0x5, 0x2234, 0x7f, 0x81b, 0x800, 0x8, 0x0, 0x3, 0x7ed53619, 0x1, 0x2, 0x9644, 0x4, 0x58b, 0x852, 0x3ff, 0x46, 0x2, 0x1, 0x0, 0x80000000, 0x10001, 0x790, 0x5, 0xab2, 0xfffffff9, 0x1a77, 0x9, 0x3, 0x400, 0x63c, 0x4, 0xffffffff, 0x1, 0x5, 0x1, 0x5b1f, 0x7b0, 0x7, 0x100, 0x6, 0xd, 0xff, 0x3, 0x10000, 0x6, 0x6b7, 0x1ff, 0x80, 0x4, 0x7, 0x3, 0xa14, 0x3, 0x2, 0x80000000, 0x81, 0x7, 0x8, 0x5, 0x10001, 0xf7, 0x3, 0xfffffff9, 0x9, 0x4, 0x8, 0xfff, 0x3, 0x1, 0x6, 0x7, 0x8, 0x100, 0xc0000000, 0x6, 0x6, 0x6, 0x8, 0x80000001, 0x8, 0x1d24, 0x2, 0x9, 0x0, 0x7f, 0x7, 0x863c, 0xff, 0x24, 0x5, 0x7, 0x6, 0x7a, 0x8, 0x0, 0x7, 0x470, 0x7f, 0x6, 0x0, 0x1, 0x0, 0x4, 0x9, 0x61, 0x200, 0x6, 0x2, 0x2, 0x6, 0x10001, 0x8, 0x7, 0xf, 0xda56, 0x7ffffffe, 0x80, 0x2f0cb955, 0x7, 0xfed, 0xf, 0x6ae, 0x2, 0x1, 0x9, 0x8001, 0x0, 0xec000, 0x0, 0x1, 0x2, 0xfffffffb, 0x7, 0x8, 0x4, 0x1, 0xffffcf1b, 0x282, 0x5517bc7b, 0x3, 0x4, 0xb6b, 0x5, 0x0, 0xac, 0x9, 0x6, 0x10, 0x9, 0x8, 0x80000001, 0x0, 0x74, 0x6, 0x7fffffff, 0x0, 0xa, 0x6, 0xffffffff, 0x8, 0x2, 0x7, 0x7f, 0x5, 0x3, 0xa, 0x1, 0x200, 0x9, 0x300, 0x5, 0x3, 0x6, 0xffffffff, 0xffb, 0xff, 0x5, 0x8, 0x3, 0x2, 0x5, 0xfca, 0x399d, 0x6, 0x8ab2, 0x18000, 0x2, 0xfffffff9, 0x2, 0x2, 0x528c, 0x5, 0x200, 0xac, 0xf, 0xd05, 0x9a2ce73, 0x4, 0x6, 0xe074, 0x6b10, 0x5, 0x1, 0x6, 0xb, 0xa26, 0xaf6, 0x0, 0xec, 0x8, 0xde16, 0xc418, 0xffffffff, 0xffffffff, 0x9, 0x4, 0x1, 0x5, 0x354d, 0x5, 0x2, 0x1, 0x7, 0x1, 0x177, 0x7, 0x0, 0x80, 0x5, 0x8, 0xfffffffb, 0x9, 0xe7b, 0x0, 0x7, 0x42bf, 0x10000, 0x9, 0x9, 0x6, 0x8004b75, 0x80000001, 0x1000, 0x5915, 0x10001, 0x1]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1080, 0x4, 0x80000ec2, 0x6, 0x8, 0x400, 0x5, 0x1, 0x7, 0x470, 0x487, 0x100, 0xa99, 0xffffff01, 0x5, 0x37f, 0x8, 0x6, 0x3, 0x3, 0x800, 0xd2f5, 0x40, 0x4, 0x4, 0x5, 0x7, 0x12, 0x2, 0x8, 0x101, 0xffffffff, 0x2, 0x10000, 0xa6, 0x3, 0x10000, 0x5, 0x4, 0x0, 0x3, 0x0, 0xd, 0x6, 0x98, 0x8, 0x6, 0x9, 0x1000, 0xb3000, 0xf, 0x3, 0x9, 0xb4, 0x94d, 0x9, 0x8, 0x6, 0x100, 0xec0, 0xffff, 0x4, 0x2, 0x3ff, 0x3e, 0xb827, 0x0, 0x0, 0x365, 0x8, 0x8, 0xf, 0x1, 0xfffffffe, 0xfffffff6, 0x93, 0x7ff, 0x92, 0x0, 0x7, 0xfffffffc, 0x7ff, 0x9, 0x2, 0x0, 0x2, 0x8, 0x1, 0x3, 0x9, 0xc, 0x7, 0x3, 0x3, 0x400, 0x100000, 0x7f, 0x2, 0x8, 0x4, 0x7, 0x4, 0x7, 0xfffffffa, 0x101, 0xadd9, 0xe, 0x0, 0x7, 0x7fffffff, 0x2, 0x4, 0x0, 0x5, 0x4, 0x3, 0x8, 0x9, 0x6, 0x6, 0x2, 0xb, 0x3, 0x7f, 0xffff, 0x401, 0x1685, 0xa252, 0x2, 0x200, 0x3, 0x1, 0x400, 0xfffffffc, 0xfffffffc, 0x1000, 0x7ff, 0x1, 0x1f6, 0x751, 0x7, 0x40000000, 0x4, 0xffffdbb7, 0x50, 0xf, 0xf, 0xe, 0x3, 0x0, 0x81, 0xfff80000, 0x7a7, 0x1, 0x6, 0x3, 0x8, 0x4, 0x5, 0x2, 0x0, 0x4e8, 0x80, 0x4, 0x8, 0x5, 0x0, 0x5, 0x7fff, 0x7, 0x8, 0x6a4941c5, 0x2ea567b4, 0x8, 0x80000000, 0x9, 0x40, 0x2, 0xfff, 0x8, 0x3, 0x1, 0x1, 0x0, 0x0, 0xd3bed341, 0x691f, 0x0, 0x2, 0x9, 0x6, 0x0, 0x1ff, 0x3, 0x3, 0x6, 0x5fc8462f, 0x0, 0x7, 0xffff, 0xfffffffc, 0x5, 0x0, 0xb9a6, 0x522, 0x2, 0x2, 0x900, 0x8, 0xbb99, 0xb8000000, 0x8, 0xffffff01, 0xc0a1, 0x8, 0x8, 0xa, 0x59, 0x9, 0x2, 0x101, 0x5f502dc7, 0x7, 0x0, 0x4, 0x6, 0x80000001, 0x3, 0xffffff97, 0x2, 0xfff, 0x1, 0x40, 0x8, 0x3, 0x710, 0x8, 0x1, 0xfffff339, 0x3, 0x8001, 0x1, 0x8001, 0x9, 0x8, 0xfffffffa, 0x8, 0x9, 0x3, 0xe, 0x10000, 0x9, 0x9, 0x7, 0xfffffff8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffe00, 0x6, 0x5, 0x1, 0xdbec, {0x8, 0x0, 0xb55, 0x5, 0x7, 0x5}, {0x6, 0x0, 0xd, 0x5, 0x1, 0x5d17}, 0x2, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x8b0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r7)
socket(0x2, 0x5, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
r8 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmmsg$inet(r3, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @dev={0xac, 0x14, 0x14, 0x41}, @empty}}}], 0x20}}], 0x27, 0x0)

42.856129089s ago: executing program 7 (id=2935):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x4, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})

42.678593297s ago: executing program 7 (id=2940):
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
socket(0x41503864490ca358, 0x6, 0xffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r4}, 0x18)
socket$key(0xf, 0x3, 0x2)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000d84000)={0xa, 0x2, 0x3, @loopback, 0x8}, 0x1c)
setsockopt$inet6_tcp_int(r5, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r5, &(0x7f00000000c0)="b2", 0x1, 0x24008844, &(0x7f0000000040)={0xa, 0x2, 0x80398, @empty, 0xfffffffe}, 0x1c)
shutdown(r5, 0x1)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f0000000440)={&(0x7f000047b000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000000680)=""/186, 0xba, 0x1, 0x0}, &(0x7f0000000340)=0x40)
open$dir(&(0x7f00000003c0)='./file0\x00', 0x4040, 0x161)
unshare(0x64000600)
socket$igmp(0x2, 0x3, 0x2)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)

41.770929246s ago: executing program 7 (id=2956):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000880)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
r3 = timerfd_create(0x0, 0x0)
timerfd_settime(r3, 0x3, &(0x7f0000000380)={{0x0, 0x989680}}, 0x0)

41.42264799s ago: executing program 7 (id=2957):
r0 = socket(0x840000000002, 0x3, 0xff)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={<r1=>0x0, <r2=>0x0}, &(0x7f00000003c0)=0xc)
syz_mount_image$exfat(&(0x7f0000000400), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f0000000500)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX=r2, @ANYRES16=0x0, @ANYRES8, @ANYRESOCT=r1, @ANYRESOCT=r1, @ANYRES16], 0x1, 0x14fa, &(0x7f0000002a80)="$eJzs3AuYjtXaOPB1r7UexjTpbZLDsO51P7xpsEyS5JCQQ5IkSZJTQtIkSUJiyClpSEKOk+QwhOQwjUnjfD7knDTZ0iRJSE5h/S/t/f3t/bW/r+/77/3/fNee+3dd65p1z/Pe93s/c8817/O81zXvDz1H1WtRv3YzIhL/EPjzlxQhRIwQYpgQ4gYhRCCEqBRfKf7K8QIKUv6xJ2H/XI+mX+sO2LXE88/beP55G88/b+P55208/7yN55+38fzzNp4/Y3nZ9jnFbuSVdxe//5+X8ev/v5Dc8pO/2Vj+5l7/jRSef97G88/beP55G88/b+P55208/399tf6TYzz/vI3nz1hedq3ff+Z1bde1/v1jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZY3nPNXaSHEv+2vdV+MMcYYY4wxxhj75/H5r3UHjDHGGGOMMcYY+/8PhBRKaBGIfCK/iBEFRKy4TsSJ60VBcYOIiBtFvLhJFBI3i8KiiCgqiokEUVyUEEagsIJEKEqKUiIqbhGlxa0iUZQRZUU54UR5kSRuExXE7aKiuENUEneKyuIuUUVUFdVEdXG3qCHuETVFLVFb3CvqiLqinqgv7hMNxP2ioXhANBIPisbiIdFEPCyaikdEM/GoaC4eEy3E46KleEK0Eq1FG9FWtPt/yn9F9BWvin6iv0gRA8RA8ZoYJAaLIWKoGCZeF8PFG2KEeFOkipFilHhLjBZvizHiHTFWjBPjxbtigpgoJonJYoqYKtLEe2KaeF9MFx+IGWKmmCVmi3QxR8wVH4p5Yr5YID4SC8XHYpFYLJaIpSJDfCIyxTKRJT4Vy8VnIlusECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFNrFdfC52iJ1il9gt9oi9Yp/4QuwXX4oD4iuRI77+b+af/Xf5vUCAAAkSNGjIB/kgBmIgFmIhDuKgIBSECEQgHuKhEBSCwlAYikJRSIAEKAElAAGBgKAklIQoRKE0lIZESISyUBYcOEiCJKgAt0NFqAiVoBJUhspQBapCVagO1aEG1ICaUBNqQ22oA3WgHtSD++A+uB8aQkNoBI2gMTSGJtAEmkJTaAbNoDk0hxbQAlpCS2gFraANtIF20A7aQ3voAB2gE3SCztAZukAXSIZk6ApdoRt0g+7QHXpAD+gJPaEX9Ibe8Aq8Aq/Cq9Af6sgBMBAGwiAYBENgKAyF12E4vAFvwJuQCiNhFLwFb8HbMAbOwFgYB+NhPNSQE2ESTAaSUyEN0mAaTIPpMB1mwEyYCbMhHebAXJgL82A+zIePYCF8DB/DYlgMSyEDMiATlkEWZMFyOAvZsAJWwipYDWtgNayD9bAONsIm2AhbYAtsg23wOXwOO2En7IbdsBf2whfwBXwJX0Iq5EAOHISDcAgOwWE4DLmQC0fgCByFo3AMjsFxOA4n4CScgpNwGk7DGTgL5+AcXIALcBFeSviu+d4yG1KFvEJLLfPJfDJGxshYGSvjZJwsKAvKiIzIeBkvC8lCsrAsLIvKojJBJsgSsoREiZJkKEvKkjIqo7K0LC0TZaIsK8tKJ51MkkmygqwgK8qKspK8U1aWd8kqsqrs6KrL6rKG7ORqylqytqwt68i6sp6sL+vLBrKBbCgbykaykWwsG8sm8mHZVA6AIfCovDKZFnIktJSjoJVsLdvItvJteFK2l2Ogg+woO8mn5TgYC11ke5csn5Nd5SToJl+Qk+FF2UNOhZ7yZdlL9pZ95Cuyr+zg+sn+cgYMkAPlbBgkB8shcqicB3XllYnVk2/KVDlSjpJvyaXwthwj35Fj5Tg5Xr4rJ8iJcpKcLKfIqTJNvienyffldPmBnCFnyllytkyXc+Rc+aGcJ+fLBfIjuVB+LBfJxXKJXCoz5CcyUy6TWfJTuVx+JrPlCrlSrpKr5Rq5Vq6T6+UGuVFukpvlFrlVbpPb5edyh9wpd8ndco/cK/fJL+R++aU8IL+SOfJreVD+SR6S38jD8luZK7+TR+T38qj8QR6TP8rj8id5Qp6Up+TP8rT8RZ6RZ+U5eV5ekL/Ki/KSvCy9FAqUVEppFah8Kr+KUQVUrLpOxanrVUF1g4qoG1W8ukkVUjerwqqIKqqKqQRVXJVQRqGyilSoSqpSKqpuUaXVrSpRlVFlVTnlVHmVpG5TFdTtqqK6Q1VSd6rK6i5VRVVV1VR1dbeqoe5RNVUtVVvdq+qouqqeqq/uUw3U/aqhekA1Ug+qxuoh1UQ9rJqqR1Qz9ahqrh5TLdTjqqV6QrVSrVUb1Va1U0+q9uop1UF1VJ3U06qzekZ1Uc+qZPWc6qqeV93UC6q7elH1UC+pnupl1Uv1Vn3UJXVZedVP9VcpaoAaqF5Tg9RgNUQNVcPU62q4ekONUG+qVDVSjVJvqdHqbTVGvaPGqnFqvHpXTVAT1SQ1WU1RU1Waek9NU++r6eoDNUPNVLPUbJWu5qghf6m04L+Q//7fyR/x27NvU9vV52qH2ql2qd1qj9qr9ql9ar/arw6oAypH5aiD6qA6pA6pw+qwylW56og6oo6qo+qYOqaOq+PqhDqpzquf1Wn1izqjzqqz6ry6oC6oi3/5GQgNWmqltQ50Pp1fx+gCOlZfp+P09bqgvkFH9I06Xt+kC+mbdWFdRBfVxXSCLq5LaKNRW0061CV1KR3Vt+jS+ladqMvosrqcdrq8TtK3/cP5f9RfO91Ot9ftdQfdQXfSnXRn3Vl30V10sk7WXXVX3U130911d91D99A9dU/dS/fSfXQf3Vf31f10P52iU/RA/ZoepAfrIXqoHqZf18P1cD1Cj9CpOlWP0qP0aD1aj9Fj9Fg9Vo/X4/UEPUFP0pP0FD1Fp+k0PU1P09P1dD1Dz9Cz9CydrtP1XD1Xz9Pz9AK9QC/UC/UivUgv0Ut0hs7QmTpTZ+ksvVwv19l6hV6hV+lVeo1eo9fpdXqD3qA36U16i96is/V2vV3v0Dv0Lr1L79F79D69T+/X+/UBfUDn6Bx9UB/Uh/QhfVgf1rk6Vx/RR/RRfVQf08f0cX1cn9An9Cl9Sp/Wp/UZfUaf0+f0BX1BX9QX9WV9+cplXyADGehAB/mCfEFMEBPEBrFBXBAXFAwKBpEgEsQH8UGh4OagcFAkKBoUCxKC4kGJwAQY2ICCMCgZlAqiwS1B6eDWIDEoE5QNygUuKB8kBbcFFYLbg4rBHUGl4M6gcnBXUCWoGlQLqgd3BzWCe4KaQa2gdnBvUCeoG9QL6gf3BQ2C+4OGwQNBo+DBoHHwUNAkeDhoGjwSNAseDZoHjwUtgseDlsETQaugddAmaBu0+6fW9/5MkadcP9PfpJgBZqB5zQwyg80QM9QMM6+b4eYNM8K8aVLNSDPKvGVGm7fNGPOOGWvGmfHmXTPBTDSTzGQzxUw1aeY9M828b6abD8wMM9PMMrNNuplj5poPzTwz3ywwH5mF5mOzyCw2S8xSk2E+MZlmmckyn5rl5jOTbVaYlWaVWW3WmLVmnVlvNpiNZpPZbLaYrWab2W4+NzvMTrPL7DZ7zF6zz3xh9psvzQHzlckxX5uD5k/mkPnGHDbfmlzznTlivjdHzQ/mmPnRHDc/mRPmpDllfjanzS/mjDlrzpnz5oL51Vw0l8xl469c3F95eUeNGvNhPozBGIzFWIzDOCyIBTGCEYzHeCyEhbAwFsaiWBQTMAFLYAm8gpCwJJbEKEaxNJbGREzEslgWHTpMwiSsgBWwIlbESlgJK2NlrIJVsBpWw7vxbrwH78FaWAvvxXuxLtbF+lgfG2ADbIgNsRE2wsbYGJtgE2yKTbEZNsPm2BxbYAtsiS2xFbbCNtgG22E7bI/tsQN2wE7YCTtjZ+yCXTAZk7ErdsVu2A27Y3fsgT2wJ/bEXtgL+2Af7It9sR/2wxRMwYE4EAfhIByCQ3AYDsPhOBxH4AhMxVQchaNwNI7GMTgGx+I4HI/v4gSciJNwMk7BqZiGaTgNp+F0nI4zcAbOwlmYjuk4F+fiPJyHC3ABLsSFuAgX4RJcghmYgZmYiVmYhctxOWZjNq7ElbgaV+NaXIvrcT1uxI24GTfjVtyK23E77sAduAt34R7cg/twH+7H/XgAD2AO5uBBPIiH8BAexsOYi7l4BI/gUTyKx/AYHsfjeAJP4Ck8hafxNJ7BM3gOz+EF/BUv4iW8jB5jrBSx9jobZ6+3Be0NNsYWsH8dF7XFbIItbktYYwvbIn8To7U20ZaxZW0562x5m2Rv+11cxVa11Wx1e7etYe+xNX8XN7D324b2AdvIPmjr2/v+Jm5sH7JN7OO2qX3CNrOtbXPb1rawj9uW9gnbyra2bWxb29k+Y7vYZ22yfc52tc//Ls60y+x6u8FutJvsfvulPWfP26P2B3vB/mr72f52mH3dDrdv2BH2TZtqR/4uHm/ftRPsRDvJTrZT7NTfxbPsbJtu59i59kM7z87/XZxhP7ELbZZdZBfbJXbpb/GVnrLsp3a5/cxm2xV2pV1lV9s1dq1d9397XWW32K12m91nv7A77E67y+62e+ze3+Ir53HAfmVz7Nf2iP3eHrLf2MP2mM213/0WXzm/Y/ZHe9z+ZE/Yk/aU/dmetr/YM/bsb+d/5dx/tpfsZeutICBJijQFlI/yUwwVoFi6juLoeipIN1CEbqR4uokK0c1UmIpQUSpGCVScSpAhJEtEIZWkUhSlW6g03UqJVIbKUjlyVJ6S6DaqQLdTRbqDKtGdVJnuoipUlapRdbqbatA9VJNqUW26l+pQXapH9ek+akD3U0N6gBrRg9SYHqIm9DA1pUeoGT1KzekxakGPU0t6glpRa2pDbakdPUnt6SnqQB2pEz1NnekZ6kLPUjI9R13peepGL1B3epF60EvUk16mXtSb+tAr1JdepX7Un1JoAA2k12gQDaYhNJSG0es0nN6gEfQmpdJIGkVv0Wh6m8bQOzSWxtF4epcm0ESaRJNpCk2lNHqPptH7NJ0+oBk0k2bRbEqnOTSXPqR5NJ8W0Ee0kD6mRbSYltBSyqBPKJOWURZ9SsvpM8qmFbSSVtFqWkNraR2tpw20kTbRZtpCW2kbbafPaQftpF20m/bQXtpHX9B++pIO0FeUQ1/TQfoTHaJv6DB9S7n0HR2h7+ko/UDH6Ec6Tj/RCTpJp+hnOk2/0Bk6S+foPF2gX+kiXaLL5EmEEMpQhToMwnxh/jAmLBDGhteFceH1YcHwhjAS3hjGhzeFhcKbw8JhkbBoWCxMCIuHJUITYmhDCsOwZFgqjIa3hKXDW8PEsExYNiwXurB8mBTeFlYIbw8rhneElcI7w8rhXWGVsGr4+IPVw7vDGuE9Yc2wVlg7vDesE9YN64X1w/vCBuH9YcPwgbBR+GBYMXwobBI+HDYNHwmbhY+GzcPHwhbh42HL8ImwVdg6bBO2DduFT4btw6fCDmHHsFP4dNg5fCbsEj4bJofPhV3D5//weEo4IBwYvha+Fnr/gFoSXRrNiH4SzYwui2ZFP40uj34WzY6uiK6Mroqujq6Jro2ui66PbohujG6Kbo5uiW6Nbot6Xz+/cOCkU067wOVz+V2MK+Bi3XUuzl3vCrobXMTd6OLdTa6Qu9kVdkVcUVfMJbjiroQzDp115EJX0pVyUXeLK+1udYmujCvryjnnyrsk19a1c+1ce/eU6+A6uk7uafe0e8Y94551z7rnXFf3vOvmXnDd3Yuuh3vJveRedr1cb9fHveL6ulddP9ffpbgUN9ANdIPcIDfEDXHD3DA33A13I9wIl+pS3Sg3yo12o90YN8aNdWPdeDfeTXAT3CQ3yU1xU1yaS3PT3DQ33U13M9wMN8vNcuku3c11c908N88tcAvcwsSFbpFb5Ja4JS7DZbhMl+myXJZb7pa7bJftVrqVbrVb7da6tW69W+82uo1us9vstrqtbrvb7na4HW6X2+X2uD1un9vn9rv97oA74HJcjjvoDrpD7pA77L51ue47d8R97466H9wx96M77n5yJ9xJd8r97E67X9wZd9adc+fdBferu+guucvOu7TIe5Fpkfcj0yMfRGZEZkZmRWZH0iNzInMjH0bmReZHFkQ+iiyMfBxZFFkcWRJZGsmIfBLJjCyLZEU+jSyPfBbJjqyIrIysiqyOrIl4X3xH6Ev6Uj7qb/Gl/a0+0ZfxZX0573x5n+Rv8xX87b6iv8NX8nf6yv4uX8VX9dX8E76Vb+3b+La+nX/St/dP+Q6+o+/kn/ad/TO+i3/WJ/vnfFf/vO/mX/Dd/Yu+h3/J9/Qv+16+t+/jX/F9/au+n+/vU/wAP9C/5gf5wX6IH+qH+df9cP+GH+Hf9Kl+pB/l3/Kj/dt+jH/Hj/Xj/Hj/rp/gJ/pJfrKf4qf6NP+en+bf99P9B36Gn+ln+dk+3c/xc/2Hfp6f7xf4j/xC/7Ff5Bf7JX6pz/Cf+Ey/zGf5T/1y/5nP9iv8Sr/Kr/Zr/Fq/zq/3G/xGv8lv9lv8Vr/Nb/ef+x1+p9/ld/s9fq/f57/w+/2X/oD/yuf4r/1B/yd/yH/jD/tvfa7/zh/x3/uj/gd/zP/oj/uf/Al/0p/yP/vT/hd/xp/15/x5f8H/6i/6S/4y/88aY4wxxth/ifqD4wP+zvfkX9YVA4UQ1+8slvvva24u/Of9YJnQOSKEeK5/z0f/bdWpk5KS8pfHZisRlFoshIhczc8nrsYrRCfxjEgWHUWFv9vfYNn7Av1B/eidQsT+VU6MuBpfrX/7f1D/yafHZ1YOz8X/J/UXC5FY6mpOAXE1vlq/4n9Qv0j7P+i/wDdpQnT4q5w4cTW+Wj9JPCWeF8l/80jGGGOMMcYYY+zPBstq3f/o/vnK/XmCvpqTX1yN/+j+nDHGGGOMMcYYY9fei737PPtkcnLH7rz537wp8L+jDd7knc21/svEGGOMMcYY+2e7etF/rTthjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbyrv+JjxO71ufIGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMXWv/JwAA//+0LzvJ")
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x800, 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r3, &(0x7f0000006b40)={0x2020}, 0x2020)

41.357424447s ago: executing program 7 (id=2960):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socket(0x80000000000000a, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r1, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)

37.16402944s ago: executing program 7 (id=2982):
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6, @multicast}, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f0000004440)=@base={0x4, 0x4, 0x4, 0x40007, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x50)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
syz_open_dev$vcsn(0x0, 0x4, 0x448000)
umount2(&(0x7f0000000000)='./file0\x00', 0x3)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000440), 0x33)
listen(r2, 0x0)
accept4$unix(r2, 0x0, 0x0, 0x0)

37.146896041s ago: executing program 36 (id=2982):
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6, @multicast}, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f0000004440)=@base={0x4, 0x4, 0x4, 0x40007, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x50)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
syz_open_dev$vcsn(0x0, 0x4, 0x448000)
umount2(&(0x7f0000000000)='./file0\x00', 0x3)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000440), 0x33)
listen(r2, 0x0)
accept4$unix(r2, 0x0, 0x0, 0x0)

3.886701248s ago: executing program 5 (id=3318):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x66, &(0x7f0000000080)=ANY=[@ANYBLOB="69e1629b6174391e7dd7a2d786dd60b6000000302c03cb697a653e336f000000500000000000ff02000000000000000000000000000102000003"], 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000080)=ANY=[], 0x0)

3.818606364s ago: executing program 0 (id=3319):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$FITHAW(r3, 0xc0045878)
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
clock_gettime(0x0, &(0x7f00000002c0))
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, &(0x7f0000000280)={0xa, 0x4e22, 0xd, @loopback, 0x6}, 0x1c)
connect$inet6(r7, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)

3.818414404s ago: executing program 5 (id=3320):
syz_mount_image$exfat(&(0x7f0000000540), &(0x7f0000000040)='./file7\x00', 0x10, &(0x7f00000002c0)=ANY=[], 0x13, 0x152d, &(0x7f0000004bc0)="$eJzs3Au4TtW3MPAx5pyLTdKb5LJZY47FmzYmSZJLQi5JkiRJbgkJSZKQ3HJLQhJyT3JP2rm17bTd7/drkhxJkoSEJPN7dun4d/r6/M/59x3n+/b4Pc/yzmG9Y7xzvuO9rLWevfe3nYdVa1C9cj1mhn+FunTbCwASAGAgAFwHAAEAlMpRKgcgQBaNvf6lBxF/s4dnXu0ZiKtJ+p+xSf8zNul/xib9z9ik/xmb9D9jk/5nbNJ/ITKyLbPyXi9bxt2+7Tys2tJ/6vq//T/vxt9u5Pr//yRZrrBfvv//v/VPvdOk/xmb9D9jk/5nbNL/jE36n7FJ/zM26X/GJv0XIiO72tef/x/Yfn2e2l5+yq72fP5iC/5LeVfvlSeEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQIiM55y8zAPD7+GrPSwghhBBCCCGEEH8fn/lqz0AIIYQQQgghhBD/9yGA0WAggEyQGRIgC2SFayAbXAvZ4TqIwfWQA26AnHAj5ILckAfyQiLkg/wQAoEFhggKQEGIg/cAN0MSFIYiUBQcFIPicAuUgFuhJNwGpSA5BeAOKANloRyUhzuhAtwFFaESVIa7oQpUhWpQHe6BGnAv1IT7oBbcD7XhAagDD0JdeAjqwcNQHx6BBvAoNITHoBE0hibQFJr9l/JfhO7wEvSAntALekMfeBn6Qj/oDwNgILwCg+BVGAyvwRAYCsPgdRgOb8AIeBNGwigYDW/BGBgL42A8TICJMAnehsnwDkyBd2EqTIPpMANmwiyYDe/BHHgf5sIHkIwA82A+LICFsAg+ghRYDKnwMSyBTyANlsIyWA4rYCWsgtWwBtbCOlgPG2AjbILNsAW2wjbYDjtgJ+yC3ZX2wKewFz6DffA57Icv/pP5Z+GP+V0QEFChQoMGM2EmTMAEzIpZMRtmw+yYHWMYwxyYA3NiTsyFuTAP5sFETMT8mB8JCRkZC2ABjGMcC2EhTMIkLIJF0KHD4lgcS+CtWBJLYikshaWxNJbBslgWy2N5rIAVsCJWxMp3zAfAKlgNq+E9eA/eizWxJtbCWlgba2MdrIN1sS7Ww3pYH+tjA2yADbEhNsJG2ASbYDNshs2xObbAFtgKW2FrbI1tsA22w3bYHttjB+yAHbEjdsJO2Bk7Yxfsil3xRXwRX8KXsCdWUb2xD/bBvtgX++MAHICv4CB8FV/F13AIDsVh+Dq+jm/gCDyDI3EUjsbRWEGNxXE4HllNxEk4CSfjZJyCU3AqTsNpOANn4iycjbNxDr6P6e+wZPwQP8T5OB8X4iJchCm4GFMxFZfgWUzDpbgMl+MKXIkrcDWuwdW4DtfjOtyIG3EzbsatuBW343bciTtxN+7GT/FT/Aw/wyG4H/fjATyAB/EgHsJDeBgP4xE8svUaADyGx/A4HscTeBJP4Uk8jafxDJ7Fc3gOz+N5vIDPJ35df3fhtUNApTPKqEwqk0pQCSqryqqyqWwqu8quYiqmcqgcKqfKqXKpXCqPyqMSVaLKr/IrUqRYRaqAKqDiKq4KqUIqSSWpIqqIcsqp4qq4KqFKqJKqpCqlblel1R2qjCqrWrryqryqoFq5iqqSqqwqqyqqqqqmqqvqqoaqoWqqmqqWqqVqq9qqjnpQ1VW9sT8+rNI700ANxYZqGDZSjVUT1VS9gY+r5moEtlAtVSv1pBqFI7GNau7aqadVezUOO6hnE37/oOusXlBdVFfVTb2ouqsWrofqqaZib9VHzcC+qp/qrwaoOVhVfYDJWE29poaooWqYel0txDfUCPWmGqlGqdHqLTVGjVXj1Hg1QU1Uk9TbarJ6R01R76qpapqarmaomWqWmq3eU3PU+2qu+kAlqw/VPDVfLVAL1SL1kUpRi1Wq+lgtUZ+oNLVULVPL1Qq1Uq1Sq9UatVatU+vVBrVRbVKb1Ra1VW1T29UOtVPtUrvVHvWp2qs+U/vU52q/+kKlf34fVF+qQ+ordVh9rY6ob9RR9a06pr5Tx1VPdUKdVKfUD+q0+lGdUWd7n1M/qfPqZ3VB/aIuKq9Ao1Zaa6MDnUln1gk6i86qr9HZ9LU6u75Ox/T1Ooe+QefUN+pcOrfOo/PqRJ1P59ehJm0160gX0AV1XN+kC+mbdZIurIvootrpYrq4vkWX0Lfqkvo2XUrfrkvrO3QZXVaX0+X1nbqCvktX1JV0ZX23rqKr6mq6ur5H19D36pr6Pl1L369r6wd0Hf2grqsf0vX0w7q+fkQ30I/qhvox3Ug31k10U91MP66b6yd0C91St9JP6tb6Kd1Gt9Xt9NO6vX5Gd9DP6o76Od1JP6876xd0F91Vd9O/6Iva6x66p+6le+s++mXdV/fT/fUAPVC/ogfpV/Vg/ZoeoofqYfp1PVy/oUfoN/VIPUqP1m/pMXqsHqfH6wl6op6k39aT9Tt6in5XT9XT9HSdGWbqWbr/pUpz/4n8d/6QP0On5w/+9dE36y16q96mt+sdeqfepXfrPXqP3qv36n16n96P+NsrWx/Uh/QhfVgf1kf0EX1UH9XH9DF9XB/XJ/RJ/ZP+QZ/WP+oz+qw+q3/S5/V5feHScwAGjTLaGBOYTCazSTBZTFZzjclmrjXZzXUmZq43OcwNJqe50eQyuU0ek9ckmnwmvwkNGWvYRKaAKWji5iZTyNxskkxhU8QUNc4UM8XNLSZmEP6V/L+Y3/Lpv63cNDPNTHPT3LQwLUwr08q0Nq1NG9PGtDPtTHvT3nQwHUxH09F0Mp1MZ9PZdDFdTDfTzXQ33U0PBNPL9DJ9zMumr+ln+psBZqB5xaQXHmwGmyFmiBlmhpnhZrgZYUaYkWakSd85xowx48w4M8FMMJPMJDPZTDZTzBQz1Uw10810M9PMNLPNbDPHzDFzzVyTbJLNPDPPLDALzCKzyKSYFJNqUs0Ss8SkmaVmqVlulpuVZqVZbVabtWatWW/Wm41mo0kzW8wWs81sMzvMDrPL7DJ7zB6z1+w1+8w+s9/sNwfMAXPQHDSHzCFz2Bw2R8wRc9QcNcfMMXPcHDcnzAlzypwyp81pc8acMefMOXPenDcXzAVz0VxMP+wLVKACE5ggU5ApSAgSgqxB1iBbkC3IHmQPYkEsyBHkCHIGNwa5gtxBniBvkBjkC/IHYUCBDTiIggJBwSAe3BQUCm4OkoLCQZGgaOCCYkHx4JagRHBrUDK4LSgV3B6UDu4IygRlg3JB+eDOoEJwV1AxqBRUDu4OqgRVg2pB9eCeoEZwb1AzuC+oFdwf1A4eCOoEDwZ1g4eCesHDQf3gkaBB8GjQMHgsaBQ0DpoETYNmf2t978/kfsL1CHuGmaF32Cd8Oewb9gv7hwPCgeEr4aDw1XBw+Fo4JBwaDgtfD4eHb4QjwjfDkeGocHT4VjgmHBuOC8eHE8KJ4aTw7XBy+E44JXw3nBpOC6eHM8KZ4axwdvheOCd8P5wbfhAmhx+G88L54YJwYbgo/ChMCReHqeHH4ZLwkzAtXBouC5eHK8KV4apwdbgmXBuuC9eHG8KN4aZwc7gl3BpuC7eHO8Kd4a5wd7gn/DTcG34W7gs/D/eHX4QHwt+/9r4KD4dfh0fCb8Kj4bfhsfC78Hj4fXgiPBmeCn8IT4c/hmfCs+G58KfwfPhzeCH8JbwY+vSD+/SvdzJkKBNlogRKoKyUlbJRNspO2SlGMcpBOSgn5aRclIvyUB5KpETKT/kpHRNTASpAcYpTISpESZRERagIOXJUnIpTCSpBJakklaJSVJpKUxkqQ+WoHN1Jd9JddBdVokp0N91NVakqVafqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUgBpQQ2pIjagRNaEm1IyaUXNqTi2oBbWiVtSaWlMbakPtqB21p/bUgTpQR+pInagTdabO1IW6UDfqRt2pO/WgHtSLelEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qIxNJbG0XiaQBNpEk2iyTSZptAUmkpTaTpNp5k0k2bTbJpDc2guzaVkSqZ5NI8W0AJaRIsohVIolVJpCS2hNEqjZbSMVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI120A7aRbtoD+2hvbSX9tE+2k/76QAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0M12gX+gieUqwWWxWe43NZq+12e119j/GeWxem2jz2fw2tLls7n+M+5787UfIbRFb1DpbzBa3t9gkW/gPcRlb1paz5e2dtoK9y1a8FAP8HtdYs+NSlfttdXuPrWHvtTXtfbaWvd/Wtg/YOvZRW9c+ZuvZxra+bWob2EdtQ/uYbWQb2ya2qW1tn7JtbFvbzj5t29tn/hSn2MV2jV1r19n1dq/9zJ6zP9mj9lt73v5se9iedqB9xQ6yr9rB9jU7xA79UzzavmXH2LF2nB1vJ9iJf4qn2xl2pp1lZ9v37Bz7/p/iRfYjm2xT7Tw73y6wC3+N0+eUaj+2S+wnNs0utcvscrvCrrSr7Op/n+tyu9FuspvtHvup3Wa32x12p91ld/8ap69jn/3c7rdf2CP2G3vQfmkP2WP2sP361zh9fcfsd/a4/d6esCftKfuDPW1/tGfs2V/Xn772H+wv9qL1FhhZsWbDAWfizJzAWTgrX8PZ+FrOztdxjK/nHHwD5+QbORfn5jyclxM5H+fnkIktM0dcgAtynG/iQnwzJ3FhLsJF2XExLs63cAm+lUty+tHr7Vya7+AyXJbLcXm+kyvwXVyRK3FlvpurcFWuxtX5Hq7B93JNvo9r8f1cmx/gOvwg1+WHuB4/zPX5EW7Aj3JDfowbcWNuwk25GT/OzfkJbsEtuRU/ya35KW7DbbkdP83t+RnuwM9yR36OO/Hz3Jlf4C7clbvxi9ydX+Ie3JN7cW/uwy9zX+7H/XkAD+RXeBC/yoP5NR7CQ3kYv87D+Q0ewW/ySB7Fo/ktHsNjeRyP5wk8kSfx2zyZ3+Ep/C5P5Wk8nWfwTJ7Fs/k9nsPv81z+gJP5Q57H83kBL+RF/BGn8GJO5Y95CX/CabyUl/FyXsEreRWv5jW8ltfxet7AG3kTb+YtvJW38XZG3sm7eDfv4U95L3/G+/hz3s9f8AH+Nz7IX/Ih/ooP89d8hL/ho/wtH+Pv+Dh/zyf4JJ/iH/g0/8hn+Cyf45/4PP/MF/gXvsieIcJIRToyURBlijJHCVGWKGt0TZQtujbKHl0XxaLroxzRDVHO6MYoV5Q7yhPljRKjfFH+KIwoshFHUVQgKhjFo5uiQtHNUVJUOCoSFY1cVCwqHt0SlYhujUpGt0Wlotuj0tEdUZmobPTo/eWjO6MK0V1RxahSVDm6O6oSVY2qRdWje6Ia0b1Rzei+qFZ0f1QyeiCqEz0Y1Y0eiurBw1H96JGoQfRo1DB6LGoUNY6aRE2jZtHjUfPoiahF1DJqFT0ZtY6eitpEbaN20dNR++iZK+7vFfWO+kQvRy9H3t+nF8QXxhfFP4qnxBfHU+Mfx5fEP4mnxZfGl8WXx1fEV8ZXxVfH18TXxtfF18c3xDfGN8U3x72vnhkcOuW0My5wmVxml+CyuKzuGpfNXeuyu+tczF3vcrgbXE53o8vlcrs8Lq9LdPlcfhc6ctaxi1wBV9DF3U2ukLvZJbnCrogr6pwr5oq7pq6Za+aauydcC9fStXJPuifdU+4p19a1dU+79u4Z18E96zq651wn97x73r3guriurpt70XV3L7kerqfr5Xq5Pq6P6+v6uv6uvxvoBrpBbpAb7Aa7IW6IG+aGueFuuBvhRriRbqQb7Ua7MW6MG+fGuQlugpvkJrnJbrKb4qa4qW6qm+6mu5luppvtZrs5bo6b6+a65KRkN8/NcwvcArfILXIpLsWlulS3xC1xaS7NLXPL3Aq3wq1yq9wat8atc+vcBrfBbXKb3Ba3xW1z29wOt8PtcrvcHrfH7XV73T63z+13+90Bd+CcdwfdIfeVO+y+dkfcN+6o+9Ydc9+54+57d8KddKfcD+60+9GdcWfdOfeTO+9+dhfcL+6i825S7O3Y5Ng7sSmxd2NTY9Ni02MzYjNjs2KzY+/F5sTej82NfRBLjn0YmxebH1sQWxhbFPsolhJbHEuNfRxbEvsklhZbGlsWWx5bEVsZ8z7ftsgX8AV93N/kC/mbfZIv7Iv4ot75Yr64v8WX8Lf6kv42X8rf7kv7O3wZX9aX84/5Rr6xb+Kb+mb+cd/cP+Fb+Ja+lX/St/ZP+Ta+rW/nn/bt/TO+g3/Wd/TP+U7+ed/Zv+C7+K6+m3/Rd/cv+R5e+16+t+/jX/Z9fT/f3w/wA/0rfpB/1Q/2r/khfqgf5l/3w/0bfoR/04/0o/xo/5Yf48f6cX68n+An+kn+bT/Zv+On+Hf9VD/NT/cz/Ew/y8/27/k5/n0/13/gk/2Hfp6f7xf4hX6R/8in+MU+1X/sl/hPfJpf6pf55R4SVvpVfrVf49f6dX693+A3+k1+s9/it/ptfrvf4Xf6XX633+M/9Xv9Z36f/9zv91/4A/7f/EH/pT/kv/KH/df+iP/GH/Xf+mP+O3/cf+9P+JP+lP/Bn/Y/+jP+rD/nf/Ln/c/+gv/FX5TfWRNCCCGE+KfoK+zv/YdI/fu/6tL/9AGAa7fnPfwfa27I9du4n0psHQOAp3t2fvj3rUqVXr16Xbpvmoag4HwAiF3OzwSX46XQCp6CdtASSvxv59dPdT3PV6gfvx0g6z/kJMDl+HL9W/+i/tjkK9afD5BU8HJOFrgcX6qfBaDkn2oHv9bP3fwK9bN8OQmgxT/kZYPL8eX5F4cn4Blo94d7CiGEEEIIIYQQv+mnynW80vlt+vl5ormckxkux1c6PxdCCCGEEEIIIcTV91zXbm0fb9euZce/GFT6610yyCiDTP8zpvHfOcgMAOmDK75B/jMDgKu+rt8HCPDrJb6/vs/V/mQSQgghhBBC/N0uH/Rf7ZkIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBAZ13/Hnxy72msUQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghrrb/FQAA//9EoSXS")
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="f3bbbbbb"], 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)

3.818262114s ago: executing program 5 (id=3321):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f00000005c0)=@base={0x6, 0x4, 0x1ff, 0x5c, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0xfffffffe}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_usb_disconnect(0xffffffffffffffff)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
mlockall(0x7)
munlockall()
r5 = socket$netlink(0x10, 0x3, 0x0)
writev(r5, &(0x7f00000003c0), 0x0)
writev(r5, &(0x7f0000000100), 0x0)

2.534875861s ago: executing program 0 (id=3322):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0xfd, 0x7fff0000}]})
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0, 0x4)

1.840951269s ago: executing program 0 (id=3326):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000940)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
fcntl$setownex(r3, 0xf, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
socket$tipc(0x1e, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB], 0x0}, 0x94)
r5 = socket$inet6(0xa, 0x2, 0x0)
r6 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r8, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x8001, 0x2400}, 0xa5, 0x4, 0x10100000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
sendmsg$nl_route_sched(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000400)=@newqdisc={0x50, 0x24, 0xd0f, 0x70bd26, 0x0, {0x60, 0x0, 0x0, r8, {0x0, 0x5}, {0xfff2, 0xa}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x1c, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD_SELECTOR={0x5, 0xa, 0x7}, @TCA_FQ_CODEL_MEMORY_LIMIT={0x8, 0x9, 0xffffff2e}, @TCA_FQ_CODEL_DROP_BATCH_SIZE={0x8}]}}]}, 0x50}}, 0x800)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="b0030000", @ANYRES16=0x0, @ANYBLOB="00012dbd7000fddbdf2500000000", @ANYBLOB="2c0102803c000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000319050000000b00040072616e646f6d00003c00010024000100757365725f6c696e6b7570000000000000000000000000f5c87355339a0ecef7a364fa293a1c00000000000000000005c829f9d008baeb3412d4138f83e366b62535db8038a30adb47e4d40a108ab671a761db2a83ef1866ac7a1800bcdd1994956c33724e", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004001000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b00000008000400bd00000008000700000000003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="600202803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008", @ANYRES32=0x0, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e00000008000400e8f3000008", @ANYRES32=0x0, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c0000000000000005000300030000000800040035acffff3800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="400001002400010071756575655f696400000000000000000000000000000000000000000000000005000300030000000800040003000000080006", @ANYBLOB, @ANYRES32=0x0, @ANYBLOB, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r8, @ANYBLOB='\b\x00\a\x00\x00\x00\x00\x00'], 0x3b0}, 0x1, 0x0, 0x0, 0x20000040}, 0xc010)
r9 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r9, 0x29, 0x46, 0x0, 0x0)
sendto$inet6(r9, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
setsockopt$inet6_int(r5, 0x29, 0x35, 0x0, 0x0)

1.83900325s ago: executing program 5 (id=3327):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r2}, 0xc)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000180)=r3, 0x4)
sendmsg$inet(r5, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)

1.778515575s ago: executing program 9 (id=3329):
syz_usb_connect(0x3, 0x40, &(0x7f0000008ec0)={{0x12, 0x1, 0x110, 0x2b, 0x95, 0xd9, 0x8, 0x4e2, 0x1412, 0xca10, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2e, 0x1, 0x2, 0xfa, 0xa0, 0xbf, [{{0x9, 0x4, 0x0, 0x8, 0x2, 0x8, 0x6, 0x62, 0x0, [], [{{0x9, 0x5, 0xa, 0x10, 0x8, 0xf8, 0x7, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x1, 0x7}, @generic={0x3, 0x24, "df"}]}}, {{0x9, 0x5, 0x9, 0x1, 0x200, 0x4, 0x8, 0xf8}}]}}]}}]}}, 0x0)

1.778431775s ago: executing program 8 (id=3330):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

1.507329672s ago: executing program 8 (id=3332):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000540)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffc72, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="a1ab00000000000000003200000008001781"], 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
r7 = io_uring_setup(0x1ad2, &(0x7f0000000740)={0x0, 0x1100, 0x0, 0xfffffffe, 0x3d0})
close(r7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00'}, 0x10)
r8 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r8, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
r9 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r9, 0x0, 0x0)
syz_usb_control_io$hid(r9, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00222200000096231306e53f0b53743faa2a9000070900be008326e74961c2e5"], 0x0}, 0x0)
recvmsg$unix(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1, 0x0, 0xc00}, 0x20)
sendmmsg(r8, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)

1.507151402s ago: executing program 5 (id=3333):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000004000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10)
socket(0x10, 0x803, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x4}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000073010a000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x94)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r2, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)

1.507043492s ago: executing program 5 (id=3334):
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
syslog(0x2, &(0x7f00000000c0)=""/128, 0x80)

537.362277ms ago: executing program 9 (id=3335):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1809000000000000000000000001000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r3}, &(0x7f0000000540), &(0x7f0000000580)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r3, &(0x7f0000000780)}, 0x20)

515.79804ms ago: executing program 8 (id=3336):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000040000000800000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x371d, &(0x7f0000000440)={0x0, 0x10ee, 0x2, 0xa, 0xffffff}, &(0x7f0000000380), &(0x7f0000000400))
io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)

365.271264ms ago: executing program 8 (id=3337):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100))
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000080), 0x2c0201, 0x0)
clock_adjtime(0xffffffd3, &(0x7f0000000000)={0x1, 0x6, 0x4, 0x0, 0x7, 0x8, 0x652, 0x7, 0x8000009657, 0x1, 0x6, 0x0, 0x10, 0x800000000b, 0x80000000000000, 0xcc0, 0x1, 0x1, 0x94d6, 0x10000000000001, 0x0, 0x809, 0x0, 0xfffffffffffffffa, 0x80003, 0xf64d})

365.126554ms ago: executing program 8 (id=3338):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x5, 0x20, 0x0, 0x4}]}}, 0x0, 0x2a}, 0x28)

307.5728ms ago: executing program 9 (id=3339):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x42, 0x0, &(0x7f0000000200))

246.625906ms ago: executing program 3 (id=3340):
capset(&(0x7f0000000080)={0x19980330}, &(0x7f0000000040)={0x200000, 0x200000})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c0000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x8, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='netlink_extack\x00', r1}, 0x10)
shutdown(0xffffffffffffffff, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x800)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800d}, 0x50)

246.377246ms ago: executing program 9 (id=3341):
bpf$OBJ_PIN_MAP(0x6, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000100)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0xa}}, {@grpquota}, {@auto_da_alloc}, {@grpquota}]}, 0xfe, 0x572, &(0x7f0000000240)="$eJzs3U1rVFcfAPD/nSS+JD4aQeRpFyXgohbrxCR9sdCFXZZWKrR7OyTXIJk4kpmISYXqom66KVIopdLSD9B9l9Iv0E8htIIUCe2imyl35o6OyUwS42hG5/eDq+fcc6/nnrn3fzxnzgwTwMCayP4oRLwSEd8kEYfayoYjL5xoHrf24NpstiVRr3/6VxJJvq91fJL/PZZn/h8Rv30VcaKwsd7qyupCqVxOl/L8ZG3x8mR1ZfXkxcXSfDqfXpqemTn99sz0e+++s/HkvTtr6xvn/vn+kzsfnv762Np3v9w7fCuJM3EgL2tvx1O43p6ZiIn8NRmJM+sOnOpBZf0k2e0LYEeG8jgfiawPOBRDedQDL78vI6IODKhE/MOAas4AMs25/abz4PrLN8u7/0FzAtRq+6P2J833RmJfY240upY8NjPKXonxHtSf1fHrn7dvZVv07n0IgC1dvxERp4aHH+v/DkZb/7dzp7ZxzPo69H/w/NzJxj9v7u0w/ik8HP9Eh/HPWIfY3Ymt479wr/OZO1wEWicb/70fncZ/Dxetxofy3P8aY76R5MLFcpr1bVk3eTxG9mb5zdZzTq/drXcrax//ZVtWf2ssmF/HveF1TZ0r1UpP0+Z2929EvLrF+DfpcP+z1+PcNus4mt5+rVvZ1u1/tuo/R7ze8f4/muskm69PTjaeh8nWU7HR3zeP/t6t/t1uf3b/Rzdv/3jSvl5bffI6ftr3b9qtbCLJF02f8Pnfk3zWSO/J910t1WpLUxF7ko837p9upn9sy7eOz9p//Fjn+N/s+d8fEZ9vs/03j9zsemg/3P+5J7r/XRL1pGvR3Y+++KFb/dvr/95qpI7ne7bT/3W+0tG89GmeZgAAAAAAAOhfhYg4EEmh+DBdKBSLzc93HInRQrlSrZ24UFm+NBeN78qOx0ihtdI91vZ5iKn887Ct/PS6/ExEHI6Ib4f2N/LF2Up5brcbDwAAAAAAAAAAAAAAAAAAAH1irMv3/zN/DO321QHPnJ/8hsG1Zfz34peegL7k/38YXOIfBpf4h8El/mFwiX8YXOIfBpf4h8El/gEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp09m231tQfXZrP83JWV5YXKlZNzaXWhuLg8W5ytLF0uzlcq8+W0OFtZ3OrfK1cql6emY/nqZC1NapPVldXzi5XlS7XzFxdL8+n5dOS5tAoAAAAAAAAAAAAAAAAAAABeLNWV1YVSuZwuvVyJQt68bZ91MD+hHy7+xUoM98dlSPQ4sYudEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACs818AAAD//0efKxA=")
renameat2(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

235.125427ms ago: executing program 8 (id=3342):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_clone(0xd024100, 0x0, 0x0, 0x0, 0x0, 0x0)

224.667758ms ago: executing program 3 (id=3343):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000180100002020692500000000002060207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r0}, 0xc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r0}, 0xc)

138.517257ms ago: executing program 9 (id=3344):
r0 = gettid()
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r2}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

138.301007ms ago: executing program 3 (id=3345):
syz_mount_image$msdos(&(0x7f0000000080), &(0x7f0000000200)='./file2\x00', 0x8, &(0x7f00000025c0)=ANY=[], 0x3, 0x195, &(0x7f0000000300)="$eJzs2z1rFEEYB/Dnchcvh4KpxWLBxupQK0tFIogHvnGFVgpRhEQCplmtTj+JrV/LXpBUKYSROCFvri6a213J/X7NPdx/dvaZe1vmYJ9ffrOxvrX9auvhTqz0ejG4FUXs9mI1lqIf2SwAgLNkN6X4llJKw1mMPkVK6cSAUUeNAQCNqb3+AwBnTu31/2ZEfOioOQCgEfb/ALB4njx9dv/2ZLL2uChWIr7Oymk5zY85v3tvsnat+Gn18Kidspz2D/LrOS+O58sx2M9vVObn4uqVnO9ldx4sxfH8fKw3vnoAAABYDOPiQOX+fjz+XZ6rI/8PnNjfD+LSoLVlAAB/Yfvd+40Xm5sv39YUF6J+zJyLi/sttnrSuRT9Vs716HU0/KYM4z94MeuL7ymlfzj84+f8+aoeM2p5FV96uZs5Tbg32+nm6ewnCWjJ4Zf+yJPDDhsCAAAAAAAAAAAAAAB+8efbgJZPeRdRv+vlAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKUfAQAA//+Ru0M+")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x8200, 0x1aa)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f00000000c0)='.\x00', 0xa4000061)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x40047211, &(0x7f00000000c0))

138.148167ms ago: executing program 0 (id=3346):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r0, 0x25, &(0x7f00000003c0)={0x0, 0x0, 0x80, 0x7})
fcntl$lock(r0, 0x25, &(0x7f00000000c0)={0x1, 0x2, 0x0, 0x80000000})

126.557838ms ago: executing program 3 (id=3347):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x208}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
fstat(0xffffffffffffffff, 0x0)

105.05711ms ago: executing program 0 (id=3348):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080)={0x1})
madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3)

42.563516ms ago: executing program 3 (id=3349):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='mm_lru_activate\x00', r2}, 0x10)
write$cgroup_int(r1, &(0x7f0000000200), 0x43451)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='memory.events\x00', 0x100002, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='mm_lru_activate\x00', r4}, 0x10)
write$cgroup_int(r3, &(0x7f0000000200), 0x43451)

42.306506ms ago: executing program 0 (id=3350):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x1a08700, &(0x7f0000000700)={[{@nodioread_nolock}, {@nouid32}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@usrquota}, {@journal_dev={'journal_dev', 0x3d, 0x1}}]}, 0x0, 0x470, &(0x7f0000001040)="$eJzs281rHGUYAPBnJh9t7UdirR+tVaNFCIpJk1btwYuiIFJR0EM9xiQtodtGmii2FpuKeBKkoGfxKPoXeBNB1JPg1ZMnKRTtpa2nyMzOpJvtJjHNphOzvx9s9n1n3t15nszXu++7G0DHGsj+JBE7IuL3iOirVxc3GKg/Xb96fvzG1fPjSczPv/FXkre7dvX8eNm0fN32ojKYRqQfJ8VGFps5e+7kWK02eaaoD8+eemd45uy5p947NXZi8sTk6dEjRw4fGnn2mdGn25Jnlte1fR9O79/78luXXh0/duntn7/N4t1RrG/Mo10GssT/ns81r3u83Rur2M6GctJdYSCsSldEZLurJz//+6Irbu68vnjpo0qDA9ZVdm/asvTquXlgE0ui6giAapQ3+uzzb/m4Q12PDeHK8/UPQFne14tHfU13pEWbnqbPt+00EBHH5v75MnvEOo1DAAA0+nT8i6O9EfHBjW9eyfoefQtr0rgvf/4j/7urmEPpj4i7I2J3RNwTEXsi4t6IvO39EfHAGuO5tf+TXl7jWy4r6/89V8xtLe7/lb2/6O8qajvz/HuS41O1yYPF/2QwerZk9ZFltvH9i799ttS6xv5f9si2X/YFizgudzcN0E2MzY7lndI2uHIxYl93q/yThZmAJCL2RsS+1b31rrIw9cTX+5dqtHL+rVxcXSTLmP8qS28uy38umvIvJY3zk1O3zE8Ob43a5MHh8qi41S+/fvL6Utu/vfzb58pk/blh/zc36U8a52tn2rv92zz+097kzXyeubdY9v7Y7OyZkYje5GheX7R89OZry3rZPjv+Bw+0Pv93F6/J8n8wIrKD+KGIeDgiHilifzQiHouIA8vk+NMLK+cfaUX7/2LERMvr38Lx37T/V1/oOvnjd0tt/7/t/8N5abBYkl//VtAqnOx61hzgWv53AAAA8H+R5t+BT9KhhXKaDg3Vv8O/J+5Ka9Mzs08en3739ET9u/L90ZOWI119xXhobao2OZLMFe9YHx8dLcaKy/HSQ8W48edd2/L60Ph0baLi3KHTbV/i/M/82VV1dMA629Zy6WjvHQ8EqEDz7zXTxdULr4WLAWxWfq8NnWuF87+pO6AzAJuJ+z90rlbn/4WmurkA2Jzc/6FzOf+hQ6U/VB0BUCH3f+hIa/ld/zoWtm6MMKopbNSdkhciykK6IeJRWKdC1VcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9vg3AAD//5wI5wQ=")

20.773108ms ago: executing program 3 (id=3351):
r0 = socket(0xa, 0x1, 0x0)
ioctl(r0, 0x8936, &(0x7f0000000080)="c65d99f6c2c1334c1deecbeb56e24ec79d7b")

0s ago: executing program 9 (id=3352):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000000000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x9c5c2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0xb}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})

kernel console output (not intermixed with test programs):

c95b9e8 code=0x7ffc0000
[  202.731797][   T27] audit: type=1326 audit(715.906:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10703 comm="syz.0.2191" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c95b9e8 code=0x7ffc0000
[  202.738525][   T27] audit: type=1326 audit(715.906:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10703 comm="syz.0.2191" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=231 compat=0 ip=0xffff9c95b9e8 code=0x7ffc0000
[  202.773003][T10715] binder: 10714:10715 got transaction to invalid handle, 1
[  203.072480][ T1514] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  203.267461][ T1514] usb 1-1: Using ep0 maxpacket: 32
[  203.270789][T10730] fuse: Unknown parameter '0x0000000000000003'
[  203.273220][ T1514] usb 1-1: config 0 interface 0 has no altsetting 0
[  203.274416][ T1514] usb 1-1: New USB device found, idVendor=1e71, idProduct=2011, bcdDevice= 0.00
[  203.276918][ T1514] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.279787][ T1514] usb 1-1: config 0 descriptor??
[  203.424987][T10743] binder: 10742:10743 got transaction to invalid handle, 1
[  203.489564][T10748] overlayfs: missing 'lowerdir'
[  203.696715][ T1514] usbhid 1-1:0.0: can't add hid device: -71
[  203.697737][ T1514] usbhid: probe of 1-1:0.0 failed with error -71
[  203.701405][ T1514] usb 1-1: USB disconnect, device number 28
[  203.939940][T10760] fuse: Unknown parameter '0x0000000000000003'
[  204.192991][T10772] binder: 10771:10772 got transaction to invalid handle, 1
[  204.278978][T10773] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2218'.
[  204.525250][T10776] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  204.528731][T10776] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  204.537557][   T27] kauditd_printk_skb: 2 callbacks suppressed
[  204.537566][   T27] audit: type=1326 audit(717.679:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10777 comm="syz.3.2224" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8755b9e8 code=0x7ffc0000
[  204.542595][   T27] audit: type=1326 audit(717.679:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10777 comm="syz.3.2224" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8755b9e8 code=0x7ffc0000
[  204.545736][   T27] audit: type=1326 audit(717.679:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10777 comm="syz.3.2224" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=158 compat=0 ip=0xffff8755b9e8 code=0x7ffc0000
[  204.549122][   T27] audit: type=1326 audit(717.679:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10777 comm="syz.3.2224" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8755b9e8 code=0x7ffc0000
[  204.571103][   T27] audit: type=1326 audit(717.679:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10777 comm="syz.3.2224" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8755b9e8 code=0x7ffc0000
[  204.603645][T10781] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.672395][T10785] overlayfs: failed to clone lowerpath
[  204.712872][T10790] fuse: Unknown parameter '0xffffffffffffffff'
[  204.717332][T10781] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.797348][T10781] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.862112][   T27] audit: type=1326 audit(717.991:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10796 comm="syz.3.2230" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8755b9e8 code=0x7ffc0000
[  204.873884][   T27] audit: type=1326 audit(717.991:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10796 comm="syz.3.2230" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=143 compat=0 ip=0xffff8755b9e8 code=0x7ffc0000
[  204.890659][    T7] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  205.636461][T10800] binder: 10798:10800 got transaction to invalid handle, 1
[  205.637572][T10800] binder_debug: 14 callbacks suppressed
[  205.637587][T10800] binder: 10800:10798 cannot find target node
[  205.639317][T10800] binder: 10798:10800 transaction async to 0:0 failed 441/29201/-22, size 12-24 line 3045
[  205.641026][ T1514] binder: undelivered TRANSACTION_ERROR: 29201
[  205.660396][   T27] audit: type=1326 audit(717.991:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10796 comm="syz.3.2230" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8755b9e8 code=0x7ffc0000
[  205.906396][T10781] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.912569][T10802] can0: slcan on ttyS3.
[  206.018602][T10803] can0 (unregistered): slcan off ttyS3.
[  206.048269][T10827] fuse: Unknown parameter '0x0000000000000003'
[  206.055094][    T7] usb 1-1: Using ep0 maxpacket: 8
[  206.057423][    T7] usb 1-1: config 0 has an invalid interface number: 194 but max is 0
[  206.058474][    T7] usb 1-1: config 0 has no interface number 0
[  206.064777][    T7] usb 1-1: New USB device found, idVendor=0763, idProduct=1011, bcdDevice=b7.96
[  206.068080][    T7] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.069276][    T7] usb 1-1: Product: syz
[  206.069902][    T7] usb 1-1: Manufacturer: syz
[  206.070612][    T7] usb 1-1: SerialNumber: syz
[  206.074777][    T7] usb 1-1: config 0 descriptor??
[  206.095365][T10781] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  206.100316][T10781] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  206.118827][T10781] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  206.131818][T10781] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  206.140961][    T7] snd-usb-audio: probe of 1-1:0.194 failed with error -2
[  206.142581][T10836] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.144796][T10836] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.171976][T10838] udevd[10838]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.194/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  206.289548][    T7] usb 1-1: USB disconnect, device number 29
[  206.332787][T10856] binder: tried to use weak ref as strong ref
[  206.333892][T10856] binder: 10855:10856 Acquire 1 refcount change on invalid ref 0 ret -22
[  206.335437][T10856] binder: 10855:10856 got transaction to invalid handle, 1
[  206.336753][T10856] binder: 10856:10855 cannot find target node
[  206.337703][T10856] binder: 10855:10856 transaction async to 0:0 failed 444/29201/-22, size 12-24 line 3045
[  206.339456][ T1514] binder: undelivered TRANSACTION_ERROR: 29201
[  206.440869][T10863] 9p: Unknown access argument 18446744073709551615: -34
[  206.567702][T10872] fuse: Unknown parameter '0xffffffffffffffff'
[  207.015511][T10884] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  207.021912][T10884] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  207.024819][T10886] binder: tried to use weak ref as strong ref
[  207.025964][T10886] binder: 10885:10886 Acquire 1 refcount change on invalid ref 0 ret -22
[  207.027824][T10886] binder: 10885:10886 got transaction to invalid handle, 1
[  207.028949][T10886] binder: 10886:10885 cannot find target node
[  207.030083][T10886] binder: 10885:10886 transaction async to 0:0 failed 447/29201/-22, size 12-24 line 3045
[  207.032379][   T14] binder: undelivered TRANSACTION_ERROR: 29201
[  207.143608][T10894] sock: sock_set_timeout: `syz.0.2258' (pid 10894) tries to set negative timeout
[  207.216310][T10898] fuse: Unknown parameter 'fd0x0000000000000003'
[  207.268875][T10902] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  207.275954][T10902] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  207.278607][T10901] binder: 10899:10901 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  207.280643][T10901] binder: 10901 RLIMIT_NICE not set
[  207.501976][T10890] loop7: detected capacity change from 0 to 131072
[  207.518367][T10890] F2FS-fs (loop7): Test dummy encryption mode enabled
[  207.524574][T10890] F2FS-fs (loop7): invalid crc value
[  207.537249][T10890] F2FS-fs (loop7): Found nat_bits in checkpoint
[  207.563103][T10890] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  207.572492][T10915] binder: 10915:10914 cannot find target node
[  207.919983][T10920] loop3: detected capacity change from 0 to 512
[  207.948723][T10920] EXT4-fs (loop3): 1 truncate cleaned up
[  207.949767][T10920] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  207.975948][ T4329] EXT4-fs (loop3): unmounting filesystem.
[  208.102611][T10941] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  208.103765][T10942] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2274'.
[  208.106317][T10941] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  208.109757][T10942] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2274'.
[  208.112266][T10939] binder: 10937:10939 ioctl 4018620d 0 returned -22
[  208.142656][T10944] loop7: detected capacity change from 0 to 512
[  208.150521][T10944] EXT4-fs error (device loop7): ext4_orphan_get:1400: inode #15: comm syz.7.2278: inode has both inline data and extents flags
[  208.152786][T10944] EXT4-fs error (device loop7): ext4_orphan_get:1405: comm syz.7.2278: couldn't read orphan inode 15 (err -117)
[  208.154699][T10944] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  208.196712][ T5373] EXT4-fs (loop7): unmounting filesystem.
[  208.252478][T10955] xt_hashlimit: max too large, truncated to 1048576
[  208.263659][   T27] audit: type=1107 audit(721.328:145): pid=10956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  208.494052][T10975] loop7: detected capacity change from 0 to 128
[  209.246701][T10989] kernel profiling enabled (shift: 63)
[  209.247789][T10989] profiling shift: 63 too large
[  209.528365][T10988] fuse: Unknown parameter 'fd0xffffffffffffffff'
[  209.817583][   T27] audit: type=1326 audit(722.849:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11004 comm="syz.7.2304" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa695b9e8 code=0x7ffc0000
[  209.825305][   T27] audit: type=1326 audit(722.849:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11004 comm="syz.7.2304" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa695b9e8 code=0x7ffc0000
[  209.828657][   T27] audit: type=1326 audit(722.849:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11004 comm="syz.7.2304" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa695b9e8 code=0x7ffc0000
[  209.869028][   T27] audit: type=1326 audit(722.849:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11004 comm="syz.7.2304" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa695b9e8 code=0x7ffc0000
[  209.873505][   T27] audit: type=1326 audit(722.849:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11004 comm="syz.7.2304" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa695b9e8 code=0x7ffc0000
[  209.876754][   T27] audit: type=1326 audit(722.849:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11004 comm="syz.7.2304" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=41 compat=0 ip=0xffffa695b9e8 code=0x7ffc0000
[  209.895859][   T27] audit: type=1326 audit(722.849:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11004 comm="syz.7.2304" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa695b9e8 code=0x7ffc0000
[  209.902650][T11011] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  209.905586][T11011] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  210.515907][T11022] binder_user_error: 13 callbacks suppressed
[  210.515916][T11022] binder: 11021:11022 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  210.518956][T11022] binder: 11022 RLIMIT_NICE not set
[  210.519982][T11022] binder: 11021:11022 BC_DEAD_BINDER_DONE 0000000000000000 not found
[  210.628801][T11030] binder: 11029:11030 ioctl c0306201 0 returned -14
[  210.630045][T11030] binder: 11029:11030 got transaction to invalid handle, 1
[  210.696447][T11036] loop7: detected capacity change from 0 to 1024
[  210.729970][T11036] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  210.834053][T11043] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  210.835496][T11043] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  211.438760][T11049] binder: 11048:11049 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  211.440949][T11049] binder: 11049 RLIMIT_NICE not set
[  211.442023][T11049] binder: 11048:11049 BC_DEAD_BINDER_DONE 0000000000000000 not found
[  211.550716][T11055] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  211.552088][T11055] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  212.098357][T11059] binder: 11058:11059 ioctl c0306201 0 returned -14
[  212.099577][T11059] binder: 11058:11059 got transaction to invalid handle, 1
[  212.100680][T11059] binder_debug: 8 callbacks suppressed
[  212.100694][T11059] binder: 11059:11058 cannot find target node
[  212.102526][T11059] binder: 11058:11059 transaction async to 0:0 failed 471/29201/-22, size 12-24 line 3045
[  212.106953][ T1514] binder: undelivered TRANSACTION_ERROR: 29201
[  212.915693][T11068] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  212.917522][T11068] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  213.520126][T11073] binder: 11072:11073 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  213.522274][T11073] binder: 11073 RLIMIT_NICE not set
[  213.780222][T11079] loop3: detected capacity change from 0 to 1024
[  213.840261][T11079] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  213.842017][T11079] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  213.856434][T11079] JBD2: no valid journal superblock found
[  213.857470][T11079] EXT4-fs (loop3): error loading journal
[  214.285132][T10922] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 88: padding at end of block bitmap is not set
[  220.728298][T11036] device veth0 entered promiscuous mode
[  220.729342][T11036] device veth0 left promiscuous mode
[  220.784195][T11097] fuse: Bad value for 'fd'
[  220.802393][T11099] binder: 11098:11099 ioctl c0306201 0 returned -14
[  220.803583][T11099] binder_user_error: 1 callbacks suppressed
[  220.803588][T11099] binder: 11098:11099 got transaction to invalid handle, 1
[  220.807800][T11099] binder: 11099:11098 cannot find target node
[  220.809268][T11099] binder: 11098:11099 transaction async to 0:0 failed 477/29201/-22, size 12-24 line 3045
[  220.821634][   T14] binder: undelivered TRANSACTION_ERROR: 29201
[  220.827509][ T5373] EXT4-fs (loop7): unmounting filesystem.
[  220.862018][T11106] binder: 11105:11106 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  220.864056][T11106] binder: 11106 RLIMIT_NICE not set
[  220.868892][T11106] binder: 11105:11106 BC_DEAD_BINDER_DONE 0000000000000000 not found
[  221.163269][T11135] binder: 11134:11135 got transaction to invalid handle, 1
[  221.164812][T11135] binder: 11135:11134 cannot find target node
[  221.166451][T11135] binder: 11134:11135 transaction async to 0:0 failed 483/29201/-22, size 12-24 line 3045
[  221.174644][   T14] binder: undelivered TRANSACTION_ERROR: 29201
[  221.212776][T11139] binder: 11138:11139 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  221.214796][T11139] binder: 11139 RLIMIT_NICE not set
[  221.215855][T11139] binder: 11138:11139 BC_DEAD_BINDER_DONE 0000000000000000 not found
[  221.241902][T11141] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2359'.
[  221.672110][T11162] binder: 11161:11162 got transaction to invalid handle, 1
[  221.673312][T11162] binder: 11162:11161 cannot find target node
[  221.674246][T11162] binder: 11161:11162 transaction async to 0:0 failed 489/29201/-22, size 12-24 line 3045
[  221.676257][ T4370] binder: undelivered TRANSACTION_ERROR: 29201
[  221.732356][T11166] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  221.735728][T11166] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  221.744708][T11168] binder: 11167:11168 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  221.766656][T11170] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  221.768322][T11170] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  223.317126][T11188] binder: 11188:11187 cannot find target node
[  224.146173][   T27] audit: type=1326 audit(737.154:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11197 comm="syz.6.2383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe35b9e8 code=0x50000
[  224.149720][   T27] audit: type=1326 audit(737.154:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11197 comm="syz.6.2383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe35b9e8 code=0x50000
[  224.153031][   T27] audit: type=1326 audit(737.154:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11197 comm="syz.6.2383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe35b9e8 code=0x50000
[  224.156126][   T27] audit: type=1326 audit(737.154:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11197 comm="syz.6.2383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe35b9e8 code=0x50000
[  224.159139][   T27] audit: type=1326 audit(737.154:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11197 comm="syz.6.2383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe35b9e8 code=0x50000
[  224.162362][   T27] audit: type=1326 audit(737.154:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11197 comm="syz.6.2383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe35b9e8 code=0x50000
[  224.165575][   T27] audit: type=1326 audit(737.154:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11197 comm="syz.6.2383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe35b9e8 code=0x50000
[  224.168777][   T27] audit: type=1326 audit(737.154:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11197 comm="syz.6.2383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe35b9e8 code=0x50000
[  224.171906][   T27] audit: type=1326 audit(737.154:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11197 comm="syz.6.2383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe35b9e8 code=0x50000
[  224.175142][   T27] audit: type=1326 audit(737.154:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11197 comm="syz.6.2383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe35b9e8 code=0x50000
[  231.633474][T11208] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.635876][T11208] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.921152][T11229] tipc: New replicast peer: 0.0.0.0
[  231.922460][T11229] tipc: Enabled bearer <udp:syz2>, priority 10
[  231.935573][T11229] tipc: New replicast peer: 0000:0000:0000:0000:0000:0000:0000:0000
[  232.711917][T11254] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  232.720958][T11254] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  233.339574][T11273] loop6: detected capacity change from 0 to 512
[  233.367359][T11273] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.2410: bg 0: block 248: padding at end of block bitmap is not set
[  233.371549][T11273] __quota_error: 48990 callbacks suppressed
[  233.371559][T11273] Quota error (device loop6): write_blk: dquota write failed
[  233.373998][T11273] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  233.376505][T11273] EXT4-fs error (device loop6): ext4_acquire_dquot:6809: comm syz.6.2410: Failed to acquire dquot type 1
[  233.381833][T11273] EXT4-fs (loop6): 1 truncate cleaned up
[  233.382842][T11273] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  233.443715][ T5370] EXT4-fs (loop6): unmounting filesystem.
[  234.892347][T11294] netlink: 44 bytes leftover after parsing attributes in process `syz.7.2417'.
[  235.214682][T11315] fuse: Bad value for 'fd'
[  236.345312][T11330] loop0: detected capacity change from 0 to 512
[  236.353223][T11330] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  236.364898][T11330] EXT4-fs (loop0): 1 orphan inode deleted
[  236.365769][T11330] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  237.445603][ T1652] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  237.449118][ T1652] EXT4-fs error (device loop0): ext4_release_dquot:6845: comm kworker/u4:4: Failed to release dquot type 1
[  237.479887][ T4327] EXT4-fs (loop0): unmounting filesystem.
[  237.684609][T11346] cgroup2: Unknown parameter 'uid<00000000000000000000'
[  238.462157][T11350] loop0: detected capacity change from 0 to 8192
[  248.784321][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  248.785409][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  248.821177][T11353] tipc: New replicast peer: 0.0.0.0
[  248.822117][T11353] tipc: Enabled bearer <udp:syz2>, priority 10
[  248.823962][T11354] tipc: New replicast peer: 0000:0000:0000:0000:0000:0000:0000:0000
[  248.872082][T11359] fuse: Bad value for 'fd'
[  248.954052][ T4334] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  248.959667][ T4334] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  248.996347][ T4334] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  248.997945][ T4334] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  248.999231][ T4334] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  249.000461][ T4334] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  249.059765][T11382] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  249.061288][T11382] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  249.473089][T11366] chnl_net:caif_netlink_parms(): no params data found
[  249.496565][T11366] bridge0: port 1(bridge_slave_0) entered blocking state
[  249.497739][T11366] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.499326][T11366] device bridge_slave_0 entered promiscuous mode
[  249.501344][T11366] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.504191][T11366] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.505819][T11366] device bridge_slave_1 entered promiscuous mode
[  249.531717][T11366] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  249.536261][T11366] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  249.548448][T11366] team0: Port device team_slave_0 added
[  249.550942][T11366] team0: Port device team_slave_1 added
[  249.559612][T11366] batman_adv: batadv0: Adding interface: batadv_slave_0
[  249.560809][T11366] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.568138][T11366] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  249.904760][   T27] audit: type=1326 audit(762.681:49153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.5.2445" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  249.918128][   T27] audit: type=1326 audit(762.681:49154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.5.2445" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  249.925885][T11366] batman_adv: batadv0: Adding interface: batadv_slave_1
[  249.927087][   T27] audit: type=1326 audit(762.751:49155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.5.2445" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=114 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  249.930296][T11366] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.936439][   T27] audit: type=1326 audit(762.751:49156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.5.2445" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  249.939826][T11366] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  249.942509][   T27] audit: type=1326 audit(762.751:49157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.5.2445" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  249.950811][   T27] audit: type=1326 audit(762.761:49158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.5.2445" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  249.957314][   T27] audit: type=1326 audit(762.761:49159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.5.2445" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  249.960744][   T27] audit: type=1326 audit(762.761:49160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.5.2445" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  249.965211][   T27] audit: type=1326 audit(762.771:49161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.5.2445" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=49 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  249.968651][   T27] audit: type=1326 audit(762.771:49162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.5.2445" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  250.139957][T11400] fuse: Bad value for 'fd'
[  250.776904][ T1514] tipc: Node number set to 1488229773
[  252.058519][   T47] Bluetooth: hci0: command 0x0409 tx timeout
[  252.779346][T11366] device hsr_slave_0 entered promiscuous mode
[  252.787570][T11366] device hsr_slave_1 entered promiscuous mode
[  252.842918][T11426] loop0: detected capacity change from 0 to 4096
[  252.844357][T11426] EXT4-fs: Ignoring removed mblk_io_submit option
[  252.852237][T11416] tipc: Started in network mode
[  252.853077][T11416] tipc: Node identity ac14142f, cluster identity 4711
[  252.854336][T11416] tipc: New replicast peer: 0.0.0.0
[  252.855631][T11416] tipc: Enabled bearer <udp:syz2>, priority 10
[  252.857088][T11421] tipc: New replicast peer: 0000:0000:0000:0000:0000:0000:0000:0000
[  252.858358][T11420] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2452'.
[  252.904411][T11426] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  252.907770][T11426] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal
[  253.043940][T11436] loop3: detected capacity change from 0 to 512
[  253.089689][T11366] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  253.126120][T11366] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  253.173706][T11366] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  253.215747][T11366] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  253.379244][T11366] 8021q: adding VLAN 0 to HW filter on device bond0
[  253.392744][ T4914] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  253.394228][ T4914] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  253.401308][T11366] 8021q: adding VLAN 0 to HW filter on device team0
[  253.433521][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  253.435306][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  253.436654][ T1652] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.437686][ T1652] bridge0: port 1(bridge_slave_0) entered forwarding state
[  253.439546][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  253.453885][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  253.455580][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  253.457036][T10488] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.458211][T10488] bridge0: port 2(bridge_slave_1) entered forwarding state
[  253.482565][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  253.487770][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  253.500096][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  253.504224][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  253.510480][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  253.515369][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  253.517220][T11457] loop7: detected capacity change from 0 to 4096
[  253.518678][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  253.535150][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  253.536498][T11457] EXT4-fs (loop7): Test dummy encryption mode enabled
[  253.540353][T11366] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  253.542186][T11366] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  253.548408][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  253.550102][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  253.551679][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  253.582818][T11457] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  253.584116][T11457] System zones: 0-5
[  253.606090][T11457] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  254.701077][ T4334] Bluetooth: hci0: command 0x041b tx timeout
[  254.702121][   T14] tipc: Node number set to 2886997039
[  254.719344][ T5373] EXT4-fs (loop7): unmounting filesystem.
[  254.809039][T11366] 8021q: adding VLAN 0 to HW filter on device batadv0
[  254.811671][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  254.812862][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  254.871378][T11482] netlink: 'syz.3.2469': attribute type 1 has an invalid length.
[  254.938757][T11485] loop7: detected capacity change from 0 to 2048
[  255.003712][T11485] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  255.127727][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  255.129333][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  255.144466][T11366] device veth0_vlan entered promiscuous mode
[  255.145692][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  255.148003][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  255.149608][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  255.150995][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  255.161621][T11485] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.2471: bg 0: block 234: padding at end of block bitmap is not set
[  255.162017][T11366] device veth1_vlan entered promiscuous mode
[  255.170395][T11485] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 400 with error 28
[  255.172169][T11485] EXT4-fs (loop7): This should not happen!! Data will be lost
[  255.172169][T11485] 
[  255.173398][T11505] lo: Caught tx_queue_len zero misconfig
[  255.184883][T11485] EXT4-fs (loop7): Total free blocks count 0
[  255.189975][T11505] loop0: detected capacity change from 0 to 16
[  255.190494][T11485] EXT4-fs (loop7): Free/Dirty block details
[  255.191793][T11485] EXT4-fs (loop7): free_blocks=0
[  255.193990][T11485] EXT4-fs (loop7): dirty_blocks=416
[  255.196280][T11485] EXT4-fs (loop7): Block reservation details
[  255.197187][T11485] EXT4-fs (loop7): i_reserved_data_blocks=26
[  255.199350][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  255.202388][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  255.203795][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  255.205164][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  255.207908][T11505] erofs: (device loop0): mounted with root inode @ nid 36.
[  255.215212][T11366] device veth0_macvtap entered promiscuous mode
[  255.221932][T11366] device veth1_macvtap entered promiscuous mode
[  255.241597][   T47] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  255.245424][T11504] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  255.314971][T11504] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  255.319739][T11505] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  255.321467][T11505] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  255.326042][T11504] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  255.327854][T11504] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  255.335165][T11366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  255.337479][T11366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.342018][T11366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  255.343472][T11366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.345021][T11366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  255.350382][T11504] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  255.352144][T11504] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  255.353955][T11504] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  255.362103][T11366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.363547][T11366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  255.365108][T11366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.367163][T11504] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  255.368864][T11504] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  256.246285][T11504] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  256.248204][T11505] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  256.249912][T11505] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  256.251664][T11505] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  256.253357][T11505] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  256.257490][T11366] batman_adv: batadv0: Interface activated: batadv_slave_0
[  256.270901][T11366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.272588][T11366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.274025][T11366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.296978][T11366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.298543][T11366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.300184][T11366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.301641][T11366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.327340][T11366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.351067][T11366] batman_adv: batadv0: Interface activated: batadv_slave_1
[  256.355497][ T4914] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  256.357073][ T4914] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  256.359382][ T4914] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  256.363422][ T4914] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  256.364831][ T4914] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  256.378948][ T4914] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  256.387293][T11366] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  256.418826][T11366] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  256.422512][T11366] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  256.423877][T11366] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  256.490819][T10488] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  256.492062][T10488] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  256.495708][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  256.517834][ T5373] EXT4-fs (loop7): unmounting filesystem.
[  256.527103][T10488] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  256.528295][T10488] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  256.530807][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  256.605039][T11534] loop0: detected capacity change from 0 to 512
[  256.618586][T11534] EXT4-fs: Ignoring removed nomblk_io_submit option
[  256.620902][T11534] EXT4-fs: Ignoring removed bh option
[  256.706450][   T47] Bluetooth: hci0: command 0x040f tx timeout
[  256.719452][T11534] EXT4-fs error (device loop0): mb_free_blocks:1810: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  256.724431][T11534] EXT4-fs error (device loop0): ext4_do_update_inode:5268: inode #11: comm syz.0.2487: corrupted inode contents
[  256.731996][T11534] EXT4-fs error (device loop0): ext4_dirty_inode:6133: inode #11: comm syz.0.2487: mark_inode_dirty error
[  256.740656][T11534] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.2487: invalid indirect mapped block 1 (level 1)
[  257.066497][T11534] EXT4-fs error (device loop0): ext4_do_update_inode:5268: inode #11: comm syz.0.2487: corrupted inode contents
[  257.075072][T11534] EXT4-fs error (device loop0) in ext4_orphan_del:301: Corrupt filesystem
[  257.080136][T11534] EXT4-fs error (device loop0): ext4_do_update_inode:5268: inode #11: comm syz.0.2487: corrupted inode contents
[  257.082087][T11550] netlink: 'syz.7.2492': attribute type 4 has an invalid length.
[  257.082579][T11534] EXT4-fs error (device loop0): ext4_truncate:4318: inode #11: comm syz.0.2487: mark_inode_dirty error
[  257.087913][T11534] EXT4-fs error (device loop0) in ext4_process_orphan:343: Corrupt filesystem
[  257.094316][T11534] EXT4-fs (loop0): 1 truncate cleaned up
[  257.098146][T11534] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  257.104655][T11534] EXT4-fs error (device loop0): ext4_readdir:263: inode #2: block 13: comm syz.0.2487: path /414/file0: bad entry in directory: directory entry too close to block end - offset=76, inode=16, rec_len=940, size=1024 fake=0
[  257.128488][ T4327] EXT4-fs (loop0): unmounting filesystem.
[  257.154459][T11555] netlink: 'syz.0.2494': attribute type 12 has an invalid length.
[  258.153100][T11577] x_tables: duplicate underflow at hook 1
[  259.019363][T11622] loop7: detected capacity change from 0 to 128
[  259.021221][T11622] FAT-fs (loop7): Unrecognized mount option "ÿÿÿÿÿÿÿÿ" or missing value
[  259.817840][ T4334] Bluetooth: hci0: command 0x0419 tx timeout
[  259.973716][   T27] kauditd_printk_skb: 4 callbacks suppressed
[  259.973725][   T27] audit: type=1107 audit(772.966:49167): pid=11626 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='ä'
[  260.082627][   T27] audit: type=1326 audit(773.076:49168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.5.2521" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  260.087659][   T27] audit: type=1326 audit(773.076:49169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.5.2521" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=64 compat=0 ip=0xffffa755a0d0 code=0x7ffc0000
[  260.092621][   T27] audit: type=1326 audit(773.086:49170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.5.2521" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  260.577382][T11641] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2522'.
[  260.610673][T11377] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  260.838695][   T27] audit: type=1326 audit(773.785:49171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11658 comm="syz.5.2524" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  260.842580][   T27] audit: type=1326 audit(773.785:49172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11658 comm="syz.5.2524" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  260.846642][   T27] audit: type=1326 audit(773.785:49173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11658 comm="syz.5.2524" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  260.960310][   T27] audit: type=1326 audit(773.785:49174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11658 comm="syz.5.2524" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  261.012599][T11663] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  261.014686][T11663] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  261.015896][T11663] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  261.020651][   T27] audit: type=1326 audit(773.785:49175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11658 comm="syz.5.2524" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  261.030282][   T27] audit: type=1326 audit(773.795:49176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11658 comm="syz.5.2524" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  261.257885][T11692] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  261.271990][T11692] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  261.664797][T11700] 9pnet_fd: Insufficient options for proto=fd
[  262.317151][T11722] loop8: detected capacity change from 0 to 2048
[  262.378517][T11722]  loop8: p1 < > p3 p4
[  262.388212][T11722] loop8: p3 size 65536 extends beyond EOD, truncated
[  262.391766][T11722] loop8: p4 start 42180 is beyond EOD, truncated
[  262.443124][T11355] udevd[11355]: inotify_add_watch(7, /dev/loop8p3, 10) failed: No such file or directory
[  262.453847][T11377] udevd[11377]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[  262.513104][T11733] netlink: 96 bytes leftover after parsing attributes in process `syz.8.2555'.
[  262.568793][T11736] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2556'.
[  262.570654][T11736] netlink: 10 bytes leftover after parsing attributes in process `syz.3.2556'.
[  263.155109][T11751] netlink: 'syz.3.2560': attribute type 1 has an invalid length.
[  263.503738][T11754] netlink: 'syz.8.2562': attribute type 28 has an invalid length.
[  263.562337][T11756] device bond_slave_1 entered promiscuous mode
[  263.563791][T11755] device bond_slave_1 left promiscuous mode
[  263.923920][T11777] loop3: detected capacity change from 0 to 4096
[  263.946349][T11777] EXT4-fs (loop3): Test dummy encryption mode enabled
[  263.967452][T11777] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  263.968643][T11777] System zones: 0-5
[  263.983554][T11777] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  264.316656][T11799] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-ce"
[  264.733279][ T4329] EXT4-fs (loop3): unmounting filesystem.
[  265.015676][T11841] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  265.232758][   T27] kauditd_printk_skb: 44 callbacks suppressed
[  265.232771][   T27] audit: type=1326 audit(778.223:49221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11842 comm="syz.3.2601" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffff8755b9e8 code=0x0
[  265.266046][T11847] loop8: detected capacity change from 0 to 256
[  265.275908][T11847] FAT-fs (loop8): bogus number of FAT sectors
[  265.276886][T11847] FAT-fs (loop8): Can't find a valid FAT filesystem
[  265.327004][T11377] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  265.694237][T11874] xt_SECMARK: invalid mode: 2
[  265.708513][T11874] loop7: detected capacity change from 0 to 256
[  265.719248][T11874] FAT-fs (loop7): bogus number of FAT sectors
[  265.720270][T11874] FAT-fs (loop7): Can't find a valid FAT filesystem
[  265.750976][T10882] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  265.957025][T11377] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  266.047437][   T27] audit: type=1326 audit(779.033:49222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.8.2615" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  266.053866][   T27] audit: type=1326 audit(779.043:49223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.8.2615" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  266.057168][   T27] audit: type=1326 audit(779.043:49224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.8.2615" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  266.062461][   T27] audit: type=1326 audit(779.043:49225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.8.2615" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  266.065583][   T27] audit: type=1326 audit(779.043:49226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.8.2615" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  266.068839][   T27] audit: type=1326 audit(779.043:49227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.8.2615" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  266.074337][   T27] audit: type=1326 audit(779.043:49228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.8.2615" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  266.077615][   T27] audit: type=1326 audit(779.043:49229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.8.2615" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  266.092372][   T27] audit: type=1326 audit(779.043:49230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.8.2615" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=216 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  266.166861][T10882] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  266.168903][T10882] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  266.171244][T10882] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  266.172594][T10882] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  266.173784][T10882] usb 1-1: SerialNumber: syz
[  266.384789][T11888] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  266.386417][T11888] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  266.510272][T10882] usb 1-1: skipping empty audio interface (v1)
[  266.520881][T10882] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[  266.530717][T10882] usb 1-1: USB disconnect, device number 30
[  266.537662][T11892] tmpfs: Unknown parameter 'n'
[  266.760010][T11377] udevd[11377]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  267.434866][T11933] loop3: detected capacity change from 0 to 512
[  267.449738][T11933] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  267.460867][T11933] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.2632: inode has both inline data and extents flags
[  267.466677][T11933] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.2632: couldn't read orphan inode 15 (err -117)
[  267.468801][T11933] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  267.486275][T11933] EXT4-fs warning (device loop3): ext4_resize_begin:84: There are errors in the filesystem, so online resizing is not allowed
[  267.613797][ T4961] EXT4-fs (loop3): unmounting filesystem.
[  267.635372][T11942] xt_hashlimit: max too large, truncated to 1048576
[  267.658193][T11942] No such timeout policy "syz1"
[  267.773857][ T4334] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  267.776961][ T4334] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  267.779461][ T4334] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  267.781560][ T4334] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  267.788745][ T4334] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  267.790217][ T4334] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  267.945552][T11945] chnl_net:caif_netlink_parms(): no params data found
[  268.014582][T11945] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.017961][T11945] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.019540][T11945] device bridge_slave_0 entered promiscuous mode
[  268.027471][T11945] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.028729][T11945] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.034005][T11945] device bridge_slave_1 entered promiscuous mode
[  268.056086][T11945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.061025][T11945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.089264][T11945] team0: Port device team_slave_0 added
[  268.096994][T11945] team0: Port device team_slave_1 added
[  268.120067][T11945] batman_adv: batadv0: Adding interface: batadv_slave_0
[  268.131690][T11945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.149324][T11945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  268.175050][T11945] batman_adv: batadv0: Adding interface: batadv_slave_1
[  268.180502][T11945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.200202][T11945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  268.349333][T11945] device hsr_slave_0 entered promiscuous mode
[  268.384960][T11945] device hsr_slave_1 entered promiscuous mode
[  268.423274][T11945] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  268.426403][T11945] Cannot create hsr debugfs directory
[  268.527578][T11959] loop7: detected capacity change from 0 to 1024
[  268.540597][T11959] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  268.568746][T11959] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  268.610324][ T5373] EXT4-fs (loop7): unmounting filesystem.
[  268.684807][T11975] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  268.686532][T11975] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  268.714594][T11973] loop7: detected capacity change from 0 to 4096
[  268.721636][T11973] EXT4-fs (loop7): Test dummy encryption mode enabled
[  268.723721][T11973] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  268.725203][T11973] System zones: 0-5
[  268.727613][T11973] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  268.828647][ T5373] EXT4-fs (loop7): unmounting filesystem.
[  269.005388][    T9] tipc: Disabling bearer <udp:s>
[  269.007804][    T9] tipc: Disabling bearer <udp:syz2>
[  269.008675][    T9] tipc: Left network mode
[  269.183468][T11991] Driver unsupported XDP return value 0 on prog  (id 43) dev N/A, expect packet loss!
[  270.049837][   T47] Bluetooth: hci1: command 0x0409 tx timeout
[  270.191055][T12007] xt_hashlimit: max too large, truncated to 1048576
[  270.402681][T11945] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  270.429724][T12014] loop7: detected capacity change from 0 to 40427
[  270.438057][T12014] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  270.439349][T12014] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  270.444419][T11945] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  270.447811][T12014] F2FS-fs (loop7): invalid crc value
[  270.480121][T12014] F2FS-fs (loop7): Found nat_bits in checkpoint
[  270.519286][T12014] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  270.520413][T12014] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  270.702114][   T27] kauditd_printk_skb: 1 callbacks suppressed
[  270.702136][   T27] audit: type=1326 audit(783.680:49232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.5.2670" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  270.720013][   T27] audit: type=1326 audit(783.680:49233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.5.2670" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  270.723199][   T27] audit: type=1326 audit(783.680:49234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.5.2670" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=448 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  270.741145][   T27] audit: type=1326 audit(783.680:49235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.5.2670" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  270.797872][   T27] audit: type=1326 audit(783.680:49236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.5.2670" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  270.827959][   T27] audit: type=1326 audit(783.680:49237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.5.2670" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=206 compat=0 ip=0xffffa755dea8 code=0x7ffc0000
[  270.832817][T11945] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  270.834164][   T27] audit: type=1326 audit(783.680:49238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.5.2670" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=207 compat=0 ip=0xffffa755ddac code=0x7ffc0000
[  270.837336][   T27] audit: type=1326 audit(783.680:49239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.5.2670" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=207 compat=0 ip=0xffffa755ddac code=0x7ffc0000
[  270.840753][   T27] audit: type=1326 audit(783.680:49240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.5.2670" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  270.844163][   T27] audit: type=1326 audit(783.680:49241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.5.2670" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  270.878024][T12039] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  270.879508][T12039] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  270.901950][   T11] F2FS-fs (loop7): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  270.906659][   T11] F2FS-fs (loop7): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  270.915836][T11945] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  271.125805][T11945] 8021q: adding VLAN 0 to HW filter on device bond0
[  271.187437][T12054] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  271.188972][T12054] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  271.191986][T11945] 8021q: adding VLAN 0 to HW filter on device team0
[  271.194115][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  271.195779][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  271.200177][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  271.205000][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  271.207015][ T4408] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.208106][ T4408] bridge0: port 1(bridge_slave_0) entered forwarding state
[  271.218478][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  271.221861][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  271.223793][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  271.225882][ T1652] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.226979][ T1652] bridge0: port 2(bridge_slave_1) entered forwarding state
[  271.229190][T12056] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2674'.
[  271.298803][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  271.300595][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  271.301330][T12060] loop0: detected capacity change from 0 to 4096
[  271.302406][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  271.309996][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  271.322395][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  271.339413][T12060] EXT4-fs (loop0): Test dummy encryption mode enabled
[  271.350554][T12060] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  271.352162][T12060] System zones: 0-5
[  271.367634][T12060] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  271.382114][T12068] loop8: detected capacity change from 0 to 256
[  271.402782][T12068] exFAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  271.408568][T12068] exFAT-fs (loop8): Medium has reported failures. Some data may be lost.
[  271.414813][ T4327] EXT4-fs (loop0): unmounting filesystem.
[  271.417611][T12068] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  271.536685][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  271.538881][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  271.540316][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  271.541704][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  271.543122][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  271.545150][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  271.547863][T11945] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  271.700785][T11945] 8021q: adding VLAN 0 to HW filter on device batadv0
[  271.720886][T11945] device veth0_vlan entered promiscuous mode
[  271.728296][T11945] device veth1_vlan entered promiscuous mode
[  271.738863][T11945] device veth0_macvtap entered promiscuous mode
[  271.741561][T11945] device veth1_macvtap entered promiscuous mode
[  271.750817][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.752464][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.762232][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.783164][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.789968][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.795563][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.799261][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.802028][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.807992][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.811496][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.818241][T11945] batman_adv: batadv0: Interface activated: batadv_slave_0
[  271.823243][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  271.830554][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.851448][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  271.856082][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.858760][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  271.862534][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.870127][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  271.874726][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.877692][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  271.881474][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.889503][T11945] batman_adv: batadv0: Interface activated: batadv_slave_1
[  271.896986][T11945] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  271.916860][T11945] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  271.919369][T11945] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  271.923056][T11945] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  272.010785][T10143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.012071][T10143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.047816][ T4408] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.049167][ T4408] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.074233][ T4334] Bluetooth: hci1: command 0x041b tx timeout
[  272.830567][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  272.831900][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  272.833736][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  272.835436][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  272.836931][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  272.838334][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  272.839838][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  272.841239][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  272.842653][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  272.844098][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  272.845663][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  272.847013][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  272.848531][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  272.850039][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  272.851486][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  272.852951][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  272.859630][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  272.874543][T12094] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  273.024587][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  273.031627][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  273.040767][T10488] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  273.083762][T12119] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  273.093080][T12119] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  273.102027][T12121] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  273.103500][T12121] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  273.909385][T12141] tipc: Started in network mode
[  273.910236][T12141] tipc: Node identity 4, cluster identity 4711
[  273.911284][T12141] tipc: Node number set to 4
[  273.996429][    T9] device hsr_slave_0 left promiscuous mode
[  274.035541][    T9] device hsr_slave_1 left promiscuous mode
[  274.106879][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  274.109197][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  274.113392][    T9] device bridge_slave_1 left promiscuous mode
[  274.114362][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.160236][    T9] device bridge_slave_0 left promiscuous mode
[  274.161272][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.171000][   T47] Bluetooth: hci1: command 0x040f tx timeout
[  274.186139][T12149] loop0: detected capacity change from 0 to 40427
[  274.227761][T12149] F2FS-fs (loop0): Found nat_bits in checkpoint
[  274.243353][T12149] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  274.273482][T12149] syz.0.2708: attempt to access beyond end of device
[  274.273482][T12149] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  274.303520][ T4327] syz-executor: attempt to access beyond end of device
[  274.303520][ T4327] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  275.261042][T12189] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  275.262800][T12189] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  275.825698][T12195] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  275.828259][T12195] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  276.059104][    T9] team0 (unregistering): Port device team_slave_1 removed
[  276.236089][ T4334] Bluetooth: hci1: command 0x0419 tx timeout
[  276.246816][    T9] team0 (unregistering): Port device team_slave_0 removed
[  276.353710][   T27] kauditd_printk_skb: 14 callbacks suppressed
[  276.353724][   T27] audit: type=1326 audit(789.337:49256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12196 comm="syz.8.2730" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  276.366972][   T27] audit: type=1326 audit(789.337:49257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12196 comm="syz.8.2730" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=435 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  276.370237][   T27] audit: type=1326 audit(789.337:49258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12196 comm="syz.8.2730" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  276.373268][   T27] audit: type=1326 audit(789.347:49259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12196 comm="syz.8.2730" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=131 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  276.382046][   T27] audit: type=1326 audit(789.347:49260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12196 comm="syz.8.2730" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  276.417210][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  276.616714][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  278.941746][    T9] bond0 (unregistering): Released all slaves
[  279.171948][T12167] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  279.184389][T12167] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  279.237735][T12167] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  279.240414][T12183] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2723'.
[  279.249213][T12200] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  279.258066][T12200] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.259324][T12200] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.313663][T12206] loop7: detected capacity change from 0 to 256
[  280.404405][T12246] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  280.510282][T12249] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2750'.
[  281.624300][T12266] xt_bpf: check failed: parse error
[  281.713955][T12274] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2760'.
[  282.062990][T12285] tipc: Started in network mode
[  282.063956][T12285] tipc: Node identity ac14141b, cluster identity 4711
[  282.065700][T12285] tipc: New replicast peer: 255.255.255.255
[  282.068097][T12285] tipc: Enabled bearer <udp:syz2>, priority 10
[  282.084529][T12285] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2764'.
[  282.097530][T12285] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2764'.
[  282.099862][T12285] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2764'.
[  282.102697][T12285] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2764'.
[  282.104380][T12285] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2764'.
[  283.290602][ T4370] tipc: Node number set to 2886997019
[  283.531008][T12294] loop3: detected capacity change from 0 to 40427
[  283.921321][T12294] F2FS-fs (loop3): Invalid segment count (1)
[  283.922307][T12294] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  283.923866][T12294] F2FS-fs (loop3): Unrecognized mount option "whint_mode=off" or missing value
[  284.029822][T11377] I/O error, dev loop3, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  284.112585][T12312] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  284.116273][T12316] xt_hashlimit: max too large, truncated to 1048576
[  284.151526][T12312] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  285.181489][T12344] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2787'.
[  285.269338][   T27] audit: type=1326 audit(798.243:49261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12355 comm="syz.5.2792" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  285.274269][   T27] audit: type=1326 audit(798.253:49262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12355 comm="syz.5.2792" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=85 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  285.279310][   T27] audit: type=1326 audit(798.253:49263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12355 comm="syz.5.2792" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  285.291189][   T27] audit: type=1326 audit(798.253:49264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12355 comm="syz.5.2792" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  285.304197][   T27] audit: type=1326 audit(798.253:49265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12355 comm="syz.5.2792" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=86 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  285.313650][   T27] audit: type=1326 audit(798.253:49266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12355 comm="syz.5.2792" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  285.324346][   T27] audit: type=1326 audit(798.253:49267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12355 comm="syz.5.2792" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  285.356371][T12361] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2794'.
[  285.387550][T12366] netlink: 'syz.0.2797': attribute type 13 has an invalid length.
[  285.406749][T12364] loop3: detected capacity change from 0 to 4096
[  285.424488][T12364] EXT4-fs: Ignoring removed mblk_io_submit option
[  285.437369][T12364] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  285.438675][T12364] EXT4-fs (loop3): Test dummy encryption mode enabled
[  285.462110][T12366] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  285.464182][T12366] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  285.466802][T12366] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  285.494948][T12364] EXT4-fs (loop3): can't mount with data_err=abort, fs mounted w/o journal
[  286.199851][T12382] fuse: Bad value for 'fd'
[  286.357950][T12395] mmap: syz.0.2807 (12395): VmData 175906816 exceed data ulimit 33554432. Update limits or use boot option ignore_rlimit_data.
[  286.401496][T12399] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2809'.
[  286.549167][T12410] netlink: 'syz.5.2812': attribute type 13 has an invalid length.
[  286.555693][T12412] fuse: Bad value for 'fd'
[  287.462249][T12410] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  287.518552][T12410] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  287.560295][T12410] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  287.765940][T12427] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2818'.
[  287.922378][T12446] fuse: Bad value for 'fd'
[  288.048798][   T27] audit: type=1326 audit(801.022:49268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12455 comm="syz.0.2830" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c95b9e8 code=0x7ffc0000
[  288.054466][   T27] audit: type=1326 audit(801.022:49269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12455 comm="syz.0.2830" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c95b9e8 code=0x7ffc0000
[  288.067415][   T27] audit: type=1326 audit(801.032:49270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12455 comm="syz.0.2830" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9c95b9e8 code=0x7ffc0000
[  288.109860][T12460] loop8: detected capacity change from 0 to 1024
[  288.119660][T12460] EXT4-fs: Ignoring removed bh option
[  288.166327][T12460] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  288.950203][T12483] fuse: Bad value for 'fd'
[  288.970074][T12480] loop7: detected capacity change from 0 to 40427
[  288.978528][T12480] F2FS-fs (loop7): build fault injection attr: rate: 684, type: 0x3ffff
[  288.979888][T12480] F2FS-fs (loop7): build fault injection attr: rate: 0, type: 0x35f7
[  289.010147][T12480] F2FS-fs (loop7): invalid crc value
[  289.019302][T12480] F2FS-fs (loop7): Found nat_bits in checkpoint
[  289.055010][T12480] F2FS-fs (loop7): Start checkpoint disabled!
[  289.088074][T12480] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  289.370263][T12492] syz.7.2839: attempt to access beyond end of device
[  289.370263][T12492] loop7: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  289.407082][T12492] F2FS-fs (loop7) : inject no more block in inc_valid_node_count of f2fs_new_node_page+0x14c/0x8e8
[  289.590026][ T1652] kworker/u4:4: attempt to access beyond end of device
[  289.590026][ T1652] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  290.148866][T12500] loop7: detected capacity change from 0 to 256
[  290.774357][T12500] FAT-fs (loop7): Directory bread(block 1285) failed
[  290.775469][T12500] FAT-fs (loop7): Directory bread(block 1286) failed
[  290.776509][T12500] FAT-fs (loop7): Directory bread(block 1287) failed
[  290.777499][T12500] FAT-fs (loop7): Directory bread(block 1288) failed
[  292.346565][   T27] kauditd_printk_skb: 14 callbacks suppressed
[  292.346574][   T27] audit: type=1326 audit(805.329:49285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12507 comm="syz.3.2847" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  292.351205][   T27] audit: type=1326 audit(805.329:49286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12507 comm="syz.3.2847" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=96 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  292.361025][   T27] audit: type=1326 audit(805.339:49287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12507 comm="syz.3.2847" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  293.749025][   T27] audit: type=1326 audit(806.719:49288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12513 comm="syz.7.2851" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa695b9e8 code=0x7ffc0000
[  293.752735][   T27] audit: type=1326 audit(806.729:49289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12513 comm="syz.7.2851" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa695b9e8 code=0x7ffc0000
[  293.761817][   T27] audit: type=1326 audit(806.739:49290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12513 comm="syz.7.2851" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=210 compat=0 ip=0xffffa695b9e8 code=0x7ffc0000
[  293.768687][   T27] audit: type=1326 audit(806.739:49291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12513 comm="syz.7.2851" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa695b9e8 code=0x7ffc0000
[  293.778681][T11366] EXT4-fs (loop8): unmounting filesystem.
[  293.783273][   T27] audit: type=1326 audit(806.739:49292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12513 comm="syz.7.2851" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa695b9e8 code=0x7ffc0000
[  293.786716][   T27] audit: type=1326 audit(806.739:49293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12513 comm="syz.7.2851" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffa695b9e8 code=0x7ffc0000
[  293.789852][   T27] audit: type=1326 audit(806.739:49294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12513 comm="syz.7.2851" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa695b9e8 code=0x7ffc0000
[  293.858609][T12521] fuse: Bad value for 'fd'
[  293.928242][T12528] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2857'.
[  293.993671][T12535] loop8: detected capacity change from 0 to 512
[  294.042543][T12535] EXT4-fs warning (device loop8): ext4_enable_quotas:7061: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  294.052852][T12535] EXT4-fs (loop8): mount failed
[  294.541675][T12565] fuse: Bad value for 'fd'
[  294.693016][T12577] bridge0: port 3(syz_tun) entered blocking state
[  294.694347][T12577] bridge0: port 3(syz_tun) entered disabled state
[  294.695937][T12577] device syz_tun entered promiscuous mode
[  294.697960][T12577] bridge0: port 3(syz_tun) entered blocking state
[  294.699070][T12577] bridge0: port 3(syz_tun) entered forwarding state
[  294.702837][T12577] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  295.252546][T12605] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  295.259697][T12605] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  295.510940][T12608] lo: Caught tx_queue_len zero misconfig
[  295.514169][T12608] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  296.091318][T12644] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  296.100192][T12644] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  297.738780][   T27] kauditd_printk_skb: 17 callbacks suppressed
[  297.738789][   T27] audit: type=1326 audit(810.717:49311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.3.2907" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x0
[  299.329559][T12710] loop7: detected capacity change from 0 to 512
[  299.360107][T12710] EXT4-fs error (device loop7): ext4_orphan_get:1400: inode #15: comm syz.7.2927: inode has both inline data and extents flags
[  299.362543][T12710] EXT4-fs error (device loop7): ext4_orphan_get:1405: comm syz.7.2927: couldn't read orphan inode 15 (err -117)
[  299.364618][T12710] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  299.384120][T12714] loop0: detected capacity change from 0 to 256
[  299.396177][T12714] FAT-fs (loop0): bogus number of FAT sectors
[  299.397052][T12714] FAT-fs (loop0): Can't find a valid FAT filesystem
[  300.021490][   T27] audit: type=1326 audit(812.996:49312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12726 comm="syz.5.2931" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  300.028418][   T27] audit: type=1326 audit(812.996:49313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12726 comm="syz.5.2931" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  300.045604][   T27] audit: type=1326 audit(812.996:49314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12726 comm="syz.5.2931" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  300.057530][   T27] audit: type=1326 audit(812.996:49315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12726 comm="syz.5.2931" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  300.066768][   T27] audit: type=1326 audit(812.996:49316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12726 comm="syz.5.2931" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  300.077196][   T27] audit: type=1326 audit(812.996:49317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12726 comm="syz.5.2931" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  300.087105][   T27] audit: type=1326 audit(812.996:49318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12726 comm="syz.5.2931" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  300.097457][   T27] audit: type=1326 audit(812.996:49319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12726 comm="syz.5.2931" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  300.105270][   T27] audit: type=1326 audit(812.996:49320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12726 comm="syz.5.2931" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=178 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  300.184985][ T5373] EXT4-fs (loop7): unmounting filesystem.
[  300.265289][T12739] device pim6reg1 entered promiscuous mode
[  300.857282][T12758] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  300.878516][T12758] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  300.900347][T12758] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  300.901707][T12758] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  301.154617][T12775] binder_user_error: 6 callbacks suppressed
[  301.154627][T12775] binder: 12774:12775 BC_CLEAR_DEATH_NOTIFICATION invalid ref 1
[  301.655194][T12789] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2955'.
[  301.692661][T12792] loop7: detected capacity change from 0 to 256
[  301.700825][T12792] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  301.726958][T12795] IPv4: Oversized IP packet from 127.202.26.0
[  301.935376][T12806] fuse: Unknown parameter 'use00000000000000000000'
[  303.260408][T12821] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  303.262737][T12821] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  305.822640][T12841] fuse: Unknown parameter 'use00000000000000000000'
[  305.896294][T12847] loop0: detected capacity change from 0 to 2048
[  305.985981][T12847] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  306.066010][ T4334] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  306.068461][ T4334] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  306.070137][ T4334] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  306.072129][ T4334] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  306.073397][ T4334] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  306.074624][ T4334] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  306.431784][T12877] fuse: Unknown parameter 'user_i00000000000000000000'
[  306.671095][T12879] loop3: detected capacity change from 0 to 40427
[  306.689623][T12879] F2FS-fs (loop3): Wrong SSA boundary, start(3584) end(4096) blocks(3072)
[  306.690839][T12879] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  306.704530][T12879] F2FS-fs (loop3): invalid crc value
[  306.710304][T12879] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10240907051000858085)
[  306.731532][T12879] F2FS-fs (loop3): sanity_check_inode: inode (ino=3, mode=16877) should not have inline_data, run fsck to fix
[  306.745256][T12879] F2FS-fs (loop3): Failed to read root inode
[  307.607693][    T9] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.667946][T12857] chnl_net:caif_netlink_parms(): no params data found
[  307.748273][    T9] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.755205][T12857] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.756385][T12857] bridge0: port 1(bridge_slave_0) entered disabled state
[  307.758470][T12857] device bridge_slave_0 entered promiscuous mode
[  307.760484][T12857] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.761550][T12857] bridge0: port 2(bridge_slave_1) entered disabled state
[  307.768183][T12857] device bridge_slave_1 entered promiscuous mode
[  307.790517][T12857] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  307.799885][T12857] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  307.902967][    T9] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.910451][T12857] team0: Port device team_slave_0 added
[  307.916808][T12857] team0: Port device team_slave_1 added
[  307.918967][T12899] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2996'.
[  307.920539][T12900] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2996'.
[  307.931447][T12857] batman_adv: batadv0: Adding interface: batadv_slave_0
[  307.936180][T12857] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  307.940947][T12857] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  308.002450][T12857] batman_adv: batadv0: Adding interface: batadv_slave_1
[  308.003565][T12857] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  308.007369][T12857] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  308.092061][   T47] Bluetooth: hci4: command 0x0409 tx timeout
[  308.113070][    T9] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.295134][T12905] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  308.297956][T12905] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 28
[  308.299807][T12905] EXT4-fs (loop0): This should not happen!! Data will be lost
[  308.299807][T12905] 
[  308.301281][T12905] EXT4-fs (loop0): Total free blocks count 0
[  308.304626][T12905] EXT4-fs (loop0): Free/Dirty block details
[  308.305767][T12905] EXT4-fs (loop0): free_blocks=2415919504
[  308.306708][T12905] EXT4-fs (loop0): dirty_blocks=44176
[  308.307517][T12905] EXT4-fs (loop0): Block reservation details
[  308.308489][T12905] EXT4-fs (loop0): i_reserved_data_blocks=2761
[  308.363409][T12857] device hsr_slave_0 entered promiscuous mode
[  308.455671][T12857] device hsr_slave_1 entered promiscuous mode
[  308.492348][T12857] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  308.493489][T12857] Cannot create hsr debugfs directory
[  308.590800][T12913] fuse: Unknown parameter 'user_i00000000000000000000'
[  308.663776][T12857] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  309.055196][T12857] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  309.098236][ T5434] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2048 with error 28
[  309.106532][T12857] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  309.120323][T12921] loop8: detected capacity change from 0 to 512
[  309.121705][T12921] EXT4-fs: Ignoring removed mblk_io_submit option
[  309.124023][T12857] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  309.136996][T12921] EXT4-fs: Ignoring removed mblk_io_submit option
[  309.137988][T12921] ext4: Unknown parameter 'audit'
[  309.313687][    T9] tipc: Disabling bearer <udp:syz2>
[  309.314533][    T9] tipc: Left network mode
[  309.376833][T12857] 8021q: adding VLAN 0 to HW filter on device bond0
[  309.399697][ T5434] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  309.401176][ T5434] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  309.419289][T12857] 8021q: adding VLAN 0 to HW filter on device team0
[  309.434490][ T5434] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  309.436090][ T5434] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  309.437541][ T5434] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.438668][ T5434] bridge0: port 1(bridge_slave_0) entered forwarding state
[  309.440029][ T5434] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  309.446044][ T4914] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  309.447995][ T4914] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  309.450045][ T4914] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.451149][ T4914] bridge0: port 2(bridge_slave_1) entered forwarding state
[  309.502205][   T27] kauditd_printk_skb: 39 callbacks suppressed
[  309.502215][   T27] audit: type=1326 audit(822.461:49360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12946 comm="syz.3.3009" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  309.508239][   T27] audit: type=1326 audit(822.471:49361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12946 comm="syz.3.3009" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  309.514297][   T27] audit: type=1326 audit(822.471:49362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12946 comm="syz.3.3009" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  309.517600][   T27] audit: type=1326 audit(822.471:49363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12946 comm="syz.3.3009" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  309.553786][   T27] audit: type=1326 audit(822.471:49364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12946 comm="syz.3.3009" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  309.556866][   T27] audit: type=1326 audit(822.471:49365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12946 comm="syz.3.3009" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  309.559861][   T27] audit: type=1326 audit(822.471:49366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12946 comm="syz.3.3009" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  309.575255][ T5434] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  309.578520][T10143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  309.581756][ T5434] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  309.595388][ T5434] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  309.615566][   T27] audit: type=1326 audit(822.471:49367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12946 comm="syz.3.3009" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  309.618765][   T27] audit: type=1326 audit(822.471:49368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12946 comm="syz.3.3009" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  309.622104][   T27] audit: type=1326 audit(822.471:49369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12946 comm="syz.3.3009" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  309.655574][T12960] fuse: Unknown parameter 'user_i00000000000000000000'
[  309.719428][T12857] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  309.721070][T12857] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  309.729854][ T5434] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  309.731302][ T5434] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  309.733471][ T5434] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  309.735052][ T5434] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  309.737623][ T5434] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  309.742634][ T5434] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  309.752626][ T5434] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  309.817751][ T5434] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  310.079392][ T4414] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  310.080624][ T4414] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  310.085908][T12857] 8021q: adding VLAN 0 to HW filter on device batadv0
[  310.087754][T12984] tipc: Enabled bearer <eth:veth0_macvtap>, priority 0
[  310.176834][ T4334] Bluetooth: hci4: command 0x041b tx timeout
[  310.263591][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  310.264541][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  310.419241][T13008] fuse: Unknown parameter 'user_id00000000000000000000'
[  310.466126][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  310.467718][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  310.500248][T13017] af_packet: tpacket_rcv: packet too big, clamped from 24 to 0. macoff=72
[  310.553056][T12857] device veth0_vlan entered promiscuous mode
[  310.557242][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  310.558837][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  310.560584][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  310.564853][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  310.577095][T12857] device veth1_vlan entered promiscuous mode
[  310.587508][T13026] syzkaller0: tun_chr_ioctl cmd 2147767506
[  310.634460][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  310.636142][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  310.638805][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  310.640059][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  310.642378][T12857] device veth0_macvtap entered promiscuous mode
[  310.655174][T12857] device veth1_macvtap entered promiscuous mode
[  310.659417][T12857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.660981][T12857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.662515][T12857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.683293][T12857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.684764][T12857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.686300][T12857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.697998][T12857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.699611][T12857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.701038][T12857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.702508][T12857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.707706][T12857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.713286][T12857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.715753][T12857] batman_adv: batadv0: Interface activated: batadv_slave_0
[  310.718754][ T4414] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  310.720285][ T4414] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  310.722872][ T4414] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  310.727997][ T4414] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  310.745106][T12857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  310.746753][T12857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.748134][T12857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  310.749546][T12857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.750940][T12857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  310.752451][T12857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.763481][T12857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  310.765481][T12857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.767073][T12857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  310.768654][T12857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.770156][T12857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  310.771826][T12857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.805805][T12857] batman_adv: batadv0: Interface activated: batadv_slave_1
[  310.997133][T13045] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3032'.
[  311.254945][T13053] fuse: Unknown parameter 'user_id00000000000000000000'
[  311.349980][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  311.351488][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  311.358152][T12857] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  311.359784][T12857] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  311.361164][T12857] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  311.362581][T12857] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  311.478182][T13074] fuse: Unknown parameter 'user_id00000000000000000000'
[  311.579910][    T9] device hsr_slave_0 left promiscuous mode
[  311.684410][    T9] device hsr_slave_1 left promiscuous mode
[  311.839331][T13111] binder: 13102:13111 ERROR: BC_REGISTER_LOOPER called without request
[  311.840813][T13111] binder: 13102:13111 BC_DEAD_BINDER_DONE 0000000000000000 not found
[  311.842210][T13111] binder: 13102:13111 ioctl c0306201 200000c0 returned -14
[  312.254455][   T47] Bluetooth: hci4: command 0x040f tx timeout
[  312.469408][T13092] loop0: detected capacity change from 0 to 16
[  312.485882][T13092] erofs: (device loop0): mounted with root inode @ nid 36.
[  312.488657][T13092] x_tables: duplicate underflow at hook 3
[  312.524321][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  312.525532][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  312.527313][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  312.528623][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  312.529994][    T9] device bridge_slave_1 left promiscuous mode
[  312.531031][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.550401][T13120] fuse: Bad value for 'fd'
[  312.565092][    T9] device bridge_slave_0 left promiscuous mode
[  312.566159][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.675586][    T9] device veth1_macvtap left promiscuous mode
[  312.676745][    T9] device veth0_macvtap left promiscuous mode
[  312.677758][    T9] device veth1_vlan left promiscuous mode
[  312.678789][    T9] device veth0_vlan left promiscuous mode
[  314.318845][    T9] team0 (unregistering): Port device team_slave_1 removed
[  314.335267][ T4334] Bluetooth: hci4: command 0x0419 tx timeout
[  314.497067][    T9] team0 (unregistering): Port device team_slave_0 removed
[  314.655822][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  314.866473][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  317.317672][    T9] bond0 (unregistering): Released all slaves
[  317.614910][T13134] netlink: 96 bytes leftover after parsing attributes in process `syz.8.3064'.
[  317.639269][   T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  317.640744][   T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  317.678951][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  317.679425][T10143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  317.681546][T10143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  317.692044][ T1652] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  317.711329][T13146] fuse: Bad value for 'fd'
[  317.761094][T13151] xt_hashlimit: max too large, truncated to 1048576
[  318.561843][T13192] xt_hashlimit: max too large, truncated to 1048576
[  318.859697][T13196] loop8: detected capacity change from 0 to 512
[  319.001304][T13196] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  319.031966][T13196] EXT4-fs error (device loop8): ext4_do_update_inode:5268: inode #2: comm syz.8.3078: corrupted inode contents
[  319.051470][T13196] EXT4-fs error (device loop8): ext4_dirty_inode:6133: inode #2: comm syz.8.3078: mark_inode_dirty error
[  319.058249][T13196] EXT4-fs error (device loop8): ext4_do_update_inode:5268: inode #2: comm syz.8.3078: corrupted inode contents
[  319.068652][T13196] EXT4-fs error (device loop8): ext4_do_update_inode:5268: inode #2: comm syz.8.3078: corrupted inode contents
[  319.072234][T13196] EXT4-fs error (device loop8): ext4_dirty_inode:6133: inode #2: comm syz.8.3078: mark_inode_dirty error
[  319.074087][T13196] EXT4-fs error (device loop8): ext4_do_update_inode:5268: inode #2: comm syz.8.3078: corrupted inode contents
[  319.076278][T13196] EXT4-fs error (device loop8): __ext4_ext_dirty:202: inode #2: comm syz.8.3078: mark_inode_dirty error
[  319.079028][T13196] EXT4-fs error (device loop8): ext4_do_update_inode:5268: inode #2: comm syz.8.3078: corrupted inode contents
[  319.081132][T13196] EXT4-fs error (device loop8): ext4_dirty_inode:6133: inode #2: comm syz.8.3078: mark_inode_dirty error
[  319.086496][T13196] EXT4-fs error (device loop8): ext4_do_update_inode:5268: inode #2: comm syz.8.3078: corrupted inode contents
[  319.099096][T11366] EXT4-fs (loop8): unmounting filesystem.
[  319.133991][T13212] tap0: tun_chr_ioctl cmd 1074025677
[  319.135007][T13212] tap0: linktype set to 769
[  319.322638][T13228] fuse: Bad value for 'fd'
[  321.732280][   T27] kauditd_printk_skb: 43 callbacks suppressed
[  321.732289][   T27] audit: type=1326 audit(834.695:49413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13279 comm="syz.8.3092" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  321.736897][   T27] audit: type=1326 audit(834.695:49414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13279 comm="syz.8.3092" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=11 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  321.740658][   T27] audit: type=1326 audit(834.705:49415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13279 comm="syz.8.3092" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  321.836111][T13284] fuse: Unknown parameter '0x0000000000000004'
[  322.192026][T13297] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  322.193176][T13297] vhci_hcd: invalid port number 96
[  322.194058][T13297] vhci_hcd: default hub control req: 0311 v0005 i0060 l7
[  322.236643][T13304] loop8: detected capacity change from 0 to 512
[  322.316809][T13315] fuse: Unknown parameter '0x0000000000000004'
[  322.324071][T13304] EXT4-fs (loop8): 1 orphan inode deleted
[  322.325359][T13304] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  322.342971][T12543] Quota error (device loop8): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  322.344545][T12543] EXT4-fs error (device loop8): ext4_release_dquot:6845: comm kworker/u4:16: Failed to release dquot type 1
[  323.193807][T11366] EXT4-fs (loop8): unmounting filesystem.
[  323.288088][T13328] veth0_to_hsr: Caught tx_queue_len zero misconfig
[  323.289213][T13328] netem: change failed
[  323.627251][T13337] loop9: detected capacity change from 0 to 2048
[  323.677565][T13335] netlink: 'syz.9.3112': attribute type 4 has an invalid length.
[  323.719848][T13336] netlink: 'syz.9.3112': attribute type 4 has an invalid length.
[  323.758833][T13344] loop8: detected capacity change from 0 to 512
[  323.763775][T13337] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  323.790620][T13344] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  323.792430][T13344] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  324.084068][T13353] loop0: detected capacity change from 0 to 4096
[  324.086783][T13344] EXT4-fs (loop8): 1 truncate cleaned up
[  324.087690][T13344] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  324.088488][T13353] EXT4-fs: inline encryption not supported
[  324.159130][T13353] EXT4-fs (loop0): Test dummy encryption mode enabled
[  324.178150][T13353] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  324.726568][   T27] audit: type=1326 audit(837.683:49416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13361 comm="syz.3.3119" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  324.732962][   T27] audit: type=1326 audit(837.693:49417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13361 comm="syz.3.3119" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  324.741935][   T27] audit: type=1326 audit(837.703:49418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13361 comm="syz.3.3119" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  324.745347][   T27] audit: type=1326 audit(837.703:49419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13361 comm="syz.3.3119" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=74 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  324.752584][T13371] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3121'.
[  324.800021][ T4327] EXT4-fs (loop0): unmounting filesystem.
[  324.801196][   T27] audit: type=1326 audit(837.703:49420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13361 comm="syz.3.3119" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  324.804626][   T27] audit: type=1326 audit(837.703:49421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13361 comm="syz.3.3119" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  325.149352][T11366] EXT4-fs (loop8): unmounting filesystem.
[  325.367062][T13414] loop8: detected capacity change from 0 to 512
[  325.387743][T13414] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  325.417768][T13414] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  326.502013][T13349] EXT4-fs error (device loop9): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 2: invalid block bitmap
[  327.020592][T11366] EXT4-fs (loop8): unmounting filesystem.
[  327.190544][T13466] netlink: 'syz.5.3160': attribute type 5 has an invalid length.
[  327.237010][   T27] kauditd_printk_skb: 6 callbacks suppressed
[  327.237019][   T27] audit: type=1326 audit(840.192:49428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13473 comm="syz.8.3163" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  327.245979][   T27] audit: type=1326 audit(840.202:49429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13473 comm="syz.8.3163" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=20 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  327.249329][   T27] audit: type=1326 audit(840.202:49430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13473 comm="syz.8.3163" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  327.279593][   T27] audit: type=1326 audit(840.202:49431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13473 comm="syz.8.3163" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  327.298775][   T27] audit: type=1326 audit(840.202:49432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13473 comm="syz.8.3163" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  327.304893][   T27] audit: type=1326 audit(840.202:49433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13473 comm="syz.8.3163" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=21 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  327.308040][   T27] audit: type=1326 audit(840.202:49434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13473 comm="syz.8.3163" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  327.311078][   T27] audit: type=1326 audit(840.202:49435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13473 comm="syz.8.3163" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=441 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  327.364652][   T27] audit: type=1326 audit(840.202:49436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13473 comm="syz.8.3163" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  328.249356][T13508] fuse: Unknown parameter 'ð¶Æá4p'
[  328.780131][T13552] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3186'.
[  328.831557][   T27] audit: type=1107 audit(841.781:49437): pid=13556 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  330.987725][T13620] xt_hashlimit: max too large, truncated to 1048576
[  332.610417][T13713] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3238'.
[  332.835255][T13733] netlink: 'syz.3.3243': attribute type 3 has an invalid length.
[  332.970194][T13749] overlayfs: failed to clone upperpath
[  333.086204][T13759] fuse: Unknown parameter 'fd0x0000000000000004'
[  333.367173][   T27] kauditd_printk_skb: 19 callbacks suppressed
[  333.367182][   T27] audit: type=1326 audit(846.329:49457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13785 comm="syz.0.3257" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c95b9e8 code=0x7ffc0000
[  333.657578][   T27] audit: type=1326 audit(846.619:49458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13785 comm="syz.0.3257" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=152 compat=0 ip=0xffff9c95b9e8 code=0x7ffc0000
[  333.661496][   T27] audit: type=1326 audit(846.619:49459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13785 comm="syz.0.3257" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c95b9e8 code=0x7ffc0000
[  333.673010][   T27] audit: type=1326 audit(846.619:49460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13785 comm="syz.0.3257" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c95b9e8 code=0x7ffc0000
[  333.730471][T13792] loop0: detected capacity change from 0 to 512
[  333.787500][T13792] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  333.987865][   T27] audit: type=1326 audit(846.949:49461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13810 comm="syz.5.3262" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  333.992923][   T27] audit: type=1326 audit(846.949:49462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13810 comm="syz.5.3262" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=428 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  334.001952][   T27] audit: type=1326 audit(846.959:49463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13810 comm="syz.5.3262" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  334.013946][   T27] audit: type=1326 audit(846.959:49464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13810 comm="syz.5.3262" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  334.027524][   T27] audit: type=1326 audit(846.959:49465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13810 comm="syz.5.3262" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  334.040515][   T27] audit: type=1326 audit(846.959:49466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13810 comm="syz.5.3262" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=48 compat=0 ip=0xffffa755b9e8 code=0x7ffc0000
[  334.849101][ T4327] EXT4-fs (loop0): unmounting filesystem.
[  335.555257][T13885] overlayfs: statfs failed on './file0'
[  337.790435][T13921] pim6reg0: tun_chr_ioctl cmd 2148553947
[  338.049049][T13932] loop8: detected capacity change from 0 to 512
[  338.587600][T13932] EXT4-fs (loop8): 1 orphan inode deleted
[  338.588600][T13932] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  338.823216][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.824425][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.825663][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.826796][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.828463][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.829575][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.830763][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.842166][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.843329][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.844465][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.864626][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.865776][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.877179][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.886603][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.893691][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.900736][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.909956][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.914539][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.922896][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.929717][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.934327][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.935289][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.947069][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.952891][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.960465][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.965030][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.968750][T13903] __quota_error: 4 callbacks suppressed
[  338.968760][T13903] Quota error (device loop8): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  338.972274][T13903] EXT4-fs error (device loop8): ext4_release_dquot:6845: comm kworker/u4:20: Failed to release dquot type 1
[  338.975682][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.980399][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.986259][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.988746][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.992178][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  338.996617][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.001376][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.002617][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.005090][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.010387][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.013163][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.015674][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.019037][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.020279][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.021693][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.022952][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.024095][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.025313][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.026295][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.031008][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.032245][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.033781][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.035537][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.042145][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.043154][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.045640][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.050469][ T1514] hid-generic 0000:0006:0007.000B: unknown main item tag 0x0
[  339.058398][ T1514] hid-generic 0000:0006:0007.000B: hidraw0: <UNKNOWN> HID v0.0b Device [syz1] on syz1
[  339.101852][T11366] EXT4-fs (loop8): unmounting filesystem.
[  339.164054][T13952] fido_id[13952]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  339.198924][T13956] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  339.200360][T13956] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  341.229160][   T27] audit: type=1326 audit(854.185:49471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13981 comm="syz.3.3324" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  341.232715][   T27] audit: type=1326 audit(854.185:49472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13981 comm="syz.3.3324" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  341.241499][   T27] audit: type=1326 audit(854.185:49473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13981 comm="syz.3.3324" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=220 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  341.266000][   T27] audit: type=1326 audit(854.215:49474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13981 comm="syz.3.3324" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9035b9e8 code=0x7ffc0000
[  341.305261][   T27] audit: type=1326 audit(854.255:49475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13987 comm="syz.3.3324" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=115 compat=0 ip=0xffff90386108 code=0x7ffc0000
[  341.327938][T13995] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  341.335391][T13995] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  341.353641][   T27] audit: type=1326 audit(854.305:49476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13996 comm="syz.8.3330" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  341.358251][   T27] audit: type=1326 audit(854.305:49477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13996 comm="syz.8.3330" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  341.366968][   T27] audit: type=1326 audit(854.315:49478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13996 comm="syz.8.3330" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  341.377503][   T27] audit: type=1326 audit(854.315:49479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13996 comm="syz.8.3330" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9ab5b9e8 code=0x7ffc0000
[  341.424223][T13998] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  341.429565][T14003] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3332'.
[  341.443757][T14003] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  341.445130][T14003] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  342.771451][T13998] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  342.778441][T14000] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  343.100035][T14046] loop0: detected capacity change from 0 to 512
[  343.176639][T14046] 
[  343.177039][T14046] ======================================================
[  343.178130][T14046] WARNING: possible circular locking dependency detected
[  343.179262][T14046] syzkaller #0 Not tainted
[  343.179979][T14046] ------------------------------------------------------
[  343.181094][T14046] syz.0.3350/14046 is trying to acquire lock:
[  343.181972][T14046] ffff0000d6d74b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x188/0x284c
[  343.183394][T14046] 
[  343.183394][T14046] but task is already holding lock:
[  343.184497][T14046] ffff0000f5b0b2f0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790
[  343.185965][T14046] 
[  343.185965][T14046] which lock already depends on the new lock.
[  343.185965][T14046] 
[  343.187504][T14046] 
[  343.187504][T14046] the existing dependency chain (in reverse order) is:
[  343.188814][T14046] 
[  343.188814][T14046] -> #1 (&ei->xattr_sem){++++}-{3:3}:
[  343.189977][T14046]        down_read+0x64/0x304
[  343.190717][T14046]        ext4_xattr_get+0xec/0x544
[  343.191468][T14046]        ext4_get_acl+0x94/0x5f0
[  343.192187][T14046]        get_acl+0x160/0x33c
[  343.192897][T14046]        posix_acl_create+0x104/0x3d0
[  343.193751][T14046]        ext4_init_acl+0xac/0x340
[  343.194508][T14046]        __ext4_new_inode+0x27b8/0x3340
[  343.195324][T14046]        ext4_ext_migrate+0x498/0xbfc
[  343.196115][T14046]        ext4_ioctl+0x1a38/0x4198
[  343.196831][T14046]        __arm64_sys_ioctl+0x14c/0x1c8
[  343.197616][T14046]        invoke_syscall+0x98/0x2bc
[  343.198369][T14046]        el0_svc_common+0x138/0x258
[  343.199088][T14046]        do_el0_svc+0x58/0x13c
[  343.199803][T14046]        el0_svc+0x58/0x138
[  343.200448][T14046]        el0t_64_sync_handler+0x84/0xf0
[  343.201247][T14046]        el0t_64_sync+0x18c/0x190
[  343.201992][T14046] 
[  343.201992][T14046] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[  343.203259][T14046]        __lock_acquire+0x293c/0x6544
[  343.204003][T14046]        lock_acquire+0x20c/0x644
[  343.204720][T14046]        percpu_down_read+0x70/0x2a8
[  343.205561][T14046]        ext4_writepages+0x188/0x284c
[  343.206341][T14046]        do_writepages+0x2c0/0x4fc
[  343.207049][T14046]        __writeback_single_inode+0x164/0x157c
[  343.208043][T14046]        writeback_single_inode+0x1c0/0x720
[  343.208833][T14046]        write_inode_now+0x144/0x1b0
[  343.209601][T14046]        iput+0x5cc/0x7f4
[  343.210254][T14046]        ext4_xattr_block_set+0x17a4/0x2810
[  343.211087][T14046]        ext4_expand_extra_isize_ea+0xcb8/0x15cc
[  343.212073][T14046]        __ext4_expand_extra_isize+0x298/0x358
[  343.212924][T14046]        __ext4_mark_inode_dirty+0x3e4/0x790
[  343.213783][T14046]        ext4_evict_inode+0xb58/0x1270
[  343.214552][T14046]        evict+0x3c8/0x810
[  343.215208][T14046]        iput+0x764/0x7f4
[  343.215870][T14046]        ext4_process_orphan+0x240/0x2b4
[  343.216654][T14046]        ext4_orphan_cleanup+0x908/0x104c
[  343.217505][T14046]        ext4_fill_super+0x6440/0x68a8
[  343.218367][T14046]        get_tree_bdev+0x358/0x544
[  343.219087][T14046]        ext4_get_tree+0x28/0x38
[  343.219885][T14046]        vfs_get_tree+0x90/0x274
[  343.220663][T14046]        do_new_mount+0x228/0x810
[  343.221449][T14046]        path_mount+0x5b4/0xe78
[  343.222179][T14046]        __arm64_sys_mount+0x49c/0x584
[  343.223008][T14046]        invoke_syscall+0x98/0x2bc
[  343.223804][T14046]        el0_svc_common+0x138/0x258
[  343.224599][T14046]        do_el0_svc+0x58/0x13c
[  343.225342][T14046]        el0_svc+0x58/0x138
[  343.226019][T14046]        el0t_64_sync_handler+0x84/0xf0
[  343.226834][T14046]        el0t_64_sync+0x18c/0x190
[  343.227603][T14046] 
[  343.227603][T14046] other info that might help us debug this:
[  343.227603][T14046] 
[  343.229113][T14046]  Possible unsafe locking scenario:
[  343.229113][T14046] 
[  343.230246][T14046]        CPU0                    CPU1
[  343.231090][T14046]        ----                    ----
[  343.231851][T14046]   lock(&ei->xattr_sem);
[  343.232508][T14046]                                lock(&sbi->s_writepages_rwsem);
[  343.233688][T14046]                                lock(&ei->xattr_sem);
[  343.234669][T14046]   lock(&sbi->s_writepages_rwsem);
[  343.235479][T14046] 
[  343.235479][T14046]  *** DEADLOCK ***
[  343.235479][T14046] 
[  343.236679][T14046] 3 locks held by syz.0.3350/14046:
[  343.237484][T14046]  #0: ffff0000cc02a0e0 (&type->s_umount_key#26/1){+.+.}-{3:3}, at: alloc_super+0x1a4/0x804
[  343.239128][T14046]  #1: ffff0000cc02a650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x3dc/0x1270
[  343.240635][T14046]  #2: ffff0000f5b0b2f0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790
[  343.242203][T14046] 
[  343.242203][T14046] stack backtrace:
[  343.243095][T14046] CPU: 1 PID: 14046 Comm: syz.0.3350 Not tainted syzkaller #0
[  343.244160][T14046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  343.245614][T14046] Call trace:
[  343.246111][T14046]  dump_backtrace+0x1c8/0x1f4
[  343.246878][T14046]  show_stack+0x2c/0x3c
[  343.247603][T14046]  __dump_stack+0x30/0x40
[  343.248257][T14046]  dump_stack_lvl+0xf8/0x160
[  343.248893][T14046]  dump_stack+0x1c/0x5c
[  343.249553][T14046]  print_circular_bug+0x148/0x1b0
[  343.250288][T14046]  check_noncircular+0x240/0x2d4
[  343.251016][T14046]  __lock_acquire+0x293c/0x6544
[  343.251717][T14046]  lock_acquire+0x20c/0x644
[  343.252384][T14046]  percpu_down_read+0x70/0x2a8
[  343.253052][T14046]  ext4_writepages+0x188/0x284c
[  343.253744][T14046]  do_writepages+0x2c0/0x4fc
[  343.254470][T14046]  __writeback_single_inode+0x164/0x157c
[  343.255315][T14046]  writeback_single_inode+0x1c0/0x720
[  343.256155][T14046]  write_inode_now+0x144/0x1b0
[  343.256885][T14046]  iput+0x5cc/0x7f4
[  343.257458][T14046]  ext4_xattr_block_set+0x17a4/0x2810
[  343.258259][T14046]  ext4_expand_extra_isize_ea+0xcb8/0x15cc
[  343.259120][T14046]  __ext4_expand_extra_isize+0x298/0x358
[  343.260006][T14046]  __ext4_mark_inode_dirty+0x3e4/0x790
[  343.260870][T14046]  ext4_evict_inode+0xb58/0x1270
[  343.261616][T14046]  evict+0x3c8/0x810
[  343.262205][T14046]  iput+0x764/0x7f4
[  343.262750][T14046]  ext4_process_orphan+0x240/0x2b4
[  343.263539][T14046]  ext4_orphan_cleanup+0x908/0x104c
[  343.264288][T14046]  ext4_fill_super+0x6440/0x68a8
[  343.265049][T14046]  get_tree_bdev+0x358/0x544
[  343.265769][T14046]  ext4_get_tree+0x28/0x38
[  343.266359][T14046]  vfs_get_tree+0x90/0x274
[  343.267000][T14046]  do_new_mount+0x228/0x810
[  343.267669][T14046]  path_mount+0x5b4/0xe78
[  343.268338][T14046]  __arm64_sys_mount+0x49c/0x584
[  343.269107][T14046]  invoke_syscall+0x98/0x2bc
[  343.269806][T14046]  el0_svc_common+0x138/0x258
[  343.270522][T14046]  do_el0_svc+0x58/0x13c
[  343.271205][T14046]  el0_svc+0x58/0x138
[  343.271830][T14046]  el0t_64_sync_handler+0x84/0xf0
[  343.272545][T14046]  el0t_64_sync+0x18c/0x190
[  343.312391][T14046] ------------[ cut here ]------------
[  343.313188][T14046] EA inode 11 i_nlink=2
[  343.313264][T14046] WARNING: CPU: 1 PID: 14046 at fs/ext4/xattr.c:1022 ext4_xattr_inode_update_ref+0x42c/0x470
[  343.315455][T14046] Modules linked in:
[  343.316025][T14046] CPU: 1 PID: 14046 Comm: syz.0.3350 Not tainted syzkaller #0
[  343.317147][T14046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  343.318518][T14046] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
[  343.319644][T14046] pc : ext4_xattr_inode_update_ref+0x42c/0x470
[  343.320547][T14046] lr : ext4_xattr_inode_update_ref+0x42c/0x470
[  343.321463][T14046] sp : ffff800020816e00
[  343.322082][T14046] x29: ffff800020816ea0 x28: 0000000000000000 x27: dfff800000000000
[  343.323264][T14046] x26: 1fffe0001eb61e60 x25: ffff700004102dc4 x24: 0000000000000000
[  343.324414][T14046] x23: ffff800017a8a000 x22: ffff0000f5b0f148 x21: 0000000000000002
[  343.325518][T14046] x20: 0000000000000001 x19: ffff0000f5b0f108 x18: ffff800011abbcc0
[  343.326714][T14046] x17: 0000000000000000 x16: ffff800008042d90 x15: 0000000000000002
[  343.327858][T14046] x14: 00000000ffffffff x13: 0000000000000001 x12: 0000000000080000
[  343.329085][T14046] x11: 000000000007e3d5 x10: ffff8000219fc000 x9 : a2888de6614d1b00
[  343.330217][T14046] x8 : a2888de6614d1b00 x7 : 0000000000000001 x6 : 0000000000000001
[  343.331402][T14046] x5 : ffff800020816898 x4 : ffff8000151a4920 x3 : ffff800008311fcc
[  343.332577][T14046] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000
[  343.333776][T14046] Call trace:
[  343.334265][T14046]  ext4_xattr_inode_update_ref+0x42c/0x470
[  343.335097][T14046]  ext4_xattr_set_entry+0x918/0x15ac
[  343.335899][T14046]  ext4_xattr_ibody_set+0x204/0x600
[  343.336667][T14046]  ext4_expand_extra_isize_ea+0xd00/0x15cc
[  343.337529][T14046]  __ext4_expand_extra_isize+0x298/0x358
[  343.338341][T14046]  __ext4_mark_inode_dirty+0x3e4/0x790
[  343.339114][T14046]  ext4_evict_inode+0xb58/0x1270
[  343.339855][T14046]  evict+0x3c8/0x810
[  343.340436][T14046]  iput+0x764/0x7f4
[  343.341037][T14046]  ext4_process_orphan+0x240/0x2b4
[  343.341763][T14046]  ext4_orphan_cleanup+0x908/0x104c
[  343.342610][T14046]  ext4_fill_super+0x6440/0x68a8
[  343.343339][T14046]  get_tree_bdev+0x358/0x544
[  343.344012][T14046]  ext4_get_tree+0x28/0x38
[  343.344661][T14046]  vfs_get_tree+0x90/0x274
[  343.345320][T14046]  do_new_mount+0x228/0x810
[  343.345984][T14046]  path_mount+0x5b4/0xe78
[  343.346598][T14046]  __arm64_sys_mount+0x49c/0x584
[  343.347342][T14046]  invoke_syscall+0x98/0x2bc
[  343.348003][T14046]  el0_svc_common+0x138/0x258
[  343.348675][T14046]  do_el0_svc+0x58/0x13c
[  343.349318][T14046]  el0_svc+0x58/0x138
[  343.349941][T14046]  el0t_64_sync_handler+0x84/0xf0
[  343.350676][T14046]  el0t_64_sync+0x18c/0x190
[  343.351334][T14046] irq event stamp: 3497
[  343.351955][T14046] hardirqs last  enabled at (3497): [<ffff800011a48554>] _raw_spin_unlock_irqrestore+0x48/0xac
[  343.353448][T14046] hardirqs last disabled at (3496): [<ffff800011a48370>] _raw_spin_lock_irqsave+0xa4/0xb4
[  343.354874][T14046] softirqs last  enabled at (2320): [<ffff8000080309e0>] local_bh_enable+0x10/0x34
[  343.356201][T14046] softirqs last disabled at (2318): [<ffff8000080309ac>] local_bh_disable+0x10/0x34
[  343.357611][T14046] ---[ end trace 0000000000000000 ]---
[  343.359299][T14046] EXT4-fs (loop0): 1 orphan inode deleted
[  343.360941][T14046] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  343.374552][ T4327] EXT4-fs (loop0): unmounting filesystem.